Haven Sauna > Legal >
Last updated:
November 10, 2025
Privacy & Cookies Policy
Thank you for choosing to be part of our community at Real Sweat, Inc., a Delaware corporation, d/b/a Haven Sauna (“Haven,” “we,” “us,” “our”). We are committed to protecting your personal information and your right to privacy. If you have any questions or concerns about this Privacy & Cookies Policy (the “Policy”) or our data practices, contact us at hi@havensauna.com or (646) 766‑8366.
This Policy explains how we collect, use, disclose, and secure information when you:
visit https://www.havensauna.com (the “Website”);
purchase our products or services, contact support, or otherwise engage with us online or offline (collectively, the “Services”);
use our iOS or Android apps (the “Apps”).
If you disagree with any part of this Policy, please discontinue use of the Services.
1. Who we are & how to contact us
Controller: Real Sweat, Inc. d/b/a Haven Sauna
Address: 228 Park Ave S, PMB 68003, New York, NY 10003, United States
Email: hi@havensauna.com • Legal/Privacy: legal@havensauna.com • Phone: (646) 766‑8366
2. Scope & definitions
2.1. “Personal information” (or “personal data”) means information that identifies, relates to, describes, or can reasonably be linked to an individual.
2.2. This Policy covers information we collect as a first party (e.g., orders, accounts) and via automatic means (e.g., cookies), and information from service providers (e.g., payment, shipping, analytics, and support vendors).
2.3. Additional state‑specific disclosures appear in §12.
3. What information we collect
A. Information you provide (examples)
• Identifiers/contact: name, email, phone, billing/shipping address.
• Order & support data: purchase details, delivery preferences, warranty/return communications, photos or notes you send to support.
• Account/App data: login credentials, profile settings, in‑app preferences.
• User content: reviews, survey responses, uploaded photos.
• Marketing preferences: newsletter opt‑ins/opt‑outs.
B. Information collected automatically
• Device/usage data: IP address, device type, OS, browser, language, URLs, pages viewed, links clicked, session time, and diagnostics.
• Cookies & similar tech: pixels/SDKs/identifiers for Website/App functionality, analytics, fraud prevention, and (where used) interest‑based advertising. See §8.
C. Information from third parties
• Payment processors (e.g., confirmation/last‑4 digits, status—we do not store full card numbers).
• Logistics partners (e.g., shipment/tracking updates).
• Analytics/attribution and anti‑fraud providers.
• Social or identity providers if you choose to connect accounts.
Sensitive data. We do not intentionally collect “sensitive” personal information (e.g., precise geolocation, health diagnosis, SSN). If you provide sensitive information (e.g., a health note to support), we use it only to address your request and then minimize/limit retention.
4. How we use information
We process personal information to: (a) provide and improve the Services; (b) fulfill orders, delivery, returns, and warranty; (c) authenticate and secure accounts; (d) provide customer support; (e) maintain safety, prevent fraud/misuse; (f) perform analytics and product research; (g) send operational notices; (h) comply with law, tax, and accounting; and (i) with your consent, send marketing communications. If you later opt out of marketing, we still send transactional/operational emails.
5. How we share information
We share personal information with:
• Service providers/processors under contract (payments, shipping/installation, cloud hosting, analytics, communications, customer support, and security/fraud).
• Advertising/measurement partners (only where applicable for interest‑based ads or attribution; see §9 for opt‑out choices).
• Affiliates and in connection with corporate transactions (e.g., merger, financing, sale).
• Law, safety, and rights requests (e.g., subpoenas, fraud prevention, security incidents).
We do not sell personal information for money. Some states treat certain analytics/advertising disclosures as a “sale” or “share.” Your opt‑out choices are described in §9 and §12.
6. Payments & shipments
We use third‑party payment processors; they collect and process your payment information subject to their privacy policies. We share delivery details with shipping partners. Certain components (e.g., lithium battery systems) may ship separately to comply with carrier and safety rules.
