Privacy Policy

Privacy Policy
Updated Effective: 11 October 2024

The Pavilion.com website and mobile application (collectively the “Site”) are owned and operated by Pavilion.com, Inc. & Pavilion.com Ltd., respectively. This Privacy Policy describes how information, including Personal Information, is collected from you (including you and any person acting on your behalf or with your authorization, collectively “you”) and subsequently used, shared, secured, and otherwise processed by Pavilion.com, Inc., Pavilion.com Ltd., and our affiliated companies (collectively, “Pavilion.com”, “Pavilion”, “us”, “our”, or “we”).

“Personal Information” is any information that enables us to identify you, directly or indirectly, such as your email address, name, shipping and billing address, telephone number, company name, credit card information, any form of identification number, or one or more factors specific to your physical, physiological, mental, economic, genetic, cultural, or social identity.

This Privacy Policy is part of our User Agreement, available here – www.Pavilion.com/about/user-agreement/. Mobile users can navigate to the Settings icon to access our User Agreement and Privacy Policy.

By accessing this website or our mobile application and making use of our services, you explicitly agree to the terms of this Privacy Policy and the User Agreement.

For the purposes of the EU General Data Protection Regulation 2016/679 (the “GDPR”), the Pavilion company from which you have purchased products and/or services, or with which you have entered into communications, or which has otherwise collected your Personal Information is the controller of your Personal information.

Pavilion.com, Inc.: 300 Park Avenue South, 10th Floor, New York, NY 10010 United States.

Pavilion.com Ltd.: 35 Ballards Lane, London, N3 1XW.

1. Effective date and updates to our Privacy Policy.

You are not obligated to provide us with your Personal Information; however, the performance of several services (including making purchases and sales on the Site) may not be possible if you choose not to provide your Personal Information.

This Privacy Policy is effective as of the date set forth at the top of this Policy. As our services evolve and we perceive the need or desirability of collecting or using information collected in other ways, we may from time to time amend this Privacy Policy and will provide a new effective date on the revised Privacy Policy. We encourage you to check our Site frequently to see the current Privacy Policy and User Agreement in effect and any changes that may have been made to them.

2. Information Pavilion.com collects from you.

a) Information you give us

Communicating with us. In general, you can visit the Site without telling us who you are or revealing any information about yourself. However, if you correspond with us through our Contact Us page, by phone, email, or otherwise, we will retain the Personal Information that you provide. This includes Personal Information you provide when participating in discussion boards or social media functions on the Site, and when you report a problem with the Site.

Communicating with other users. Users can contact sellers to negotiate a sale or make a purchase by contacting the seller using a telephone number displayed on the Site which is operated by us. When a user connects with a seller by telephone, that call may be recorded by us to log transactions and for training and quality assurance purposes.

Creating an account. To take advantage of some of our services, you are required to register and create an account via the Sign Up page on our Site. When you open an individual account at Pavilion, we ask you to provide Personal Information (such as your name, shipping address, billing address, phone number, email address, payment information, profile, preferences, communication preferences, professional and business affiliation where relevant, and contact information). All Pavilion account holders are required to create a user password that, combined with your login email address, allows access to your account. This Personal Information is used to identify you as a Pavilion registered user.

Saving an item. Users may save items to their favorites by clicking the heart or folder icon for an item. If you have created an account, your saved items are stored in the favorites folders associated with your account. Items are saved until you remove them.

Facebook log-in. As part of our services, we offer you the option of creating an individual account with Pavilion using your Facebook profile. If you select this option, we will automatically collect selected Personal Information about you from your Facebook account. The Personal Information we collect depends on your privacy settings for sharing such Personal Information, and may include name, profile picture, age range, gender, language, country, and other public information.

Google Sign-in. As part of our services, we offer you the option of creating an individual account with Pavilion using your Google profile. If you select this option, we will automatically collect selected Personal Information about you from your Google account. The Personal Information we collect depends on your privacy settings for sharing such Personal Information, and may include name, email address, language preference, and profile picture, and other public information; however, the only information that will be stored will be your name and email address.

