Privacy Policy for HilltopProject.com
1. Introduction
At Hilltop Project (“we,” “our,” or “us”), accessible via hilltopproject.com, we are committed to protecting and respecting your privacy. Protecting the personal data of our users is central to our mission. This Privacy Policy outlines how we collect, use, store, and disclose your information in accordance with applicable data protection laws including, but not limited to, the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”). We operate with a privacy-first approach and are dedicated to ensuring the secure and transparent processing of your information.
2. Scope of Policy and Data Controller
This Privacy Policy applies to information collected through hilltopproject.com and any related services, features, and communications. For purposes of the GDPR, Hilltop Project is the “data controller” of your personal data. Our role as a data controller means we are responsible for determining the purposes and means of processing your personal information.
3. Categories of Data Processed
We collect and process various categories of personal data for specified purposes, as outlined below:
A. Usage Data
We collect non-identifiable information relating to how visitors interact with the website, including browser type, IP address, referring pages, time stamps, and session durations. This helps us monitor and enhance our website’s performance and usability.
B. Account Data
If you create an account or provide information via forms, we collect and store your full name, physical or mailing address, email address, and contact phone number.
C. Profile Data
Information regarding your preferences, purchase history, user behavior, and chosen settings are collected to personalize your experience.
D. Communication Data
We collect communication records, including the content of support queries, messages sent through our website or email, support history, and other user-initiated contacts.
E. Technical Data
Data such as device type, operating system, browser version, language settings, time zone, screen resolution, and system configuration are collected to ensure compatibility and improve security.
F. Transaction Data
If you engage in commercial transactions on our website, we collect data related to payment methods, transaction dates, shipping details, billing records, and order confirmations.
G. Preference Data
We record marketing consents, opt-in/out statuses, product preferences, and your communication frequency settings to ensure compliance and relevance in our messaging.
4. Legal Bases for Processing
We rely on one or more of the following lawful bases to process your personal data:
– Consent: Where you have provided clear affirmative permission for specific uses.
– Contractual necessity: Where processing is necessary to perform a contract with you or take steps prior to entering one.
– Legitimate interests: Where processing is necessary for our legitimate business interests, provided such interests are not overridden by your data protection rights.
– Legal obligation: Where we are required to comply with a legal or regulatory obligation.
5. Your Rights
Under applicable laws, particularly the GDPR and CCPA, you have the following rights concerning your personal information:
– Right of Access: You may request details of personal data we hold about you.
– Right to Rectification: You are entitled to request correction of inaccurate or incomplete data.
– Right to Erasure: You have the right to request deletion of your data, subject to lawful limitations.
– Right to Restrict Processing: You may request that we limit how we use your data.
– Right to Data Portability: You can request a copy of your data in a structured, machine-readable format.
– Right to Object: You may object to processing activities which are based on our legitimate interests or for direct marketing purposes.
– Right to Non-Discrimination (CCPA): You have the right to receive equal service and price, even if you exercise your privacy rights.
To exercise any of the above rights or if you have questions about them, contact us at [email protected].
6. Security Measures
We implement robust administrative, technical, and physical safeguards designed to protect your personal data. These include:
– Encryption of sensitive data both at rest and in transit.
– Access restrictions based on user roles and need-to-know principles.
– Regular data backups and disaster recovery strategies.
– Employee training and confidentiality agreements.
Despite our efforts, no system is completely secure. If you believe your interaction with us is no longer secure, please contact us immediately.
7. International Transfers
We may process or transfer your data to jurisdictions outside of your country of residence, including those that may not provide the same standard of data protection. Where such transfers occur, we implement appropriate safeguards, such as Standard Contractual Clauses approved by the European Commission or rely on your explicit consent.
8. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy—including to satisfy any legal, accounting, or reporting requirements. Specific retention periods include:
– Usage Data: Retained for 12 months for analytics optimization.
– Account and Profile Data: Retained for the duration of your account and up to 7 years thereafter.
– Communication Data: Retained for 3 years to maintain service history.
– Transactional Data: Retained for tax and accounting purposes for up to 7 years.
– Preference Data: Retained until you withdraw your consent or update your preferences.
9. Cookie Policy
The website hilltopproject.com uses cookies and similar technologies to enhance your experience and collect analytical data. Types of cookies in use include:
– Essential Cookies: Necessary for core functionalities such as security, authentication, and form submissions.
– Functional Cookies: Enable personalization features such as remembering user preferences.
– Analytics Cookies: Provide insights into how users interact with the website, helping us improve user experience.
– Performance Cookies: Monitor page load speeds and resource usage.
10. Cookie Management and Compliance
In compliance with GDPR and CCPA, you may manage your cookie preferences through our cookie banner upon first visit or by adjusting settings in your browser. You may opt out of non-essential cookies at any time. For CCPA compliance, we honor “Do Not Sell My Personal Information” requests.
11. Children’s Privacy
Our services are not directed to children under the age of 13. We do not knowingly collect personal data from children. If we become aware that information from a child under 13 has been collected, we take steps to delete such data without delay. Parents or guardians who believe we may have collected data from a minor may contact us at [email protected].
12. Policy Updates and User Notifications
We may update or amend this Privacy Policy from time to time to reflect changes in our practices, legal obligations, or technological developments. Where material changes occur, we will notify you by appropriate means such as notices on hilltopproject.com or by direct communication.
13. Contact Us
If you have any questions about this Privacy Policy, your rights, or if you wish to make a data request, you may contact us at:
Email: [email protected]
Hilltop Project is fully committed to complying with all applicable privacy laws and protecting the data entrusted to us. Should you have concerns regarding your personal information or this policy, we welcome your inquiries at the email address provided above.