7. Data retention
We keep information only as long as necessary for the purposes described or as required by law (e.g., tax/audit, fraud prevention, warranty). Typical examples: (i) order and payment records—up to 7 years; (ii) account data—until deletion or 24 months after last activity; (iii) support tickets—24 months after resolution; (iv) warranty essentials (e.g., serial number, purchase date)—retained for the warranty period to service claims. We will delete or anonymize data when it is no longer needed.
8. Cookies & similar technologies (Cookie Notice)
8.1. Types we use
• Strictly necessary: essential for core functions (cart, checkout, security).
• Functional: remember choices and improve experience.
• Analytics: help us understand usage (e.g., Google Analytics).
• Advertising/measurement: show or measure ads and prevent fraud (only where used).
8.2. Your choices
• Use our cookie controls ([Add “Cookie Settings” link]) to manage non‑essential cookies.
• Manage cookies in your browser settings; you can also use tools like the Google Analytics opt‑out add‑on.
• U.S. users can visit industry opt‑out pages for interest‑based ads (see §9).
8.3. Do Not Track vs. Global Privacy Control
We do not respond to legacy Do Not Track (DNT) signals. Where required, we recognize Global Privacy Control (GPC) signals as an opt‑out of “sale”/“sharing” or targeted advertising—see §9.
9. Interest‑based advertising: how to opt out
If we use interest‑based advertising or cross‑context behavioral advertising:
• Send “Do Not Sell or Share My Personal Information / Opt‑Out of Targeted Ads” to hi@havensauna.com or send a GPC signal from your browser/extension.
• Use WebChoices (DAA) or your device advertising settings to limit personalized ads.
• You can still see non‑personalized ads after opting out.
10. Security
We implement organizational, technical, and administrative measures appropriate to the nature of the data. No method is 100% secure; transmission is at your own risk.
11. Children’s privacy
Our Services are intended for adults. We do not knowingly collect personal information from children under 13 (COPPA). If you believe a child provided information to us, contact legal@havensauna.com and we will take appropriate steps. The Site is not intended for users under 18.
12. State privacy rights (US)
Depending on your state, you may have the right to access, correct, delete, receive a portable copy, and opt out of (i) sale of personal information, (ii) sharing/targeted advertising, and (iii) profiling for decisions with legal or similarly significant effects. California residents may also request to limit use of Sensitive Personal Information (we do not use Sensitive PI for additional purposes).
How to exercise your rights. Email legal@havensauna.com (subject: “Privacy Request”) or call (646) 766‑8366. We will verify your request (e.g., by email/phone or account login). You may use an authorized agent as permitted by law. We will not discriminate for exercising rights. If we decline a request, you can appeal by replying to our decision (subject: “Appeal”). If you remain unsatisfied, you may contact your state Attorney General.
California (CCPA/CPRA). We provide a “Do Not Sell or Share” mechanism and honor GPC signals for online opt‑outs. We provide required notices (e.g., Notice at Collection) and, if we offer loyalty discounts, a Notice of Financial Incentive.
Colorado. We recognize approved Universal Opt‑Out Mechanisms (e.g., GPC) for targeted advertising/sale where applicable.
Virginia, Connecticut, Utah, Texas, and other states with comprehensive privacy laws: we honor applicable consumer rights and timelines.
Nevada. We do not “sell” covered information as defined by Nevada law; Nevada residents may submit sale‑opt‑out requests to legal@havensauna.com.
13. International users
We are based in the United States and process data in the U.S. If you access the Services from outside the U.S., you understand your information may be transferred to, stored, and processed in the U.S. where laws may differ from those in your jurisdiction.
14. Third‑party links & services
Our Services may link to third‑party sites or integrate third‑party tools (e.g., maps, payment, app stores). Their privacy practices are governed by their policies.
15. Changes to this Policy
We may update this Policy from time to time. The “Last updated” date reflects the latest revision. Material changes will be posted to this page and, where required, we will provide additional notice.