Creating a seller account. When you open a seller account with Pavilion, you will also be required to provide Personal Information such as information about your company and any reseller or trade association information. You will also be asked to provide references which may include Personal Information relating to third parties. Please ensure that those third parties have consented to the use of their Personal Information by Pavilion for the purposes of confirming your identity or the identity of your company and have been provided with a copy of this Privacy Policy.

Making a purchase. Pavilion is a marketplace offering a forum for sellers to offer items for sale and for buyers to browse and make purchases. When you make an offer, we will ask you to provide credit card or other payment details as well as shipping information for orders.

Reviews. Registered users may choose to write reviews and have them posted on the Site; others wishing to post a review must register and provide their name and contact information, including email and postal addresses. Reviews will include the first name and last initial and shipping location of the reviewer. Reviews must comply with our Terms of Use. Information posted in reviews becomes public information. The use that any third party makes of this information is beyond our control. Please use caution before disclosing any information in a review that you do not want to become public.

b) Information we collect about you

With regard to each of your visits to the Site, we automatically collect the following information:

Technical Information. This includes browser type and version (e.g. Internet Explorer, Firefox, Chrome, Safari), operating system (e.g. Windows, Macintosh), IP address, device type, time zone setting, and Internet domain (e.g. AOL, Hotmail).

Information about your visit. This includes the pages you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, and any phone number used to call our customer service number.

Location information. Pavilion asks mobile users whether they will permit us to collect information about their location. We collect location information only from mobile users who have agreed to provide that information.

We do not treat this information as Personal Information, except where the information can identify you when associated with other Personal Information we hold or where we are required to do so under applicable law.

3. Children’s privacy
1stDibs is not designed nor intended to be attractive to use by children under the age of 13. Our Terms of Use require that users must be 18 years old or older in order to register on our Site and use our services. If you are under the age of 18, please do not submit any information to us.

4. 1stdibs.com uses cookies.
The Site uses cookies and similar technologies to distinguish you from other users. This helps us to analyze the use of the Site to customize and improve the content and the layout of the Site.

When you first access our Site from certain jurisdictions, you may receive a message advising you that cookies and similar technologies are in use.

For detailed information on the cookies and similar technologies we use and the purposes for which we use them, see our Cookie Policy.

5. Uses of your Personal Information
We use your Personal Information according to the terms of the Privacy Policy and User Agreement in effect at the time of our use. We will process your Personal Information where (1) you have provided your consent, which can be withdrawn at any time, (2) where the processing is necessary for the performance of a contract to which you are a party (for example, we will share your Personal Information with sellers with whom you have entered into a transaction), (3) where we are required by law, (4) where processing is required to protect your vital interests or those of another person, or (5) where the processing is necessary for the purposes of our legitimate commercial interests, except where such interests are overridden by your rights and interests. Common examples of processing activities we undertake (and the legal basis for these) are detailed below. Please note, this list is not exhaustive.

a) Performance of a contract (e.g., a transaction):
We may process the Personal Information you provide to us for the following purposes as is necessary for the performance of a contract to which you are a party, or to answer questions or take steps at your request prior to entering into a contract:

To administer or otherwise carry out our obligations in relation to any agreement to which we are a party.
To provide information on the products or services of our registered sellers with whom you are placed in touch in connection with a prospective purchase.
To assist in completing a transaction or order.
To allow tracking of shipments.
To facilitate the preparation and processing of invoices.
To respond to your inquiries and provide you with the information, products, and services that you request from us.
To verify that you qualify as a member of the Site.
To create and manage our customer accounts.
To notify you about changes to our services and products.
To prepare and process invoices.
To provide after-sales customer relationship management.
To contact you as necessary.

b) Legitimate interests or consent (where required by applicable law):
We may process the Personal Information you provide to us for the following purposes as is necessary for certain legitimate interests, or where you have given your informed consent to such processing if required by applicable law (such consent can be withdrawn at any time):

