Privacy Notice
Bluemercury & Bluemercury.com Notice of Privacy Practices
This Notice of Privacy Practices was updated in July 2024.
This Notice applies to Personal Information collected, processed, or stored by Bluemercury, bluemercury.com, or m61labs.com. Personal information may be shared between or processed by any of these brands.
This Notice of Privacy Practices explains:
-
Why We Collect & Use Information
-
Safeguarding Information
-
Categories of Information We Collect and How We Collect It
-
Who We Share Your Information With
-
Our Use of Information Technologies
-
Managing Your Preferences
-
California Residents
-
Managing Customer Privacy (CO/CT/NV/UT/VA/OR/TX)
-
Ownership of Customer Data
-
Additional Disclosures
Your access to and use of our services means you agree to the terms in this Notice and our Terms and Conditions.
This Notice may be updated from time to time. Bluemercury will notify you of any changes by posting an updated Notice on this page. We encourage you to refer to this Notice periodically so that you understand our current privacy practices.
If you have any questions about this Notice, please contact our Customer Service department:
Via email at: privacymaster@bluemercury.com
By phone at 1-800-355-6000
By mail at:
Bluemercury Customer ServiceATTN: Privacy Office
28-07 Jackson Avenue Long Island City, New York 11101
Why We Collect & Use Information
We at Bluemercury understand that you entrust your data to us. We value that trust.
Your Personal Information will be retained only as long as necessary to carry out the purposes outlined in this Notice.
We may combine information collected from different sources. Below is a summary of the primary ways we collect and use information:
Primary Reasons for Data Collection | Uses |
---|---|
Product and Service Fulfillment (Fulfillment) |
Fulfill, manage, and communicate with you about transactions. Establish and service your profile on our websites. Provide customer service and alert you to product or shipping information. Provide personal services. Manage loyalty programs (e.g., BlueRewards). |
Marketing, Promotions and Advertising (Advertising) |
Deliver information about products, services, and promotions. Provide interactive features on websites. Identify product and shopping preferences using information we collect from you and about you. Administer contests, sweepstakes, promotions, surveys, and focus groups. |
Internal Operations (Operations) | Improve the effectiveness of our websites, stores, merchandise assortment, and customer service. Conduct business analysis, such as analytics, projections, and identifying areas for operational improvement. |
Fraud Prevention, Security and Compliance (Security) |
Protect our assets and prevent fraudulent transactions. Validate credentials and authenticate customers when logging into your online profile, or transacting in-store. Protect the security and integrity of our services and our data. Assist law enforcement and respond to legal/regulatory inquiries. |
Loyalty/Financial Incentives
Bluemercury offers BlueRewards, a customer loyalty program with three tiers. Silver members are those who spend between $0 and $299 annually, Sapphire members spend between $300 and $999 annually, and Platinum members spend more than $1,000 annually. To participate, you must provide an email (so we can send reward and program-related information), first name, last name, and provide a password or sign-in to your bluemercurty.com account. The purpose of the BlueRewards loyalty program is to encourage repeat business with Bluemercury and enhance your shopping experience.
The benefits provided to customers (or realized by Bluemercury) vary by customer depending upon the purchases made, whether items are bought in-store or online, which offers a customer uses, and many other factors. Bluemercury also incurs a variety of expenses related to loyalty benefits. Those may include, for example, costs associated with discounts on purchases and free shipping. The benefits are reasonably related to the value of the data you provide.
The benefits of the BlueRewards program are described Here. The terms and conditions are available Here.
We will not discriminate against you for exercising your rights under Consumer Data Privacy Legislation. BlueRewards members also remain free to opt-out of email, phone, and text marketing at any time.
We also offer customers a discount promotion code for signing up for marketing emails. The promotion code is provided in a confirmation email. However, customers may opt out at any time thereafter and still retain the ability to use the promotion code. We provide this incentive because we want to be able to send offers by email. The cost of sending an email is nominal.
Back to topSafeguarding Information
Bluemercury, bluemercury.com, and m61labs.com have implemented procedural, technical, and administrative measures to safeguard the information we collect and use. For your protection, we designed our technology-enabled services to accept orders only from secured web and mobile browsers.
No security safeguards or standards are guaranteed to provide 100% security. You should always use appropriate self-protection measures and practice safe browsing on all websites. For more information on how you can securely shop with us, the National Cybersecurity Alliance provides comprehensive information to stay safe online.
Categories of Information and How we collect it
Bluemercury collects certain information from you and about you. Information is collected directly from your, or through other means.
