Privacy Policy for The Sonic Hearts

1. Introduction

At The Sonic Hearts, accessible at thesonichearts.com, we are fully committed to safeguarding your personal information. We adhere to the highest standards of privacy and data protection, in accordance with applicable data protection regulations including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). This Privacy Policy outlines how we collect, use, and safeguard your data, and the rights you have in relation to your personal information.

We prioritize transparency, user control, and responsible handling of all data entrusted to us.

2. Scope of this Policy and Data Controller Role

This Privacy Policy applies to all users who access our website, interact with our services, or correspond with us via thesonichearts.com. It governs the collection and processing of personal data by The Sonic Hearts.

For the purposes of GDPR and other relevant privacy laws, The Sonic Hearts is the Data Controller for the personal information we process unless otherwise stated. If you have any concerns about how we handle your information, you may contact us at [email protected].

3. Categories of Data We Process

We may collect and process the following categories of personal data:

a) Usage Data
Information about how you interact with our website, such as:
– Internet Protocol (IP) address
– Browser type and version
– Device identifiers
– Referral source
– Length of visit
– Pages viewed
– Session information
– Time zone settings and geolocation (where permitted)

b) Account Data
Details provided when you create an account or register on our website:
– Full name
– Address
– Email address
– Telephone number
– Login credentials

c) Profile Data
Data related to your preferences and behavior, including:
– Purchase history
– Product interests
– User settings
– Personalized content preferences

d) Communication Data
Information exchanged through support or contact forms:
– Messages you send to us
– Email correspondences
– Records of customer support interactions

e) Technical Data
Information about the device and software you use to access our site:
– Device type
– Operating system
– Browser plugins
– Hardware details
– Access times and durations

f) Transaction Data
Information related to purchases and financial interactions:
– Payment and billing details
– Purchase amounts
– Delivery details
– Order history

g) Preference Data
Marketing and communication preferences:
– Consent for marketing communications
– Subscription settings
– Product and content interests
– Participation in surveys or promotional campaigns

4. Legal Bases for Processing

We rely on the following legal bases to collect, use, and process your data:

– Consent: Where you have explicitly given permission, for example when signing up for newsletters.
– Contract: Where processing is necessary for the performance of a contract with you, such as processing orders.
– Legal Obligation: Where we are required to comply with laws or regulations.
– Legitimate Interests: Where we process data to improve our services, detect fraudulent activity, and ensure website security, provided these interests are not overridden by your rights and freedoms.

5. Your Data Protection Rights

You have the following rights concerning your personal data:

– Right of Access: You may request access to your personal data held by us.
– Right to Rectification: You may request correction of inaccurate or incomplete data.
– Right to Erasure: You may request deletion of your data, subject to legal exceptions.
– Right to Restrict Processing: You may request suspension of data processing in certain circumstances.
– Right to Data Portability: You may request a copy of your data in a structured, machine-readable format for portability.
– Right to Object: You may object to how we process your personal data when our legal basis is legitimate interest or when used for direct marketing.

To exercise any of these rights, contact us at [email protected]. We will endeavor to respond to all legitimate requests within a reasonable timeframe.

6. Security Measures

We implement stringent security protocols to protect your data from unauthorized access, disclosure, or loss. These measures include:

– Data encryption in transit and at rest
– Role-based access control and user authentication
– Regular data backups and recovery protocols
– Staff training on data protection and confidentiality practices
– Ongoing monitoring of technical infrastructure for vulnerabilities

7. International Data Transfers

Where your personal data is transferred outside of the European Economic Area (EEA) or other jurisdictions with equivalent regulations, we ensure such transfers are protected by Standard Contractual Clauses (SCCs), binding corporate rules, or other legally approved mechanisms. This ensures compliance with GDPR and regional privacy frameworks.

8. Data Retention

We retain personal data only as long as necessary to fulfill the purposes for which it was collected, or as required by applicable laws. Retention periods may vary:

– Account Data and Profile Data: Retained for the life of the account plus 2 years
– Transaction Data: Retained for 7 years for legal and tax compliance
– Communication Data: Retained for up to 3 years after conclusion of query
– Usage and Technical Data: Retained for analytical and optimization purposes for up to 18 months
– Marketing and Preference Data: Retained until you withdraw your consent

Once retention periods expire, data is securely deleted or anonymized.

9. Cookie Policy

Our website uses cookies and similar tracking technologies to enhance functionality, perform analytics, and ensure security. Cookies used may include:

– Essential Cookies: Necessary for basic functionality and website security
– Functional Cookies: Enable enhanced user experience and retained settings
– Analytics Cookies: Used to understand website usage and improve performance
– Performance Cookies: Help track system performance and identify performance bottlenecks

10. Cookie Management and Compliance with GDPR and CCPA

You can manage cookie preferences through your browser settings or our on-site cookie consent banner where available.

Under GDPR and CCPA, you have the right to:

– Accept or reject non-essential cookies
– Access information about cookies used on the site
– Withdraw consent at any time
– Prevent data sharing with third parties through cookie controls

To adjust your preferences, consult the settings in your browser or use available tools on thesonichearts.com.

11. Children’s Privacy

Our website is not intended for children under the age of 13. We do not knowingly collect or solicit personal data from individuals under the age of 13. If you believe we have collected data from a child without parental consent, please contact us immediately at [email protected] so we can take appropriate measures.

12. Policy Updates

We reserve the right to update this Privacy Policy to reflect changes in legal requirements, business practices, or technological developments. Any modifications will be posted on thesonichearts.com and, where appropriate, communicated to you through direct communication channels.

Your continued use of our services following any updates indicates your acceptance of the revised policy.

13. Contact Us

If you have questions or concerns regarding this Privacy Policy, your data rights, or how your personal information is handled, please contact us at:

Email: [email protected]

We are committed to resolving privacy concerns in a fair and prompt manner.

—

This Privacy Policy reflects our ongoing commitment to compliance with GDPR, CCPA, and other applicable data protection laws. For any inquiries regarding your personal data or this policy, please reach out via [email protected].