top of page

Privacy Policy

A legal disclaimer

Last Updated: December 5, 2025Hearth and Beam Co. ("we," "our," or "us") operates the website hearthandbeamco.com (the "Site"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our Site, purchase products, or interact with our services.

By accessing or using the Site, you agree to the terms of this Privacy Policy. If you do not agree, please do not use the Site.

 

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date above. You are advised to review this Privacy Policy periodically for any changes. Your continued use of the Site after we post any modifications will constitute your acknowledgment of the modifications and your consent to abide by and be bound by the modified Privacy Policy.

Privacy Policy

1. Information We Collect

We collect information from you in various ways when you use our Site. This may include:

 

a. Personal Information You Provide Directly

  • Contact Information: Such as your name, email address, phone number, and mailing address, which you provide when creating an account, placing an order, subscribing to our newsletter, or contacting us for support.

  • Payment Information: Such as credit card details, billing address, and other financial information processed through our secure payment gateways (e.g., Stripe or PayPal). We do not store your full payment card details on our servers.

  • Account Information: Username, password, and preferences if you create an account.

  • User-Generated Content: Reviews, comments, photos, or other content you submit to the Site.

  • Communication Data: Information from emails, chats, or other interactions with us.

b. Information Collected Automatically

  • Device and Usage Data: IP address, browser type, operating system, referring URLs, pages viewed, time spent on pages, clickstream data, and device identifiers.

  • Location Data: Approximate location based on your IP address (we do not collect precise geolocation without your consent).

  • Cookies and Tracking Technologies: We use cookies, web beacons, pixels, and similar technologies to collect data about your browsing behavior. This includes session cookies (temporary) and persistent cookies (longer-term). You can manage cookie preferences through your browser settings.

    • Essential Cookies: Necessary for the Site to function, such as maintaining your shopping cart.

    • Analytics Cookies: To understand how users interact with the Site (e.g., via Google Analytics).

    • Advertising Cookies: To deliver personalized ads (e.g., via Google Ads or Facebook Pixel).

  • Log Data: Server logs that record access times, errors, and other technical details.

c. Information from Third Parties

  • Social Media and Integrations: If you log in via social media (e.g., Facebook or Google), we may receive profile information like your name and email.

  • Partners and Service Providers: Data from analytics providers, advertising networks, or payment processors.

  • Public Sources: Information available publicly, such as from business directories.

We do not knowingly collect personal information from children under 13 years of age (or under 16 in certain jurisdictions). If we learn that we have collected such information without parental consent, we will delete it promptly.

 

2. How We Use Your Information

We use the information we collect for the following purposes:

  • To Provide and Improve Our Services: Process orders, fulfill shipments, provide customer support, and personalize your experience (e.g., recommending products based on past purchases).

  • To Communicate with You: Send order confirmations, shipping updates, promotional emails, newsletters, or responses to inquiries. You can opt out of marketing communications at any time.

  • For Analytics and Research: Analyze Site usage, trends, and performance to improve functionality, content, and user experience.

  • For Marketing and Advertising: Display targeted ads on our Site or third-party platforms, including retargeting based on your browsing history.

  • For Security and Fraud Prevention: Detect and prevent fraudulent transactions, unauthorized access, or other illegal activities.

  • To Comply with Legal Obligations: Respond to subpoenas, court orders, or other legal processes; enforce our terms; or protect our rights, property, or safety.

  • For Business Operations: Manage accounts, process payments, and handle returns or refunds.

We may combine information from different sources to achieve these purposes.

 

3. How We Share Your Information

We do not sell your personal information to third parties. However, we may share it in the following circumstances:

  • Service Providers: With vendors who assist us in operating the Site, such as hosting providers (e.g., AWS), payment processors (e.g., Stripe), shipping companies (e.g., UPS), email services (e.g., Mailchimp), and analytics tools (e.g., Google Analytics). These providers are contractually obligated to use your information only for the services they provide to us.

  • Business Transfers: In connection with a merger, acquisition, reorganization, or sale of assets, your information may be transferred to the new owner.

  • Legal Requirements: If required by law, such as to comply with a subpoena, or to protect against legal liability.

  • Affiliates: With our parent company, subsidiaries, or joint ventures for internal business purposes.

  • With Your Consent: For any other purpose with your explicit permission.

  • Aggregated or Anonymized Data: We may share non-personal, aggregated data (e.g., Site traffic statistics) with third parties for research or marketing
     

4. Data Security

We implement reasonable security measures to protect your information from unauthorized access, alteration, disclosure, or destruction.

These include encryption (e.g., SSL/TLS for data transmission), firewalls, access controls, and regular security audits. However, no method of transmission over the internet or electronic storage is 100% secure, so we cannot guarantee absolute security.If a data breach occurs that may affect your personal information, we will notify you and relevant authorities as required by law.

 

5. Your Choices and Rights

You have certain rights regarding your personal information:

  • Access and Update: Log in to your account to view or update your information. You can also request access to the data we hold about you.

  • Deletion: Request deletion of your personal information, subject to legal retention requirements (e.g., for tax purposes).

  • Opt-Out: Unsubscribe from marketing emails via the link in the email or by contacting us. You can also opt out of targeted advertising through tools like the Digital Advertising Alliance (DAA) or Network Advertising Initiative (NAI).

  • Cookies: Disable cookies in your browser settings, though this may limit Site functionality.

  • Do Not Track: We do not currently respond to "Do Not Track" signals from browsers.

  • California Residents: Under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), you may have rights to know, delete, correct, or opt out of the sale/sharing of your data (though we do not sell data). Contact us to exercise these rights.

  • EU/UK Residents: Under GDPR/UK GDPR, you may have rights to access, rectification, erasure, restriction, portability, or objection. We process data based on consent, contract performance, or legitimate interests.

  • Other Jurisdictions: Similar rights may apply under laws like Brazil's LGPD or Canada's PIPEDA.

To exercise your rights, contact us at privacy@hearthandbeamco.com. We may verify your identity before responding. We respond to requests within the timeframes required by law (e.g., 30 days under GDPR, 45 days under CCPA).

 

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, including for legal, accounting, or reporting requirements. For example:

  • Account data is kept while your account is active and for a reasonable period afterward.

  • Transaction records are retained for at least 7 years for tax purposes.

  • When no longer needed, we securely delete or anonymize the data.

7. International Data Transfers

Our Site is operated in the United States. If you are located outside the US, your information may be transferred to and processed in the US or other countries where our service providers operate. We ensure appropriate safeguards, such as Standard Contractual Clauses or adequacy decisions, for international transfers.

 

8. Third-Party Links

Our Site may contain links to third-party websites (e.g., social media or partner sites). We are not responsible for their privacy practices. Review their policies before providing information.

9. Contact Us

If you have questions about this Privacy Policy or our practices, contact us at:

Hearth and Beam Co.
Email: privacy@hearthandbeamco.com
 

Please note that this Privacy Policy applies only to information collected through the Site and does not cover information collected offline or through other channels.

bottom of page