Privacy Policy

At Heart On Fire LLC, we respect your privacy and are committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, store, and safeguard information when you visit, browse, create an account, place an order, contact us, or otherwise interact with our website.

This website is a self-hosted store built on WordPress and powered by WooCommerce. Our store uses secure third-party service providers to support checkout, payment processing, order fulfillment, fraud prevention, website operation, customer service, analytics, and other business functions.

1. Scope of This Privacy Policy

This Privacy Policy applies to personal information collected through our website, checkout pages, customer accounts, order processing, shipping, returns, refunds, customer service communications, email subscriptions, contact forms, and other interactions with Heart On Fire LLC. It does not apply to third-party websites, payment platforms, shipping carriers, or external services that operate under their own privacy policies.

2. Who We Are

For the purposes of this Privacy Policy, Heart On Fire LLC is the operator of this website. If you have any privacy-related questions, requests, or concerns, you may contact us using the contact details listed at the end of this policy.

3. Information We Collect Directly

We may collect personal information that you provide directly to us, including your name, email address, phone number, billing address, shipping address, account login details, order information, return or refund details, and any information you submit when contacting customer support or completing forms on our website.

4. Order and Account Information

When you place an order or create an account, we may collect information necessary to process and manage your purchase, including purchased products, order history, delivery information, customer notes, account preferences, and communications relating to your order, delivery, return, refund, or customer service request.

5. Payment Processing Through Stripe and PayPal

Payments on our website are processed securely by independent third-party payment service providers, including Stripe and PayPal. These payment providers process your payment information directly through their secure systems.

We do not store, collect, receive, or have direct access to your full card number, CVV/CVC code, full bank account details, PayPal login credentials, or complete payment authentication information. We only receive limited transaction-related information necessary to confirm and manage your order, such as payment status, transaction ID, payment method type, amount paid, currency, billing country, risk or fraud review result where applicable, and refund status.

6. Payment Security Statement

We take payment security seriously. Checkout and payment-related communications are protected through encrypted connections, and payment information is transmitted to our payment processors using secure payment integrations.

7. Information Collected Automatically

When you browse our website, we may automatically collect certain technical and usage information, such as your IP address, browser type, device type, operating system, referring URLs, pages viewed, time spent on pages, clicks, shopping activity, cookies, log files, approximate location inferred from your IP address, and other diagnostic information.

8. Cookies and Similar Technologies

We may use cookies and similar technologies to operate our website, remember your preferences, maintain your shopping cart, support checkout functionality, improve site performance, measure traffic, prevent fraud, and support analytics or marketing activities.

Where required by applicable law, including European privacy laws, we will request your consent before using non-essential cookies, such as analytics, advertising, or marketing cookies. Essential cookies that are necessary for website operation, cart functionality, checkout, payment security, fraud prevention, or account access may be used without consent where permitted by law.

9. How We Use Your Information

We use personal information to operate our website, process orders, provide customer service, arrange shipping and delivery, send order confirmations and updates, process returns and refunds, respond to inquiries, improve user experience, maintain website security, prevent fraud, verify transactions, comply with legal obligations, and protect our rights and the rights of our customers.

10. Use of Information for Shipping and Delivery

We use your shipping and contact information to fulfill and deliver orders. This information may be shared with shipping carriers, logistics partners, fulfillment providers, and related service providers strictly for order processing, shipping, delivery, tracking, customs documentation where applicable, and customer support purposes.

11. Data Sharing and Third-Party Service Providers

We may share personal information with trusted third-party service providers who support our business operations, including payment processors such as Stripe and PayPal, hosting providers, WooCommerce-related service providers, shipping carriers, logistics providers, fraud-prevention tools, analytics services, email service providers, customer support platforms, and professional advisors.

These service providers are only permitted to use personal information as necessary to provide services to us, process transactions, fulfill orders, comply with legal obligations, protect against fraud, or support the security and functionality of our website.

12. Fraud Prevention and Risk Review

We may use certain information to detect, prevent, and respond to fraud, unauthorized transactions, chargebacks, abuse, security incidents, or other illegal activities.

13. Data Security Measures

We use reasonable administrative, technical, and organizational safeguards designed to protect personal information against unauthorized access, loss, misuse, alteration, disclosure, or destruction. These safeguards may include SSL/TLS encryption for data transmission, secure checkout connections, password-protected administrative access, access controls, limited staff permissions, security monitoring, regular software and plugin updates, malware scanning where available, firewall or hosting-level protections, secure backups, and internal procedures for handling customer data.