To record, monitor, and log calls for transaction management and quality and training purposes.
To send you communications about our own products and services, products and services offered by sellers or advertisers on our Site, and products and services of third parties (those not offered by sellers on our Site) that we think you may find of interest, provided you have given your consent.
To verify you are eligible for any promotions and/or are a member of any trade rewards program which you participate in.
To administer any trade reward program, other loyalty program, promotion, contest, survey, or competition.
To offer our products and services in a personalized way, such as providing suggestions based on previous requests to identify suitable products and services more quickly.
To create products or services that may meet your needs.

c) Legitimate business interests:
We may process the Personal Information we collect (which we shall endeavor to anonymize where practicable consistent with our business needs) for the following purposes as necessary in our legitimate business interests (provided such interests are not overridden by your interests or fundamental rights):

To monitor quality control and ensure compliance with any and all applicable laws, regulations, codes, and ordinances, for example, in response to a request from a court or regulatory body, where such request is made in accordance with the law.
To resolve any disputes.
To ensure the security of your account and our business, preventing or detecting fraud, malicious activity, or abuses of our Site.
To develop and improve our products and services by reviewing visits to our Site and its various subpages, demand for specific products and services, and user comments.
To administer the Site and for internal operations, including troubleshooting, data analysis, testing, research, statistical, and survey purposes.
To enforce or apply our User Agreement and other agreements you have entered into.
To improve the Site and to customize the content you see on the Site.
As part of our efforts to keep the Site safe and secure.
To measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you.
To do internal research on our Site visitors’ interests and behaviors to better understand and serve our members.

We use email as the primary form of communicating transactional and relationship information with registered sellers and registered Site users. We may send mobile users notifications through the application but only if the user has agreed to receive notifications from us in their preferences. Communication preferences can be changed via “Account Information” at any time. We may also use your street addresses and telephone numbers to provide these communications.

When users of the Site wish to negotiate a sale with sellers or make a purchase from a seller, they may do so by contacting the seller using a telephone number displayed on the Site. When a user connects with a seller by telephone, that call may be recorded by us to log transactions and for training and quality purposes. We may use a third party to carry out such call recording, evaluation, and transcription services on our behalf.

6. Sharing of your Personal Information
1stDibs does not sell, share, trade, or give away Personal Information other than as described in this Privacy Policy or unless you provide prior consent.

1stDibs may share Personal Information between the different 1stDibs entities where necessary to provide our services to you. We reveal your Personal Information to unaffiliated third parties when you request or authorize it, or to help complete a transaction for you which you have requested.

Where you use our Site to enter into a transaction or correspond with another individual or business registered as a seller on our Site, we provide your Personal Information to that other party in order to facilitate the transaction or the correspondence you have requested. Once your offer is submitted, your Personal Information will be delivered by 1stDibs to that seller, and your order will be placed.

When a US user contacts a seller, 1stDibs may share your search terms, or items you have viewed, saved, or purchased with that seller. You can disable sharing this information with sellers by updating the profile preferences in your account.

Third parties who will have access to your Personal Information include (without limitation) sellers selling items on the Site that you have contacted or made a purchase from, shipping companies, and payment processors completing a transaction at your request.

Sellers from whom you purchase items will have their own privacy practices regarding the information they receive. We encourage you to read such applicable privacy policies. We are not responsible for the processing of your Personal Information by such third parties.

We may share your Personal Information with other companies or agents who have been carefully selected and who perform functions on our behalf (e.g., analyzing data, IT and network services, providing marketing assistance, providing customer service, processing orders, shipping or customs agents, etc.).

We will only transfer your Personal Information to trusted third parties who provide sufficient guarantees in respect of the technical and organizational security measures governing the processing to be carried out and who can demonstrate a commitment to compliance with those measures.

These companies may then use your information for their own purposes including marketing to you, if you consent to receive notifications relating to their products and services. Where you consent to these companies using your information for their own purposes, their use will be governed by their own privacy policies, which you should review.

