Privacy Policy

Privacy Policy for HaruCake.net

We are staunchly committed to protecting and meticulously safeguarding the privacy, confidentiality, and security of personal information relating to our website visitors and service users. This commitment extends across all our operations, systems, and processes.

This policy applies where we are acting as a data controller with respect to the personal data of our website visitors and service users; in other words, where we determine the purposes and means of the processing of that personal data. In this role, we are responsible for maintaining comprehensive oversight of how your personal information is collected, used, and protected throughout our systems.

We may process usage data (“usage data”), which comprehensively includes browser type and version, operating system details, page view timestamps, interaction patterns, navigation paths, time spent on pages, referral sources, and device-specific information. This information is collected through automated logging systems, cookies, and analytics tools and may include session duration metrics, feature interaction statistics, and content engagement patterns. The source of this data is our analytics software and server monitoring systems. We process this information for several important purposes, including website optimization, user experience improvement, technical issue detection, and performance monitoring, which enables us to enhance site functionality, improve content delivery, and maintain service quality. The legal basis for this processing is our legitimate interests in monitoring and improving our website and services.

We may process account data (“account data”), which comprehensively includes your name, email address, password hash, account preferences, notification settings, and account creation date. This information is collected through registration forms, account updates, and user preferences and may include communication preferences, security settings, and profile customization choices. The source of this data is direct user input during account creation and management. We process this information for account administration, service provision, security monitoring, and communication purposes, which enables us to provide personalized services, maintain account security, and facilitate user communication. The legal basis for this processing is the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract.

We may process profile data (“profile data”), which comprehensively includes your display name, profile picture, biographical information, interests, and activity history. This information is collected through profile creation forms, user submissions, and activity tracking and may include saved recipes, craft projects, and content preferences. The source of this data is your direct input and interaction with our services. We process this information for community features, content personalization, user interaction, and service enhancement purposes, which enables us to provide relevant content, facilitate user connections, and improve user experience. The legal basis for this processing is our legitimate interests in operating and improving our website services.

Your Rights:

Right to Access: You have the right to obtain confirmation about whether we process your personal data and request copies of this data. This includes the ability to receive detailed information about the data we hold, understand how we use it, and verify its accuracy. To exercise this right, you can submit a formal request through our website or contact our data protection team directly at [email protected]. We will respond within 30 days and may require proof of identity, current email address, and a signed declaration form to verify your identity.

Right to Rectification: You have the right to request correction of inaccurate personal data and complete any incomplete personal data we hold about you. This includes the ability to update profile information, correct account details, and modify preferences. To exercise this right, you can use our account settings interface or submit a formal correction request through our support system. We will respond within 15 days and may require government-issued identification, proof of address, and documentation supporting the requested changes to verify your identity.

Right to Erasure: You have the right to request the deletion of your personal data when it is no longer necessary for the purposes for which it was collected. This includes the ability to delete your account, remove content you’ve created, and erase your usage history. To exercise this right, you can initiate an account deletion request through your account settings or contact our support team directly. We will respond within 30 days and may require account password confirmation, email verification, and identity documentation to verify your request.

Right to Restrict Processing: You have the right to limit how we use your personal data in specific circumstances, such as when you contest its accuracy or object to processing. This includes the ability to pause data processing, limit data usage, and temporarily suspend account activities. To exercise this right, you can submit a processing restriction request through our privacy portal. We will respond within 14 days and may require two-factor authentication, account verification, and written confirmation to verify your identity.

Right to Data Portability: You have the right to receive your personal data in a structured, commonly used format and transmit it to another service provider. This includes the ability to export your profile information, download your content, and transfer your data history. To exercise this right, you can use our data export tool or submit a portability request through our support system. We will respond within 30 days and may require account ownership verification, identity confirmation, and destination service validation to verify your request.Data Processing and Security Measures

1. Data Types and Processing

We process Service Data which includes account details, user preferences, profile information, and service interactions. This processing involves automated collection, storage, and analysis, enabling us to provide personalized content and service improvements. For example, in the context of Home – General, this includes recipe preferences, craft project histories, and seasonal content selections. The legal basis for this processing is legitimate interest and contract fulfillment, specifically to enhance user experience and deliver requested services.

We process Technical Data which includes device information, IP addresses, browser details, and usage patterns. This processing involves automated logging, analysis, and performance optimization, enabling us to ensure optimal site functionality and security. For example, in the context of Home – General, this includes page load times for recipe images and craft tutorial videos. The legal basis for this processing is legitimate interest, specifically to maintain service quality and security.

We process Communication Data which includes emails, messages, comments, and feedback submissions. This processing involves storage, analysis, and response management, enabling us to maintain effective communication with users. For example, in the context of Home – General, this includes recipe questions and craft tutorial inquiries. The legal basis for this processing is consent and contract fulfillment, specifically to provide requested assistance and maintain user engagement.

We process Transaction Data which includes purchase histories, payment details, and subscription information. This processing involves secure storage, payment processing, and order fulfillment, enabling us to manage e-commerce activities. For example, in the context of Home – General, this includes digital product purchases and subscription renewals. The legal basis for this processing is contract fulfillment and legal obligation, specifically to complete transactions and maintain financial records.

