Data Protection Policy

Last updated: January 2025

1. Introduction

Home Principles is committed to protecting your personal data and ensuring compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other relevant privacy regulations. This Data Protection Policy explains how we collect, process, store, and protect your personal information.

2. Data Controller Information

Data Controller: Home Principles
Contact: privacy@homeprinciples.com
Website: homeprinciples.com

3. Legal Basis for Processing

We process your personal data based on the following legal grounds:

Consent: When you have given clear consent for us to process your data for specific purposes
Legitimate Interest: For website analytics, security, and improving our services
Contract Performance: To provide the services you have requested
Legal Obligation: To comply with applicable laws and regulations

4. Types of Personal Data We Process

Identity Data

Name, email address, and any other information you voluntarily provide when contacting us or subscribing to our newsletter.

Technical Data

IP address, browser type and version, device information, operating system, time zone, and other technical information collected automatically when you visit our website.

Usage Data

Information about how you use our website, including pages visited, time spent on pages, click patterns, and interactions with our content and features.

Preference Data

Your responses to our bed sheet quiz, preferences for content types, and any other preferences you express when using our services.

5. How We Collect Personal Data

We collect personal data through:

Direct Collection: When you provide information directly to us (e.g., newsletter signup, contact forms)
Automatic Collection: Through cookies and similar technologies when you visit our website
Third-Party Sources: From analytics providers and other service providers (with appropriate safeguards)
Public Sources: Information that is publicly available (rarely used)

6. Purposes of Data Processing

Service Provision

To provide and maintain our website services, including personalized recommendations and content delivery.

Communication

To send you newsletters, respond to inquiries, and provide customer support.

Analytics and Improvement

To analyze website usage, improve our services, and develop new features.

Security and Compliance

To protect our website and users, prevent fraud, and comply with legal obligations.

Marketing

To send you relevant content and offers (with your consent).

7. Data Security Measures

We implement appropriate technical and organizational measures to protect your personal data:

Encryption: Data is encrypted in transit and at rest using industry-standard protocols
Access Controls: Limited access to personal data on a need-to-know basis
Regular Updates: Keeping our systems and software up to date with security patches
Monitoring: Continuous monitoring for security threats and vulnerabilities
Staff Training: Regular training on data protection and security best practices
Incident Response: Procedures for responding to data security incidents

8. Data Sharing and Transfers

We may share your personal data with:

Service Providers: Trusted third parties who assist us in operating our website and providing services
Analytics Providers: To analyze website usage and improve our services
Affiliate Partners: Limited information for tracking affiliate link clicks and conversions
Legal Authorities: When required by law or to protect our rights and safety

When transferring data internationally, we ensure appropriate safeguards are in place to protect your information.

9. Data Retention

We retain your personal data only for as long as necessary:

Newsletter Subscribers: Until you unsubscribe or request deletion
Website Analytics: Typically 26 months (Google Analytics default)
Contact Information: Until the inquiry is resolved and for a reasonable period thereafter
Quiz Responses: Until you request deletion or for up to 2 years for service improvement
Legal Requirements: As required by applicable laws and regulations

10. Your Data Protection Rights

Depending on your location, you may have the following rights:

Right of Access

Request a copy of the personal data we hold about you and information about how we process it.

Right to Rectification

Request correction of inaccurate or incomplete personal data.

Right to Erasure

Request deletion of your personal data in certain circumstances.

Right to Restrict Processing

Request that we limit how we process your personal data.

Right to Data Portability

Request a copy of your data in a structured, machine-readable format.

Right to Object

Object to processing of your personal data for certain purposes.

Right to Withdraw Consent

Withdraw consent for data processing where consent is the legal basis.

To exercise these rights, please contact us at privacy@homeprinciples.com. We will respond to your request within 30 days.

11. Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and inform affected individuals without undue delay, as required by applicable data protection laws.

12. Supervisory Authority

If you are not satisfied with how we handle your personal data, you have the right to lodge a complaint with your local data protection supervisory authority. For EU residents, you can find your local authority at edpb.europa.eu.

13. Updates to This Policy

We may update this Data Protection Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date.

14. Contact Us

If you have any questions about this Data Protection Policy or our data practices, please contact us at:

Email: privacy@homeprinciples.com
Website: homeprinciples.com