Privacy Policy for Hearth and Home Life
1. Introduction
At Hearth and Home Life, accessible via https://hearthandhomelife.com, we are committed to safeguarding your privacy and protecting your personal data. We understand the importance of privacy and data security and take our responsibilities seriously in handling your information with transparency, accountability, and care. This Privacy Policy outlines how we collect, use, store, and share your personal data in compliance with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable data protection laws.
2. Scope of this Policy and Role as Data Controller
This Privacy Policy applies to all users who interact with Hearth and Home Life through our website or associated services. Hearth and Home Life is the data controller for the processing of personal data described in this Policy, meaning we determine the purposes and means of processing the data you provide.
3. Categories of Data Processed
We collect and process the following categories of personal data to provide and improve our services:
a. Usage Data
Includes information automatically collected when you visit https://hearthandhomelife.com, such as your IP address, browser type, referring/exit pages, and date/time stamps. This data helps us understand site performance and user interaction.
b. Account Data
Information you provide when creating or managing an account, including your name, email address, phone number, and residential or shipping address.
c. Profile Data
Preferences you set within your account, purchase history, site interactions, saved items, and other behavior profiling data to help tailor your experience on hearthandhomelife.com.
d. Communication Data
Includes the content of your inquiries, customer support requests, complaint history, email correspondences, and communications you initiate via forms, chatbots, or direct emails.
e. Technical Data
Collected from your device or browser, this includes device identifiers, operating system, system settings, screen resolution, and other diagnostic data.
f. Transaction Data
Details of purchases, payment status, order information, shipping address, and billing data. Sensitive payment card data is securely processed through third-party payment processors and not stored directly on our servers.
g. Preference Data
Covers your communication preferences, marketing consents, interests in specific product categories, and responses to promotions or surveys.
4. Legal Bases for Processing
We process your personal data under the following lawful bases as provided under the GDPR and CCPA:
– Consent: Where you have explicitly agreed to our use of your data for specified purposes (e.g., marketing communications).
– Contract: Where data processing is necessary for the performance of a contract (e.g., fulfilling an order).
– Legal Obligation: Where we are required to comply with applicable law or legal process.
– Legitimate Interests: Where necessary for our legitimate interests, such as improving our services, preventing fraud, or securing our systems, unless such interests are overridden by your fundamental rights and freedoms.
5. Your Rights
As a data subject under applicable privacy laws, you are entitled to the following rights with respect to your personal data:
– Right of Access: You may request a copy of the personal data we hold about you.
– Right to Rectification: You may request correction of any inaccurate or incomplete data.
– Right to Erasure: You may request deletion of your data, subject to legal retention obligations.
– Right to Restriction: You may request that we limit the processing of your data under certain circumstances.
– Right to Data Portability: You may request your data in a structured, commonly-used electronic format for transfer to another service provider.
– Right to Object: You may object to processing based on our legitimate interests or direct marketing.
– Right to Non-Discrimination: We will not discriminate against you for exercising any of your rights under the CCPA.
To exercise any of your rights, please contact us at [email protected].
6. Security Measures
We implement industry-standard security measures to protect your personal data from unauthorized access, disclosure, alteration, or destruction. These measures include but are not limited to:
– Data encryption in transit and at rest.
– Role-based access control to limit internal access to data.
– Regular data backups and monitoring.
– Ongoing security awareness training for all employees handling personal data.
7. International Transfers
If your personal data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, including the use of Standard Contractual Clauses approved by the European Commission or equivalent legal mechanisms to ensure that your rights and protections travel with your data.
8. Data Retention
We retain personal data only as long as necessary for the purposes for which it was collected:
– Account Data: As long as your account remains active and for up to 6 years thereafter for legal compliance.
– Transaction Data: For 7 years to comply with financial recordkeeping requirements.
– Technical and Usage Data: Retained for 1–2 years for performance and analytics purposes.
– Communication Data: Retained for 3 years to manage customer service records.
Upon expiration of these periods, data is either securely deleted or anonymized.
9. Cookie Policy
We use cookies and similar tracking technologies on hearthandhomelife.com for the following purposes:
– Essential Cookies: Required for core website functionality, such as shopping cart and account access.
– Functional Cookies: Enhance site performance and user customization, such as remembering login sessions.
– Analytics Cookies: Provide insight into site usage and performance using anonymized user data.
– Performance Cookies: Measure site speed, user flow, and interaction data to improve site efficiency.
10. Cookie Management and Compliance
Upon your first visit to our website, you’ll have the option to manage your cookie preferences via a consent banner in accordance with GDPR and CCPA requirements. You can revise or revoke your cookie consent at any time by adjusting your browser settings or revisiting the cookie preferences banner on our site.
Hearth and Home Life also honors “Do Not Track” browser settings and complies with CCPA-required opt-out functionalities for California residents, such as discontinuation of the sale of personal data.
11. Children’s Privacy
Hearth and Home Life does not knowingly collect or solicit personal data from individuals under the age of 13. If you believe a child under 13 has provided us with personal data, please contact us at [email protected], and we will promptly delete the information.
12. Policy Updates and Notifications
We reserve the right to update this Privacy Policy at any time to reflect changes in legal obligations or business practices. If material changes are made, users will be notified through prominent notices on hearthandhomelife.com or via email, where appropriate. Continued use of the site after updates constitutes acknowledgment of the modified policy.
13. Contacting Us
If you have any questions regarding this Privacy Policy, your rights, or how we handle personal data, please contact our privacy team at:
[email protected]
or visit https://hearthandhomelife.com for further details.
We are committed to compliance with data protection laws and to safeguarding your personal information in accordance with the highest standards. Please reach out with any privacy concerns, and we will respond promptly and transparently.