16. How to contact us
Email: hi@havensauna.com • Privacy: legal@havensauna.com • Phone: (646) 766‑8366
Mail: Real Sweat, Inc. d/b/a Haven Sauna, 228 Park Ave S, PMB 68003, New York, NY 10003, United States
Thank you for choosing to be part of our community at Real Sweat, Inc., a Delaware corporation, d/b/a Haven Sauna (“Haven,” “we,” “us,” “our”). We are committed to protecting your personal information and your right to privacy. If you have any questions or concerns about this Privacy & Cookies Policy (the “Policy”) or our data practices, contact us at hi@havensauna.com or (646) 766‑8366.
This Policy explains how we collect, use, disclose, and secure information when you:
visit https://www.havensauna.com (the “Website”);
purchase our products or services, contact support, or otherwise engage with us online or offline (collectively, the “Services”);
use our iOS or Android apps (the “Apps”).
If you disagree with any part of this Policy, please discontinue use of the Services.
1. Who we are & how to contact us
Controller: Real Sweat, Inc. d/b/a Haven Sauna
Address: 228 Park Ave S, PMB 68003, New York, NY 10003, United States
Email: hi@havensauna.com • Legal/Privacy: legal@havensauna.com • Phone: (646) 766‑8366
2. Scope & definitions
2.1. “Personal information” (or “personal data”) means information that identifies, relates to, describes, or can reasonably be linked to an individual.
2.2. This Policy covers information we collect as a first party (e.g., orders, accounts) and via automatic means (e.g., cookies), and information from service providers (e.g., payment, shipping, analytics, and support vendors).
2.3. Additional state‑specific disclosures appear in §12.
3. What information we collect
A. Information you provide (examples)
• Identifiers/contact: name, email, phone, billing/shipping address.
• Order & support data: purchase details, delivery preferences, warranty/return communications, photos or notes you send to support.
• Account/App data: login credentials, profile settings, in‑app preferences.
• User content: reviews, survey responses, uploaded photos.
• Marketing preferences: newsletter opt‑ins/opt‑outs.
B. Information collected automatically
• Device/usage data: IP address, device type, OS, browser, language, URLs, pages viewed, links clicked, session time, and diagnostics.
• Cookies & similar tech: pixels/SDKs/identifiers for Website/App functionality, analytics, fraud prevention, and (where used) interest‑based advertising. See §8.
C. Information from third parties
• Payment processors (e.g., confirmation/last‑4 digits, status—we do not store full card numbers).
• Logistics partners (e.g., shipment/tracking updates).
• Analytics/attribution and anti‑fraud providers.
• Social or identity providers if you choose to connect accounts.
Sensitive data. We do not intentionally collect “sensitive” personal information (e.g., precise geolocation, health diagnosis, SSN). If you provide sensitive information (e.g., a health note to support), we use it only to address your request and then minimize/limit retention.
4. How we use information
We process personal information to: (a) provide and improve the Services; (b) fulfill orders, delivery, returns, and warranty; (c) authenticate and secure accounts; (d) provide customer support; (e) maintain safety, prevent fraud/misuse; (f) perform analytics and product research; (g) send operational notices; (h) comply with law, tax, and accounting; and (i) with your consent, send marketing communications. If you later opt out of marketing, we still send transactional/operational emails.
5. How we share information
We share personal information with:
• Service providers/processors under contract (payments, shipping/installation, cloud hosting, analytics, communications, customer support, and security/fraud).
• Advertising/measurement partners (only where applicable for interest‑based ads or attribution; see §9 for opt‑out choices).
• Affiliates and in connection with corporate transactions (e.g., merger, financing, sale).
• Law, safety, and rights requests (e.g., subpoenas, fraud prevention, security incidents).
We do not sell personal information for money. Some states treat certain analytics/advertising disclosures as a “sale” or “share.” Your opt‑out choices are described in §9 and §12.
6. Payments & shipments
We use third‑party payment processors; they collect and process your payment information subject to their privacy policies. We share delivery details with shipping partners. Certain components (e.g., lithium battery systems) may ship separately to comply with carrier and safety rules.
