Privacy Policy


PRIVACY POLICY


This privacy policy regulates our use of the data you provide us. It is meant to facilitate your understanding of our commitment to comply with your data rights and explain accordingly our use thereof. We intend this policy to be in line with prevailing law, mainly the General Data Protection Regulation of the European Union (“GDPR”).



LEGAL BASIS

Processing of your data is based on the following legal bases, depending on the purpose involved.

For the purposes of our newsletter and mailing list:
Your data is being gathered and processed based on your consent as given to our company. (Article 6(1)(a) of the GDPR)

For the purpose of repairing or altering a product you have purchased from our company:
Your data is being gathered to provide our services according to contract and, or law and your consent. (Article 6(1)(a) and Article 6(1)(b) of the GDPR)

For the purpose of using our website and registering your own account on our website (www.heritageatheart.com):
Your data is being gathered and processed based on your consent as given to our company. (Article 6(1)(a) of the GDPR)

For the purpose of ordering products you have requested, whether through an offer or due it being unavailable:

Your data is being gathered to provide our services of sale according to contract and, or law and your consent. (Article 6(1)(a) and Article 6(1)(b) of the GDPR)


WHO WILL RECEIVE YOUR DATA AND WHAT FOR?

Your data, as provided by yourself, will be received and accessed by our company’s officers and employees involved in one of the purposes referred above. Said persons are bound by confidentiality obligations to our company.

With regards to our website, newsletter and mailing list, third party service providers involved in our information technology setup may also receive your details exclusively for the purposes of allowing the same setup to function accordingly and allowing us to fulfil the purposes above. The setup involves our website, mailing list application and data storage systems. Such third party service providers are bound by confidentiality obligations towards our company and they process your data exclusively for the purposes of this policy. These third party services may involve data transfers to non-European Union countries which have ensured compliance with the General Data Protection Regulation (“GDPR”) of the European Union.

The data you provided will be retained for as long as you wish to allow us for the purposes referred above. We will contact all third parties to effect the deletion of your data in any given instance when it is no longer needed or you require it.

The above is without prejudice to our obligations at law to provide data as requested, for example to law enforcement or judicial authorities.


USE OF COOKIES

A cookie is a small file, which asks permission to be placed on your computer's hard drive. Once you agree, the file is added and the cookie helps analyze web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.

We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.

Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us. You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.


YOUR RIGHTS

When your data is processed based on your consent, you may inform us that you wish to withdraw your consent at any time at which point we will not process your data any longer. Without withdrawing your consent, you may also request us to stop processing the data you provided in accordance with the GDPR.

You may gain access to the data you provided us by contacting us. We shall provide you with a copy of the data you provided us through the same email address you have provided us with. You may also contact us in the same manner to inform us that you wish to correct the data you provided or that you wish us to delete it. You may also receive your data as held by us and provide it to third parties at your own will. We will endeavour to provide your data on a common and easily accessible medium, such as an email listing the data you provided or written on paper in the English language.

We will inform you of any substantial changes to this privacy policy before they are given effect, and for purposes requiring your consent we shall enquire with you to provide us your consent anew.

We endeavour to ensure the greatest respect for your rights and as such we would like to assure you our operations are subject and compliant with the GDPR and this declaration is without prejudice to your rights under the GDPR. For enquiries, please do not hesitate to contact us.

You also have the right to lodge a complaint with the Information and Data Protection Commissioner of Malta in relation to the processing of your data by our company or with another relevant authority according to article 77 of the GDPR.

Should you have ordered a product or requested a service in relation to a purchased product, this policy is without prejudice to your rights and obligations as regards the same and we reserve our rights accordingly, inclusive of our rights as regards legal claims under the GDPR.

By using our website, you (the visitor) agree to allow third parties to process your IP address, in order to determine your location for the purpose of currency conversion. You also agree to have that currency stored in a session cookie in your browser (a temporary cookie which gets automatically removed when you close your browser). We do this in order for the selected currency to remain selected and consistent when browsing our website so that the prices can convert to your (the visitor) local currency.