Privacy Policy for Hearth Dream Spaces

1. Introduction

At Hearth Dream Spaces, accessible via hearthdreamspaces.com, we are firmly committed to protecting the privacy and personal data of our users. We value transparency and respect for individual privacy rights, and we are dedicated to ensuring that all personal information collected is handled responsibly, securely, and in full compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information during your interactions with our website and related services.

2. Scope of Policy and Data Controller Role

This Privacy Policy applies to all users of hearthdreamspaces.com, including visitors, registered users, and customers. Hearth Dream Spaces is the “data controller” for the personal data collected through this website, determining the purposes and means of the processing of your personal information. For inquiries concerning your data or this policy, please contact us at [email protected].

3. Categories of Data We Collect

We collect and process various categories of personal data necessary for the effective operation and enhancement of our services. These categories include:

a. Usage Data: This includes information automatically collected when you visit hearthdreamspaces.com, such as browser type, IP address, access time, pages viewed, geographic location, device identifiers, session duration, and referring website addresses.

b. Account Data: Information you provide when creating an account or placing an order, including your full name, postal address, email address, and phone number.

c. Profile Data: Information related to user preferences, user history, purchase behavior, saved favorites, and feedback.

d. Communication Data: Records of communications submitted through contact forms, feedback mechanisms, live chats, and support tickets, including the content of your messages and our responses.

e. Technical Data: Details about the device and system configuration you use to access the site, including operating system, screen resolution, language settings, and internet service provider information.

f. Transaction Data: Information related to orders, billing and delivery addresses, payment confirmations (through third-party processors), and purchase history.

g. Preference Data: Your selections regarding marketing communications, expressed interests in products and services, and cookie preferences.

4. Legal Bases for Processing Personal Data

We rely on the following lawful bases to collect and process personal information:

– Consent: When you provide clear and specific consent (e.g., for marketing emails).
– Contractual Necessity: To perform the contract we are about to enter into or have entered into with you, such as fulfilling orders.
– Legitimate Interests: To enhance user experience, maintain security, and monitor usage statistics, provided such interests are not overridden by your fundamental rights.
– Legal Obligation: Where processing is necessary to comply with laws or regulatory obligations.

5. Your Rights

Under the GDPR, CCPA, and other data protection laws, you have the following rights regarding your personal data:

– Right of Access: Obtain confirmation and access to your personal data.
– Right to Rectification: Request correction of inaccurate or incomplete data.
– Right to Erasure: Request deletion of your data, subject to legal and contractual limitations.
– Right to Restriction: Request limited processing of your data.
– Right to Data Portability: Receive data in a structured, commonly used format and transmit it to another controller.
– Right to Object: Object to processing based on legitimate interests or direct marketing.
– Right to Withdraw Consent: Withdraw your consent at any time, where consent is the basis for processing.
– Right Not to Be Discriminated Against: Under CCPA, exercise your rights without facing discrimination for doing so.

To exercise any of these rights, please contact us at [email protected].

6. Security Measures

We implement robust technical and organizational measures to protect personal data against unauthorized access, disclosure, alteration, loss, or destruction. These include end-to-end encryption, role-based access controls, secure server configurations, regular data backups, and mandatory training for staff on data privacy and security protocols.

7. International Transfers

Your personal information may be transferred, stored, and processed outside your country of residence, including to jurisdictions that may not provide the same level of data protection. In such cases, we implement appropriate safeguards, such as Standard Contractual Clauses approved by the European Commission, to ensure your data receives adequate protection in accordance with applicable data protection laws.

8. Data Retention

We retain personal data only for as long as necessary for the purposes for which it was collected and to comply with applicable legal, accounting, or regulatory requirements. Data retention periods include, but are not limited to:

– Account Data: Retained during the life of the account and up to 5 years after inactivity or closure
– Transaction Data: Retained for 7 years for tax and audit purposes
– Communication and Support Data: Kept for 2 years for review, resolution, and customer service tracking
– Usage and Technical Data: Maintained for up to 2 years for analytics and performance optimization
– Cookie and Preference Data: Stored for the duration defined in the Cookie Policy

9. Cookies and Similar Technologies

We use cookies and similar tracking technologies on hearthdreamspaces.com to improve user experience and functionality. These include:

– Essential Cookies: Required for basic functionality and access to secure site areas.
– Functional Cookies: Enable enhanced usability based on your preferences (e.g., language, region).
– Performance and Analytics Cookies: Help us understand site usage and optimize content using anonymized data.
– Targeting and Advertising Cookies: Used for delivering personalized advertisements based on your interests.

10. Cookie Management and Regulatory Compliance

Upon your first visit to our site, you will be asked to accept or manage your cookie preferences. You may change or withdraw consent for non-essential cookies at any time via our Cookie Settings panel available on every page. We honor “Do Not Track” preferences and comply with global privacy regulations including GDPR and CCPA.

11. Children’s Privacy

Our services are not intended for use by children under the age of 13. We do not knowingly collect personal data from individuals under 13 years of age. If we learn that we have inadvertently collected data from a child without appropriate parental consent, we will take prompt steps to delete such data. If you believe a child under 13 has provided us with personal information, please contact us at [email protected].

12. Policy Updates

We reserve the right to revise this Privacy Policy to account for legal or operational changes. Major updates will be communicated through appropriate channels, including our website and, when applicable, direct user notifications. Continued use of hearthdreamspaces.com signifies your acceptance of any changes made.

13. Contact Information

For questions, concerns, or to exercise any of your data protection rights, please contact our designated privacy representative at:

Email: [email protected]
Website: hearthdreamspaces.com

We are fully committed to maintaining compliance with all applicable data protection regulations. If you have any questions regarding this Privacy Policy, or if you wish to exercise your rights under GDPR or CCPA, please do not hesitate to contact us.