We may also disclose your Personal Information to comply with the law, applicable regulations, governmental and quasi-governmental requests, court orders, or subpoenas, to enforce our User Agreement or other agreements, or to protect our rights, property, or safety, or the rights, property, or safety of our users or others.

In the event of a corporate transaction, such as the purchase, sale, or other transfer of all or part of our services or assets, we may transfer your Personal Information along with those assets or services to a prospective transferee. In the event of an insolvency, bankruptcy, or receivership, such Personal Information may also be transferred as a business asset. If another company acquires any of our corporate entities, businesses, or assets, that acquiring company may acquire your Personal Information. We do not guarantee that any entity receiving such Personal Information in connection with one of these transactions will comply with all of the terms of this Privacy Policy following such transaction.

7. International Data Transfers

Please note that the personal information we collect may be stored on our servers in the European Union and the United States, and could be accessed by staff outside the EU. This means that your personal data may be processed in the United States, where data protection laws may differ from those in your country. By using our site and providing us with personal information, you acknowledge and consent to the transfer and processing of your data in the U.S.

Sellers on our platform are located globally, and to provide international services, your personal information may be transferred to merchants or sellers in any country. By using our site, you acknowledge this data transfer to third parties.

When sharing personal data from the EU or UK with third parties (such as shipping agents) in countries without an adequate level of protection, we take steps to protect your data, including using European Commission-approved Standard Contractual Clauses. For further details, please contact us at privacypolicy@1stDibs.com.

Please note, 1stDibs does not rely on the now-invalidated U.S. Privacy Shield Framework for data transfer between the U.S. and the EU.

8. Accessing and Updating Your Personal Information

We strive to ensure that the personal information we hold about you is accurate and up-to-date. You can update or amend your personal details at any time by logging into your account on our website or mobile app. Simply click on the “Account Details” link or the Account icon and follow the instructions to make changes. If you wish to stop sharing your search history or items you’ve viewed, saved, or purchased, you can adjust your preferences on your account page.

Unless required by law to retain your data for a specific period, we will only keep your personal information for as long as necessary for the purposes outlined in this Privacy Policy.

You may request to see what personal information we hold about you. To ensure your identity, we may ask for proof before providing access to your data. If you cannot verify your identity, we may decline your request. We will respond to your requests promptly.

9. Data Security

As a registered user, you are responsible for keeping your account details, including your username and password, secure. If you’re using a shared computer, we recommend logging out and closing the browser to protect your personal information.

We implement reasonable safeguards to protect your data, including encryption of sensitive information like credit card details using Transport Layer Security (TLS). However, please note that no system is completely secure, and while we take steps to protect your information, we cannot guarantee full security of data transmitted online. Any personal information sent via email is not encrypted.

10. Opt-Out

If you no longer wish to receive offers or communications from us, you can opt out by updating your preferences in your account or by contacting us. You can also unsubscribe from emails by following the provided link or by reaching out directly. These changes will only apply to future communications.

11. Privacy Rights (Europe)

For individuals in the European Economic Area (EEA), you have specific rights under the General Data Protection Regulation (GDPR):

(a) Access: You may request access to the personal information we hold about you, including the purpose of processing, recipients, retention periods, and any automated decision-making.

(b) Rectification: If any of your personal information is inaccurate, you can request it be corrected.

(c) Erasure: You have the right to ask for your personal data to be deleted, unless we need it for legal compliance or to establish, exercise, or defend legal claims.

(d) Restriction: You can request that we limit the processing of your personal data in certain circumstances.

(e) Data Portability: If possible, you can request that your personal data be transferred directly to another party.

To exercise these rights, contact us at privacypolicy@1stDibs.com. Additionally, if you feel your data rights have been violated, you can lodge a complaint with a relevant Data Protection Authority.