14. Data Retention

We retain personal information only for as long as reasonably necessary to fulfill the purposes described in this Privacy Policy, including order processing, customer service, refunds, accounting, fraud prevention, dispute resolution, legal compliance, and recordkeeping. When personal information is no longer needed, we will delete, anonymize, or securely restrict it where appropriate.

15. International Data Transfers

Because we use third-party service providers such as payment processors, hosting providers, analytics tools, email services, and logistics providers, your personal information may be processed or transferred outside your country or region. Where required by applicable law, we take reasonable steps to ensure appropriate safeguards are in place for such transfers.

16. European Privacy Rights Under the GDPR

If you are located in the European Union, the European Economic Area, the United Kingdom, or another region with similar data protection laws, you may have certain rights regarding your personal information under the General Data Protection Regulation (GDPR) or other applicable privacy laws.

Where the GDPR applies, we process your personal information based on one or more lawful bases, including:

  • Performance of a contract: to process your order, arrange shipping, manage payments, provide customer support, and handle returns or refunds.
  • Legal obligation: to comply with tax, accounting, consumer protection, fraud prevention, and other legal requirements.
  • Legitimate interests: to operate, maintain, secure, and improve our website, prevent fraud, protect our business, and provide customer service.
  • Consent: where required for marketing communications, non-essential cookies, analytics, or similar technologies.

Subject to applicable legal requirements and exceptions, your GDPR rights may include:

  • Right to be informed: the right to receive clear information about how we collect and use your personal information.
  • Right of access: the right to request a copy of the personal information we hold about you.
  • Right to rectification: the right to request correction of inaccurate or incomplete personal information.
  • Right to erasure: the right to request deletion of your personal information in certain circumstances.
  • Right to restriction of processing: the right to request that we limit how we process your personal information in certain cases.
  • Right to data portability: the right to request certain personal information in a structured, commonly used, machine-readable format.
  • Right to object: the right to object to certain processing activities, including processing based on legitimate interests or direct marketing.
  • Right to withdraw consent: where processing is based on your consent, you may withdraw that consent at any time.

To exercise your rights, please contact us using the contact details listed in the “Contact Information” section below. We may need to verify your identity before responding to your request.

17. Cookies and GDPR Consent

Where required by applicable European privacy laws, we will request your consent before placing non-essential cookies or similar technologies on your device, such as analytics, advertising, or marketing cookies.

Essential cookies that are necessary for website operation, cart functionality, checkout, payment security, fraud prevention, or account access may be used without consent where permitted by law. You may manage or withdraw cookie consent through the cookie settings tool on our website, where available, or through your browser settings.

18. International Data Transfers for European Users

Because we use third-party service providers, including payment processors, hosting providers, analytics tools, email services, logistics partners, and other business support providers, your personal information may be transferred to or processed in countries outside your country of residence, including outside the European Union or European Economic Area.

Where required by applicable European data protection laws, we take reasonable steps to ensure that appropriate safeguards are used for international data transfers. These safeguards may include data processing agreements, contractual protections, Standard Contractual Clauses approved by the European Commission, or other legally recognized transfer mechanisms.

19. Right to Lodge a Complaint

If you are located in the European Union, European Economic Area, or United Kingdom, you may have the right to lodge a complaint with your local data protection authority if you believe that our processing of your personal information violates applicable data protection laws.

We encourage you to contact us first so that we can try to resolve your concern directly.

20. Marketing Communications

If you subscribe to marketing emails, we may use your email address to send promotional updates, product information, or store news. You may unsubscribe from marketing emails at any time by using the unsubscribe link in our emails or by contacting us directly. Transactional emails relating to orders, shipping, payments, returns, or customer service may still be sent when necessary.

21. Minors

Our website is not intended for children or minors under the age required by applicable law to provide valid consent. We do not knowingly collect personal information from children. If you believe a child has provided personal information to us, please contact us so that we can take appropriate action.

22. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our business operations, website functionality, payment processing, legal requirements, or security practices. The updated version will be posted on this page with a revised effective date where appropriate.

23. Contact Information

If you have any questions, requests, or concerns about this Privacy Policy or how your personal information is handled, please contact us:

Address: 100 N College St, Booneville, MS 38829, US
Email: service@athmoric.com
Phone: +1 (662) 345-4386