We process Preference Data which includes saved items, customization settings, and content interactions. This processing involves tracking, analysis, and personalization, enabling us to tailor content and recommendations. For example, in the context of Home – General, this includes favorite recipes and preferred craft categories. The legal basis for this processing is legitimate interest and consent, specifically to enhance user experience and content relevance.

2. Security Measures

Our comprehensive encryption protocols ensure end-to-end protection of your data, incorporating industry-standard algorithms and regular security updates to maintain data integrity. This includes regular security assessments and penetration testing by qualified professionals.

We implement multi-layered security infrastructure, including advanced firewalls and intrusion detection systems that continuously monitor for and prevent unauthorized access attempts. This infrastructure undergoes regular updates and enhancements.

Access to personal data is strictly controlled through role-based permissions, multi-factor authentication, and detailed access logs. We maintain comprehensive audit trails of all data access and modifications.

Our continuous monitoring systems provide real-time threat detection and automated response protocols, ensuring immediate action against potential security threats.

We maintain comprehensive backup procedures with encrypted offsite storage and regular recovery testing, ensuring data availability and integrity.

All staff undergo regular security awareness training and must comply with detailed data protection protocols, including specific training for handling sensitive data.

3. International Transfers

We may transfer your personal data to countries outside your jurisdiction. These transfers are protected by appropriate safeguards, including Standard Contractual Clauses, Privacy Shield certification, and Binding Corporate Rules. Each international transfer is conducted under strict protocols that ensure:
– Adequate data protection standards
– Compliant processing procedures
– Enforceable data subject rights
– Effective legal remedies

International transfers are protected by ISO 27001 standards, GDPR requirements, and CCPA guidelines, ensuring compliance with global data protection regulations. We implement additional measures including:
– Regular compliance audits
– Data protection impact assessments
– Documented transfer mechanisms
– Continuous monitoring procedures

Regarding international transfers, you maintain specific rights including:
– Right to information about transfers
– Right to object to transfers
– Right to withdraw consent
– Right to data protection guarantees

4. Data Retention

We maintain specific retention periods for different data categories:

Account Information: 24 months after account closure to maintain service continuity and legal compliance
Usage Data: 12 months to analyze trends and improve services
Transaction Records: 7 years to comply with tax and financial regulations
Communication History: 36 months to maintain service quality and reference
Technical Logs: 6 months for security and performance optimization

These retention periods are determined by:
– Legal requirements
– Business purposes
– Technical necessities
– User preferences

Special circumstances affecting retention:
– Legal obligations
– Dispute resolution
– Security investigationsCookie Policy for HaruCake.net

Essential cookies serve fundamental functions for our website’s core operations. These cookies process authentication tokens, session identifiers, and security parameters to enable basic site functionality. For example, they maintain your login status while browsing recipes and crafting tutorials, ensure secure form submissions when sharing comments, and maintain your shopping cart state when selecting craft supplies or baking tools.

Essential cookies specifically support:
– User authentication and secure login processes
– Security measures to protect user data and prevent unauthorized access
– Basic site operations including page loading and form submissions
– Session management for continuous browsing experience
– Technical stability and error prevention

Functional cookies enhance your experience by remembering your preferences and personalizing content. These cookies process user settings and interface choices to provide a tailored experience. For example, they remember your preferred recipe measurement units, craft tutorial difficulty levels, and seasonal content preferences.

Analytics cookies help us understand how visitors interact with HaruCake.net. They collect anonymous information about:
– Page interactions with our recipes and DIY tutorials
– Navigation patterns through seasonal content
– Feature usage of our crafting guides and recipe collections
– Session duration and engagement metrics
– User preferences for content categories

Performance cookies assess and improve our website operation by monitoring technical aspects of your visit. They process performance metrics to optimize content delivery and user experience, specifically tracking:
– Website loading speeds across different devices
– Technical issues in interactive features
– Content delivery optimization for images and videos
– User experience metrics for site improvements
– System performance across different browsers and devices

Cookie Management

You maintain full control over your cookie preferences through:
– Browser settings for cookie management
– Our cookie consent tool available on first visit
– Privacy preferences in your account dashboard
– Device-specific settings for cookie handling

GDPR Compliance

For our European Union visitors, we maintain strict data protection standards including:
– Explicit consent mechanisms before cookie deployment
– Data minimization in all processing activities
– Purpose limitation for collected information
– Storage limitations with regular data review
– Processing transparency through detailed documentation

CCPA Compliance

California residents enjoy additional privacy rights:
– Right to know about personal information collected
– Right to delete personal data from our records
– Right to opt-out of any data sales
– Right to non-discrimination for privacy choices
– Right to access collected information

COPPA Compliance

Regarding users under 13 years of age:
– Age verification before account creation
– Parental consent requirements for young users
– Limited data collection from minor users
– Special protection measures for young visitors
– Parental access rights to child data

Updates and Changes

Our policy management includes:
– Regular review procedures for compliance
– User notifications of significant changes
– Consent renewal for material updates
– Clear change documentation
– Continuous compliance monitoring

Contact Information

For privacy-related inquiries:
– Primary Contact: [email protected]
– Response Time: Within 48 hours
– Verification Required: For data-related requests
– Available Support: Privacy concerns, data requests, rights exercise

This policy was created specifically for harucake.net and covers all associated services within the Home – General industry.