Privacy Policy for hearthdreamfield.com
At Hearth Dream Field (“we”, “us”, “our”), accessible via hearthdreamfield.com (the “Website”), we are fully committed to protecting the privacy, confidentiality, and security of your personal data. This Privacy Policy outlines how we collect, use, disclose, and safeguard your information in strict accordance with data protection regulations, including the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other applicable laws. Your privacy is important to us, and we are dedicated to maintaining transparency and accountability in our data practices.
1. Scope of This Policy and Data Controller Role
This Privacy Policy governs the processing of personal data of visitors and users (“you”, “your”) of hearthdreamfield.com. For the purposes of data protection legislation, Hearth Dream Field is the “data controller” responsible for your personal information under this policy.
This Privacy Policy applies to all personal data collected through our Website, including information provided through forms, account registrations, customer support communications, or any other interactions with us online.
2. Categories of Data We Process
We may collect and process the following categories of personal data, depending on your interaction with hearthdreamfield.com:
a. Usage Data
Information about how you use the Website, including pages visited, browser type, IP address, time zone, viewed products, operating system, referring websites, and session data.
b. Account Data
Personal identifiers submitted during account creation or order processing such as full name, billing/shipping address, email address, and phone number.
c. Profile Data
Details relating to your preferences, purchase history, browsing behavior on the Website, and communication preferences.
d. Communication Data
Any information provided by you in correspondence with us, including customer support inquiries, feedback, or complaints.
e. Technical Data
Information from your device and systems, including device identifiers, network settings, browser configurations, and platform details.
f. Transaction Data
Details of purchases and payments made on hearthdreamfield.com, including billing records, delivery tracking information, payment cardholder data (processed via secure third-party payment gateways), and order content.
g. Preference Data
Information you provide regarding marketing preferences, product interests, and consent to receive promotional communications.
3. Legal Bases for Processing
We collect and process your personal data under the following legal bases:
– Contractual Necessity: To perform a contract with you, such as to fulfill orders, communicate about transactions, and deliver goods or services.
– Legitimate Interests: To improve website functionality, prevent fraud, maintain security, and analyze how users interact with our site, provided such interests are not overridden by your rights.
– Consent: Where you have explicitly granted permission, such as subscribing to newsletters or agreeing to cookies.
– Legal Obligation: Where we are required to process your data to comply with statutory obligations.
4. Your Rights Under GDPR and CCPA
You have various rights regarding your personal data, which we fully support and uphold:
– Right of Access: You may request access to your personal data held by us.
– Right to Rectification: You can request that we correct inaccurate or incomplete data.
– Right to Erasure (“Right to be Forgotten”): You may ask us to delete your personal data where applicable.
– Right to Restriction of Processing: You can request that we temporarily suspend processing of your data.
– Right to Data Portability: You are entitled to receive your data in a structured, commonly used, and machine-readable format.
– Right to Object (GDPR): You may object to our processing of your data under legitimate interests.
– Non-Discrimination (CCPA): You will not be discriminated against for exercising your privacy rights under the CCPA.
To exercise any of these rights, please contact us at [email protected].
5. Security Measures
We employ comprehensive safeguards to protect your personal data, including:
– Data encryption (TLS/SSL) for all transit and communication
– Role-based access control and least privileged access protocols
– Regular system backups and disaster recovery plans
– Ongoing employee training on data protection and security
– Monitoring and alerting systems for suspicious activity
6. International Data Transfers
Your data may be transferred to and processed in countries outside your country of residence, including the United States and the European Union. Where applicable, we implement Standard Contractual Clauses (SCCs) approved by the European Commission or other adequate mechanisms to ensure your data is protected in accordance with GDPR requirements.
7. Data Retention
We will retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy any legal, regulatory, tax, accounting, or reporting requirements. Retention periods vary by data type:
– Account and Transaction Data: up to 7 years for financial compliance
– Communication & Support Data: up to 3 years following last contact
– Preference and Profile Data: until consent is withdrawn or account is deleted
– Usage and Technical Data: retained for analytics for up to 18 months
Data may be anonymized for analytical purposes beyond these timelines.
8. Cookie Policy
We use cookies and similar technologies on hearthdreamfield.com to improve functionality, analyze online behavior, and personalize content. Cookies used may include:
– Essential Cookies: Required for core site functionality (e.g., shopping cart, login)
– Functional Cookies: Enhance site performance and remember preferences
– Analytics Cookies: Track visitor behavior to inform site improvements (e.g., Google Analytics)
– Performance Cookies: Improve load speed and user experience
9. Cookie Management and Compliance
You may manage cookie preferences directly through our cookie banner or by adjusting your browser settings to block or delete non-essential cookies.
For GDPR compliance, users in the European Union are presented with clear choices for cookie consent. Under CCPA, California users are notified of data categories collected by cookies and have the right to opt out of “sale” of personal data if applicable.
10. Special Protections for Children
We do not knowingly collect, solicit, or process personal information from children under the age of 13. If we learn that we have inadvertently gathered such data, we will take prompt steps to delete it. Parents or legal guardians who believe that their child has provided us with personal data may contact us immediately using the email provided in Section 13.
11. Policy Updates
We reserve the right to update or change this Privacy Policy at our discretion to reflect changes in legal, technological, or operational requirements. Any material changes will be communicated through the Website or directly via email where applicable. We encourage you to review this policy periodically to stay informed about our data practices.
12. Contact Us
If you have questions, concerns, or complaints regarding your personal data or this Privacy Policy, please contact us at:
Email: [email protected]
Mailing Address: Provided upon request via email communication.
—
We are fully committed to transparent, secure, and lawful handling of your personal information. hearthdreamfield.com adheres to all applicable privacy laws and offers robust measures to ensure your data is handled with confidentiality and care. Please do not hesitate to reach out to us at [email protected] if you have questions or wish to exercise your privacy rights.