PRIVACY POLICY
1. Introduction
At Hearth Haven Living (“we,” “us,” or “our”), we are deeply committed to respecting and protecting your privacy. This Privacy Policy outlines how we collect, use, disclose, and protect personal data on our website, hearthhavenliving.com. We are devoted to handling personal data responsibly, securely, and in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all personal data collected through hearthhavenliving.com and related services, including user interactions, purchases, and communications. For the purposes of applicable data protection legislation, Hearth Haven Living is the “data controller” of your personal data submitted via our website and services.
3. Categories of Personal Data We Process
We collect and process various categories of personal data, which may include the following:
– Usage Data: This includes details about how visitors interact with our website, such as IP addresses, browser types, referring URLs, pages accessed, and session duration.
– Account Data: Information provided when registering or updating an account, such as full name, billing and shipping address, email address, and phone number.
– Profile Data: Preferences and interests, product interactions, purchase history, and behavior while using our site.
– Communication Data: Records of correspondence with our support team, including the content and metadata of communications made through email or forms on hearthhavenliving.com.
– Technical Data: Device identifiers, operating systems, browser configurations, screen resolution, language settings, and system diagnostics.
– Transaction Data: Data relating to purchases of goods or services, such as card details (secured via third-party processors), payment confirmation, order contents, delivery tracking, and fulfillment information.
– Preference Data: Details on your marketing preferences, notification settings, product interests, and related opt-in or opt-out selections.
4. Legal Bases for Processing
We process your personal data lawfully under the following legal bases:
– Consent: When you have provided explicit consent, particularly for direct marketing communications and cookies.
– Contractual Necessity: To fulfill our contractual obligations to you, including delivering purchased products and managing your account.
– Legitimate Interests: To optimize user experience, improve our website, detect fraudulent activities, ensure network security, and enhance customer service.
– Legal Obligations: Where processing is necessary to comply with a legal requirement, such as consumer protection or financial regulations.
5. Your Data Protection Rights
Subject to applicable laws, you may exercise the following rights in relation to your personal data:
– Right of Access: Obtain confirmation and access to the personal data we hold about you.
– Right of Rectification: Request correction of inaccurate or incomplete personal data.
– Right to Erasure: Request deletion of your personal data under certain circumstances, also known as the “right to be forgotten.”
– Right to Restrict Processing: Request temporary suspension of the use of your data while a claim is investigated.
– Right to Data Portability: Receive a copy of your data in a structured, commonly used, and machine-readable format.
To exercise any of your rights, please contact us using the information provided in Section 13.
6. Security Measures
We implement robust organizational and technical security measures to protect your data, including but not limited to:
– TLS encryption for data transmission
– Access controls and authentication requirements for internal staff
– Routine data backups and disaster recovery protocols
– Security awareness and confidentiality training for personnel
– Limiting data access to only authorized users with a legitimate business need
While we strive to use commercially acceptable means to protect your information, no method of transmission or storage is 100% secure.
7. International Data Transfers
Personal data collected on hearthhavenliving.com may be transferred to jurisdictions outside your own, including to countries that do not provide the same level of data protection. Where applicable, we rely on Standard Contractual Clauses and other mechanisms recognized under the GDPR and CCPA to ensure adequate protections are in place for international transfers.
8. Data Retention
We retain your personal data only for as long as necessary for the purposes set out in this Privacy Policy or as required under legal, contractual, or regulatory obligations.
– Account and Profile Data: Retained as long as your account remains active
– Transaction Data: Retained for 7 years for financial and legal compliance
– Communication Data: Retained for 2 years from last contact
– Cookie Data: Retained based on specific cookie lifespan (up to 13 months)
– Preference Data: Retained until you withdraw consent or adjust preferences
Upon expiration of applicable retention periods, data is securely deleted or anonymized.
9. Cookie Policy
Hearth Haven Living uses cookies and similar tracking technologies on hearthhavenliving.com to enhance user experience. These include:
– Essential Cookies: Necessary for core functionality and security features
– Functional Cookies: Remember preferences and provide customizable content
– Analytics Cookies: Collect aggregated data on usage and browsing patterns
– Performance Cookies: Improve website speed, responsiveness, and reliability
Cookies enable certain functions, such as remembering your login session, tracking cart items, and analyzing content performance.
10. Cookie Management and Compliance
Cookies are deployed in compliance with the GDPR and CCPA. Upon your first visit to hearthhavenliving.com, you will be presented with a cookie consent banner that allows you to accept or customize your preferences. You may update or withdraw your consent at any time by adjusting the settings in your browser or by accessing our cookie management tool available on the site.
Under the CCPA, California residents may opt-out of the sale or sharing of their personal information by contacting us (see Section 13).
11. Children’s Privacy
Our services are not directed to individuals under the age of 13. We do not knowingly collect or solicit personal data from children. If we become aware that we have inadvertently collected data from a child under 13, we will promptly delete such information. Parents or legal guardians who believe that their child may have provided us with information can contact us directly.
12. Policy Updates
We reserve the right to modify or update this Privacy Policy as necessary to reflect evolving legal requirements, industry standards, or changes to our services. Material changes will be communicated prominently on hearthhavenliving.com, and we encourage users to review this policy periodically.
13. Contact
For all privacy-related inquiries, including exercising your data rights or requesting further details about how Hearth Haven Living handles personal data, please contact us at:
Email: [email protected]
We are committed to full compliance with all applicable data protection regulations, and we welcome your concerns or feedback regarding your privacy.