We may collect or use the information made available to us through third-party platforms, online databases, and directories, or other means. We specify that data sourced from these third parties must be legitimately obtained. Note that this information may be governed by the privacy statement of the third party.
This may include:
Categories and Examples of Personal Information Collected | Categories of Sources from which Personal Information is Collected | Business or Commercial Purposes for Data Collection | |||
---|---|---|---|---|---|
Fulfillment | Advertising | Operations | Security | ||
Sensitive Personal Information Driver’s license number, account log-in, password, debit/credit card number, geolocation, ethnic origin, health information Sensitive Personal Information below is denoted with an asterisk (*). We may sell your sensitive personal information |
Information you provide Placing an order, taking advantage of other programs online or in-store such as visiting our Spa, completing surveys. |
✓ | ✓ | ✓ | ✓ |
Identifiers real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name |
Information You Provide Creating a profile, placing an order, creating a wish list, signing up for events, or taking advantage of other programs online or in-store. Information We Collect Through Data Collection Technologies When you visit our websites, shop in our stores, or interact with our other technologies. This information is either automatically collected or is customer-initiated. Information From Other Sources We may provide and receive information about you, with or from our service providers and vendors. |
✓ | ✓ | ✓ | ✓ |
Commercial Information products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies |
Information You Provide Placing an order, creating a wish list, signing up for events, or taking advantage of other programs online or in-store. Information From Other Sources We may provide and receive information inferred or derived about you, with or from our service providers and vendors. |
✓ | ✓ | ✓ | ✓ |
Biometric Information* voice recordings, facial recognition. We may sell your biometric personal information |
Information You Provide Calling, chatting, emailing, or otherwise contacting our customer service team. Information We Collect Through Data Collection Technologies Fraud and security activities when visiting our stores or placing online orders. |
✓ | ✓ | ✓ | ✓ |
Internet or Other Electronic Network Activity Information browsing history, search history, information regarding a customer’s interaction with an Internet website application, or advertisement |
Information We Collect Through Data Collection Technologies When you visit our websites, shop in our stores, or interact with our other technologies, tagging Bluemercury on your social platforms, or interacting with our social platforms. This information is either automatically collected or is customer-initiated. |
✓ | ✓ | ✓ | ✓ |
Geolocation |
Information We Collect Through Data Collection Technologies When shopping on our website we collect geolocation data such as IP address. |
✓ | ✓ | ✓ | ✓ |
Precise Geolocation* |
Information We Collect Through Data Collection Technologies Shopping in-store, we collect location data when your device is set to provide location information or when you have notified the store that you have arrived to pick up your curbside order. |
✓ | ✓ |
Our Use of Information Technologies
The following section describes technologies we use when you interact with us online, shop in our stores, or use our other technologies.
Bluemercury uses cookies, pixels, software development kits (SDKs) and other tracking technologies to deliver, monitor, and improve our websites, mobile-enabled web, and display content. Approved third parties may also place cookies on your web or mobile browser when you use our online services.
How Bluemercury Uses Automated Technologies:
Technology | Description of Interaction | Primary Area Utilizing This Tech | |||
---|---|---|---|---|---|
Fulfillment | Advertising | Operations | Security | ||
Cookies, Pixels, Tags, and SDKs | We use these technologies to improve our services and provide you with the best possible experience including to:
|
✓ | ✓ | ✓ | ✓ |
Global Privacy Control (GPC) | Bluemercury uses a third party privacy tool to recognize if you are broadcasting the global privacy control (GPC) signal. Please note that your use of our websites may still be tracked by Bluemercury and/or our service providers, however the GPC signal does opt out your information from being shared with third parties. For more information on Global Privacy Control, please visit https://globalprivacycontrol.org |
✓ | ✓ | ||
Website Optimization Services | Bluemercury shares data with Google Analytics and Adobe Analytics to understand and optimize website performance and enhance website usability for our customers. These services are required to maintain data securely and are not permitted to share data collected with parties other than Bluemercury. Google Analytics may associate and group session visits to our websites from various browsers and devices. | ✓ | ✓ |
Other information technologies:
Technology | Description of Interaction | Primary Area Utilizing This Tech | |||
---|---|---|---|---|---|
Fulfillment | Advertising | Operations | Security | ||
Interest-Based/Targeted or Online Behavioral Advertising (OBA) | Bluemercury uses third-party advertising companies to serve interest-based/targeted advertisements. These companies compile information from various online sources (including mobile-enabled browsers) to match user profiles with ads we believe will be relevant, interesting, and timely. | ✓ | ✓ | ||
