Privacy Policy

 
 

This Privacy Policy is designed to comply with current EU requirements and regulations, including the General Data Protection Regulation (GDPR). It aims to inform you about how your 'Personally Identifiable Information' (PII) is collected, used, and protected on our website, www.originofhearts.com.

1. What Personal Information Do We Collect? We collect the following personal information when you interact with our website:

  • Contact Information: Name, email address, mailing address, and phone number.

  • Payment Information: Credit card information or other payment details (processed securely).

  • Account Information: Login credentials if you register an account.

  • Technical Information: IP address, browser type, and browsing history (collected via cookies and similar technologies).

2. How Do We Collect Information? We collect information in the following ways:

  • When you place an order or register on our site.

  • When you subscribe to our newsletter or respond to surveys or marketing communications.

  • Through cookies and similar tracking technologies when you browse our website.

3. How Do We Use Your Information? We use the information we collect to:

  • Process transactions and provide the products or services you request.

  • Send periodic emails about your order, updates, or promotional offers.

  • Improve our website, services, and user experience.

  • Comply with legal and regulatory requirements.

4. Legal Basis for Processing Information Under GDPR, we process your data based on the following legal grounds:

  • Consent: When you explicitly agree to receive marketing communications.

  • Contractual Obligation: To fulfill our obligations when you place an order.

  • Legal Compliance: To meet legal and regulatory requirements.

  • Legitimate Interest: To improve our services and secure our website.

5. How Do We Protect Your Information? We implement a range of security measures to protect your data:

  • Data is stored behind secured networks and accessed only by authorized personnel.

  • Sensitive information (e.g., credit card data) is encrypted using Secure Socket Layer (SSL) technology.

  • All transactions are processed through a PCI-compliant gateway and are not stored on our servers.

  • Regular malware and vulnerability scans are conducted to maintain site security.

6. Use of Cookies We use cookies to:

  • Enhance your browsing experience.

  • Collect statistical data for site performance analysis.

You can manage your cookie preferences through your browser settings. Disabling cookies may impact some website functionality.

7. Data Retention We retain your personal data only as long as necessary to fulfill the purposes outlined in this policy or as required by law. Payment information is securely processed and not stored on our servers.

8. Third-Party Disclosure We do not sell, trade, or transfer your personal information to third parties except to trusted service providers who assist us in operating our website and conducting business, under strict confidentiality agreements.

9. International Data Transfers If you are located outside the EU, your data may be transferred to and processed in countries with different data protection laws. We ensure adequate protection by using standard contractual clauses approved by the European Commission.

10. Your Rights Under GDPR As an EU citizen, you have the following rights:

  • Access: Request a copy of your personal data.

  • Rectification: Correct inaccurate or incomplete data.

  • Erasure: Request the deletion of your data, subject to legal obligations.

  • Restriction: Limit how we use your data in certain circumstances.

  • Data Portability: Receive your data in a structured, commonly used format.

  • Objection: Opt-out of certain data uses, such as direct marketing.

To exercise your rights, contact us at hello@originofhearts.com.

11. Third-Party Links and Services We do not include third-party products or services on our website, except as required for analytics and advertising (e.g., Google services).

12. Children’s Privacy Our website is not intended for children under 13. We do not knowingly collect data from children without parental consent. If you believe we have collected data from a child, contact us immediately to have it removed.

13. Data Breach Response In the event of a data breach, we will notify affected users within 72 hours as required by GDPR. Notifications will be sent via email and posted on our website.

14. Marketing Communications and Opt-Out You may opt-out of marketing communications at any time by:

  • Clicking the unsubscribe link in our emails.

  • Contacting us at hello@originofhearts.com.

15. Updates to This Privacy Policy We may update this policy to reflect changes in our practices or regulatory requirements. Any updates will be posted on this page, and significant changes will be communicated via email or a prominent notice on our website.

16. Contact Information If you have questions about this policy or your personal data, please contact us:

Origin of Hearts
Email: hello@originofhearts.com