PRIVACY AND SECURITY POLICY

Overstock.com, Inc. (“Overstock,” “we” or “us,”) has created the following Privacy and Security Policy (“Privacy Policy”) to inform you of the following: what information we collect, when we collect it, how and why we collect it, how we use it, how we protect it, how we share it and what choices you have regarding our collection and use of this information.

This Privacy Policy applies to the following sites: http://www.overstock.comhttp://www.o.info, http://o.co, and http://www.o.biz (collectively and individually, the “Sites”). Overstock is the controller of your personal data provided to, collected by or for, or processed in connection with your use of the Sites. Entering the Sites constitutes your acceptance and agreement to the terms contained in this Privacy Policy. If you do not agree with the terms set forth in this Privacy Policy, please do not enter the Sites.

If you are a resident of a state that has specific privacy requirements, please see the State Privacy Law Addendum below to read additional disclosures required by state privacy laws.

WHAT INFORMATION WE COLLECT
We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (”personal information”). In particular, we have collected the following categories of personal information from our customers within the last twelve (12) months:

Category
 		Examples
 		Collection and Necessity
 
A. Identifiers.
 		Your real name, alias, billing and delivery address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number (if you apply for a credit card), and other similar identifiers.
 		YES, necessary to create account, process orders, create credit card accounts, etc.
 
B. Personal information.
 		Your name, Social Security number (if you apply for a credit card), address, phone (or mobile) number, credit/debit card number, or other financial information.
Some personal information included in this category may overlap with other categories.
 		YES, necessary to create account, process orders, create credit card accounts, etc.
 
C. Protected classification characteristics.
 		Veteran or military status.
 		YES, we offer Club O memberships to active military and veterans (among others)
 
D. Commercial information.
 		Records of products or services purchased, obtained, considered, returned, or exchanged, and other purchasing or consuming histories or tendencies.
 		YES, necessary for fulfilling orders, processing returns, targeted or other advertising, fraud prevention, tax, and other legal reasons
 
E. Biometric information.
 		Faceprints (when you interact with the mobile app on certain mobile phones).
 		NO
 
F. Internet or other similar network activity.
 		Browsing history, search history, information on your interaction with the Sites, application, or advertisements.
 		YES, necessary for customer service, fraud prevention, targeted and other advertising
 
G. Geolocation data.
 		Physical location or movements.
 		YES, if you opt in through our mobile application
 
H. Sensory data.
 		Audio, electronic, visual, thermal, olfactory, or similar information.
 		NO
 
I. Professional or employment-related information.
 		Current or past job history or performance evaluations.
 		NO
 
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).
 		Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.
 		NO
 
K. Inferences drawn from other personal information.
 		Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
 		YES, necessary for customer service, fraud prevention, targeted and other advertising
 
L. Sensitive Personal InformationBiometric data processed to identify an individual, data about sexual orientation or sex life, financial account details in a combination (for example, card number and password that gives access to an account), genetic data, government issued numbers (Social Security number, driver’s license number, passport number), health data, philosophical or religious beliefs, precise geolocation, racial or ethnic origin, union membership, or contents of a consumer’s mail/email/text messages.NO, except as provided above when expressly submitted by the consumer
Sensitive personal information means personal information that reveals information pertaining to the individual such as: Social security, driver's license, state identification card, or passport number; Account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account; Precise geolocation; Racial or ethnic origin, religious or philosophical beliefs, or union membership; Contents of a consumer's mail, email and text messages; Genetic data; Biometric information used for the purpose of uniquely identifying an individual; Health information; or Sex life or sexual orientation. "Sensitive personal information" does not include "publicly available" information that is lawfully made available to the general public from federal, state, or local government records, except for the collection of an individual's biometric information without the individual's knowledge.
 
  • We Collect Information When
We obtain the categories of personal information listed above from the following categories of sources:
Directly from you (for example):
    • You purchase, order, return, exchange or request information about our products and services from the Sites or mobile applications.
    • You create an Overstock.com account.
    • You sign up for a private label or co-branded credit card.
    • You connect with us regarding customer service via our customer service center, or on social media platforms.
    • You visit the Sites or participate in interactive features of the Sites or mobile applications.
    • You use a social media service, for example, our Facebook page or YouTube channel.
    • You sign up for e-mails, mobile messages, or social media notifications from us.
    • You enter a contest or sweepstakes, respond to one of our surveys, or participate in a focus group.
    • You provide us with comments, suggestions, or other input.
    • You interact with any of the Sites through your computer, tablet or mobile device.
Indirectly from you (for example)
Observing your actions on our Sites
Collection from third parties (where applicable)

