Privacy Policy

 

PRIVACY POLICY

Effective Date: 10 June 2026

PT. OOH Bali Productions ("we", "our", "us", or "the Company") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you visit or make a purchase from www.originofhearts.com ("the Website").

This Privacy Policy is designed to comply with applicable privacy and data protection laws, including the European Union General Data Protection Regulation (GDPR), where applicable.

  1. COMPANY INFORMATION

The Website is operated by:

PT. OOH Bali Productions
Sanggingan, Ubud, Bali 80571
Indonesia

Email: retail@originofhearts.com

  1. PERSONAL INFORMATION WE COLLECT

We may collect the following categories of personal information:

Contact Information

• Name
• Email address
• Billing address
• Shipping address
• Telephone number

Order Information

• Products purchased
• Order history
• Transaction details

Payment Information

• Payment details required to complete transactions

Please note that payment information is processed securely by third-party payment providers and is not stored on our servers.

Account Information

• Login credentials
• Saved preferences

Technical Information

• IP address
• Device information
• Browser type
• Operating system
• Website usage data
• Cookie identifiers

  1. HOW WE COLLECT INFORMATION

We collect information when you:

• Place an order
• Create an account
• Subscribe to our newsletter
• Contact customer support
• Participate in promotions or surveys
• Browse the Website
• Accept cookies through our cookie banner

  1. HOW WE USE YOUR INFORMATION

We use personal information to:

• Process and fulfill orders
• Deliver products and services
• Manage customer accounts
• Respond to inquiries and provide support
• Send transactional communications
• Improve the Website and customer experience
• Prevent fraud and enhance security
• Comply with legal obligations
• Send marketing communications where permitted by law or where consent has been provided

  1. LEGAL BASIS FOR PROCESSING

Where GDPR applies, we process personal data based on one or more of the following legal grounds:

Contract Performance

To fulfill orders and provide requested services.

Legal Obligations

To comply with tax, accounting, consumer protection, and other legal requirements.

Legitimate Interests

To improve our services, prevent fraud, secure the Website, and manage our business operations.

Consent

Where required, such as for email marketing or non-essential cookies.

  1. COOKIES AND TRACKING TECHNOLOGIES

The Website uses cookies and similar technologies to:

• Ensure proper website functionality
• Remember user preferences
• Analyze website performance
• Measure marketing effectiveness

Non-essential cookies are only used after you have provided consent through our cookie banner.

You may modify your cookie preferences at any time through your browser settings or our cookie management tools.

Disabling certain cookies may affect Website functionality.

  1. SHARING OF PERSONAL INFORMATION

We do not sell your personal information.

We may share information with trusted third-party service providers including:

• Payment processors
• Shipping and logistics companies
• Website hosting providers
• Email marketing platforms
• Analytics providers
• Professional advisers
• Government authorities where legally required

These providers are permitted to process personal information only as necessary to perform services on our behalf.

  1. INTERNATIONAL DATA TRANSFERS

As an international business operating from Indonesia and serving customers worldwide, personal information may be transferred to and processed in countries outside your country of residence.

Where required by law, we implement appropriate safeguards to protect personal information, including contractual protections and security measures designed to provide an adequate level of protection.

  1. DATA RETENTION

We retain personal information only for as long as necessary to:

• Fulfill the purposes described in this Policy
• Comply with legal obligations
• Resolve disputes
• Enforce agreements

Retention periods may vary depending on the nature of the information and applicable legal requirements.

  1. YOUR PRIVACY RIGHTS

Depending on your location and applicable law, you may have the right to:

• Access your personal information
• Correct inaccurate information
• Delete personal information
• Restrict processing
• Object to processing
• Withdraw consent
• Receive a copy of your data
• Request data portability

To exercise any of these rights, contact:

retail@originofhearts.com

We may request identity verification before processing certain requests.

  1. MARKETING COMMUNICATIONS

If you subscribe to our newsletter or marketing communications, you may unsubscribe at any time by:

• Clicking the unsubscribe link included in our emails
• Contacting us at retail@originofhearts.com

Transactional emails related to purchases, returns, shipping updates, or account management may still be sent where necessary.

  1. DATA SECURITY

We implement reasonable technical and organizational security measures to protect personal information, including:

• SSL encryption
• Secure payment processing
• Restricted access controls
• Monitoring and security measures designed to protect against unauthorized access, disclosure, alteration, or destruction of data

However, no internet transmission or storage system can be guaranteed to be completely secure.

  1. CHILDREN'S PRIVACY

The Website is not directed to children.

We do not knowingly collect personal information from children under the age of 16 where parental consent is required by applicable law.

If you believe a child has provided personal information to us, please contact us so that we can take appropriate action.

  1. THIRD-PARTY WEBSITES

The Website may contain links to third-party websites.

We are not responsible for the privacy practices, content, or policies of external websites. Users should review the privacy policies of any third-party websites they visit.

  1. DATA BREACHES

In the event of a personal data breach, we will take appropriate measures as required by applicable law, including notification to regulatory authorities and affected individuals where legally required.

  1. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy periodically.

Updated versions will be posted on this page with a revised effective date. Continued use of the Website after changes are published constitutes acceptance of the updated Privacy Policy.

  1. CONTACT US

If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact:

PT. OOH Bali Productions
Sanggingan, Ubud, Bali 80571
Indonesia

Email: retail@originofhearts.com