Privacy Policy for Pure Hearth Living
At Pure Hearth Living, accessible at https://purehearthliving.com, we are committed to safeguarding your personal data and upholding your fundamental privacy rights. We understand the importance of protecting the personal information you entrust to us, and we conduct all data processing activities in strict accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other relevant legal frameworks.
1. Commitment to Privacy and Data Protection
At Pure Hearth Living, we place privacy at the core of our operations. We approach your personal information with the utmost care, ensuring that the collection, use, disclosure, and retention of personal data is carried out lawfully, transparently, and with due regard to your rights. This Privacy Policy outlines the measures we take to protect your data and your privacy choices when interacting with our website, services, and communications.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all personal data collected through the website purehearthliving.com and any related services or online platforms operated by us. Pure Hearth Living is the data controller for the purposes of GDPR and the business as defined under the CCPA, determining the purposes and means of processing your personal data. If you have any questions about this policy or your data, you can contact us at [email protected].
3. Categories of Personal Data We Collect
We may collect and process the following categories of personal information, depending on your interactions with the website and our services:
a. Usage Data
Includes information about how you use the website, including browser type and version, IP address, time zone setting, operating system, device type, session duration, clickstream patterns, and browsing behavior.
b. Account Data
Includes information you provide upon registration or during account creation, such as your full name, email address, contact number, billing and shipping addresses.
c. Profile Data
Includes your interests, product preferences, browsing history, order activity, and other behavioral insights derived from your use of the site.
d. Communication Data
Includes messages you send us, support requests, contact form submissions, customer service interactions, and feedback or survey responses.
e. Technical Data
Includes device identifiers, system configurations, operating system versions, mobile device type, app versions, and diagnostic data related to website performance.
f. Transaction Data
Includes details of purchases you make via the site, billing details, delivery addresses, payment card data processed via secure third-party payment gateways (we do not store full payment card numbers directly).
g. Preference Data
Includes your subscription preferences, opt-ins for emails, interest in product categories, and consent records related to marketing and cookies.
4. Legal Bases for Processing Personal Data
We rely on the following lawful bases to process personal data:
– Performance of Contract: Where processing is necessary to fulfill our contractual obligations, including order fulfillment, customer service, or account management.
– Legitimate Interests: Where it is in our or your interests to do so and such interests are not overridden by your rights or interests (e.g., improving site usability, detecting fraud, maintaining IT security).
– Legal Obligation: Where processing is required to comply with applicable laws and regulatory requirements.
– Consent: Where you have provided your explicit consent for non-essential data processing, such as for marketing communications or analytics tracking.
5. Your Privacy Rights
Under applicable data protection laws, you have the following rights:
– Right of Access: Request confirmation on whether we process your personal data and obtain a copy of such data.
– Right to Rectification: Request correction of inaccurate or incomplete personal information.
– Right to Erasure: Request deletion of your personal data in situations where we are no longer legally permitted to retain it.
– Right to Restrict Processing: Request to limit how and why your personal data is used.
– Right to Data Portability: Request your data be delivered to you or a third-party in a structured, machine-readable format.
– Right to Object: Object to processing based on legitimate interest or direct marketing purposes.
To exercise any of these rights, please contact us at [email protected]. We will respond in accordance with applicable legal requirements.
6. Security Measures
We take the protection of your data seriously and implement robust technical and organizational safeguards to secure your personal information. These measures include:
– SSL encryption across the website.
– Role-based access controls.
– Secure hosting environments with active monitoring.
– Regular data backups and disaster recovery procedures.
– Staff training focused on data privacy and handling.
While we strive to use commercially acceptable means to protect your personal data, no system is entirely immune from risks. We continually assess and update our security framework.
7. International Data Transfers
Where personal data is transferred to and processed in countries outside the European Economic Area (EEA) or California, we ensure that appropriate safeguards are implemented. This includes reliance on Standard Contractual Clauses approved by the European Commission, adequacy determinations, or other lawful transfer mechanisms. We ensure that transferred data is processed in accordance with this Privacy Policy and the relevant legal protections.
8. Data Retention
We retain personal data only for as long as reasonably necessary to fulfill the purposes we collected it for, including to satisfy legal, regulatory, contractual, or business obligations. Specific retention periods include:
– Account Data: Maintained as long as an account is active or as required for administrative purposes.
– Transaction Data: Retained for 7 years for compliance with financial and taxation records regulations.
– Communication Data: Retained for up to 3 years following your last interaction.
– Preference and Marketing Data: Retained for 2 years unless consent is withdrawn sooner.
– Technical and Usage Data: Retained for analytics purposes for up to 12 months.
Upon expiry of the relevant retention period, data will be securely deleted or anonymized.
9. Cookie Policy
We use a variety of cookies for different purposes when you visit our website:
a. Essential Cookies
Required for the website to function properly (e.g., session management, login authentication, shopping cart continuity).
b. Functional Cookies
Enable enhanced features and personalization (e.g., saving language or location preferences).
c. Analytics Cookies
Collect aggregated data to understand user behavior and website performance (e.g., Google Analytics). Data from these cookies is anonymized where possible.
d. Performance Cookies
Used to improve website functionality and user experience, such as load balancing and system diagnostics.
10. Cookie Consent Management and Legal Compliance
Upon your first visit to https://purehearthliving.com, you are presented with a clear cookie banner asking for your consent to use non-essential cookies. You may choose to accept, reject, or customize your preferences in accordance with GDPR and CCPA requirements.
CCPA Opt-out Rights: California residents have the right to opt-out of the “sale” of their personal information. While Pure Hearth Living does not sell personal data in the conventional sense, any data sharing for behavioral advertising is managed transparently, with opt-out options available through browser settings or by contacting us directly.
You can manage your cookie preferences at any time using the cookie settings on our website or by adjusting your browser settings.
11. Processing of Data of Children Under 13
Pure Hearth Living does not knowingly collect or process personal data from children under 13 years of age. If we become aware that we have inadvertently collected data from a child, we will take immediate steps to delete such information. Parents or guardians who believe their child has submitted data to us may contact us at [email protected].
12. Policy Updates
We may update this Privacy Policy from time to time to reflect changes in our business practices, technologies, or legal obligations. We encourage users to review this policy periodically for any changes. Where material changes occur, we will provide prominent notice either on the website or through direct communication.
13. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal information, please contact:
Pure Hearth Living
Email: [email protected]
Website: https://purehearthliving.com
We remain fully committed to complying with data protection laws and ensuring transparency and fairness in all of our data practices. Please contact us at any time if you have concerns about your privacy.