7. Data retention
We keep information only as long as necessary for the purposes described or as required by law (e.g., tax/audit, fraud prevention, warranty). Typical examples: (i) order and payment records—up to 7 years; (ii) account data—until deletion or 24 months after last activity; (iii) support tickets—24 months after resolution; (iv) warranty essentials (e.g., serial number, purchase date)—retained for the warranty period to service claims. We will delete or anonymize data when it is no longer needed.
8. Cookies & similar technologies (Cookie Notice)
8.1. Types we use
• Strictly necessary: essential for core functions (cart, checkout, security).
• Functional: remember choices and improve experience.
• Analytics: help us understand usage (e.g., Google Analytics).
• Advertising/measurement: show or measure ads and prevent fraud (only where used).
8.2. Your choices
• Use our cookie controls ([Add “Cookie Settings” link]) to manage non‑essential cookies.
• Manage cookies in your browser settings; you can also use tools like the Google Analytics opt‑out add‑on.
• U.S. users can visit industry opt‑out pages for interest‑based ads (see §9).
8.3. Do Not Track vs. Global Privacy Control
We do not respond to legacy Do Not Track (DNT) signals. Where required, we recognize Global Privacy Control (GPC) signals as an opt‑out of “sale”/“sharing” or targeted advertising—see §9.
9. Interest‑based advertising: how to opt out
If we use interest‑based advertising or cross‑context behavioral advertising:
• Send “Do Not Sell or Share My Personal Information / Opt‑Out of Targeted Ads” to hi@havensauna.com or send a GPC signal from your browser/extension.
• Use WebChoices (DAA) or your device advertising settings to limit personalized ads.
• You can still see non‑personalized ads after opting out.
10. Security
We implement organizational, technical, and administrative measures appropriate to the nature of the data. No method is 100% secure; transmission is at your own risk.
11. Children’s privacy
Our Services are intended for adults. We do not knowingly collect personal information from children under 13 (COPPA). If you believe a child provided information to us, contact legal@havensauna.com and we will take appropriate steps. The Site is not intended for users under 18.
12. State privacy rights (US)
Depending on your state, you may have the right to access, correct, delete, receive a portable copy, and opt out of (i) sale of personal information, (ii) sharing/targeted advertising, and (iii) profiling for decisions with legal or similarly significant effects. California residents may also request to limit use of Sensitive Personal Information (we do not use Sensitive PI for additional purposes).
How to exercise your rights. Email legal@havensauna.com (subject: “Privacy Request”) or call (646) 766‑8366. We will verify your request (e.g., by email/phone or account login). You may use an authorized agent as permitted by law. We will not discriminate for exercising rights. If we decline a request, you can appeal by replying to our decision (subject: “Appeal”). If you remain unsatisfied, you may contact your state Attorney General.
California (CCPA/CPRA). We provide a “Do Not Sell or Share” mechanism and honor GPC signals for online opt‑outs. We provide required notices (e.g., Notice at Collection) and, if we offer loyalty discounts, a Notice of Financial Incentive.
Colorado. We recognize approved Universal Opt‑Out Mechanisms (e.g., GPC) for targeted advertising/sale where applicable.
Virginia, Connecticut, Utah, Texas, and other states with comprehensive privacy laws: we honor applicable consumer rights and timelines.
Nevada. We do not “sell” covered information as defined by Nevada law; Nevada residents may submit sale‑opt‑out requests to legal@havensauna.com.
13. International users
We are based in the United States and process data in the U.S. If you access the Services from outside the U.S., you understand your information may be transferred to, stored, and processed in the U.S. where laws may differ from those in your jurisdiction.
14. Third‑party links & services
Our Services may link to third‑party sites or integrate third‑party tools (e.g., maps, payment, app stores). Their privacy practices are governed by their policies.
15. Changes to this Policy
We may update this Policy from time to time. The “Last updated” date reflects the latest revision. Material changes will be posted to this page and, where required, we will provide additional notice.
16. How to contact us
Email: hi@havensauna.com • Privacy: legal@havensauna.com • Phone: (646) 766‑8366
Mail: Real Sweat, Inc. d/b/a Haven Sauna, 228 Park Ave S, PMB 68003, New York, NY 10003, United States