Privacy Policy for hearthstonedreams.com
1. Introduction
At Hearthstone Dreams, accessible via hearthstonedreams.com, we are committed to protecting the privacy and personal data of all our visitors, customers, and users. This Privacy Policy outlines how we collect, use, disclose, and safeguard your information in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We place a high value on your right to privacy and implement industry-standard practices to secure your personal information.
2. Scope and Data Controller
This Privacy Policy applies to all personal data collected through the website hearthstonedreams.com and associated services. For the purposes of applicable data protection legislation, Hearthstone Dreams is the Data Controller responsible for determining the purposes and means of processing your personal information.
If you have any questions or concerns about the processing of your personal data, please contact us at [email protected].
3. Categories of Data We Process
We collect and process the following categories of personal data to operate and improve our services:
– Usage Data: Includes information such as IP address, browser type and version, time zone settings, referring URL, pages visited, page interaction information, and other standard diagnostic data automatically collected via cookies and similar technologies.
– Account Data: Information provided during account registration or checkout, including your full name, billing and shipping address, email address, and telephone number.
– Profile Data: Includes user preferences, browsing patterns, wish lists, purchase history, and behavioral data derived from interactions with our website and services.
– Communication Data: Records of customer support inquiries, messages sent via our contact forms, live chat history, and any correspondence with our support team.
– Technical Data: Information about your device, operating system, browser type, screen resolution, language preferences, and other related technical identifiers.
– Transaction Data: Payment details (processed securely via third-party processors), order history, delivery records, and associated transaction metadata.
– Preference Data: Your marketing preferences, consent choices, newsletter subscriptions, and declared interests in certain products or content categories.
4. Legal Bases for Processing
We process your personal data under the following lawful bases, as permitted by both the GDPR and CCPA:
– Consent: When you give us explicit permission to process your data for specific purposes such as marketing communications.
– Contractual Necessity: Where processing is required to fulfill a contract with you or to take steps at your request before entering into a contract.
– Legal Obligation: Where processing is required to comply with applicable laws (e.g., retaining invoice records for tax purposes).
– Legitimate Interests: We may process data when it is necessary for our legitimate interests (e.g., fraud prevention, maintaining website security, improving customer experience) and these interests do not override your fundamental rights and freedoms.
5. Your Rights
Subject to applicable law, you have the following rights regarding your personal data:
– Right of Access: You may request confirmation of whether we process your personal data and, if so, access to that data.
– Right to Rectification: You have the right to request correction of inaccurate or incomplete personal data.
– Right to Erasure (Right to be Forgotten): Under certain conditions, you may request that your personal data be deleted or removed from our systems.
– Right to Restriction of Processing: You have the right to request restricted processing of your data under specific legal grounds.
– Right to Data Portability: When feasible, you may request to receive your personal data in a structured, commonly used, machine-readable format or request its transfer to another controller.
To exercise any of your rights, please contact [email protected]. We will endeavor to respond to all valid requests within a reasonable timeframe.
6. Security Measures
The security of your data is vital to us. We implement a comprehensive set of technical and organizational security measures, including:
– SSL/TLS encryption to protect data during transmission
– Role-based access controls for internal data access
– Regular data backups and secure storage policies
– Ongoing employee training on data protection practices
– Real-time monitoring and security patching of our systems
7. International Data Transfers
Where your personal data is transferred outside the European Economic Area (EEA) or other jurisdictions with data adequacy standards, we ensure appropriate safeguards are in place, including the use of Standard Contractual Clauses approved by the European Commission and adherence to region-specific regulatory compliance requirements.
8. Data Retention
We retain your personal data only for as long as necessary for the purposes set out in this policy, unless a longer retention period is required or permitted by law. Specific retention timelines include:
– Usage Data: 14 months from the date of collection
– Account Data: Retained until account deletion
– Profile and Preference Data: Retained until consent is withdrawn or the account is deleted
– Communication Records: Up to 3 years for support reference
– Transaction Data: Retained for a minimum of 7 years for financial recordkeeping
– Technical Data: Retained on rolling basis for analytics, up to 1 year
Upon expiration of the retention period, data will be securely deleted or anonymized.
9. Cookie Policy
We use cookies and similar technologies on hearthstonedreams.com to enhance your browsing experience, analyze usage patterns, and deliver personalized content. Our cookies fall into the following categories:
– Essential Cookies: Required for basic website functionality and secure login operations.
– Functional Cookies: Enable additional features such as remembering your preferences and region.
– Analytics Cookies: Help us understand how visitors interact with our site. These may include Google Analytics or similar tools.
– Performance Cookies: Improve website speed and user responsiveness.
10. Cookie Management and Compliance
In compliance with GDPR and CCPA requirements, you can manage your cookie preferences through the cookie consent banner available on our site. Users can opt in or out of non-essential cookies at any time. You may also configure your browser settings to refuse or delete cookies, although this may affect site functionality.
11. Children’s Privacy
Our website and services are not directed toward, nor do we knowingly collect personal data from, individuals under the age of 13. If we become aware that we have collected information from a child without verified parental consent, we will take steps to delete such information promptly. Parents or legal guardians with concerns may contact us at [email protected].
12. Policy Updates
We reserve the right to update or amend this Privacy Policy as necessary to reflect changes in legal obligations or our data processing practices. When changes are made, we will notify users via appropriate channels, which may include posting a revised policy on the website hearthstonedreams.com. Users are encouraged to periodically review this page for the latest information on our privacy practices.
13. Contact Us
If you have any questions, concerns, or requests relating to this Privacy Policy or your personal data, you may contact us at:
Email: [email protected]
We are committed to upholding the highest standards of privacy protection and full compliance with all applicable data protection regulations worldwide. Please do not hesitate to reach out to us with any privacy-related inquiries.