Privacy Policy
At Hearth Vibe Studio (accessible at hearthvibestudio.com), we are committed to protecting your personal data and respecting your privacy. This Privacy Policy outlines how we collect, use, store, and protect your information in accordance with applicable data protection regulations, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We are dedicated to maintaining your trust by handling your data with transparency, integrity, and care.
1. Introduction
We understand that privacy is important to you. Hearth Vibe Studio is committed to safeguarding the privacy of our users and ensuring the security of their personal data. This Privacy Policy is designed to inform you about the categories of personal data we collect, the purposes of processing, your rights, and how we uphold high standards of data protection.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all visitors to and users of hearthvibestudio.com (the “Website”). Hearth Vibe Studio acts as the data controller for all personal data collected through the Website. If you have any questions or requests regarding the processing of your data, you may contact us at [email protected].
3. Categories of Data Processed
We collect the following categories of personal data, either directly from you or automatically through your use of the Website:
a) Usage Data
This data includes information such as your browser type, IP address, pages visited, access times, device identifiers, and session duration, obtained automatically as you navigate the Website.
b) Account Data
When you create an account or register on hearthvibestudio.com, we may collect your full name, mailing address, email address, phone number, and login credentials.
c) Profile Data
This includes your preferences, interests, shopping or browsing behavior, and past product purchases.
d) Communication Data
We retain records of your communications with us, including customer support inquiries, contact form submissions, and any correspondence via email or other channels.
e) Technical Data
Information about your technical environment including device type, operating system, browser settings, network information, and system configuration.
f) Transaction Data
We collect details necessary for order processing and payment, including billing address, shipping details, payment method, and transaction history.
g) Preference Data
Includes your marketing permissions and expressed interests in particular products or services, used to tailor the user experience and promotional messaging.
4. Legal Bases for Processing
We process your personal data on the following legal grounds, in line with Article 6 of the GDPR and relevant CCPA provisions:
– Consent: For activities such as email marketing or analytics cookies, we rely on your explicit consent.
– Contractual Necessity: Processing required to fulfill our obligations when you create an account, place an order, or request services.
– Legitimate Interest: Includes fraud prevention, service improvements, or ensuring Website security, provided such interests do not override your fundamental rights.
– Legal Obligation: Where we are required to comply with statutory or regulatory duties.
5. Your Rights
As a data subject, you have the following rights in accordance with GDPR and CCPA:
– Right of Access: Request access to the personal data we hold about you.
– Right to Rectification: Correct inaccurate or incomplete data.
– Right to Erasure: Request deletion of your personal information, subject to statutory limitations.
– Right to Restriction: Limit how we use your data under certain circumstances.
– Right to Data Portability: Receive your data in a machine-readable format or transfer it to another controller.
– Right to Object: Object to data processing on grounds relating to your particular situation, including direct marketing.
– Right to Opt Out (CCPA): Residents of California may opt out of the sale or sharing of personal data.
To exercise any of these rights, contact us at [email protected]. We will acknowledge and respond to your request in accordance with applicable regulations.
6. Security Measures
We implement robust technical and organizational safeguards to protect your personal data, including but not limited to:
– Data encryption in transit and at rest.
– Access controls and account authentication mechanisms.
– Secure storage environments and cloud infrastructure.
– Staff training in data security and privacy practices.
– Daily backups and recovery protocols to ensure business continuity.
7. International Data Transfers
While our servers and primary operations are located within our regional market, your data may be transferred to and processed in countries outside of your jurisdiction. Where required, we utilize Standard Contractual Clauses (SCCs) or equivalent safeguards to ensure adequate data protection levels, in compliance with GDPR and other regulatory guidelines.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by law. General retention timelines include:
– Account and profile data: Retained for the duration of your account activity and up to 24 months of inactivity.
– Transaction records: Retained for up to 7 years for compliance and audit purposes.
– Communications data: Retained for 24–36 months to maintain customer service continuity.
– Cookie data: Retention depends on type but does not generally exceed 13 months.
Once data is no longer required, it is securely deleted or anonymized.
9. Cookie Policy
Hearth Vibe Studio uses cookies and similar tracking technologies to provide essential functionality, personalize content, analyze Website usage, and serve advertising. Cookies used include:
– Essential Cookies: Necessary for Website functionality and user authentication.
– Functional Cookies: Enable enhanced features like saved preferences and account settings.
– Analytics Cookies: Help us understand how users interact with the Website (e.g., page visits, user flows).
– Performance Cookies: Used to enhance performance and load times.
10. Cookie Management and Compliance
You can manage your cookie preferences at any time via your browser settings or consent management tools provided on hearthvibestudio.com. Users in the EU and California are presented with clear choices to accept, reject, or customize their cookie preferences in accordance with GDPR and CCPA regulations.
11. Protection of Children’s Data
Our Website and services are not intended for children under the age of 13. We do not knowingly collect personal data from children. If we become aware that a child under 13 has submitted personal data, we will take immediate steps to delete that information.
12. Policy Updates and Notifications
We may update this Privacy Policy from time to time to reflect changes in regulatory requirements, technology, or our business practices. All updates will be published promptly on hearthvibestudio.com. Where required by law, we will notify you directly of significant changes.
13. Contacting Us
If you have questions, concerns, or requests regarding this Privacy Policy or the way we handle your personal data, please contact us at:
Email: [email protected]
—
We are committed to full compliance with GDPR, CCPA, and all applicable data protection laws. If you have any privacy-related concerns, our team is here to help. Please don’t hesitate to reach out.