Social Networks and Tech Advertising Programs | Bluemercury has relationships with several social networks and tech companies. These companies have specific interest-based/targeted ads programs that match customers that have shown interest in Bluemercury through our websites or other services with their individual profiles (such as on Facebook) and platforms (such as Facebook and Google). This matching allows us to deliver relevant, interest-based ads on those companies' networks. | ✓ | |||
In-Store Wi-Fi Services | Bluemercury locations may offer free Wi-Fi services to customers. Examples of data automatically collected through our Wi-Fi service include information about your device, including a MAC Address, and telemetry data (such as signal strength and quality) related to your use of our Wi-Fi service. Vendors automatically receive and analyze Wi-Fi data to provide operational insights such as foot traffic volumes, dwell times, and how customers move through our stores. Wi-Fi data is anonymously collected or de-identified unless we receive consent to use Wi-Fi data in a manner that identifies you or your device(s). |
✓ | ✓ | ✓ | ✓ |
Video Cameras | We use cameras in our stores for security purposes, loss prevention, and asset protection. We also use cameras in our stores for operational purposes, such as traffic pattern analysis. Cameras may include technology to capture age range, gender, and dwell time. We will not use cameras to personally identify you, without your consent, except when the identification is for security, anti-theft, or law enforcement purposes. |
✓ | ✓ | ✓ | |
Voice-Enabled Services | We may use voice-enabled services (‘VES’) to provide you greater functionality and easier shopping experiences with services such as voice search for products (i.e., "Show me M-61 Skincare"). VES will only be used to facilitate specific requests. Voice files are not used to personally identify an individual and will not be associated with any individual Bluemercury account. Voice files will be retained by Bluemercury and any third-party voice-enabled service providers. Voice-enabled services are opt-in by use. If you do not wish to opt-in to VES, do not use those features. VES does not include phone answering machine messages. |
✓ | ✓ |
Managing Your Preferences
This section details how you may exercise your preferences regarding any Personal Information Bluemercury may collect about you or your communication preferences.
Request Type | Guidance |
---|---|
Update Accounts and Online Profiles |
|
Opt Out of Mobile Marketing Campaigns | To opt out of Bluemercury Marketing Messages (for example, "Bluemercury Promo Alerts") for a specific mobile number, reply "STOP" to 25666 on your mobile phone/wireless device. You will receive a confirmation text that you have been opted out. For customers with a Bluemercury online account, you may also opt out by signing into My Account on bluemercury.com, clicking on my profile, and indicating your opt-out preference. Note on Opting-Out of Mobile Marketing: If you opt-out of mobile marketing using any means other than replying "STOP", please allow 3-5 business days after contacting us to process your request. We do not share your mobile number with any third parties for marketing purposes. |
Unsubscribe from Direct Mail Communications | Call Customer Service at 800-355-6000. |
Unsubscribe from Specific Email Communications | To update your preferences or categories of promotional or marketing emails you receive from Bluemercury at a specific email address, you may:
Operational emails (e.g., shipping confirmation or product recall information) do not provide an opt-out option. |
Technology-Enabled Collection and Use Preferences |
In-Store Wi-Fi Services
Cookies and Pixel Tags
Website Optimization Services
Interest-Based/Targeted or Online Behavioral Advertising (OBA)
Social Networks and Tech Advertising Programs You can manage your preferences for many of these advertising programs through the links provided below: |
California Residents
California Shine the Light Law: If you reside in California, you have the right to ask us one time each year if we have shared Personal Information with third parties for their direct marketing purposes. To make a request please submit an inquiry to the following address: bluemercury’s Customer Service, Attn: Privacy Office, 28-07 Jackson Avenue Long Island City, New York 11101. In your request, please specify that you want a "Your bluemercury California Shine the Light Notice." Please allow 30 days for a response.
If you are a minor under 18 and have a profile on bluemercury.com, you may ask us to remove reviews or other content that you posted on the site by writing to privacy@bluemercury.com. We will begin to process your request within 30 days. Please note that processing your request does not ensure complete or comprehensive removal of the content that you posted.
California Privacy Rights Act: You have the right to request information about how Bluemercury collects, processes, and shares your Personal Information. There may be situations where Bluemercury cannot grant a request, for example to complete a transaction to you or comply with law. These options do not apply to publicly available information from government records nor to deidentified or aggregated information.
