Cookie Policy

Last Updated: 01/01/2024
Effective Date: 01/01/2025

This Cookie Policy explains how Merchifies Global LLC ("Merchifies," "we," "us," or "our") uses cookies and similar technologies on merchifies.com to enhance your browsing experience, analyze website performance, and deliver relevant content and advertisements.

By continuing to use our website, you agree to our use of cookies as described in this policy and managed through your consent preferences.

Quick Summary (TL;DR)

• 🍪 Four Cookie Types: Essential (always active), Functional, Analytics, and Marketing (your choice)

• 🌍 Region-Specific Controls: EU/UK users give prior consent; US users can opt-out anytime

• ⚡ Easy Management: Control preferences via Cookie Settings in footer or browser controls

• 🤖 GPC Honored: Global Privacy Control signals automatically respected

• 🔒 Privacy-First: No personal data in most cookies, clear purposes, user control

• 📱 Cross-Device: Preferences work on desktop, mobile, and tablet

• 🚫 Opt-Out Available: "Do Not Sell or Share" link for advertising cookies

Quick Navigation:

• Cookie Types and Purposes

• Managing Your Preferences

• Detailed Cookie Information

• Third-Party Services

• Regional Compliance

• Contact Information

What Are Cookies?

Cookie Basics

Cookies are small text files stored on your device (computer, smartphone, tablet) when you visit websites. They help websites:

• Remember your preferences and settings

• Keep you logged in during your visit

• Analyze how the website is used to improve performance

• Deliver relevant advertisements and content

Types of Cookie Technology

Traditional Cookies:

• Small text files stored by your browser

• Can be session-based (deleted when browser closes) or persistent (remain until expiration)

• First-party (set by Merchifies) or third-party (set by our partners)

Similar Technologies:

• Web Beacons/Pixels: Tiny images that track page views and email opens

• Local Storage: Browser technology for enhanced functionality

• Device Identifiers: Mobile advertising IDs (IDFA on iOS, AAID on Android)

Cookie Types and Purposes

1. Essential Cookies (Always Active)

Purpose: Required for basic website functionality and security
Legal Basis: Legitimate interests (GDPR Art. 6(1)(f)) - necessary for service provision
User Control: Cannot be disabled without breaking core functionality

What These Cookies Do:

• Shopping Cart Management: Remember items added to your cart across pages

• User Authentication: Keep you logged in during your session

• Security Protection: Prevent fraud, CSRF attacks, and unauthorized access

• Load Balancing: Ensure optimal website performance and stability

• Payment Processing: Enable secure checkout and transaction completion

Specific Examples:

2. Functional Cookies (Optional)

Purpose: Enhanced website functionality and personalization
Legal Basis: Consent (GDPR Art. 6(1)(a)) for EU/UK; Legitimate interests with opt-out for others
User Control: Can be disabled via Cookie Settings

What These Cookies Do:

• Preference Storage: Remember language, currency, and display settings

• User Interface: Customize layout and accessibility features

• Recently Viewed: Track products you've browsed for easy reference

• Account Features: Enhanced functionality for logged-in users

Specific Examples:

3. Analytics Cookies (Optional)

Purpose: Understand website usage to improve performance and user experience
Legal Basis: Consent (GDPR Art. 6(1)(a)) for EU/UK; Legitimate interests with opt-out for others
User Control: Full control via Cookie Settings and browser preferences

What These Cookies Do:

• Traffic Analysis: Monitor page views, session duration, and bounce rates

• Performance Monitoring: Identify slow-loading pages and technical issues

• User Journey Mapping: Understand how visitors navigate through our site

• A/B Testing: Compare different website versions for optimization

Privacy Protections:

• IP address anonymization enabled on all analytics

• No personally identifiable information collected

• Data retention limited to 26 months maximum

• Demographic and interest reports disabled

Analytics Services:

4. Marketing/Advertising Cookies (Optional)

Purpose: Deliver relevant advertisements and measure campaign effectiveness
Legal Basis: Consent (GDPR Art. 6(1)(a)) - explicit consent required
User Control: Complete control via Cookie Settings, "Do Not Sell or Share" page, and GPC

What These Cookies Do:

• Targeted Advertising: Show relevant ads based on your interests and browsing behavior

• Retargeting: Display Merchifies ads when you visit other websites

• Campaign Measurement: Track ad performance and return on investment

• Cross-Platform Coordination: Synchronize advertising across different devices

Important Privacy Notes:

• No Personal Data Sales: We never sell your personal information for money

• Limited Data Sharing: Only anonymous identifiers and behavioral data shared

• Easy Opt-Out: Multiple opt-out methods available

• GPC Compliance: Automatic opt-out when Global Privacy Control is enabled

Advertising Partners:

Managing Your Preferences

Cookie Preference Center

Access Your Controls:

• Click "Cookie Settings" in the website footer

• Visit directly: merchifies.com/cookie-settings

• Available in your account dashboard (logged-in users)

• Accessible from privacy policy links

<div class="cookie-preference-center">
  <div class="cookie-banner">
    <h3>🍪 We Value Your Privacy</h3>
    <p>We use cookies to enhance your experience, analyze site usage, and deliver personalized content. Choose your preferences below:</p>
    
    <div class="cookie-categories">
      <div class="cookie-category essential">
        <div class="category-header">
          <h4>Essential Cookies</h4>
          <span class="status-badge required">Always Active</span>
        </div>
        <p>Required for website functionality, security, and core features like shopping cart and checkout.</p>
        <div class="toggle-container">
          <label class="toggle-switch disabled">
            <input type="checkbox" checked disabled>
            <span class="slider always-on"></span>
            <span class="toggle-label">Required</span>
          </label>
        </div>
      </div>
      
      <div class="cookie-category functional">
        <div class="category-header">
          <h4>Functional Cookies</h4>
          <span class="status-badge optional">Optional</span>
        </div>
        <p>Remember your preferences like language, currency, and accessibility settings for a personalized experience.</p>
        <div class="toggle-container">
          <label class="toggle-switch">
            <input type="checkbox" id="functional-cookies" name="functional" value="1">
            <span class="slider"></span>
            <span class="toggle-label">Enable</span>
          </label>
        </div>
      </div>
      
      <div class="cookie-category analytics">
        <div class="category-header">
          <h4>Analytics Cookies</h4>
          <span class="status-badge optional">Optional</span>
        </div>
        <p>Help us understand how you use our website so we can improve performance and user experience.</p>
        <div class="toggle-container">
          <label class="toggle-switch">
            <input type="checkbox" id="analytics-cookies" name="analytics" value="1">
            <span class="slider"></span>
            <span class="toggle-label">Enable</span>
          </label>
        </div>
      </div>
      
      <div class="cookie-category marketing">
        <div class="category-header">
          <h4>Marketing Cookies</h4>
          <span class="status-badge optional">Optional</span>
        </div>
        <p>Used to deliver relevant advertisements and measure campaign effectiveness across platforms.</p>
        <div class="toggle-container">
          <label class="toggle-switch">
            <input type="checkbox" id="marketing-cookies" name="marketing" value="1">
            <span class="slider"></span>
            <span class="toggle-label">Enable</span>
          </label>
        </div>
      </div>
    </div>
    
    <div class="preference-actions">
      <button type="button" class="btn primary" id="accept-all">Accept All</button>
      <button type="button" class="btn secondary" id="save-preferences">Save Preferences</button>
      <button type="button" class="btn tertiary" id="reject-optional">Reject Optional</button>
    </div>
    
    <div class="additional-links">
      <a href="/do-not-sell-or-share" class="privacy-link">🚫 Do Not Sell or Share My Information</a>
      <a href="/privacy" class="privacy-link">📋 Full Privacy Policy</a>
    </div>
  </div>
</div>

Global Privacy Control (GPC)

Automatic Browser-Based Opt-Out:

What is GPC? A privacy setting that automatically tells websites you want to opt out of data sales and sharing for advertising purposes.

We Honor GPC Signals Automatically - no additional action required.

How to Enable GPC:

• Chrome/Edge: Install Privacy Badger, DuckDuckGo Privacy Essentials, or OptMeowt extensions

• Firefox: Enable "Tell websites not to sell or share my data" in Privacy & Security settings

• Safari: Use content blockers with GPC support (1Blocker, AdGuard)

• Brave Browser: Built-in GPC support in privacy settings

Browser Cookie Controls

Chrome:

1. Settings → Privacy and Security → Cookies and other site data

2. Choose blocking preferences and manage exceptions

3. Clear cookies and site data as needed

Firefox:

1. Settings → Privacy & Security → Enhanced Tracking Protection

2. Manage cookies and site data permissions

3. Clear data and customize protection levels

Safari:

1. Preferences → Privacy → Cookies and website data

2. Choose prevention settings and manage data

3. Clear cookies and enable tracking prevention

Edge:

1. Settings → Cookies and site permissions → Cookies and site data

2. Configure cookie preferences and tracking prevention

3. Clear cookies and manage exceptions

Detailed Cookie Information

First-Party Cookies (Set by Merchifies)

Third-Party Cookies (Set by Partners)

Google Analytics 4:

• Cookies: _ga (2 years), _ga_* (2 years), _gid (24 hours), _gat (1 minute)

• Purpose: Website analytics, user behavior analysis, performance monitoring

• Data: Anonymous user ID, page views, session duration, referral source

• Privacy: IP anonymization enabled, no PII collected

Meta Pixel (Facebook/Instagram):

• Cookies: _fbp (90 days), _fbc (90 days), fr (90 days)

• Purpose: Ad targeting, conversion tracking, audience building

• Data: Browser fingerprint, ad interactions, conversion events

• Control: Facebook Ad Settings

Google Ads:

• Cookies: _gcl_au (90 days), _gcl_aw (90 days), _gac_* (90 days)

• Purpose: Conversion tracking, ad attribution, campaign optimization

• Data: Click IDs, conversion data, campaign interactions

• Control: Google Ad Settings

Third-Party Services and Partners

Analytics and Performance

Google Analytics 4:

• Purpose: Comprehensive website analytics and user behavior insights

• Data Processing: Anonymous user tracking, page performance, conversion funnel analysis

• Privacy Measures: IP anonymization, data retention limits, no demographic data collection

• User Controls: Browser opt-out addon, cookie settings, GPC compliance

• Privacy Policy: Google Analytics Privacy

Hotjar (Optional):

• Purpose: Heatmaps, session recordings, and user feedback collection

• Data Processing: Anonymized user interactions, mouse movements, click patterns

• Privacy Measures: Personal data masking, IP anonymization, consent-based activation

• User Controls: Direct opt-out available, cookie preference controls

• Privacy Policy: Hotjar Privacy

Advertising and Marketing

Meta Business (Facebook/Instagram):

• Purpose: Social media advertising, retargeting campaigns, conversion tracking

• Data Processing: Website interactions, ad engagement, custom audience creation

• Privacy Measures: Hashed identifiers, limited data sharing, user control options

• User Controls: Facebook ad preferences, cookie settings, GPC compliance

• Privacy Policy: Meta Privacy Policy

Google Ads:

• Purpose: Search and display advertising across Google's advertising network

• Data Processing: Ad interactions, conversion events, audience targeting

• Privacy Measures: Interest-based advertising controls, data retention limits

• User Controls: Google ad settings, cookie preferences, industry opt-outs

• Privacy Policy: Google Ads Privacy

Pinterest Business:

• Purpose: Visual advertising and conversion tracking on Pinterest platform

• Data Processing: Website visits, product interactions, conversion measurement

• Privacy Measures: Limited data sharing, user privacy controls available

• User Controls: Pinterest privacy settings, cookie management, opt-out options

• Privacy Policy: Pinterest Privacy

Essential Services

Stripe (Payment Processing):

• Purpose: Secure payment processing and fraud prevention

• Data Processing: Transaction security, payment verification, fraud detection

• Privacy Measures: PCI DSS compliance, encryption, minimal data retention

• Privacy Policy: Stripe Privacy

PayPal (Alternative Payments):

• Purpose: Alternative payment method and transaction security

• Data Processing: Payment verification, fraud prevention, account management

• Privacy Policy: PayPal Privacy

Klaviyo (Email Marketing):

• Purpose: Email marketing campaigns and customer communication

• Data Processing: Email engagement, campaign analytics, customer segmentation

• Privacy Policy: Klaviyo Privacy

Regional Compliance

European Economic Area (EEA) & United Kingdom

Legal Framework:

• ePrivacy Directive: Requires explicit consent for non-essential cookies

• GDPR: Comprehensive data protection and privacy rights framework

• UK GDPR: Post-Brexit UK-specific privacy regulations

Consent Management:

• Prior Consent Required: Non-essential cookies blocked until explicit consent given

• Granular Control: Category-specific consent options (functional, analytics, marketing)

• Easy Withdrawal: One-click consent withdrawal available anytime

• Consent Records: Detailed logging for compliance demonstration

Your Enhanced Rights:

• Withdraw consent at any time without affecting website functionality

• Access detailed information about cookie purposes and data processing

• Object to processing based on legitimate interests

• File complaints with local supervisory authorities

• Request data portability and deletion where applicable

United States

Legal Framework:

• California (CCPA/CPRA): "Do Not Sell or Share" rights for targeted advertising

• Virginia (VCDPA): Comprehensive consumer privacy rights

• Colorado (CPA): Enhanced opt-out rights for advertising and profiling

• Connecticut, Utah, Oregon, Texas: Expanding state privacy protections

Privacy Controls:

• Automatic GPC Recognition: Global Privacy Control signals honored immediately

• "Do Not Sell or Share" Link: Prominent opt-out mechanism in footer

• No Discrimination Policy: Equal service regardless of privacy choices

• Transparent Disclosure: Clear information about data sharing practices

Default Cookie Behavior:

• Essential cookies active immediately (required for service)

• Functional and analytics cookies active with opt-out available

• Marketing cookies require explicit opt-in or honor opt-out preferences

• GPC signals disable marketing cookies automatically

Other Regions

Canada (PIPEDA):

• Consent required for non-essential tracking cookies

• Right to access and correct cookie-related information

• Reasonable purposes standard for data collection

Australia (Privacy Act):

• Consent requirements for behavioral tracking cookies

• Right to access and correct personal information

• Reasonable steps requirement for privacy protection

Brazil (LGPD):

• Explicit consent required for non-essential cookies

• Enhanced data subject rights including access and deletion

• Legitimate interests basis available with clear opt-out

Data Protection and Security

Cookie Security Measures

Technical Protections:

• Secure Transmission: All cookies transmitted over HTTPS connections only

• HttpOnly Flags: Prevent JavaScript access to sensitive authentication cookies

• SameSite Attributes: Protect against cross-site request forgery attacks

• Encryption: Sensitive cookie data encrypted before storage

Data Minimization Practices:

• Collect only cookie data necessary for stated purposes

• Use shortest possible retention periods for each cookie type

• Regular review and deletion of unnecessary or expired cookies

• Anonymous or pseudonymous identifiers whenever possible

Third-Party Data Sharing Controls

Advertising Partner Agreements:

• Share only anonymous identifiers and aggregated behavioral data

• Contractual data protection requirements for all advertising partners

• Regular compliance audits and vendor security assessments

• Clear data retention and deletion obligations

International Data Transfer Safeguards:

• Standard Contractual Clauses (SCCs) for EEA/UK data transfers

• EU-US and UK-US Data Privacy Framework participation where applicable

• Data Protection Impact Assessments for high-risk processing

• Additional safeguards including encryption and access controls

Contact Information

Cookie and Privacy Support

Privacy Team:

• Email: [email protected]

• Subject Line: Include "Cookie Policy" or "Cookie Preferences" for faster routing

• Response Time: 24-48 hours for most cookie-related inquiries

• Languages: English (primary), Spanish support available upon request

Data Protection Officer:

• Email: [email protected]

• Specialization: Complex cookie compliance questions, legal interpretation, policy guidance

• Best For: Technical questions about cookie implementation and data processing procedures

General Support

Customer Service:

• Email: [email protected]

• Phone: (307) 381-6808

• Hours: Monday-Friday, 9 AM - 5 PM Mountain Time

• Best For: Cookie preference center issues, website functionality problems

Legal and Compliance:

• Email: [email protected]

• Focus: Legal questions about cookie compliance, regulatory requirements, policy interpretation

• Response Time: 5-7 business days for complex legal matters

Accessibility Support

Accessibility Coordinator:

• Email: [email protected]

• Phone: (307) 381-6808 (ask for accessibility support)

• Services: Alternative format policies, communication assistance, reasonable accommodations for cookie management

Frequently Asked Questions

General Cookie Questions

Q: What happens if I disable all optional cookies?

A: You can disable functional, analytics, and marketing cookies without affecting core website functionality. Essential cookies remain active to ensure proper operation of shopping, checkout, and security features.

Q: Do cookies contain my personal information?

A: Most cookies contain only anonymous identifiers and technical data. Essential cookies may include session information but no personally identifiable data like names, addresses, or payment details.

Q: How often should I review my cookie preferences?

A: Review preferences whenever your privacy needs change. We may also prompt you to review settings when we add new cookie categories or significantly change our practices.

Q: Can I have different cookie settings on different devices?

A: Yes, cookie preferences are typically device and browser-specific. For consistent settings across devices, use Global Privacy Control (GPC) or log into your account where preferences are synchronized.

Privacy and Control

Q: How do I know my cookie preferences are being honored?

A: You can verify cookie status through your browser's developer tools, our Cookie Settings page, or by monitoring the types of ads you see on other websites.

Q: What's the difference between disabling cookies and using "Do Not Sell or Share"?