HOW AND WHY WE COLLECT INFORMATION

  • Technologies Used
We may use tracking pixels/web beacons, cookies and or other technologies to receive and store certain types of information. This information includes Internet Protocol (IP) addresses, browser information, Internet Service Provider (ISP), operating system, date/time stamp and clickstream data. This information helps us customize your website experience and make our marketing messages more relevant. It also allows us to provide features such as storage of items in your cart between visits. This includes our content presented on other websites or mobile applications. In order to provide the best customer experience possible, we also use this information for reporting and analysis purposes, such as how you are shopping our website, performance of our marketing efforts, and your response to those marketing efforts.
  • Third Party Cookies
We allow third-party companies to collect non-personally identifiable information when you visit the Sites and to use that information to serve ads for our products or services or for products or services of other companies when you visit the Sites or other websites. These companies may use non-personally identifiable information (e.g., navigational, click stream information, browser type, time and date, subject of advertisements clicked or scrolled over, etc.) during your visits to the Sites and other websites in order to provide advertisements about our goods and services likely to be of interest to you. These parties may use a cookie or a third party web beacon, or other technologies, to collect this information. To opt out of third-party vendors' cookies, see the "What Choices Do You Have?" section of this Privacy Policy for instruction how to do so.
  • User Experience Information
    In order to improve customer online shopping experience, help with fraud identification, and to assist our customer care representatives in resolving issues customers may experience in completing online purchases, we use tools to monitor certain user experience information, including, but not limited to, login information, IP address, data regarding pages visited, specific actions taken on pages visited (e.g., information entered during checkout process), and browser information.
  • Information from Other Sources
    We may also obtain information from companies that can enhance our existing customer information to improve the accuracy and add to the information we have about our customers (e.g., adding address information). This may improve our ability to contact you and improve the relevancy of our marketing by providing better product recommendations or special offers that we think will interest you.
  • Public Forums
    Any information you submit in a public forum (e.g., a blog, chat room, or social network) can be read, collected, or used by us and other participants, and could be used to personalize your experience. You are responsible for the information you choose to submit in these instances.
  • Mobile Privacy
We offer mobile applications (commonly known as “apps”) that allow you to shop online, check product availability, learn about sales events, or receive other information from us. All information collected by us via our mobile application is protected by this Privacy Policy. You may share location information with us if you opt in through our mobile application. Although you do not have to provide your location information to us to use our mobile applications, our services require a zip code to function. If you have questions about location and notification privacy, please contact your mobile service provider or the manufacturer of your device to learn how to adjust your settings, including those relating to precise geolocation.

HOW WE USE THE INFORMATION WE COLLECT

  • Product and Service Fulfillment
    • Fulfill and manage purchases, orders, payments, returns/exchanges, or requests for information, or to otherwise serve you.
    • Provide any requested services.
    • Administer sweepstakes and contests.
  • Marketing Purposes
    • Deliver coupons, mobile coupons, newsletters, receipt messages, e-mails, and mobile messages.
    • Send marketing communications and other information regarding products, services and promotions.
    • Administer promotions.
    • Targeted Advertising.
  • Internal Operations
    • Improve the effectiveness of the Sites, mobile experience, and marketing efforts.
    • Conduct research and analysis, including focus groups and surveys.
    • Perform other business activities as needed, or as described elsewhere in this policy.
  • Fraud Prevention
    • To prevent fraudulent transactions, monitor against theft and otherwise protect our customers and our business.
  • Legal and Tax Compliance
    • To assist law enforcement and respond to subpoenas.
    • As otherwise required by state or federal law.