12. Privacy Rights (California)

Under the California Consumer Privacy Act (CCPA), effective January 1, 2020, California residents have the following rights:

Disclosure: Request details about the personal information we’ve collected about you in the past 12 months, including sources, purposes, and third-party sharing.
Copy of Information: Request a copy of the personal information we’ve collected.
Opt-Out: Request that we stop selling your personal information.
Deletion: Request deletion of your personal data (subject to exceptions).

To make a CCPA request, visit our CCPA Request Page or email us at privacypolicy@1stDibs.com. We may ask for verification to confirm your identity before processing your request. We will respond within 45 days, with an extension if necessary.

We do not sell personal information of minors under 16 years old. If you would like to opt-out, you can use our Do-Not-Sell web page.

Category of Information Collected	Source	Business Purpose(s) for Collection/Use	Categories of Third-Parties Receiving Information
Identifiers (name, alias, postal address, email, phone number, account name, Social Security number, driver’s license number, passport number, IP address)	Information provided by individuals; Automatically collected from site visitors; Data received from third-party marketing and data partners.	Transaction auditing; Security detection, protection, and enforcement; Functionality and error correction; Ad customization; Service performance; Internal research and development; Quality control.	Service providers (e.g., payment processors, marketing partners, shipping partners, employee benefits providers); Affiliated companies; Government regulators; Law enforcement; Strategically aligned businesses.
Sensitive Information (name with financial account details, medical, health, and health insurance information, username, password)	Information provided by individuals; Employment applications; Employee data.	Transaction auditing; Security detection, protection, and enforcement; Functionality and error correction; Service performance; Internal research and development; Quality control.	Service providers (e.g., payment processors, marketing partners, shipping partners, employee benefits providers); Government regulators; Law enforcement.
Protected Classification Information (race, gender, ethnicity)	Information provided by individuals.	Transaction auditing; Security detection, protection, and enforcement; Functionality debugging/error correction; Ad customization; Service performance; Internal research and development; Quality control.	Service providers (e.g., payment processors, marketing partners, shipping partners); Government regulators.
Commercial Information (transaction history, products/services purchased, obtained or considered, product preference)	Information provided by individuals; Automatically collected from site visitors; Data received from third-party marketing or data partners.	Transaction auditing; Security detection, protection, and enforcement; Functionality and error correction; Ad customization; Service performance; Internal research and development; Quality control.	Service providers (e.g., payment processors, mail houses, marketing partners, shipping partners); Affiliated companies; Government regulators; Law enforcement; Strategically aligned businesses.
Electronic Network Activity (browsing/search history, website interactions, advertisement interactions)	Automatically collected from site visitors.	Transaction auditing; Security detection, protection, and enforcement; Functionality debugging/error correction; Ad customization; Service performance; Internal research and development; Quality control.	Service providers (e.g., payment processors, marketing partners); Affiliated companies; Government regulators; Law enforcement; Strategically aligned businesses.
Audio, Video, or Similar Information (customer service calls, emails, security monitoring)	Information provided by individuals; Data collected for security purposes.	Transaction auditing; Security detection, protection, and enforcement; Functionality and error correction; Ad customization; Service performance; Internal research and development; Quality control.	Service providers (e.g., payment processors, marketing partners, shipping partners); Affiliated companies; Government regulators; Law enforcement; Strategically aligned businesses.
Geolocation	Automatically collected from site visitors.	Transaction auditing; Security detection, protection, and enforcement; Functionality and error correction; Ad customization; Service performance; Internal research and development; Quality control.	Service providers (e.g., payment processors, marketing partners, shipping partners, employee benefits providers); Affiliated companies; Government regulators; Law enforcement; Strategically aligned businesses.
Professional, Educational, or Employment-related Information	Information submitted by individuals; Data received from third parties related to vendor or employment status or applications; Observed data related to vendor or employee oversight.	Employee management and vendor oversight.	Service providers (e.g., payment processors, employee benefits partners); Government regulators.
Inference from the Above (preferences, characteristics, behavior, attitudes, abilities, etc.)	Internal analytics.	Transaction auditing; Security detection, protection, and enforcement; Functionality and error correction; Ad customization; Service performance; Internal research and development; Quality control.	Service providers (e.g., payment processors, mail houses, marketing partners, shipping partners, employee benefits providers); Affiliated companies; Government regulators; Law enforcement; Strategically aligned businesses.

