Privacy Policy for QuestHearth.com
1. Introduction
At QuestHearth.com (“we”, “our”, “us”), we are committed to protecting and respecting your privacy. We recognize the importance of safeguarding your personal information and ensuring transparency concerning how we collect, use, store, and share data. This Privacy Policy outlines our practices and your rights in accordance with global data protection regulations, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
2. Scope of This Policy and Data Controller Role
This Privacy Policy applies to all personal data collected through your use of the website QuestHearth.com (the “Site”) and related services. For the purposes of data protection laws, the data controller responsible for your personal data is QuestHearth.com. Questions, requests, or concerns related to data processing or this policy may be directed to [email protected].
3. Categories of Personal Data We Process
We collect and process various categories of personal data. The exact nature of data collected depends on your interaction with our Site and services.
a. Usage Data:
We collect data about your interactions with the Site, including IP address, browser type and version, device identifiers, referral source, pages visited, time spent on pages, and navigation paths.
b. Account Data:
If you create an account, we may collect your name, email address, mailing address, telephone number, and account login credentials.
c. Profile Data:
We process information related to your preferences, product interests, behavior on the Site, purchase history, saved items, and other data linked to your user profile.
d. Communication Data:
If you contact us for support or general inquiries, we may retain your messages, contact details, and our responses for quality assurance and legal compliance.
e. Technical Data:
Includes details about your device, operating system, network, browser settings, system configuration, screen resolution, and language preferences.
f. Transaction Data:
When making purchases, we collect data related to the transaction, including billing and shipping information, selected products, payment confirmation, and order status updates. Payment details are processed through secure third-party processors and are not directly stored by us.
g. Preference Data:
We process information about your choices concerning email subscriptions, promotions, and marketing communications, including product categories and features you express interest in.
4. Legal Bases for Processing
We rely on the following lawful bases for processing your personal data:
– Consent: Where you have given clear consent for us to process your personal data for a specific purpose, such as receiving newsletters.
– Contract: Processing is necessary for the performance of a contract with you, including fulfilling orders, managing your account, and providing services you request.
– Legal Obligation: Where processing is required to comply with legal or regulatory obligations.
– Legitimate Interests: To pursue our legitimate business interests, such as improving website functionality, preventing fraud, securing our systems, or developing our services, provided that such interests are not overridden by your fundamental rights.
5. Your Rights
You have the following legal rights concerning your personal data:
– Right of Access: Request a copy of the personal data we hold about you.
– Right of Rectification: Request correction of inaccurate or incomplete personal data.
– Right of Erasure: Request deletion of your personal data where no longer necessary or where consent has been withdrawn.
– Right to Restrict Processing: Ask us to suspend processing in certain circumstances.
– Right to Data Portability: Obtain your personal data in a structured, commonly used, and machine-readable form for transfer to another controller.
– Right to Object: Object to our processing of your data for direct marketing or based on our legitimate interests.
– Right to Withdraw Consent: Withdraw previously given consent at any time without affecting lawfulness of processing based on prior consent.
– Right to Non-Discrimination: Under the CCPA, exercise your rights without receiving discriminatory treatment.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We implement robust technical and organizational safeguards to ensure the integrity, confidentiality, and availability of your personal data. These include:
– Encryption protocols for data in transit and at rest
– Role-based and access-controlled systems
– Regular security audits and vulnerability assessments
– Secure user authentication and account protection measures
– Staff training on data privacy and security best practices
– Secure data backups and disaster recovery protocols
7. International Data Transfers
Your data may be transferred and stored outside your jurisdiction, including to countries that may not provide the same level of data protection. In such cases, we ensure appropriate safeguards are in place in compliance with applicable laws, including the use of Standard Contractual Clauses approved by the European Commission and supplementary security measures as necessary.
8. Data Retention
We retain your personal data only for as long as necessary for the purposes for which it was collected, including:
– Account Data: As long as your account remains active or as required by legal obligations
– Transaction Data: Retained for up to 7 years for accounting and legal compliance
– Communication Data: Retained for 2 years following last contact
– Usage & Technical Data: Retained for 12-24 months for analytics and performance monitoring
– Marketing Preference Data: Retained until consent is withdrawn or the data becomes outdated
Upon expiration of retention periods, data is securely deleted or anonymized.
9. Cookie Policy
QuestHearth.com uses cookies and similar tracking technologies for various purposes, which include:
– Essential Cookies: Necessary for the Site’s core functionality, such as navigation, login, and security
– Functional Cookies: Enable enhanced features like remembering preferences or saved settings
– Analytics Cookies: Collect statistical data about how users interact with the Site to help improve performance
– Performance Cookies: Monitor page load times and usage patterns to optimize the user experience
10. Cookie Management and Compliance
On first visit to our Site, you are presented with a cookie consent banner allowing you to accept or reject various categories of cookies in compliance with GDPR and CCPA. You can manage cookie settings at any time through your browser settings or via cookie management tools presented on our site.
Additionally, California residents may opt out of the “sale” of personal data (as defined under the CCPA) via our Do Not Sell My Personal Information link, available in the site’s footer.
11. Children’s Privacy
Our services are not directed at children under the age of 13, and we do not knowingly collect data from them. If we learn that we have inadvertently collected data from a child under 13 without appropriate consent, we will promptly delete such information. Parents or guardians who believe their child has submitted personal data may contact us at [email protected].
12. Policy Updates
We may update this Privacy Policy periodically to reflect changes in legal requirements, operational practices, or technological developments. In such cases, we will place a prominent notice on the Site and, where appropriate, notify you directly through your registered contact details.
We encourage you to regularly review this page to stay informed of how we protect your information.
13. Contact Us
If you have questions or concerns regarding this Privacy Policy or our data practices, please contact us at:
Email: [email protected]
Website: https://questhearth.com
We are committed to full compliance with global privacy laws and respond promptly and respectfully to all privacy-related inquiries.