Privacy Policy for HearthVibe Living
1. Introduction: Our Commitment to Your Privacy
At HearthVibe Living, accessible at https://hearthvibeliving.com, we place the utmost importance on the privacy and protection of your personal data. We are committed to handling your information in a transparent, responsible, and secure manner. This Privacy Policy outlines how we collect, use, store, and protect your personal data in compliance with applicable privacy laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all personal data collected through our website, hearthvibeliving.com, and related digital platforms. For the purposes of data protection legislation, HearthVibe Living acts as the data controller with respect to your personal data. As the controller, we determine the means and purposes of processing the personal data you provide to us.
3. Categories of Data Processed
We process the following categories of personal data:
a) Usage Data
Information concerning your interaction with our website, such as IP address, browser type, operating system, referral URL, pages viewed, session duration, and navigation patterns.
b) Account Data
Data provided when you create an account or place an order, including your full name, mailing address, phone number, and email address.
c) Profile Data
Details concerning your preferences, order history, behavioral trends on our website, and feedback/reviews submitted.
d) Communication Data
Correspondence records including support tickets, contact forms, emails, customer service interactions, and any inquiries sent to [email protected].
e) Technical Data
Device identifiers, internet service provider, screen resolution, system configuration, language settings, and error diagnostics.
f) Transaction Data
Purchase history, payment method details (e.g., last four digits of card number or payment vendor ID), delivery address, and order confirmations.
g) Preference Data
Marketing and communication preferences, consent records, and products or categories you express interest in.
4. Legal Bases for Processing Personal Data
We process your personal data under the following lawful bases, as required under the GDPR:
– Performance of a Contract: To fulfill orders, deliver products, and support service obligations.
– Legitimate Interests: To improve our services, maintain site functionality, prevent fraud, and analyze user behavior for enhancements.
– Consent: For marketing communications, use of non-essential cookies, and data analytics.
– Legal Obligation: To comply with applicable laws, taxation requirements, or lawful information requests.
5. Your Data Protection Rights
In accordance with the GDPR and CCPA, you have the following rights:
– Right to Access: You may request access to the personal data we hold about you.
– Right to Rectification: You may correct inaccurate or incomplete information.
– Right to Erasure: You may request deletion of your data, where permissible.
– Right to Restriction: You may request limited processing of your data under specific circumstances.
– Right to Data Portability: You may obtain your data in a structured, machine-readable format and transmit it to another controller.
California residents may also exercise additional rights under CCPA, including the right to opt out of “sale” of personal data, where applicable.
To exercise any of these rights, please contact us at [email protected].
6. Data Security Measures
We implement comprehensive security controls to protect against the unauthorized access, disclosure, or loss of personal data. These include:
– End-to-end data encryption (SSL/TLS protocols)
– Role-based access controls and user authentication
– Regular system monitoring, vulnerability scans, and security audits
– Secure data backups and disaster recovery procedures
– Staff training and confidentiality agreements to enforce security best practices
7. International Data Transfers
We may transfer your data to jurisdictions outside your country of residence, including to third-party service providers or cloud platforms. Where such transfers occur, they will be protected using approved mechanisms such as the European Commission’s Standard Contractual Clauses and compliance with applicable data localization and cross-border transfer regulations.
8. Data Retention
We retain personal data only as long as necessary to fulfill the purposes outlined in this policy, subject to applicable legal requirements. Retention periods include:
– Account Data: Stored until account deletion request or 7 years after last activity.
– Transaction Data: Kept for minimum of 7 years for financial and legal compliance.
– Communication Records: Retained for 2 years after the last correspondence.
– Technical and Usage Data: Stored for up to 26 months for analytics purposes.
– Marketing Preferences: Maintained until opt-out is exercised or consent is withdrawn.
9. Cookie Policy
Our website uses cookies and similar tracking technologies for the following purposes:
– Essential Cookies: Necessary for basic functionality, such as login or shopping cart features.
– Functional Cookies: Enable personalized content and remembered preferences.
– Analytics Cookies: Help us understand how users interact with hearthvibeliving.com through metrics like session durations, page views, and source referrals.
– Performance Cookies: Measure site performance and availability, aiding in improvements.
10. Cookie Management and Legal Compliance
In compliance with GDPR and CCPA, all non-essential cookies are subject to user consent. You may manage your preferences via our Cookie Consent banner or through browser settings. You also have the right to withdraw consent at any time without affecting the lawfulness of prior processing.
For California users, we honor “Do Not Sell My Personal Information” signals and respect browser-based global privacy controls.
11. Protection of Children’s Personal Data
HearthVibe Living does not knowingly collect or solicit personal data from individuals under the age of 13. If we learn that we have collected such data without verified parental consent, we will delete the information promptly. If you are a parent or guardian and believe your child provided us with information, please contact [email protected].
12. Policy Updates and User Notifications
We reserve the right to update or revise this Privacy Policy at our discretion. Changes will be posted to this page and may be communicated to registered users, where justified by legal obligation or material impact. Your continued use of hearthvibeliving.com constitutes your acknowledgment and acceptance of any revisions.
13. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us by email at:
We are committed to GDPR and CCPA compliance and welcome your questions or concerns regarding the handling of your data. Please do not hesitate to reach out.
