PRIVACY POLICY
At Hearthline Designs (“Company,” “we,” “us,” or “our”), available at hearthlinedesigns.com, we respect your privacy and are committed to protecting your personal data. This Privacy Policy outlines how we collect, use, store, and protect your information when you engage with us online, including your rights under applicable data protection laws such as the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA).
1. COMMITMENT TO PRIVACY AND DATA PROTECTION
Your privacy is a priority at Hearthline Designs. We are fully committed to maintaining the confidentiality, integrity, and security of your personal information. We process data transparently, lawfully, and fairly, and we implement industry-standard safeguards to uphold your rights and freedoms concerning personal data.
2. SCOPE OF POLICY AND DATA CONTROLLER ROLE
This Privacy Policy applies to all users of hearthlinedesigns.com regardless of geographic location. We act as the “data controller” within the meaning of the GDPR with respect to any personal data collected through our website, communications, or services. If you interact with our site or provide us with your data, this policy governs how your personal data is handled.
For any data privacy inquiries or issues, please contact us at [email protected].
3. CATEGORIES OF DATA PROCESSED
We may collect and process the following categories of personal data through our website and services:
– Usage Data: Information automatically collected when you interact with our site, including browser type, IP address, device identifiers, pages visited, time spent on pages, and referring URLs.
– Account Data: Information you provide when creating an account or placing an order, including your full name, billing and shipping addresses, email address, and phone number.
– Profile Data: Information derived from your interactions with our website and services, including product preferences, past purchases, and user behavior.
– Communication Data: Details of correspondence via email, contact forms, customer service interactions, and any other interactions you initiate with us.
– Technical Data: Information about the devices and systems you use to access our website, such as operating system, browser settings, screen resolution, and network configurations.
– Transaction Data: Payment-related data including billing and shipping information (processed securely through our third-party payment processors), purchase history, and transaction confirmation details.
– Preference Data: Marketing preferences, survey responses, and records of product interests or consent to receive promotional communications.
4. LEGAL BASES FOR PROCESSING
We only process your personal data where permitted under applicable laws. Legal bases include:
– Performance of a Contract: To fulfill orders or provide requested services.
– Legitimate Interests: To improve our website, deliver relevant content, maintain security, and manage our business operations.
– Consent: For sending marketing emails and placing non-essential cookies.
– Legal Obligation: To comply with applicable legal or regulatory requirements.
5. YOUR RIGHTS
Under GDPR and CCPA (where applicable), you are entitled to the following rights regarding your personal data:
– Right of Access: Request access to the data we hold about you.
– Right to Rectification: Request correction of inaccurate or incomplete data.
– Right to Erasure: Request deletion of your data, subject to certain exceptions.
– Right to Restriction of Processing: Limit how your data is used under specific circumstances.
– Right to Data Portability: Obtain a copy of your data in a structured format for portability.
– Right to Object: Object to certain types of processing based on your situation or to direct marketing.
To exercise any of these rights, please contact us at [email protected].
6. SECURITY MEASURES
We implement technical and organizational measures to safeguard your data, including:
– Encryption of data in transit and at rest using secure protocols
– Access controls to limit data availability to authorized personnel only
– Regular data backups and system integrity checks
– Staff privacy awareness training and security policies
7. INTERNATIONAL TRANSFERS
Where personal data is transferred outside your country of residence, we ensure adequate safeguards are in place consistent with applicable laws, including European Commission-approved Standard Contractual Clauses. For California residents, data transfers comply with the protections outlined in the CCPA.
8. DATA RETENTION
We retain your personal data only for as long as necessary for its intended purpose, or as required under applicable legal, tax, and accounting obligations:
– Usage and Technical Data: Up to 12 months
– Account and Transaction Data: Up to 7 years following the end of our commercial relationship
– Communication Data: Up to 5 years
– Preference Data: Until consent is withdrawn or inactive for 2 years
Once data is no longer required, it is securely deleted or anonymized.
9. COOKIE POLICY
Our website uses cookies and similar tracking technologies to enhance your browsing experience. These include:
– Essential Cookies: Necessary for basic site functions, such as login and cart management.
– Functional Cookies: Enhance personalization and remember site preferences.
– Analytics Cookies: Collect aggregated data for improving website performance and user experience (e.g., Google Analytics).
– Performance Cookies: Monitor site usage to optimize loading speed and navigation.
10. COOKIE MANAGEMENT AND COMPLIANCE
Under GDPR and CCPA, you have the right to control how cookies are used. On your first visit to hearthlinedesigns.com, you will be presented with a cookie consent banner where you can grant or refuse consent for non-essential cookies. You may also change or withdraw your consent at any time via our Cookie Settings or through your web browser’s cookie management tools.
11. CHILDREN’S PRIVACY
Our services are not directed to children under the age of 13, and we do not knowingly collect personal information from minors. If we become aware that information from a child under 13 has been collected without verified parental consent, we will take steps to delete it. Parents or guardians may contact us at [email protected] to request deletion of their child’s data.
12. POLICY UPDATES
We reserve the right to update or revise this Privacy Policy at our discretion. Any substantial changes will be communicated via prominent notice on hearthlinedesigns.com. We encourage you to review this policy periodically to stay informed of how we protect your information.
13. CONTACT
If you have questions about this Privacy Policy, your data rights, or wish to submit a request regarding your personal information, you may contact us at:
Email: [email protected]
We are committed to complying with all applicable privacy regulations, including GDPR and CCPA, and to safeguarding your rights as a user and customer. Please reach out to us with any privacy-related concerns or questions.