HOW WE PROTECT THE INFORMATION WE COLLECT
  • Security Methods
    • We maintain technical, administrative, physical, electronic and procedural safeguards to protect the confidentiality and security of information transmitted to us. To guard this information, the Sites use Transport Layer Security (TLS) where we collect personal and sensitive information. SSL encrypts your credit card number, name and address so only we are able to decode the information.
  • E-mail Security
    • Please note that e-mail may not be encrypted and is not considered to be a secure means of transmitting credit card information. “Phishing” is a scam designed to steal your information. If you receive an e-mail that looks like it is from us asking you for certain information, do not respond. Though we might ask you your name, we will never request your password, credit card information or other information through e-mail.
  • Information About Children
    • We recognize the particular importance of protecting privacy where children are involved. We are committed to protecting children's privacy and we comply fully with the Children's Online Privacy Protection Act (COPPA). We will never knowingly request or collect personal information from any person under 13 years of age without prior verifiable parental consent. If we become aware that an individual is under the age of 13 and has submitted any information to us, for any purpose without prior verifiable parental consent, we will delete his or her information from our files. If we become aware that an individual is under the age of 16, we will obtain consent before selling or sharing that individual’s personal information. Verified parents or legal guardians of a minor may submit a request to delete information about that minor at https://www.overstock.com/privacyrequest
  • Additional Security
    • We also ask customers to carefully review their accounts and immediately report any unexpected activity to us and their issuing bank or credit card company. We ask all our customers to take measures to help protect information in their online accounts, including the following:
      • Install the latest security updates and anti-virus software on your computer to help prevent malware and viruses.
      • Reset your e-mail account passwords frequently.
      • Use complex passwords or passphrases
      • Do not use the same password on more than one website.
      • Do not share your password with others.
    • Sign out/log off website sessions so that your session is closed and cannot be accessed by another user on the same computer, especially when using a public computer or terminal.

HOW WE SHARE THE INFORMATION WE COLLECT
  • General Policy
 In general, we may use, sell, or disclose the personal information we collect for one or more of the following business purposes:
    • To fulfill or meet the reason you provided the information. For example, if you share your name and contact information to ask a question about our products or services, we will use that personal information to respond to your inquiry. If you provide your personal information to purchase a product or service, we will use that information to process your payment and facilitate delivery. We may also save your information to facilitate new product orders or process returns.
    • To provide, support, personalize, and develop our Sites, products, and services.
    • To create, maintain, customize, and secure your account with us.
    • To process your requests, purchases, transactions, and payments, and to prevent transactional fraud.
    • To provide you with customer service and to respond to your inquiries, including to investigate and address your concerns and monitor and improve our responses.
    • To personalize your experience and to deliver content and product and service offerings relevant to your interests, including targeted offers and ads through our Sites, third party sites, and via email or text message (with your consent, where required by law).
    • To help maintain the safety, security, and integrity of our Sites, products and services, databases and other technology assets, and business.
    • For testing, research, analysis, and product development, including to develop and improve our Sites, products, and services.
    • To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
 
    • The Overstock Family
      • We may share information we collect with the Overstock family, which includes all of our subsidiaries and affiliates. The Overstock family may use this information to offer you products and services that may be of interest to you.
    • Service Providers
      • We may share information with companies that provide support services to us (such as a printer, e-mail, mobile marketing, logistics, or data enhancement providers) or that help us market our products and services. These companies may need information about you in order to perform their functions. These companies are not authorized to use the information we share with them for any other purpose.
    • Legal Requirements
      • We may disclose information you provide to us when we believe disclosure is appropriate to comply with the law, including to meet national security or law enforcement requirements; to enforce or apply applicable terms and conditions and other agreements; or to protect the rights, property or safety of our company, our customers or others.
    • When You Direct Us
      • At your direction or request, we may share your information.
    • Business Transfers
      • If some or all of our business assets are sold or transferred, we generally would transfer the corresponding information regarding our customers. We also may retain a copy of that customer information.
    • International Data Transfers
      • To the extent that we are deemed to transfer personal information cross-border, we rely on the following legal bases to transfer your information in accordance with legally-provided mechanisms to lawfully transfer data across borders:
        • Consent (where you have given consent)
        • Contract (where processing is necessary for the performance of a contract with you; for example, to process an online payment or deliver a purchased product)
        • Legitimate interests (as outlined in this Privacy Policy)
    • Retention
As to each category of information we collect, we will retain personal information for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use personal information to the extent necessary to comply with legal and tax obligations, resolve disputes, prevent fraud, and enforce policies. We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.