A: Cookie settings control what tracking technologies are used on our site. "Do Not Sell or Share" specifically opts you out of data sharing for advertising purposes, which may include non-cookie tracking methods.

Q: Can I opt out of cookies but still receive marketing emails?

A: Yes, cookie preferences and email marketing preferences are separate. You can disable marketing cookies while remaining subscribed to our email newsletters, and vice versa.

Technical Questions

Q: Why do some cookies come back after I delete them?

A: Essential cookies are automatically recreated when you visit our site because they're necessary for basic functionality. Optional cookies should only return if you've given consent.

Q: Do cookies work the same way on mobile devices?

A: Cookie functionality is similar on mobile browsers. Native mobile apps may use different tracking technologies governed by separate privacy policies and device-level controls.

Q: What happens to my cookies if you update this policy?

A: Existing cookie preferences remain active through policy updates. If we add new cookie categories or change practices significantly, we may ask for renewed consent.

Policy Updates and Maintenance

Update Procedures

How We Handle Changes:

• Material changes communicated via email to users who have provided consent

• Website banner notifications for significant policy updates

• Updated "Last Modified" date prominently displayed

• 30-day advance notice for changes affecting user rights or data processing

Automatic Protections:

• Existing cookie preferences remain active through all policy updates

• New cookie categories require fresh explicit consent

• Enhanced privacy controls automatically available when implemented

• No reduction in privacy protections without clear notice and consent

Compliance Monitoring

Regular Reviews:

• Quarterly cookie inventory and compliance assessments

• Annual third-party privacy audits and security evaluations

• Continuous monitoring of regulatory changes and legal requirements

• User feedback integration for policy improvements

Technical Maintenance:

• Regular testing of cookie consent mechanisms and preference centers

• Monitoring of third-party service changes and privacy policy updates

• Automated compliance checking and alert systems

• Performance optimization for cookie management systems

Technical Implementation Guide

For Development Team

Cookie Consent Management Platform (CMP) Requirements:

1. Prior Consent Implementation (EU/UK):

   // Block non-essential cookies until consent given
   if (isEUUser() && !hasValidConsent()) {
     blockNonEssentialCookies();
     showConsentBanner();
   }
   

2. GPC Signal Detection:

   // Honor Global Privacy Control signals
   if (navigator.globalPrivacyControl === true) {
     disableTargetedAdvertising();
     setOptOutCookie();
     updateConsentPreferences({marketing: false});
   }
   

3. Cookie Categorization and Management:

   const cookieCategories = {
     essential: { required: true, consent: false },
     functional: { required: false, consent: true },
     analytics: { required: false, consent: true },
     marketing: { required: false, consent: true }
   };
   

4. Consent Logging for Compliance:

   function logConsent(preferences) {
     const consentRecord = {
       timestamp: new Date().toISOString(),
       preferences: preferences,
       ipAddress: getHashedIP(),
       userAgent: navigator.userAgent,
       consentString: generateIABString(preferences)
     };
     storeConsentRecord(consentRecord);
   }
   

Tag Management Configuration:

• Configure Google Tag Manager to fire tags only after appropriate consent

• Implement conditional firing rules for each cookie category

• Ensure essential tags fire immediately while optional tags wait for consent

• Regular testing of tag firing behavior across different consent scenarios

Integration Requirements:

• Sync cookie preferences with "Do Not Sell or Share" opt-out status

• Update advertising partner opt-out signals when preferences change

• Maintain consistent privacy controls across all site pages and features

• Provide clear user feedback when preferences are saved or updated

This comprehensive Cookie Policy ensures transparency, user control, and legal compliance while maintaining an optimal user experience. We are committed to respecting your privacy choices and providing clear information about our cookie practices.

Ready to manage your cookie preferences? Visit our Cookie Settings page or contact our privacy team at [email protected] with any questions.

Merchifies Global LLC
30 N Gould St, Ste N
Sheridan, WY 82801
United States

Cookie and Privacy Contacts:

• Cookie Preferences: [email protected]

• Technical Support: [email protected]

• Legal Compliance: [email protected]

• Phone: (307) 381-6808

Last Updated: 01/01/2024
This Cookie Policy is regularly reviewed and updated to reflect current practices, legal requirements, and user feedback. Your cookie preferences are always honored and can be changed at any time through our Cookie Settings page.

Accessibility Statement: If you need this policy in an alternative format or require assistance managing your cookie preferences due to a disability, please contact [email protected] or call (307) 381-6808.