Privacy Policy
Last Updated: 03 July 2023
Introduction
Welcome to Heirloom Hemp Co.’s Privacy Policy. Heirloom Hemp Co. (“we,” “us,” or “our”) is committed to protecting the privacy and security of your personal information. This Privacy Policy explains how we collect, use, and disclose your personal data when you visit our website, https://heirloomhempco.com (“the Website”), and when you interact with our products and services. This policy also outlines your rights regarding your personal data under the General Data Protection Regulation (GDPR).
Data Controller
Heirloom Hemp Co. is the data controller for the purposes of this Privacy Policy. You can contact us at:
Information We Collect
We collect and process various types of personal data when you use our Website, including but not limited to
- Personal identification information (e.g., name, email address, phone number).
- Account registration and login information.
- Payment information (e.g., credit card details).
- Shipping and billing addresses.
- Website usage data (e.g., IP address, browser type, referring pages).
- Communication preferences.
- Product preferences and order history.
- Feedback and customer support communications.
How We Use Your Information
We use your personal data for the following purposes
- To process and fulfill your orders.
- To provide customer support and respond to your inquiries.
- To personalize and improve your experience on our Website.
- To send you marketing communications (with your consent).
- To comply with legal obligations.
- To prevent fraud and enhance security.
- To conduct analytics and research.
Legal Basis for Processing
We process your personal data under one or more of the following legal bases
- Contractual necessity.
- Legitimate interests.
- Consent (where applicable).
- Legal compliance.
Data Sharing
We may share your personal data with
- Third-party service providers (e.g., payment processors, shipping companies).
- Marketing partners (with your consent).
- Legal authorities and regulators (when required by law).
International Data Transfers
Your personal data may be transferred to and processed in countries outside of the European Economic Area (EEA). We will ensure appropriate safeguards are in place to protect your data during such transfers.
Data Security
We implement technical and organizational measures to protect your personal data from unauthorized access, disclosure, alteration, or destruction.
Your Rights
You have certain rights under the GDPR, including
- The right to access and correct your personal data.
- The right to erasure (“right to be forgotten”).
- The right to restrict processing.
- The right to data portability.
- The right to object to processing.
- The right not to be subject to automated decision-making.
You can exercise these rights by contacting us at the provided contact information.
Cookies
We use cookies and similar technologies on our Website. You can manage your cookie preferences through your browser settings.
Changes to this Privacy Policy
We may update this Privacy Policy to reflect changes in our data practices. We will notify you of any significant changes.
Contact Us
If you have questions or concerns about this Privacy Policy or our data practices, please contact us using the provided [email protected].