WHAT CHOICES DO YOU HAVE

  • E-mail
    • Promotional E-mail
      If you do not wish to receive promotional e-mails from us, click here. You also have the ability to unsubscribe to promotional e-mails via the opt-out link included in each e-mail. It may take up to 10 business days before you stop receiving promotional e-mails.
    • Important Notices and Transactional E-mail
      • From time to time, we may send non-commercial electronic email messages with important information about us or the Sites to your email address.
      • We regularly send email order confirmations, email order updates and review emails to you after you have submitted an order.
  • Mobile
    • We may distribute mobile coupons and text messages to mobile devices of customers who have requested this information via an opt-in request. Customers will be able to opt out of a specific mobile messaging campaign.
  • Overstock.com Cookies
    • The help function of your browser should contain instructions to set your computer to accept all cookies, to notify you when a cookie is issued, or to not receive cookies at any time. If you set your computer to not receive cookies at any time, certain personalized services cannot be provided to you, and accordingly, you may not be able to take full advantage of all of the Site features.
  • Third Party Cookies
    • To opt-out of third-party vendor's cookies on other websites, visit the Network Advertising Initiative website, click here.
  • Online Advertising
    • We participate in the Adobe Marketing Cloud Device Cooperative to better understand how you use certain websites and apps of ours across the various devices you use, and to deliver tailored promotions. Learn more about how Adobe does this and manage your preferences.
  • Targeted Advertising
You (or an authorized person acting on your behalf) may opt out of targeted advertising. “Targeted Advertising” means displaying to a consumer an advertisement that is selected based on personal information obtained or inferred over time from the consumer's activities across nonaffiliated websites, applications, or online services to predict consumer preferences or interests. "Targeted advertising" does not include: Advertising to a consumer in response to the consumer's request for information or feedback; Advertisements based on activities within a controller's own websites or online applications; Advertisements based on the context of a consumer's current search query, visit to a website, or online application; or Processing personal information solely for measuring or reporting advertising performance, reach, or frequency.
  • Telephone
    • If you do not wish to receive promotional communication from us, call us at (800) 843-2446 to opt out. This opt out does not apply to operational or transactional communications, for example, confirmation of delivery address.

HOW DO YOU ACCESS AND UPDATE THE INFORMATION
  • In order to keep your information accurate and complete, you can access or update some of your information in the following ways:
    • If you have created an account, you can log in and update your account information, including contact, billing, and shipping information.
    • Contact us with your current contact information and the information you would like to access. We will provide you the information requested if reasonably available, or will describe more fully the types of information we typically collect.
    • Depending on your location, you may also have certain additional rights with respect to your personal information such as (i) the right to obtain a copy of your personal data you provided to us; (ii) the ability to change or correct your personal data through your account settings; (iii) the right to have us delete or limit our use of your personal information, except information we are required to retain, by contacting us.

PRIVACY POLICY SCOPE
  • This Privacy Policy applies to all current or former customer information collected by or provided to us.
  • The Sites may offer links to other sites. If you visit one of these sites, you may want to review the privacy policy on that site. In addition, you may have visited our website through a link or a banner advertisement on another site. In such cases, the site you linked from may collect information from people who click on the banner or link. You may want to refer to the privacy policies on those sites to see how they collect and use this information.

COMPLAINTS
  • Overstock.com commits to resolve complaints about your privacy and our collection or use of your information. Customers with inquiries or complaints regarding this Privacy Policy should first contact us using one of the following methods:
    • Send an e-mail to [email protected]
    • Call our Customer Care line at 801-559-3816
    • Write us at Overstock.com, Inc., 799 W. Coliseum Way, Midvale, Utah 84047
  • We have further committed to refer unresolved privacy complaints to the Better Business Bureau. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://bbbprograms.org/ for more information and to file a complaint. This service is provided free of charge to you. 
  • If you have contacted us with a question regarding this Privacy Policy and you feel that your question is not addressed to your satisfaction, you may contact our data protection officer at [email protected].
  • If your concerns have not been addressed through the processes above, you may file a complaint with your state’s attorney general.

