This document contains the privacy policy for the website www.hottubthings.com and all pages served under that domain. The World Wide Web is a big place. Our site contains links to vendors, manufacturers, and other websites that are not covered by our privacy policy.

Who we are and what we do:

We are a leading vendor of hot tub and spa products. We use our website to sell products such as hot tub chemicals, water filters, and replacement parts. We are located in Burlingame, California, with other warehouses and affiliates in California, chiefly SF Spas and Paradise Valley Spas.

What information we collect:

Like most websites, we use small files known as cookies to enhance your experience, to remember you if you resume shopping after a pause, and to improve the content and usefulness of our site. These cookies tell us what browser you are using, how long you stay on the site, and whether you are a returning customer, among other things. If you actively engage with us, for example by placing an order or filling out a survey, then we collect the information you provide. We collect your E-mail address so we can write back to you, and we collect your home address so we can deliver your purchases. With your permission, we may send you E-mails about our products and services. All messages we send you will contain clear and valid instructions for unsubscribing.

Who may see this information:

Employees of Hot Tub Things, Paradise Valley Spas, and SF Spas may access this information to fulfill orders, to contact you about your order, and to provide superior customer service. Contractors and suppliers to Hot Tub Things may receive limited and temporary access only to information they require to fulfill your order. For example, we must share your name and mailing address with the mailman or FedEx driver if you buy products from us. We may disclose your information if we are compelled to do so by a valid court order or subpoena. We may share your information with law enforcement if we reasonably suspect fraud or cyber attack. We may share non-personally identifiable visitor information with other parties for the purposes of site improvement and web analytics.

How we safeguard your information:

We have built this webstore with a focus on your peace of mind and security. All of the software we use for this site, including our Woocommerce storefront and our payment processing affiliates, complies with modern (2019) digital security protocols for Ecommerce. We maintain and update our website software and our servers regularly and in good faith. All sensitive credit card information is transmitted via Secure Socket Layer (SSL) technology. We encrypt all such information before passing it to our payment processors. After a transaction, we do not store your credit card information on our servers. We are in the business of selling hot tub stuff, not user data. We do not sell, trade, or otherwise transfer your personally identifiable information to outside parties. In the event our company is acquired by another entity, our customer database will be transferred to this entity with these safeguards and policies intact.

What control you have over this information:

Engagement with our website is entirely voluntary. Certain features and services may not be available to you if you choose to withhold necessary information. All modern web browsers allow you to easily restrict the use of cookies if you choose. We welcome your business either way, although visitors who shop with cookies disabled may find that certain features of our website do not work as well. If your privacy settings interfere with your ability to place your order, please telephone us at (650) 651-7205 during regular 9–5 business hours, California time.

California Online Privacy Protection Act Compliance

Because we value your privacy, we have taken the necessary precautions to comply with the California Online Privacy Protection Act. We therefore will not distribute your personal information to outside parties without your consent.

Children’s Online Privacy Protection Act Compliance

Our website, products, and services are all directed to people who are at least 13 years old or older. In compliance with the requirements of COPPA (Children’s Online Privacy Protection Act), we do not collect any information from anyone under 13 years of age. By using this site, you affirm that you are over 13 years of age.

General Data Protection Regulation (GDPR) Compliance

Our website, products, and services are all directed to people who reside and shop in the United States of America. We do not ship merchandise to Europe. By using this site, you affirm that you are a resident of the United States. Our vendors and contractors, including but not limited to our payment processors and marketing affiliates, may have business presences in the European Union, but we do not knowingly send customer data to be stored or processed in the EU.

Changes to this privacy policy

This privacy policy is current and effective as of January 25, 2019. If and when we change our policy, we will update this page and highlight any changes for a reasonable period of time.