Customer Right | Detailed Description |
---|---|
Right to Deletion | You may request deletion of applicable Personal Information Bluemercury has collected about you. Upon verification of your request, Bluemercury will notify third parties to whom Bluemercury has shared your Personal Information to delete your information as well. |
Right to Correct Inaccurate Personal Information | You have the right to correct inaccurate Personal Information collected by Bluemercury. If you are a registered user of bluemercury.com, you can correct your information in the My Profile section of My Account. Alternatively, use one of the contact methods outlined below. |
Right to Know / Access What Personal Information is Collected | You have the right to know Personal Information Bluemercury has collected about you during the previous 12 months, including:
|
Right to Know What Personal Information is Sold or Shared | You have the right to know Personal Information Bluemercury has sold or shared about you during the previous 12 months, including:
|
Right to Opt Out of Sale or Sharing | You have the right to opt out of the sale or sharing of any Personal Information Bluemercury has collected about you including Interest-Based/Targeted Advertising and Retargeting. While Bluemercury does not sell your personal information for monetary consideration, we do share your information for other purposes that could be deemed a "sale" as defined by certain legislature. |
Right to Opt Out of Automated Decision Making | You have the right to opt out of automated decision making, including profiling, against any information Bluemercury has collected about you. |
Right to Limit Use and Disclosure of Sensitive Personal Information | You have the right to opt out of the disclosure of Sensitive Personal Information to a third party if Bluemercury uses that information for any purpose other than the designated purposes defined in the legislation. |
Right to No Retaliation | Bluemercury will never discriminate nor retaliate against you if you choose to exercise any of these privacy rights. |
To exercise your customer rights, you may submit your request through the following methods:
- Online via our privacy portal: https://www.bluemercuryprivacyportal.com/
- By phone at 800-932-9841
Authorized Agents. If you would like to enter a request on behalf of a California resident, please submit the request via the Bluemercury Privacy Portal. Upon submission, you will be required to upload documentation showing proof of written permission from the customer authorizing you to submit a request on their behalf. We reserve the right to require customers to confirm their request and/or identity.
Do Not Sell or Share My Personal Information Requests
You may submit your request through the following methods:
- Online via our privacy portal: https://www.bluemercuryprivacyportal.com/
- Click to request we Do Not Sell or Share your Personal Information
- By phone at 800-932-9841
You can also change your online tracking preferences by using the Cookie Preferences link located at the bottom of the bluemercury.com homepage.
Upon submission of the request, you will be asked to provide your first name, last name, and email address. You will receive a verification email that will ask you to provide some additional information, such as an address, state, zip code and phone number. We will use the information provided to match the identifying information we have to verify your identity before processing the request.
For more information on the categories of Personal Information we have sold, shared, or disclosed, the business purpose for disclosing this information, and the categories of third parties that have received this information, please refer to the "Who We Share Your Information With" section of this Privacy Notice.
Loyalty/Financial Incentives
Bluemercury offers BlueRewards, a customer loyalty program with three tiers. Silver members are those who spend between $0 and $299 annually, Sapphire members spend between $300 and $999 annually, and Platinum members spend more than $1,000 annually. To participate, you must provide an email (so we can send reward and program-related information), first name, last name, and provide a password or sign-in to your bluemercurty.com account. The purpose of the BlueRewards loyalty program is to encourage repeat business with Bluemercury and enhance your shopping experience.
The benefits provided to customers (or realized by Bluemercury) vary by customer depending upon the purchases made, whether items are bought in-store or online, which offers a customer uses, and many other factors. Bluemercury also incurs a variety of expenses related to loyalty benefits. Those may include, for example, costs associated with discounts on purchases and free shipping. The benefits are reasonably related to the value of the data you provide.
The benefits of the BlueRewards program are described Here. The terms and conditions are available Here.
We will not discriminate against you for exercising your rights under Consumer Data Privacy Legislation. BlueRewards members also remain free to opt-out of email, phone, and text marketing at any time.
We also offer customers a discount promotion code for signing up for marketing emails. The promotion code is provided in a confirmation email. However, customers may opt out at any time thereafter and still retain the ability to use the promotion code. We provide this incentive because we want to be able to send offers by email. The cost of sending an email is nominal.