INTERNATIONAL CUSTOMER PRIVACY
  • Overstock is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).
  • For most non-US transactions, we have partnered with third party companies (“Vendors”) that we have selected to help us facilitate international transactions. We work closely with these Vendors to ensure that your transaction is handled with care and all the information you provide is secure.
  • In cases of onward transfer to third parties of data of EU or Swiss individuals received pursuant to the EU-US Privacy Shield or the Swiss-US Privacy Shield, Overstock is potentially liable.
  • As an international customer, when you click on the checkout button, you will be redirected to a checkout page hosted by a Vendor to complete your order. On the checkout page, you will be required to select a method of payment and submit credit card and other information to such Vendor to complete your order. On the checkout page, you will be presented with the Vendor’s terms and conditions which you must agree to in order to complete your order.
  • Upon completion and approval of your order by such Vendor, the Vendor will notify us of the approval and we will process your order and cause it to be shipped directly to the Vendor. In this process, the Vendor will purchase those items in your order from us, thereby taking title to the items, bill your credit card, collect and remit any duties and taxes to the appropriate taxing authority (if applicable), and arrange for the delivery of your order. In this process, the Vendor makes the sale to you as the merchant of record, but we are legally obligated to deliver your order as set forth in our Terms and Conditions.
  • Such Vendors must agree, via contract, to provide adequate protections for the Personal Data that are no less protective than those set out in this Policy.
  • If you have questions about your order, you should direct them to us and not to the Vendor.
  • The Vendors may give you the opportunity to receive marketing messages from them, in which case you should refer to their terms and conditions for details about how they use your information.
  • Any information you provide us is controlled and processed by Overstock.com, Inc., 799 W. Coliseum Way, Midvale, Utah 84047, USA or its suppliers (where indicated herein). As mentioned herein, your information provided at checkout will be controlled and processed by a Vendor.
  • We comply with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland to the United States, respectively. We have certified to the Department of Commerce that we adhere to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. If there is any conflict between the policies in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/
  • Pursuant to the EU-US Privacy Shield and the US-Swiss Privacy Shield, Overstock.com acknowledges that EU and Swiss individuals have the right to access the personal information that we maintain about them. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data, should contact us directly using one of the following methods:
    • Send an e-mail to [email protected]
    • Call our Customer Care line at 00-1-801-559-3816
    • Write us at Overstock.com, Inc., 799 W. Coliseum Way, Midvale, Utah 84047, USA
  • We will provide an individual opt-out choice before we share their data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To limit the use and disclosure of your personal information, you may submit a written request to [email protected].
  • In compliance with the EU-US Privacy Shield Principles and Swiss-US Privacy Shield Principles, Overstock.com commits to resolve complaints about your privacy and our collection or use of your information. European Union or Swiss individuals with inquiries or complaints regarding this Privacy Policy should first contact us using one of the following methods:
    • Send an e-mail to [email protected]
    • Call our Customer Care line at 00-1-801-559-3816
    • Write us at Overstock.com, Inc., 799 W. Coliseum Way, Midvale, Utah 84047, USA
  • We have further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by BBB National Programs. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://bbbprograms.org/privacy-shield-complaints/ for more information and to file a complaint. This service is provided free of charge to you. 
  • Please note that if your complaint is not resolved through these channels, under limited circumstances, a binding arbitration option may be available before a Privacy Shield Panel.
  • If you have contacted us with a question regarding this Privacy Policy and you feel that your question is not addressed to your satisfaction, you may contact our data protection officer at [email protected].
  • If you are located within the European Union, we have committed to cooperate with EU data protection regulators with regard to unresolved complaints concerning this Privacy Policy. If you do not receive timely acknowledgment of your complaint, or if your compliant is not satisfactorily addressed, you may contact your local data protection regulator for more information or to file a complaint.
  • We have further committed to cooperate with EU data protection authorities (DPAs) with regard to unresolved Privacy Shield complaints concerning human resources data transferred from the EU in the context of the employment relationship. If you do not receive timely acknowledgment of your complaint, or if your compliant is not satisfactorily addressed, please contact the EU DPAs for more information or to file a complaint. The services of EU DPAs are provided at no cost to you.

PRIVACY POLICY REVISIONS
By accessing the Site or interacting with us, you consent to our use of information that is collected or submitted as described in this Privacy Policy.  We reserve the right to amend this privacy notice at our discretion and at any time. When we make changes to this privacy notice, we will post the updated notice on the Site and update the notice’s effective date. Your continued use of the Site following the posting of changes constitutes your acceptance of such changes.
 
State Privacy Law Addendum
This State Privacy Law disclosure page ("Disclosure") supplements the Overstock Privacy Policy and is effective as of the date on the Privacy Policy. The Overstock Privacy Policy describes the personal information we collect, the sources from which we collect it, the purposes for which we use it, the limited circumstances under which we share personal information, and with whom we share it. These additional disclosures are required by the California Consumer Privacy Act, the Virginia Consumer Data Privacy Act, the Colorado Privacy Act, and related state privacy laws:

Sharing Personal Information

  • Overstock may disclose your personal information to a third party for a business purpose, or sell or share your personal information, subject to your right to opt out of those sales as outlined herein. When we disclose personal information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract.
We share your personal information with the following categories of third parties:
Disclosure of Personal Information for a Business Purpose
In the preceding twelve (12) months, we have disclosed the following categories of personal information for a business purpose:
Category A: Identifiers.
Category B: Customer Records personal information categories.
Category C: Protected classification characteristics under state or federal law.
Category D: Commercial information.
Category F: Internet or other similar network activity.
Category G: Geolocation data.
Category K: Inferences drawn from other personal information.
We disclose your personal information for a business purpose to the following categories of third parties (as defined in various state privacy laws):
  • Service providers
  • Contractors

Sales or Sharing of Personal Information
In the preceding twelve (12) months, we have sold or shared (as those terms are defined in the state privacy laws to include selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating in any means) the following categories of personal information:
A. Identifiers.
B. Customer Records personal information categories.
C. Protected classification characteristics under state or federal law.
D. Commercial information.
F. Internet or other similar network activity.
G. Geolocation data.
K. Inferences drawn from other personal information.
We sell or share (as those terms are defined in the state privacy laws) your personal information to the following categories of third parties:
  • Data aggregators.

Request to Opt Out of Sale or Sharing of Personal Information
If you are 16 years of age or older, you have the right to direct us to not sell or share your personal information at any time (the “right to opt-out”). We do not sell the personal information of consumers we actually know are less than 16 years of age, unless we receive affirmative authorization (the “right to opt-in”) from either the consumer who is between 13 and 16 years of age, or the parent or guardian of a consumer less than 13 years of age. Consumers who opt-in to personal information sales may opt-out of future sales at any time. You may also limit the use or disclosure of your sensitive personal information to only those uses and disclosures allowed by your state’s privacy laws.
To exercise the right to opt-out, you (or your authorized representative) may submit a request to us by visiting the following Internet Web page link:
https://www.overstock.com/privacyrequest
Once you make an opt-out request, we will wait at least twelve (12) months before asking you to reauthorize personal information sales. However, you may change your mind and opt back in to personal information sales at any time or consent to the use or disclosure of sensitive personal information for additional purposes.
You do not need to create an account with us to exercise your opt-out rights. We will only use personal information provided in an opt-out request to review and comply with the request.

Request to Receive or Correct Information
You also have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you:

  • The categories of personal information we collected about you.
  • The categories of sources for the personal information we collected about you.
  • Our business or commercial purpose for collecting or selling that personal information.
  • The categories of third parties with whom we share that personal information.
  • The specific pieces of personal information we collected about you.
  • If we sold or disclosed your personal information for a business purpose, two separate lists disclosing:
  • sales, identifying the personal information categories that each category of recipient purchased; and
  • disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.
You may also request that we correct your personal information.

Request to Delete Personal Information
You also have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete or obfuscate (and direct our service providers to delete or obfuscate) your personal information from our records and commit not to re-identify data that has been deleted or obfuscated, unless an exception applies.
We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:

  • Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
  • Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
  • Debug products to identify and repair errors that impair existing intended functionality.
  • Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
  • Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
  • Comply with a legal obligation.
  • Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

To exercise the opt-out, access, correction, and deletion rights described above, as well as any data-related incidents or unauthorized disclosures, you (or your authorized representative) may submit a request to us by visiting the following Internet Web page link: https://www.overstock.com/privacyrequest
You may also contact us by either:
  • Calling us at (800) 843-2446, or
Only you, or a person registered with the applicable Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.
You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:
  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.
Making a verifiable consumer request does not require you to create an account with us. However, we do consider requests made through your password protected account sufficiently verified when the request relates to personal information associated with that specific account.
We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

Response Timing and Format
We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time, we will inform you of the reason and extension period in writing.
If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.
Any disclosures we provide will only cover the 12-month period preceding our receipt of the verifiable consumer request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

Automated Decision Making
We may use portions of your personal information for automated decision making as needed. You may request that we stop using your data for automated decision making in the following categories:

  • Behavior
  • Economic situation
  • Health
  • Interests
  • Location or movements
  • Performance at work
  • Personal preferences
  • Reliability
Upon receipt of a request, we will either confirm we do not use your personal information for this reason, confirm we will stop using it for this reason, or explain why we are unable to accommodate this request for some legal or other compliance-related reason.

Non-Discrimination
We will not discriminate against you for exercising any of your privacy rights. Unless permitted by the state privacy laws, we will not:

  • Deny you goods or services.
  • Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
  • Provide you a different level or quality of goods or services.
  • Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

This Privacy Policy was last updated on January 10, 2023
6.3 20230110

Was this helpful?