For your reference, ‘Business Purposes’ include:

Performing services for clients.
To administer or otherwise carry out our obligations in relation to any agreement to which we are a party;
To assist in completing a transaction or order;
To allow tracking of shipments;
To prepare and process invoices;
To respond to queries or requests and to provide services and support;
To provide after-sales customer relationship management;
To create and manage customer accounts;
To notify about changes to our services and products;
To administer any promotion, sweepstakes, contest, survey, or competition;
To provide information regarding our products and services;
To offer our products and services in a personalized way, for example, we may provide suggestions based on previous requests to identify suitable products and services more quickly;
To be able to verify your identity;
To comply with applicable laws and regulations.
Advertising customization.
For marketing and promotions we believe of interest and to provide, or allow selected third parties to provide, information about products and services of interest.
Auditing relating to transactions, internal research and development.
To provide for internal business administration and operations, including troubleshooting, website customization, enhancement or development, testing, research, administration and operation of our website and data analytics;
To create products or services that may meet client needs;
To measure performance of marketing initiatives, ads, and websites “powered by” another company on our behalf.
Security detection, protection and enforcement; functionality debugging, error repair.
As part of our efforts to keep our website safe and secure;
To ensure the security of client accounts and our business, preventing or detecting fraud, malicious activity or abuses of our website, for example, by requesting verification information in order to reset account passwords;
To ensure the physical security of our premises through the monitoring of surveillance images;
To resolve disputes, to protect the rights, safety and interests ourselves, our users or others, and to comply with our legal obligations.
Quality control.
To monitor quality control and ensure compliance with our legal obligations, codes and ordinances, policies and procedures;
To develop and improve our products and services, for example, by reviewing visits to the website and various subpages, demand for specific products and services and user comments.

Links to third-party sites

When you use the Site or our service, you may be directed to other websites that are beyond our control. These may include merchant sites where you select items for purchase or payment sites where you pay for your purchases.

Please note that our payment processors are independent from Pavilion and require us to inform you of the following: (i) where engaged as a payment processor, PayPal is an independent Controller of Personal Information processed; (ii) this is a link to the Hyperwallet Privacy Policy (https://www.hyperwallet.com/privacy-policy/), and you should also review the Hyperwallet terms and conditions available from Hyperwallet; and (iii) you may exercise your data subject rights in connection with the payment processing services provided by Hyperwallet (the “Hyperwallet Services”) directly with PayPal according to the instructions described in the Hyperwallet Privacy Policy (link is in this paragraph, above). For the purposes of this paragraph only: (a) “Controller” means an entity that determines the purposes and means of the processing of Personal Information, or, if such term (or terms addressing similar data protection and privacy roles) is defined in Data Protection Law, “Controller” shall have the meaning as defined in the applicable Data Protection Law including a “Business” as defined in the CCPA; and (b) “Data Protection Law(s)” means any applicable data protection laws, regulations, directives, regulatory requirements and codes of practice applicable to the provision of the Hyperwallet Services including any amendments thereto and any associated regulations or instruments.

We may also allow third party sites or applications to link to the Site. We are not responsible for the privacy practices of any third parties or the content of linked sites, but we do encourage you to read the applicable privacy policies and terms and conditions of such parties or websites.

This Privacy Policy only applies to our Sites.

Contact Pavilion

If you have any questions or suggestions with respect to this Privacy Policy or if you wish for a copy of, to ask us to update, or to correct or show you your Personal Information as provided above, you can write to us at Pavilion.com, Privacy Policy, [Pavilion’s Address], or you can simply click on Contact Us to send us an email to privacypolicy@pavilion.com.

Enjoy Free Shipping on Furniture, Fashion & Jewelry over $2,000 with code PAVILLION10.