Privacy Policy for HearthSaga

At HearthSaga, accessible via hearthsaga.com, we are committed to protecting your personal data and respecting your privacy. This Privacy Policy outlines how we collect, use, store, and share your personal information when you visit our website or interact with our services. We recognize the importance of your privacy rights and are dedicated to complying with global privacy regulations, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

1. Introduction

Your privacy is of paramount importance to us. This Privacy Policy explains how we process your personal data, your rights in relation to that data, and the safeguards we have put in place to protect it. HearthSaga values transparency, confidentiality, and the ethical handling of all personal data.

2. Scope of Policy and Data Controller Role

This Privacy Policy applies to all users of the hearthsaga.com website and any services offered through the site. HearthSaga is the “data controller” as defined under applicable data protection laws, determining the purposes and means for processing your personal information.

If you have questions regarding how your data is handled, please contact us at [email protected].

3. Categories of Data Processed

We may collect the following categories of personal data, based on your interaction with hearthsaga.com and our services:

– Usage Data: Information automatically collected when you use our website, including your IP address, browser type, session duration, geographic location, pages visited, and referral source.

– Account Data: Information you provide during account creation, such as your full name, physical address, email address, and telephone number.

– Profile Data: Data collected through user activity, such as your game preferences, purchase history, behavior on the site, reviews, and community contributions.

– Communication Data: Records of correspondence between you and HearthSaga, including emails, support inquiries, chat logs, and feedback.

– Technical Data: Information on the devices and systems you use to access our site, such as device type, operating system, browser version, and screen resolution.

– Transaction Data: Details related to purchases made through our site, including billing addresses, delivery information, transaction identifiers, and partial payment details (full payment data is handled securely by third-party processors).

– Preference Data: Information regarding your communication and marketing preferences, subscription consents, and expressed interests in specific products or features.

4. Legal Bases for Processing

We process personal data under the following legal bases as described by applicable privacy laws:

– Performance of Contract: When processing is necessary for providing products or services you have requested, or to fulfill a contractual obligation.

– Legitimate Interest: When processing serves our business interests, such as preventing fraud, improving service functionality, or conducting analytics, balanced appropriately against your data protection rights.

– Consent: When you have explicitly granted us permission to process your data—for scenarios such as marketing communications or optional data sharing.

– Legal Obligation: When processing is necessary to comply with applicable laws and regulations.

5. Your Rights

As a data subject under the GDPR and a consumer under CCPA, you have the following rights with respect to your personal data:

– Right to Access: You may request to view the personal data we hold about you.
– Right to Rectification: You have the right to request corrections to inaccurate or incomplete information.
– Right to Erasure: In certain circumstances, you may request that we delete your personal data.
– Right to Restrict Processing: You can request that we limit how we process your personal data.
– Right to Data Portability: You may obtain a copy of your data in a structured, commonly used format.
– Right to Object: You may object to certain types of data processing, including marketing uses.
– Right to Opt-Out (under CCPA): California residents may opt out of the sale or sharing of personal data.

To exercise your rights, please contact us at [email protected]. We may request verification of your identity to process certain requests.

6. Security Measures

We take the protection of your personal information seriously. HearthSaga employs appropriate technical and organizational measures, including:

– Data Encryption: All data transactions are protected by SSL/TLS encryption.
– Access Controls: Limited, role-based access to personal data, enforced through secure authentication mechanisms.
– Regular Backups: Secure and encrypted data backups for continuity and recovery.
– Employee Training: Ongoing privacy and security training for employees with data access.

While no system is completely immune to security threats, our practices are designed to minimize risk and maintain high standards of data protection.

7. International Transfers

Your personal data may be transferred and processed outside your country of residence, including jurisdictions where data protection laws may differ. In such cases, we implement safeguards to protect your data, including the use of European Commission–approved Standard Contractual Clauses and compliance with relevant regional regulatory frameworks.

8. Data Retention

We retain personal data only as long as necessary for the purposes it was collected, including to fulfill contractual obligations, comply with legal requirements, resolve disputes, and enforce our agreements. Standard retention periods include:

– Account Data: Retained for the duration of account activity and up to 24 months after inactivity.
– Communication Data: Retained for up to 3 years for support reference and quality assurance.
– Transaction Data: Retained for up to 7 years to comply with tax and financial regulations.
– Usage Data and Analytical Logs: Anonymized and stored for up to 12 months for statistical insights.
– Marketing Preferences: Retained until you withdraw consent or unsubscribe.

9. Cookie Policy

HearthSaga uses cookies and similar technologies to enhance your browsing experience.

Types of cookies we deploy include:

– Essential Cookies: Required for basic website functionality.
– Functional Cookies: Help personalize your experience and retain user preferences.
– Analytics Cookies: Collect aggregated data on website usage for performance insights.
– Performance Cookies: Monitor site responsiveness and help identify improvements.

Cookies do not store personally identifiable information unless explicitly provided by you, for example, through account login.

10. Cookie Management and Compliance

Users may manage their cookie preferences through browser settings or the cookie consent tool presented on first visit. You may reject non-essential cookies or revoke consent at any time. HearthSaga ensures full compliance with GDPR cookie consent practices and provides options in accordance with the CCPA “Do Not Sell My Personal Information” provisions.

For guidance on managing cookies, consult your browser’s help section or our Cookie Settings page available via hearthsaga.com.

11. Special Protections for Children

HearthSaga does not knowingly collect personal information from children under the age of 13. If we discover that we have unintentionally collected data from a child under 13, we will promptly delete such data from our systems. If you are a parent or guardian and believe your child has provided us data, please contact us at [email protected] to request deletion.

12. Policy Updates

We reserve the right to revise this Privacy Policy as legal, technical, and business landscapes evolve. Any significant changes will be communicated clearly through our website or direct user notifications when appropriate. Continued use of hearthsaga.com after changes are posted constitutes acceptance of the revised policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please reach out:

Email: [email protected]
Website: https://hearthsaga.com

We are committed to responsibly protecting your privacy and complying with all applicable data protection laws, including GDPR and CCPA. Please contact us with any concerns or inquiries regarding how your data is managed.