Privacy Policy
Hearth Vibe Spaces (“we,” “our,” or “us”) values your privacy and is fully committed to protecting the personal data of all visitors to and users of our website, https://hearthvibespaces.com. This Privacy Policy outlines how your data is collected, used, shared, and protected in accordance with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable privacy laws. We are dedicated to processing personal data with the highest regard for your rights, privacy, and security.
1. Scope of This Policy and Data Controller Role
This Privacy Policy applies to your use of the website hearthvibespaces.com and governs all personal data collected through or in connection with its use. Hearth Vibe Spaces is the Data Controller of your personal information as defined under applicable data protection laws, meaning we determine the purpose and means of processing your personal data.
2. Categories of Data Processed
We collect and process the following categories of personal data, depending on your interaction with our services:
a. Usage Data
We may automatically log information about your browser type, IP address, referring/exit pages, time spent on pages, and other diagnostic data obtained through your use of hearthvibespaces.com.
b. Account Data
When you create an account or place an order, we collect identifiable information such as your full name, email address, shipping and billing addresses, and phone number.
c. Profile Data
This includes any preferences you set regarding your account, purchase history, browsing activity, and behavioral patterns related to our product offerings.
d. Communication Data
We collect and store communications you send us, including contact form submissions, customer support requests, emails, and any history of correspondence.
e. Technical Data
Collected via cookies and analytics tools, this includes device type, operating system, browser configuration, screen resolution, language settings, and internet service provider.
f. Transaction Data
This includes payment information (processed securely via third-party gateways), delivery addresses, purchase details, and invoice records.
g. Preference Data
Information you voluntarily provide to indicate your consent to marketing communications, notification preferences, and interest in specific products or content.
3. Legal Bases for Processing Personal Data
We process your personal data under one or more of the following legal bases:
– Consent: Where you have given us explicit permission to do so, particularly for marketing communications or non-essential cookies.
– Contractual Necessity: When processing is required to fulfill a contract with you, such as managing orders or creating accounts.
– Legal Obligation: When we are required to process data to comply with legal or regulatory requirements.
– Legitimate Interests: Where processing is necessary for the operation of our business in a way that does not override your rights or freedoms. This includes website optimization and fraud prevention.
4. Your Rights
Under the GDPR, CCPA, and similar frameworks, you have certain rights in relation to your personal data:
– Right of Access: Request details of the data we hold about you.
– Right to Rectification: Correct inaccuracies in your personal data.
– Right to Erasure: Request deletion of your data, subject to legal and contractual obligations.
– Right to Restriction: Request the limitation of data processing in certain circumstances.
– Right to Data Portability: Receive your data in a structured, commonly used format and transfer it to another controller.
To exercise any of these rights, please contact us at [email protected].
5. Security Measures
We implement a range of technical and organizational security measures to protect your data from unauthorized access, disclosure, alteration, or destruction, including:
– SSL/TLS encryption of data transmissions
– Secure access management and user authentication
– Routine backups stored securely
– Employee training on data protection best practices
6. International Data Transfers
When transferring personal data outside of your country—particularly to jurisdictions that may not offer the same level of data protection—we implement appropriate safeguards. These may include Standard Contractual Clauses approved by the European Commission or other lawful mechanisms to ensure data is securely and respectfully transferred in compliance with applicable laws.
7. Data Retention
We retain personal data for no longer than is necessary for the purposes for which it was collected, including:
– Account Data and Profile Data: Retained while your account remains active, and for up to 2 years after closure unless otherwise required by law.
– Transaction Data: Retained for a minimum of 7 years for tax and legal compliance.
– Communication Data: Retained for up to 3 years from the date of communication.
– Analytics/Usage Data: Retained for no more than 26 months.
We regularly review our retention policies to ensure minimal data storage.
8. Cookie Policy
We use cookies and similar technologies on hearthvibespaces.com for the purposes of:
– Essential Cookies: Enabling core site functionality such as access to secure areas.
– Functional Cookies: Remembering your site preferences and settings.
– Analytics Cookies: Understanding how users navigate and interact with our website to improve overall performance.
– Performance Cookies: Monitoring the efficiency and success of our marketing efforts.
9. Cookie Management and Compliance
We comply with GDPR and CCPA regarding consent for cookies. When you visit our site, we prompt you with a cookie consent banner allowing you to accept or reject non-essential cookies. You may update your cookie preferences at any time via our cookie management tool or by adjusting your browser settings. California residents may also opt out of the “sale” or “sharing” of personal information in accordance with the CCPA by contacting us or adjusting cookie preferences on our website.
10. Children’s Data
Hearth Vibe Spaces does not knowingly collect or process data from individuals under the age of 13. If we become aware that a child has provided personal information without parental consent, we will take immediate steps to delete such data. Parents or guardians who believe their child has submitted personal data may contact us at [email protected] for prompt assistance.
11. Policy Updates
We may revise this Privacy Policy from time to time to reflect changes in legal requirements or our data processing practices. Any material changes will be prominently communicated via the hearthvibespaces.com website. Continued use of the website following any update constitutes your acceptance of the revised terms.
12. Contact Information
If you have any questions, concerns, complaints, or would like to exercise your rights under this Privacy Policy, please contact our Data Protection Officer at:
Email: [email protected]
Website: https://hearthvibespaces.com
We take your privacy seriously and are committed to maintaining full compliance with applicable data protection laws. You may contact us at any time to discuss any aspect of our privacy practices.