Privacy Policy

Effective Date: May 13, 2025
Business Name: Heart Alfajor
Website: https://heartalfajores.com
Email: [email protected]
Business Address: 7070, escondo mi casa hasta conseguir, PO Box 12345

1. Introduction

At Heart Alfajor, your privacy is a priority. This Privacy Policy explains how we collect, use, store, and protect your personal data when you visit our website or purchase our products. This policy complies with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. What Data We Collect

We collect the following types of personal data when you interact with our website:

  • Contact Information: Name, email address, shipping and billing addresses, phone number.
  • Payment Information: Billing details (processed securely via third-party payment gateways; we do not store card numbers).
  • Order Details: Products purchased, preferences, order history.
  • Website Usage Data: IP address, browser type, device information, referral source, time spent on pages, cookies, and similar tracking technologies.
  • Marketing Preferences: Subscription status for newsletters or promotional emails.

3. How We Use Your Data

We use your data to:

  • Process and fulfill your orders
  • Communicate with you about your purchase
  • Send promotional offers (only with your consent)
  • Improve our website functionality and user experience
  • Comply with legal obligations

4. Legal Basis for Processing

Under the GDPR, we rely on the following lawful bases:

  • Contract – To fulfill your order or respond to inquiries
  • Consent – For email marketing or optional cookies
  • Legal Obligation – To comply with laws and regulations
  • Legitimate Interest – To enhance user experience and prevent fraud

5. How We Store Your Data

Your data is securely stored using encrypted servers and secure third-party service providers (e.g., payment processors, email platforms). We retain your data only for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required or permitted by law.

6. Sharing Your Data

We do not sell or rent your personal data. We only share your data with:

  • Service Providers: Payment processors, shipping carriers, email marketing services
  • Legal Authorities: When required to comply with applicable laws
  • Analytics Providers: Such as Google Analytics (only with anonymized or consented data)

All third parties are contractually obligated to protect your information and comply with GDPR.

7. Cookies and Tracking

Our website uses cookies to:

  • Analyze website traffic
  • Enable shopping cart and checkout functions
  • Remember your preferences

You can control or delete cookies through your browser settings. For more detail, please refer to our Cookie Policy (insert URL if available).

8. Your Rights Under GDPR

If you are a resident of the EU or UK, you have the following rights:

  • Access – Request a copy of your personal data
  • Rectification – Request correction of inaccurate or incomplete data
  • Erasure – Request deletion of your data (“right to be forgotten”)
  • Restriction – Request restriction of processing
  • Data Portability – Request transfer of your data to another service
  • Objection – Object to processing for direct marketing
  • Withdraw Consent – Withdraw consent at any time (without affecting the lawfulness of prior processing)

To exercise your rights, contact us at [email protected].

9. Data Protection and Security

We take appropriate technical and organizational measures to protect your personal data from:

  • Unauthorized access
  • Accidental loss or destruction
  • Disclosure or alteration

Our website uses SSL encryption, and all partners are vetted for GDPR compliance.

10. International Data Transfers

If you access our website from outside the United States, please note that your data may be transferred, stored, or processed in countries outside of your jurisdiction. Where applicable, we ensure that such transfers are protected by appropriate safeguards.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated “Effective Date.”

12. Contact Us

If you have questions or concerns about this policy or your personal data, contact us at:

Email: [email protected]
Mailing Address: Heart Alfajor, 7070, escondo mi casa hasta conseguir, PO Box 12345