PRIVACY POLICY
Hearth Living Fields (“we”, “our”, “us”) is firmly committed to protecting your privacy and safeguarding your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard the personal data of visitors, users, and customers of our website, hearthlivingfields.com (the “Website”). We maintain a privacy-first philosophy and adhere to the highest standards of data protection under applicable laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), ensuring your rights and freedoms are respected.
1. Scope of this Policy and Our Role as Data Controller
This Privacy Policy applies to all individuals who interact with hearthlivingfields.com, including visitors, registered users, and customers. As the data controller under applicable data protection legislation, Hearth Living Fields determines the purposes and means of processing your personal data. This policy governs the processing of personal data collected through our Website and related communications.
2. Categories of Personal Data We Process
We may process the following categories of personal data, depending on your interaction with the Website:
a. Usage Data: This includes information such as your IP address, browser type, geographic location, referral source, length of visit, pages viewed, and website navigation paths. This data is collected automatically to ensure the proper functioning and security of our Website.
b. Account Data: If you create an account or place an order, we may collect your name, billing and shipping address, email address, phone number, and login credentials.
c. Profile Data: Includes your preferences, purchase history, bookmarked items, interactions with products, and activities on the Website.
d. Communication Data: Covers the content and metadata of communications through contact forms, support inquiries, or direct correspondence. This may include email archives and communication logs.
e. Technical Data: Includes device identifiers, hardware model, operating system, browser versions, time zones, and system language.
f. Transaction Data: Includes records relating to purchases, delivery address, payment methods (excluding full payment card details), transaction time, product details, and invoice history.
g. Preference Data: Includes information you provide regarding your interests, product preferences, marketing consents, and communication settings.
3. Legal Basis for Processing Personal Data
We process your personal data based on one or more of the following legal grounds:
– Consent: Where you have provided explicit consent for specific data processing activities, such as subscribing to newsletters or accepting cookies.
– Contract: Where processing is necessary to perform a contract with you or take steps at your request before entering into a contract.
– Legal Obligation: Where processing is required to fulfill legal or regulatory obligations imposed on us.
– Legitimate Interests: Where processing is necessary for our legitimate business interests, such as website analytics, service improvement, fraud detection, and customer support, provided those interests are not overridden by your fundamental rights and freedoms.
4. Your Data Protection Rights
Subject to applicable law, you have the following rights regarding your personal data:
– Right of Access: You may request access to the data we hold about you.
– Right to Rectification: You may request that we correct or update inaccurate or incomplete data.
– Right to Erasure: You have the right to request deletion of your data, subject to mandatory retention obligations.
– Right to Restriction of Processing: You may request limits on how we use your data.
– Right to Data Portability: You may request to receive your data in a structured, commonly used, machine-readable format and have it transferred to another controller where possible.
– Right to Object: You may object to specific data uses including direct marketing and automated decision-making.
– Right to Withdraw Consent: At any time, you may withdraw consent previously provided without retroactive effect.
To exercise any of these rights, please contact us at [email protected].
5. Security Measures
We maintain physical, technical, and administrative safeguards to protect your personal information. These measures include, but are not limited to:
– Data encryption in transit and at rest
– Layered access controls and role-based permissions
– Secure socket layer (SSL) technology
– Firewalls and intrusion detection systems
– Routine server backups and disaster recovery protocols
– Staff privacy training and confidentiality agreements
While no method of transmission or storage is 100% secure, we regularly monitor and enhance our protections to ensure the integrity and confidentiality of your data.
6. International Data Transfers
Personal data that we process may be transferred to and processed in countries outside your jurisdiction, including countries that do not provide the same level of data protection. When we transfer personal data internationally, we do so in accordance with applicable laws and use appropriate safeguards, such as Standard Contractual Clauses adopted by the European Commission or ensuring the recipient is certified under recognized frameworks.
7. Data Retention
We retain your personal data only for as long as is necessary for the purposes for which it was collected, which may include:
– Account and transaction data: Retained for 7 years for accounting and legal purposes.
– Communication and support data: Retained for up to 3 years after case resolution.
– Marketing preference data: Retained until withdrawal of consent or unsubscription.
– Website logs and analytics: Retained for up to 26 months in pseudonymized form.
Upon expiration of retention periods, data is securely deleted or anonymized.
8. Cookie Policy
We use cookies and similar technologies on hearthlivingfields.com to enhance user experience, personalize content, and analyze traffic. The types of cookies used include:
– Essential Cookies: Required for core site functionality such as page navigation, security, and shopping cart maintenance.
– Functional Cookies: Enhance your experience by remembering preferences or login status.
– Analytics Cookies: Collect anonymized statistics to understand user behavior and improve site performance.
– Performance Cookies: Track performance metrics such as page load times and responsiveness.
9. Cookie Management and Regulatory Compliance
We respect your right to privacy and give you control over cookie preferences. You may manage or withdraw cookie consent at any time through the cookie banner provided on hearthlivingfields.com, or by adjusting your browser settings. We do not deploy non-essential cookies without your express consent, pursuant to GDPR Article 6(1)(a) and CCPA requirements regarding opt-out rights.
Under the CCPA, California consumers also have the right to request:
– Disclosure of personal information collected and shared
– Deletion of personal data, subject to applicable exceptions
– Opt-out of the sale or sharing of personal information
We do not sell your personal information as defined under the CCPA.
10. Children’s Privacy
Our Website and services are not directed toward, nor do we knowingly collect personal data from, children under the age of 13. If we learn that we have inadvertently collected data from a child under 13, we will take appropriate steps to delete such information promptly. If you believe a child has provided us with personal data, please contact us at [email protected].
11. Policy Updates
We reserve the right to amend this Privacy Policy to reflect changes in our practices, regulatory requirements, or for other operational, legal, or regulatory reasons. Material updates will be communicated by posting a revised version on hearthlivingfields.com. Users are encouraged to review this page regularly for updates.
12. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or the handling of your personal data, please contact us at:
Email: [email protected]
Website: https://hearthlivingfields.com
We will endeavor to respond to your inquiry in a timely and thorough manner.
In all our operations, Hearth Living Fields strives to maintain full compliance with applicable data protection laws and to uphold your privacy rights. Please reach out to us at any time with privacy-related questions or concerns.