Privacy Policy
Hearthline Haven (“we,” “us,” or “our”) is committed to maintaining the privacy and protection of your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website at hearthlinehaven.com (the “Website”). We firmly uphold the principles of data minimization, transparency, and fairness in compliance with applicable data protection laws, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the California Consumer Privacy Act of 2018 (“CCPA”).
1. Commitment to Privacy and Data Protection
Your privacy is our priority. At Hearthline Haven, we understand that the trust you place in us is predicated on our commitment to securely and responsibly handle your personal information. We process your data lawfully, fairly, and in a transparent manner and ensure that appropriate safeguards are in place to prevent unauthorized access or missuse.
2. Scope of This Policy and Role of Data Controller
This Privacy Policy applies to all personal data collected through our Website, hearthlinehaven.com. For the purposes of the GDPR and other applicable privacy legislation, Hearthline Haven acts as the “data controller” with respect to the personal data collected and processed through our Website.
3. Categories of Data We Process
We collect and process the following categories of personal data:
a) Usage Data
Includes data collected automatically when you interact with the Website: IP address, browser type and version, pages viewed, time spent on pages, date/time stamps, referring URLs, and other analytical metadata used to understand engagement with our services.
b) Account Data
Includes identifying data you provide to register for or manage an account: full name, residential or billing address, email address, and phone number.
c) Profile Data
Includes preferences, user-generated content, saved items, purchase history, and behavioral insights derived from your interactions with the Website.
d) Communication Data
Includes data from communications initiated by you, such as support queries, contact form submissions, email exchanges, and user feedback.
e) Technical Data
Includes data from the device you use to access hearthlinehaven.com, including IP address, device type, operating system, system configuration data, mobile network data, and browser settings.
f) Transaction Data
Includes details related to purchases or payments: billing addresses, payment confirmations received from payment providers (we do not store full payment card numbers), delivery details, and order history.
g) Preference Data
Includes marketing communication preferences, interests you select or share with us, and responses to surveys or campaigns.
4. Legal Bases for Processing Data
Our processing of your personal data is grounded in one or more of the following legal bases:
– Performance of Contract: To provide products or services you request.
– Legitimate Interests: For business operations such as improving our services, fraud prevention, and maintaining the security of the Website.
– Consent: Where we rely on your agreement to process specific data (e.g., for sending marketing emails).
– Legal Obligation: Where we are required to comply with applicable legal requirements.
5. Your Rights
Subject to applicable law, you have the following rights regarding your personal data:
– Right of Access: To request a copy of the personal data we hold.
– Right to Rectification: To correct inaccurate or incomplete data.
– Right to Erasure: To delete your personal data, under certain conditions.
– Right to Restriction: To restrict processing in specific circumstances.
– Right to Data Portability: To obtain your data in a structured, portable format for reuse elsewhere.
– Right to Object: To object to processing based on legitimate interest or direct marketing.
To exercise any of the above rights, contact us at [email protected].
6. Security Measures
We employ a range of organizational, technical, and administrative safeguards to protect your personal data:
– Secure Sockets Layer (SSL) encryption for data transmission
– Access control and authentication mechanisms
– Routine data backups and disaster recovery protocols
– Ongoing employee privacy and data protection training programs
7. International Data Transfers
Where personal data is transferred outside of your jurisdiction, including transfers from the European Economic Area (EEA) to the United States, we ensure that such transfers meet the required adequacy standards, such as the European Commission’s Standard Contractual Clauses or other lawful mechanisms.
8. Data Retention
We retain personal data only as long as necessary for the purposes for which it was collected, including legal compliance, dispute resolution, and enforcement of agreements. Specific retention periods include:
– Account and Profile Data: Retained for the duration of the account’s life and up to seven years thereafter for compliance and legal auditing.
– Transaction Data: Retained for seven years for accounting and tax purposes.
– Communication Data: Retained for three years from the last interaction.
– Usage and Technical Data: Retained for up to two years for analytics and security purposes.
– Marketing Preferences: Retained until you update or withdraw your consent.
9. Cookie Policy
We use cookies and similar technologies to enhance your user experience, analyze Website performance, and support marketing efforts. Our use of cookies includes:
– Essential Cookies: Necessary for Website functionality and security.
– Functional Cookies: Enhance features based on user preferences.
– Analytics Cookies: Help measure Website performance and traffic patterns.
– Performance Cookies: Optimize system performance and detect errors.
10. Cookie Management & Compliance
In compliance with GDPR and CCPA, you have control over your cookie preferences:
– At initial Website access, we provide a cookie consent banner.
– You may adjust your preferences via our Cookie Settings link at any time.
– For California users, we honor “Do Not Sell My Personal Information” requests and global privacy control signals.
11. Children’s Privacy
Our services are not directed to or intended for individuals under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that such data has been collected, we will delete it promptly. Parents or guardians who discover their child has accessed the Website without consent should contact us at [email protected].
12. Updates to This Policy
We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our practices or legal obligations. When material updates are made, we will notify users through the Website or other means, as appropriate. Continued use of hearthlinehaven.com after changes signifies acceptance of the revised Policy.
13. Contact Us
For privacy-related inquiries or concerns, or to exercise your rights under this Privacy Policy, please contact us at:
Email: [email protected]
Website: https://hearthlinehaven.com
We are committed to ensuring that your data is handled in accordance with applicable privacy laws. If you have questions or need further assistance regarding your privacy, do not hesitate to reach out.