Privacy Policy
Hearth Roots Victory (“we,” “us,” or “our”) is firmly committed to protecting your privacy and the security of your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, hearthrootsvictory.com (the “Site”), and interact with our services. We adhere strictly to applicable data protection regulations, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), and our actions are guided by a privacy-first approach that respects your rights and your data.
1. Scope of This Policy and Our Role as a Data Controller
This Privacy Policy applies to all visitors, users, and others who access hearthrootsvictory.com. We act as the data controller for the personal information we collect, determining the purposes and means of its processing. This policy governs the handling of both online and offline data collected via our website and associated communications.
2. Categories of Personal Data We Process
We collect and process a range of personal data depending on your interaction with our Site and services. The categories of data we may process include:
a) Usage Data
Information about how you use our Site, such as your IP address, browser type, referring/exit pages, pages viewed, date/time stamps, and session duration.
b) Account Data
Data provided when you create an account or register with us, including your full name, email address, mailing address, and telephone number.
c) Profile Data
Information such as your preferences, engagement with products or services, purchasing history, and individual behavior patterns as they relate to hearthrootsvictory.com.
d) Communication Data
Records of your communications with us, such as customer support inquiries, contact form submissions, and any other correspondence.
e) Technical Data
Device-specific technical information gathered during your interactions, including your operating system, device type, screen resolution, and system configuration data.
f) Transaction Data
Details related to purchases made through our Site, including billing information, shipping address, order history, and payment details provided through secure third-party processors.
g) Preference Data
Your expressed preferences regarding marketing communications, newsletter subscriptions, product or service interests, and related interaction tracking.
3. Legal Bases for Processing Personal Data
We rely on several lawful grounds where we process personal information under the GDPR and CCPA:
– Consent: When you provide explicit permission to process your data for specific purposes, such as marketing or newsletter subscriptions.
– Performance of a Contract: Where processing is necessary to fulfill a purchase, order, or service requested by you.
– Legitimate Interest: For improving the functionality of our Site, communicating relevant offerings, and securing our digital environment, provided these interests do not override your fundamental rights.
– Legal Obligation: Where processing is required for compliance with a legal obligation.
4. Your Rights Under GDPR and CCPA
We respect and uphold your rights as a data subject. Depending on your jurisdiction, you may exercise the following rights:
– Right of Access: Obtain confirmation of whether we process your data and receive a copy of your personal data.
– Right to Rectification: Request correction of inaccurate or incomplete personal data.
– Right to Erasure: Ask us to delete your data where permissible under law, such as when it is no longer necessary for processing.
– Right to Restriction of Processing: Request limited processing of your data under defined circumstances.
– Right to Data Portability: Receive personal data you provided to us in a structured, machine-readable format and transfer it to another controller, where technically feasible.
– Right to Opt-Out (CCPA): California residents may request that we do not sell or share their personal data and may exercise other data-related rights.
To exercise any of these rights, please contact us using the details provided in Section 13.
5. Security Measures
We employ industry-standard administrative, physical, and technical safeguards to protect your data against unauthorized access, alteration, disclosure, or destruction. Our measures include but are not limited to:
– Encryption of data during transmission and while at rest
– Role-based access control and two-factor authentication
– Regular security training for personnel
– System monitoring and intrusion detection mechanisms
– Routine cybersecurity audits and cloud-based backups
6. International Data Transfers
Some of the third-party service providers we use may be located outside your jurisdiction. When we transfer personal data internationally, particularly outside the European Economic Area (EEA), we use appropriate safeguards such as Standard Contractual Clauses approved by the European Commission and adhere to regional laws to ensure adequate protection.
7. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including compliance with legal, tax, and accounting requirements. Retention timeframes may include:
– Account & Profile Data: Retained for the duration of your active account and for up to 5 years after termination
– Transaction Data: Retained for 7 years for financial records
– Communication Records: Retained for 2 years following the last interaction
– Technical and Usage Data: Retained for analytical and security purposes for up to 18 months
Data no longer required is securely deleted or anonymized.
8. Cookie Policy
We use cookies and similar tracking technologies to enhance your experience on hearthrootsvictory.com. These include:
– Essential Cookies: Required for the operation of the Site, such as session cookies and navigation aids.
– Functional Cookies: Used to remember user preferences, enhance usability, and store language or region selections.
– Analytics Cookies: Help us understand how visitors engage with our Site through anonymous usage statistics (e.g., Google Analytics).
– Performance Cookies: Collect information about the performance and responsiveness of the Site in different environments.
You may refuse or accept cookies at any time. Disabling cookies may affect some Site functionality.
9. Cookie Management and Compliance
Upon your first visit, we display a consent banner allowing you to manage your cookie preferences in compliance with GDPR and CCPA. You can change or withdraw your consent at any time via our cookie management tool or by adjusting your browser settings. California residents are additionally provided with a “Do Not Sell or Share My Personal Information” mechanism in accordance with the CCPA.
10. Children’s Privacy
Our Site is not directed to children under the age of 13. We do not knowingly collect data from children without verified parental consent. If we become aware that a child under the age of 13 has provided us with personal data, we will delete such information promptly. Parents or guardians who believe that their child has provided personal information may contact us at [email protected].
11. Changes to This Policy
We reserve the right to modify this Privacy Policy to reflect updates to our practices, legal changes, or operational requirements. Significant modifications will be communicated through our website, banners, or direct emails where appropriate. Continued use of our Site after such updates constitutes your acceptance of the revised policy.
12. Contact Information
For inquiries regarding this Privacy Policy, your personal data, or if you wish to exercise any of your rights under applicable data laws, please contact us:
Email: [email protected]
Website: hearthrootsvictory.com
We will respond to your request in accordance with applicable privacy laws and timelines.
—
We are committed to full compliance with all relevant privacy regulations, and we work diligently to uphold your data protection rights. Please do not hesitate to reach out with any privacy-related concerns or requests.