Privacy Policy
1. Introduction
At Hearthstone Bliss (accessible via hearthstonebliss.com), we are steadfast in our commitment to protecting your privacy and safeguarding your personal data. We recognize the importance of privacy and transparency and approach all data collection and processing activities with a privacy-first philosophy. This Privacy Policy outlines how we collect, use, store, and protect your personal information. By accessing or using our website, you acknowledge and agree to the terms described herein.
2. Scope of this Policy and Data Controller Role
This Privacy Policy applies to all users of hearthstonebliss.com, including visitors and registered users. Hearthstone Bliss serves as the Data Controller for the personal data described within this policy, in accordance with applicable data protection laws, including the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”), as amended by the California Privacy Rights Act (“CPRA”).
3. Categories of Data Processed
We may collect and process the following categories of personal data, depending on your interactions with our website:
a. Usage Data: Includes data on how you engage with our site, such as your IP address, browser type and version, pages visited, time spent on pages, referral paths, session identifiers, and access times.
b. Account Data: Information you provide upon creating an account, such as your full name, billing and shipping addresses, email address, and phone number.
c. Profile Data: Preferences, purchase history, behavioral data, wishlist items, and communication preferences tailored to your experience on hearthstonebliss.com.
d. Communication Data: Any correspondence between you and our support team, including support ticket submissions, email exchanges, and chat transcripts.
e. Technical Data: Information related to the device(s) you use, such as device type, operating system, system language, time zone settings, browser plug-ins, and other system configurations.
f. Transaction Data: Payment details, transaction history, shipping information, order verification data, and payment provider details (note that we do not store complete financial account data such as full credit card numbers).
g. Preference Data: Marketing and communication preferences, consent records, frequency of interaction with marketing content, and product categories of interest.
4. Legal Bases for Processing
We process your personal data pursuant to the following legal bases under GDPR and related regulations:
– Performance of a contract: To fulfill agreements with you, including account creation, order processing, and customer service.
– Consent: When you have explicitly consented to our processing activities, such as subscribing to newsletters or accepting cookies (which you may withdraw at any time).
– Legal obligation: To comply with applicable legislation such as tax or consumer protection laws.
– Legitimate interests: For purposes such as improving website functionality, protecting against fraud, and conducting customer satisfaction surveys, provided such interests are not overridden by your privacy rights.
5. Your Rights Under Data Protection Laws
In accordance with GDPR and CCPA, you are entitled to the following rights concerning your personal information:
– Right of Access: Request details on the personal data we hold about you.
– Right to Rectification: Correct any inaccurate or incomplete information.
– Right to Erasure (“Right to be Forgotten”): Request deletion of your personal data under certain circumstances.
– Right to Restriction: Ask us to limit the processing of your personal data.
– Right to Data Portability: Receive your data in a structured, commonly used, machine-readable format and transmit it to another controller.
– Right to Object: Object to processing based on our legitimate interests, including direct marketing.
– Right to Non-Discrimination: Exercise your rights without being subject to discriminatory treatment under CCPA.
To exercise your rights, please contact us at [email protected]. We reserve the right to verify your identity before complying with such requests.
6. Security Measures
We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, disclosure, alteration, or destruction. These include:
– Data encryption at transit and rest
– Role-based access control and administrative safeguards
– Secure server environments and firewall protections
– Regular data backups and audit trails
– Staff training on data protection responsibilities
Despite our utmost efforts, no online transmission or storage system is completely secure. Therefore, we encourage users to take reasonable precautions when sharing personal information.
7. International Data Transfers
If your personal data is transferred outside the European Economic Area (EEA) or other jurisdictions with data protection requirements, we will ensure such transfers comply with applicable legal frameworks by implementing Standard Contractual Clauses or other approved mechanisms.
8. Data Retention
We retain personal data only as long as necessary for the purposes outlined in this Policy, or as required to comply with legal, regulatory, or contractual obligations. Retention periods for major data categories are as follows:
– Usage Data: 14 months
– Technical Data: 14 months
– Communication Data: 3 years
– Account Data: For the duration of account active status plus 3 years
– Transaction Data: 7 years for accounting and tax compliance
– Preference and Profile Data: 2 years from the last interaction
Once retention periods have elapsed, data is securely deleted or anonymized.
9. Cookie Policy
We use cookies and similar tracking technologies on hearthstonebliss.com to enhance user experience and analyze site traffic. Cookies fall into the following categories:
– Essential Cookies: Necessary for site functionality and security, such as login sessions and shopping cart persistence.
– Functional Cookies: Enable enhanced personalization features, such as saved preferences.
– Analytics Cookies: Help us understand user behavior and improve site usability, typically using aggregated, anonymized data.
– Performance Cookies: Used to track the effectiveness of advertising campaigns and website performance.
10. Cookie Management and Regulatory Compliance
Upon your first visit to our website, you will be prompted with a cookie banner requesting your consent for the use of non-essential cookies. You may accept or reject these cookies and can modify your preferences at any time through our Cookie Settings interface.
We honor all “Do Not Track” signals and provide mechanisms for data access and deletion in compliance with CCPA. Users from California may submit opt-out requests via [email protected].
11. Special Protections for Children Under 13
We do not knowingly collect or solicit personal information from children under the age of 13. If we learn that we have inadvertently obtained such information without verifiable parental consent, we will take prompt steps to delete it. Parents or guardians who believe we may have collected data from a child may contact us at [email protected].
12. Policy Updates and Notifications
We may amend this Privacy Policy to reflect changes in laws, technology, or business practices. All modifications will be posted on hearthstonebliss.com under the Privacy Policy section. Where required by law, we will notify you of material changes through direct communication or website banners.
13. Contact Information
For inquiries, requests, or concerns regarding this Privacy Policy or the handling of your personal data, please contact us via:
Email: [email protected]
Website: www.hearthstonebliss.com
We are committed to protecting your privacy rights and will respond to inquiries diligently and in accordance with applicable privacy regulations.
Compliance Statement
Hearthstone Bliss complies with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and applicable global privacy legislation. Should you have any questions or wish to exercise your rights, please contact us at [email protected].