Privacy Policy
1. Introduction
At Hearth Mind Solutions (“we,” “us,” “our”), accessible at hearthmindsolutions.com, we are firmly committed to safeguarding your personal data and respecting your right to privacy. We understand that protecting your information is essential to maintaining your trust, and we process all data in full compliance with applicable data protection regulations, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). This Privacy Policy explains how we collect, use, disclose, and protect your personal data when you interact with our website and services.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all users and visitors of hearthmindsolutions.com and governs the handling of personal data by Hearth Mind Solutions in our role as the data controller. As the data controller, Hearth Mind Solutions determines the purposes for which and the manner in which personal data is collected and processed.
If you have any questions about this policy or the use of your personal data, please contact us at [email protected].
3. Categories of Data Processed
We may collect and process the following categories of personal data:
a) Usage Data
Includes details such as your IP address, browser type and version, page interactions, access times, referring URLs, and other diagnostic data associated with your use of hearthmindsolutions.com.
b) Account Data
If you create an account with us, we may collect your full name, address, email address, telephone number, and other identifiers necessary to manage your user profile and deliver our services.
c) Profile Data
Covers information about your preferences, interests, previous purchases, user-generated content, and behavioral insights gathered through your interactions with our website.
d) Communication Data
Encompasses the content and metadata of communications with our customer support teams, including emails, live chats, and inquiry submissions.
e) Technical Data
Includes data about the device you use to access our site, such as device type, operating system, screen resolution, language settings, and browser configuration.
f) Transaction Data
Covers financial and payment information (collected via our secure payment processor), order history, billing and shipping addresses, and fulfillment-related data.
g) Preference Data
Includes your selected marketing preferences, opt-in/out records, and expressed interests in specific products or services.
4. Legal Bases for Processing
We process your personal data only when a valid legal basis applies. These include:
– Contractual Necessity: When processing is necessary for entering into or fulfilling a contract with you (e.g., managing your purchases or delivering services).
– Legitimate Interests: Where we have a legitimate interest in processing data for administrative, security, analytical, or marketing purposes, provided such interest is not overridden by your rights and freedoms.
– Consent: Where you have explicitly consented to the processing of your data for specific purposes (e.g., receiving promotional emails).
– Legal Obligation: Where processing is required to comply with a legal obligation.
You have the right to withdraw your consent at any time without affecting the lawfulness of processing based on that consent before its withdrawal.
5. Your Rights Under Applicable Laws
In accordance with GDPR, CCPA, and other data protection laws, you have the following rights with respect to your personal data:
– Right of Access: You may request confirmation and access to the personal data we hold about you.
– Right to Rectification: You may request that we correct inaccuracies or complete incomplete data.
– Right to Erasure: You may request that we delete your personal data, subject to certain legal obligations.
– Right to Restriction: You may request that we limit the processing of your data under specified circumstances.
– Right to Data Portability: Where applicable, you may request a copy of your personal data in a structured, machine-readable format for transfer to another service.
– Right to Object: You may object to data processing based on our legitimate interests or for direct marketing purposes.
– Right Not to Be Subject to Automated Decision Making: You may request human intervention in cases involving profiling or automated decision-making that significantly affects you.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We implement robust technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:
– End-to-end encryption of data in transit and at rest
– Role-based access control and multi-factor authentication
– Secure, off-site, and redundant data backups
– Regular audits and vulnerability assessments
– Ongoing staff training in data protection and secure data handling practices
7. International Transfers
In cases where your data is transferred to jurisdictions outside the European Economic Area (EEA) or California, we ensure appropriate safeguards are in place, such as the use of Standard Contractual Clauses approved by the European Commission or adherence to an adequacy decision by relevant authorities.
By accessing services on hearthmindsolutions.com, you acknowledge and consent to the transfer of your data as outlined above, where applicable.
8. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for legal, tax, accounting, and reporting purposes. Retention periods for key categories of data are as follows:
– Usage and Technical Data: Retained for up to 26 months for security and analytics
– Account and Profile Data: Retained as long as your account remains active and up to 7 years post-deactivation for compliance reasons
– Communication Data: Retained for up to 3 years unless required longer for dispute resolution or legal obligations
– Transaction Data: Retained for 7 years in accordance with financial regulations
– Marketing Preferences: Retained until you opt out or withdraw consent
After the applicable retention period, your data is securely deleted or anonymized.
9. Cookie Policy
We use cookies and similar tracking technologies to enhance your browsing experience, analyze traffic, and provide personalized content. Cookies fall into the following categories:
– Essential Cookies: Necessary for navigation and core functionality (e.g., secure logins)
– Functional Cookies: Enable customization features like remembering settings or preferences
– Analytics Cookies: Collect aggregated data to understand how users interact with the website
– Performance Cookies: Monitor website performance and enable troubleshooting
10. Cookie Management and Compliance with GDPR & CCPA
When you first visit hearthmindsolutions.com, we present a cookie consent banner. Your consent is required for non-essential cookies. You can modify your preferences at any time via the cookie settings link found at the footer of our website or by adjusting your browser settings.
California residents may submit a “Do Not Sell or Share My Personal Information” request if applicable under CCPA. We respect Global Privacy Control (GPC) signals where recognized by our system.
11. Special Protections for Children
Our website and services are not intended for children under the age of 13. We do not knowingly collect personal data from children. If we learn that we have collected personal data from a child under 13 without parental consent, we will take immediate steps to delete such information. Parents or legal guardians with concerns should contact us at [email protected].
12. Policy Updates & User Notifications
We reserve the right to update this Privacy Policy to reflect changes in our practices, legal obligations, or operational needs. When material updates occur, we will notify users through appropriate channels, such as posting a notice on hearthmindsolutions.com or contacting you directly where required by law.
13. Contact
If you have questions, concerns, or requests related to your personal data or this Privacy Policy, please contact us at:
Email: [email protected]
We are committed to maintaining the privacy and integrity of your personal data. This policy reflects our dedication to compliance with applicable privacy legislation, including GDPR and CCPA. We encourage you to review this policy periodically and reach out to us with any data protection concerns.