Privacy Policy for hearthdreamliving.com
1. Introduction
At Hearth Dream Living (“HearthDreamLiving,” “we,” “us,” or “our”), accessible via hearthdreamliving.com, we are fully committed to safeguarding the privacy and personal data of our website visitors, customers, and users. We operate with a privacy-centric philosophy in accordance with the highest standards of data protection, including compliance with the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”), as amended. We recognize the importance of maintaining confidentiality and uphold a policy of transparency, respect, and accountability in how we collect, use, and protect your personal data.
2. Scope of Policy and Role of Data Controller
This Privacy Policy applies to all users of hearthdreamliving.com and associated services, regardless of geographic location, and explains how we collect, use, share, and protect your information. Hearth Dream Living is the data controller in relation to any personal data processed through our website or associated interactions. By using our services, you agree to the terms of this Privacy Policy.
For data protection inquiries, the data controller can be reached at:
3. Categories of Data Processed
We collect and process various categories of personal information depending on your interaction with the site:
a) Usage Data
Information automatically collected when you interact with our site, including:
– Browser type and version
– Internet Protocol (IP) address
– Usage time and frequency
– Referring pages and navigation paths
– Interaction logs
b) Account Data
Provided voluntarily when you register or transact:
– Full name
– Residential address
– Email address
– Telephone number
c) Profile Data
Created or inferred through continued usage and interactions:
– Product or topic preferences
– Purchase history
– User behavior and actions on hearthdreamliving.com
d) Communication Data
Captured during correspondence with us:
– Emails, support tickets
– Contact form submissions
– Customer service call notes
– Communication history
e) Technical Data
Related to device types and technical configurations:
– Device identifiers
– Operating system and platform
– Screen resolution
– Browser plug-ins and settings
f) Transaction Data
Collected to process and fulfill purchases:
– Billing and shipping details
– Transaction history
– Partial payment card data as permitted under PCI-DSS
g) Preference Data
Captured through user settings or consent forms:
– Marketing communication preferences
– Subscriptions
– Area of product interest
4. Legal Bases for Processing
We process your personal information based on the following lawful grounds:
– Contractual Necessity: To fulfill agreements with you, including purchases and account management.
– Legitimate Interests: For administrative, fraud prevention, analytics, and business improvement purposes.
– Consent: Where required, such as for marketing communications or certain cookies.
– Legal Obligation: To comply with applicable tax, regulatory, or reporting requirements.
5. Your Rights
Under applicable privacy laws, you have the following rights, subject to applicable limitations:
– Right of Access: Obtain confirmation and a copy of your data.
– Right to Rectification: Request correction of inaccurate or incomplete data.
– Right to Erasure: Request deletion of data when legally applicable.
– Right to Restriction of Processing: Ask us to suspend processing in certain scenarios.
– Right to Data Portability: Receive your personal data in a structured, commonly used format.
– Right to Object: Object to processing based on legitimate interests or direct marketing.
– Right to Withdraw Consent: At any time, without affecting prior lawful processing.
To exercise any of your rights, please contact us at [email protected].
6. Security Measures
We implement robust technical and organizational security measures to protect your personal data, including but not limited to:
– End-to-end encryption of sensitive data
– Secure server architecture and firewalls
– Access control protocols limiting employee access to data
– Regular threat audits and vulnerability assessments
– Staff privacy and data protection training
– Secure daily backups and disaster recovery protocols
While no system is entirely immune to breaches, we actively work to minimize such risks.
7. International Transfers
Where we transfer personal data outside of the European Economic Area (EEA) or your jurisdiction, we ensure appropriate safeguards are in place. These may include:
– Standard Contractual Clauses (SCCs) approved by the European Commission
– Binding corporate rules
– Transfers to jurisdictions recognized as providing adequate data protection by relevant authorities
We ensure that your rights and protections travel with your data.
8. Data Retention
We retain your personal data only as long as necessary for the purposes outlined in this policy, including to comply with legal obligations, resolve disputes, and enforce our agreements. General retention periods are as follows:
– Usage Data: 12 months from collection
– Account Data: Duration of active account + 6 years
– Profile and Communication Data: 3 years from last interaction
– Transaction Data: 7 years for tax and audit compliance
– Technical and Preference Data: 2 years or until consent withdrawn
Data may be anonymized or securely deleted once it is no longer required.
9. Cookie Policy
Hearth Dream Living uses cookies to improve your browsing experience and to analyze website traffic. Cookies are small text files stored on your device.
Types of cookies we use include:
– Essential Cookies: Enable site functionality (e.g., secure login, cart recognition)
– Functional Cookies: Remember user settings and preferences for a tailored experience
– Analytical Cookies: Collect aggregated data on usage patterns for performance insights
– Performance Cookies: Help track responsiveness and technical errors to improve functionality
10. Cookie Management and Compliance with GDPR & CCPA
Users are presented with a cookie consent banner upon first visit, in accordance with GDPR and CCPA requirements. You may accept or reject non-essential cookies and can manage preferences at any time via cookie settings available on hearthdreamliving.com or by altering your browser’s cookie control settings.
For California residents, additional opt-out rights are provided regarding the disclosure or “sale” of personal data, and these are honored via our cookie management tools.
11. Children’s Privacy
We do not knowingly collect or process data from children under the age of 13. If we discover that a child’s personal information has been inadvertently collected, we will promptly delete such data. Parents or guardians who believe their child has provided data may contact us at [email protected] for immediate assistance.
12. Policy Updates & Notifications
We reserve the right to update or amend this Privacy Policy at any time in response to legal, technical, or business developments. Changes will be communicated either through the website or via direct notice where appropriate. Continued use of hearthdreamliving.com after updates constitutes acceptance of the revised policy.
13. Contacting Us
If you have any questions, concerns, or requests related to this Privacy Policy or how we handle your data, please contact our data privacy team at:
Email: [email protected]
We are committed to full compliance with applicable privacy laws and to ensuring that your rights are respected. Please contact us at any time to discuss your data privacy concerns.