2023 California Metrics
Request Type | Received | Rejected or Unverified | Completed | Avg # of Days to Respond |
---|---|---|---|---|
Deletion | 9 | 3 | 6 | 23.17 |
Correct Inaccurate Personal Information | 0 | 0 | 0 | 0 |
Access Personal Information Collected | 0 | 0 | 0 | 0 |
Opt Out of Automated Decision Making | 1 | 1 | 0 | 0 |
Access Categories of Personal Information Collected | 0 | 0 | 0 | 0 |
Do Not Sell or Share Personal Information | 69 | 55 | 14 | 3.5 |
Managing Customer Privacy (CO/CT/NV/UT/VA/OR/TX)
This section describes rights residents Colorado, Connecticut, Nevada, Utah, Virginia, Oregon, and Texas have regarding the management of your Personal Information. There may be situations where Bluemercury cannot grant a request, for example to complete a transaction to you or comply with law. These options do not apply to publicly available information from government records nor to deidentified or aggregated information.
Identity Verification
As required by law, we may require you take steps to verify your identity and/or legal authority prior to processing any request Bluemercury receives from or about you. In response to all requests, we will send a message to the email address provided in the request. Please follow the instructions to verify your request. We will use the information provided to match the identifying information we have to verify your identity before processing the request. No action will be taken on requests not verified within 7 days.
Customer Request | Detailed Description |
---|---|
Right to Deletion | You may request deletion of applicable Personal Information Bluemercury has collected about you. Upon verification of your request, Bluemercury will notify third parties to whom Bluemercury has shared your personal information to delete your information as well. |
Right to Withdraw Consent (CO/CT/OR Residents Only) | You have the right to withdraw the consent to processing of your Personal Information. If you wish to do so, you may submit a “Right to Withdraw Consent” request. Upon verification of your request, Bluemercury will send you an email with instructions to complete. |
Right to Correct Inaccurate Personal Information (CO/CT/VA/OR/TX Residents Only) | You have the right to correct inaccurate Personal Information collected by Bluemercury If you are a registered user of bluemercury.com, you can correct your information in My Account. |
Right to Know / Access What Personal Information is Collected | You have the right to know Personal Information Bluemercury has collected about you during the previous 12 months, including:
|
Right to Know What Personal Information is Sold or Shared | You have the right to know Personal Information Bluemercury has sold or shared about you during the previous 12 months, including:
|
Right to Opt Out of Sale or Sharing | You have the right to opt out of the sale or sharing of any Personal Information Bluemercury has collected about you including Interest-Based/Targeted Advertising and Retargeting. While Bluemercury does not sell your personal information for monetary consideration, we do share your information for other purposes that could be deemed a "sale" as defined by certain legislation |
Right to Opt Out of Automated Decision Making (CO/CT/VA/OR/TX only) | You have the right to opt out of automated decision making, including profiling, against any information Bluemercury has collected about you. |
Right to Appeal (CO/CT/VA/OR/TX only) | You have the right to appeal should Bluemercury be unable to take action on your privacy rights request. |
Right to Request a List of Third Parties With Whom My Data May Have Been Disclosed (OR) | You have the right to request Bluemercury provide a list of specific third parties, other than natural persons, to which your personal information has been disclosed. |
Right to No Retaliation (CO/CT/VA/OR/TX only) | Bluemercury will never discriminate nor retaliate against you if you choose to exercise any of these privacy rights. |
Contact Methods
You may submit your privacy request through the following methods:
- Online via our privacy portal: https://www.bluemercuryprivacyportal.com/
- Click to request we Do Not Sell or Share your Personal Information
- By phone at 800-932-9841
You can also change your online tracking preferences by using the Cookie Preferences link located at the bottom of the bluemercury.com homepage.
Ownership of Customer Data
If Bluemercury or any of its subsidiaries is sold to or otherwise acquired by a third party, all Bluemercury data assets will become the property of the acquiring party. Such a party will be subject to any consent(s), opt-outs, or other customer conditions on data. A change in data ownership may or may not include a notice on the primary online sites of Macy's, Inc., or the affected subsidiary sites.
Additional Disclosures
-
Information About Children Under 13
- The Children's Online Privacy Protection Act imposes requirements on Web sites that collect personal information about children under 13 years old (for example - name, address, email address, social security number, etc.). Our current policy is not to collect any personal information on any person under 13 years old online. For this reason, our sweepstakes and other promotions conducted online are restricted to entrants who are at least 13 years old.
- If this policy changes, we will revise this portion of our Notice of Privacy Practices and will comply with the requirements of the Children's Online Privacy Protection Act, which includes providing notice and choice to each child's parent or guardian before collecting any Personal Information.
-
Opt-In Consent for Minors
- Bluemercury’s services are offered to the customers who are of the age 18 years and above. No programs, services or offerings are intended for children under the age of 18.