Privacy Policy for HearthRoots Living

HearthRoots Living (“we,” “our,” or “us”) values your privacy and is committed to safeguarding your personal data in accordance with applicable data protection laws. This Privacy Policy outlines how we collect, use, disclose, and protect your information when you visit and interact with hearthrootsliving.com or otherwise engage with our services. Our commitment is rooted in the principles of transparency, control, and respect for individual rights.

1. Commitment to Privacy and Data Protection

We are fully dedicated to protecting your personal data and ensuring that your information is handled in a responsible and secure manner. We recognize the sensitivity of the personal information we may collect and process, and we adhere to the highest standards required under the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable privacy regulations.

2. Scope of this Policy and Data Controller Role

This policy applies to all users and visitors of hearthrootsliving.com, as well as to individuals who interact with us through customer service, marketing campaigns, social media, or other communications. HearthRoots Living is the data controller of the personal information collected and processed through our services and is responsible for determining the purposes and means of processing that data. You may contact us with any questions regarding your data rights at [email protected].

3. Categories of Personal Data We Process

We collect and process the following categories of personal data to enhance our services, provide tailored experiences, and fulfill our contractual and legal obligations:

a. Usage Data
Includes information such as IP addresses, browser type and version, operating system, referral source, date/time stamps, pages viewed, duration of visits, and navigation patterns.

b. Account Data
Includes your full name, billing and shipping address, email address, and phone number provided when creating an account or placing an order.

c. Profile Data
Includes your saved interests, product preferences, browsing behavior, wishlists, purchase history, and generated profiles for customization.

d. Communication Data
Includes data from your interactions with our support team, live chat sessions, requests submitted via forms, and records of email or phone correspondences.

e. Technical Data
Includes device type, unique device identifiers, browser plug-in types and versions, screen resolution, performance diagnostics, and system configuration data.

f. Transaction Data
Includes details of purchase transactions, payment method details (excluding full credit card numbers), shipping details, currency preferences, order history, and refund data.

g. Preference Data
Includes your consent to receive marketing materials, your communication preferences, and data on products or content you have expressed interest in.

4. Legal Bases for Processing

We process your personal data only when allowed under data protection laws. The legal bases for our processing activities include:

– Consent: When you provide clear consent for us to process your data for specific purposes (e.g., marketing communications).
– Contractual Necessity: When processing is required to fulfill a contract with you, such as completing your order.
– Legitimate Interests: Where necessary for our legitimate business interests, and those interests do not override your rights (e.g., to improve our services or prevent fraud).
– Legal Obligations: When required by relevant legal or regulatory obligations (e.g., tax, law enforcement).

5. Your Rights Under Data Protection Laws

As a data subject, you have the following rights, subject to applicable legal limitations:

– Right of Access: To obtain confirmation of whether we process your data and access to your personal information.
– Right to Rectification: To request correction of any inaccurate or incomplete data we hold about you.
– Right to Erasure: To request deletion of your personal information under certain conditions (“right to be forgotten”).
– Right to Restrict Processing: To restrict how we process your data in specific circumstances.
– Right to Portability: To receive your personal data in a structured, commonly used, machine-readable format and have it transmitted to another data controller.
– Right to Object: To object to the processing of your data where it is based on our legitimate interests or direct marketing purposes.
– Rights Under CCPA: California residents may also exercise their right to know, delete, and opt out of the sale of personal information.

To exercise any of these rights, please contact us at [email protected]. We will respond to all legitimate requests in accordance with applicable laws.

6. Security Measures

We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk of processing your personal data. This includes encryption of data in transit and at rest, strict access control protocols, secure server configurations, regular auditing and monitoring, staff training, and disaster recovery processes.

7. International Transfers of Data

Information collected through hearthrootsliving.com may be transferred to and processed in countries outside your jurisdiction, including the United States and other countries where we or our third-party service providers operate. Where these transfers take place, we rely on legally recognized safeguards such as Standard Contractual Clauses approved by the European Commission, and we ensure that any such transfer preserves the rights and freedoms of data subjects.

8. Data Retention Practices

We retain your personal data only for as long as necessary to fulfill the purposes we collected it for, including for satisfying legal, contractual, tax, and accounting requirements. Retention periods vary by data category:

– Usage and Technical Data: Up to 12 months for analytics purposes.
– Account and Profile Data: Retained during the life of your account and up to 7 years post-deactivation for compliance.
– Transaction Data: Retained for a minimum of 7 years to meet financial and tax obligations.
– Communication Data: Retained for up to 36 months to maintain service quality and resolve disputes.

Upon expiration of retention periods, data is securely deleted or anonymized.

9. Cookie Policy

Our website uses cookies and similar tracking technologies to enhance your browsing experience. Cookies are small data files placed on your device when you visit hearthrootsliving.com.

– Essential Cookies: Enable core site functionality such as secure logins and shopping cart operations.
– Functional Cookies: Remember user preferences and provide enhanced personalization.
– Analytical Cookies: Collect aggregated data about site usage to help us understand user behavior and improve performance.
– Performance Cookies: Monitor site speed, responsiveness, and user interactions to enhance user experience.

10. Cookie Management and Compliance

When you first visit our site, you will be given the option to accept or customize your cookie preferences. We comply with GDPR requirements by seeking explicit consent for non-essential cookies and offer opt-in/out functionality. Under CCPA, users have the right to opt out of sale or sharing of their information, which includes cookie-based advertising in certain contexts. You can also manage cookies via your browser settings at any time.

11. Children’s Privacy

We do not knowingly collect or solicit personal data from children under the age of 13. If we discover that a child under 13 has submitted personal data through hearthrootsliving.com without verified parental consent, we will delete that information promptly. Parents or guardians who believe their child has submitted personal data should contact us immediately at [email protected].

12. Policy Updates and Notifications

We may update this Privacy Policy from time to time to reflect changes in our data processing practices or legal obligations. All modifications will be posted to hearthrootsliving.com, and we may notify you via prominent notice or direct communication if required by law. We encourage you to review this Policy periodically to stay informed.

13. Contact Information

For any inquiries, requests to exercise your rights, or concerns regarding this Privacy Policy or our data practices, please contact us at:

HearthRoots Living
Email: [email protected]
Website: https://hearthrootsliving.com

We are committed to complying with all applicable privacy laws and ensuring your personal information is handled with care, transparency, and accountability. Please contact us if you have any questions or require further assistance regarding your privacy rights.