Privacy & Data Policy

Last updated: January 2026

Summary

At Hart, we respect your privacy and are committed to protecting your personal data. Here’s what you need to know:

  • We collect only the data necessary to provide and improve our services.
  • Your data is stored securely and never sold or traded to third parties.
  • You have rights to access, correct, or delete your personal information.
  • We use cookies to enhance your experience, which you can disable in your browser.
  • Your data may be transferred internationally, but we maintain strong safeguards.
  • If you have questions or want to exercise your rights, you can contact us anytime.

For full details, please read the complete Privacy & Data Policy below.

1. Introduction

Welcome to Hart (the “Site”, “we”, “us”, or “our”). This Privacy & Data Policy explains how we collect, use, disclose, and protect information when you visit or use our website (hildart.vercel.app) or any related services. By using our Site, you agree to the collection and use of information in accordance with this policy.

If you do not agree with this policy, please refrain from using the Site.

2. What Data We Collect

2.1 Data You Provide

When you use Hart (e.g., sign up, log in, purchase, contact us), we may collect:

  • Username — when you register or log in.
  • Email address — for account management, purchase receipts, communication.
  • Password — stored securely (hashed), used for authentication.
  • Billing or shipping address (if you order an artwork).
  • Order & purchase details — which items you bought, quantity, date, payment processing data (where relevant).
  • Any content you submit — messages, contact forms, user account preferences, etc.

2.2 Automatically Collected Data

When you visit the Site, we may automatically collect:

  • IP address & geolocation (city-level, country-level) — for security, fraud detection, analytics.
  • Device information — browser type and version, operating system, device type (desktop / mobile), screen resolution.
  • Usage data — which pages you view (gallery pages, product pages), how long you stay, clicks, interactions.
  • Cookies & similar technologies — see Section 6 below.

3. Why We Collect the Data

We use the collected data for:

  • User account management — registration, login, authentication, password reset.
  • Order processing — fulfilling your purchase requests, shipping, billing, receipts.
  • Site functionality & user experience — displaying personalized content, remembering preferences, facilitating smooth navigation.
  • Communications — responding to your inquiries, sending purchase confirmations or updates, optionally marketing or newsletters (only if you opt-in).
  • Security and fraud prevention — detecting suspicious behavior, protecting against abuse.
  • Analytics and performance — understanding how users interact with the site, improving content, optimizing performance and design.

We will never process more data than needed for these purposes, and we do not sell or trade your personal data to third parties for marketing.

4. Legal & Compliance Considerations

Depending on your location or the location of the user, relevant data‑protection laws may apply (e.g. Privacy Act 1988 (Cth) & Australian Privacy Principles, or international regulations like GDPR / CCPA if you accept international users). We endeavour to meet or exceed all applicable standards.

If you are browsing from a country with strict data‑protection laws, you may have additional rights (see Section 9 below).

5. Data Sharing and Disclosure

We may share your data only in the following circumstances:

  • With service providers (e.g. payment processors, shipping partners) only as needed to fulfill an order — under strict confidentiality and only the data required for the service (e.g. shipping address, order details).
  • With law enforcement or legal authorities, if required by law (e.g. compliance with legal obligations, fraud prevention).
  • In the case of a merger, acquisition, or sale of Hart — user data may be transferred, but we will inform you and provide opt‑out if required.
  • Aggregated & anonymized data (non-personally-identifiable) may be used for analytics or reporting.

We will never sell, rent, or trade your personal information for advertising or marketing.

6. Cookies & Tracking Technologies

We use cookies and similar technologies for:

  • Session management (keeping you logged in).
  • Site functionality (e.g. shopping cart, user preferences).
  • Analytics (to understand site usage).

You can disable cookies through your browser settings, but please note that this may impact your ability to use certain features (e.g. login, shopping cart, remembering preferences).

7. Data Storage & Security

  • We store your data securely using industry‑standard encryption and hashing (especially for passwords).
  • Access to your personal data is restricted to authorized personnel only.
  • We use secure transport (HTTPS) in transit.
  • If there is a data breach or security incident, we will act promptly to notify affected users, as required by law or best practice.
  • We do not store sensitive information (like full credit‑card numbers) unless necessary, and in that case only via secure third‑party payment processors.

8. Data Retention & Deletion

We keep your account and order data as long as you maintain your account.

If you request account deletion, we will permanently delete your personal data (except aggregated anonymized data used for analytics).

You can also request partial data deletion (e.g. delete contact info, delete order history) — contact us using the details below.

9. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access personal data we hold about you.
  • Correct/ update inaccurate or incomplete data.
  • Request deletion of your data (“right to be forgotten”).
  • Object to or restrict processing.
  • Obtain a copy or portable version of your data.
  • Revoke consent (for optional processing, marketing).

If you live in Australia, the UK, EU, California or other regulated areas — contact us if you wish to exercise these rights.

10. Age & Children Policy

Hart is intended for users 13 years old and above.

We do not knowingly collect personal data from children under 13.

If we become aware of such data, we will promptly delete it.

11. International Transfer of Data

Your information may be stored and processed in servers located outside your country (e.g. hosted on Vercel, databases in US/Asia, etc).

By using the Site, you consent to data transfer across borders.

We maintain adequate safeguards to protect your data.

12. Changes to This Policy

We may update this Privacy Policy from time to time (for example, if we change data‑handling practices, or legal requirements change).

When we do, we will update the “Last updated” date.

We recommend you review this page periodically. Continued use of Hart after changes will mean you accept the new policy.

13. Contact Us

If you have questions, concerns, or want to exercise your data rights, contact us at:

Alternatively, use the contact form to contact us.