Menu
Your Cart

Privacy Policy

JOYHARVESTBR INC understands the importance of protecting the privacy of your personal data. This Privacy Policy, prepared in accordance with the EU General Data Protection Regulation (GDPR), explains how we collect, use, store, and protect the personal data you provide when interacting with us.

1. Scope

This Privacy Policy applies to our processing of personal data of data subjects located in the EU. Whether you browse products on our website at joyharvestbr.com, place an order for a pillow, or communicate with us via email at [email protected], your personal data is subject to this Policy.

2. Definitions

Personal data refers to any information relating to an identified or identifiable natural person ("data subject"), such as a name, email address, mailing address, telephone number, payment information, etc., that can be used to directly or indirectly identify you.

Processing: encompasses any operation performed on personal data, including collection, recording, organization, storage, use, transfer, disclosure, modification, and deletion.

3. Data Collection

Directly Provided: When you register an account on our website, place an order, subscribe to our mailing list, participate in a survey, or communicate with our customer service team, we collect personal data you proactively provide, such as your name, contact information, shipping address, and payment information. This data is used to fulfill your order, provide customer service, address after-sales issues, and send you relevant information.

Automatically Collected: When you visit our website, our servers automatically record information such as your IP address, browser type, access time, and pages viewed. This information helps us understand website usage, improve user experience, conduct data analysis, and prevent fraud. We may also use cookies and similar technologies to collect information such as your browsing preferences to provide you with more personalized services. For more information about cookies, please refer to our Cookie Policy.

4. Purpose of Data Use

Performing Contractual Obligations: We use your personal data to process and fulfill your order, including arranging product delivery, processing payments, and providing after-sales service, in order to fulfill our contract with you. Providing Customer Service: We use the contact information you provide to communicate with you, answer your questions, address your complaints and suggestions, and ensure you have a positive experience when interacting with us.
Personalized Services: Based on your browsing history, purchasing preferences, and other data, we provide you with personalized product recommendations, promotional information, and customized content, allowing you to more easily discover products of interest.
Market Analysis and Improvement: We analyze collected data to understand market trends, customer needs, and product feedback, thereby optimizing our product design, marketing strategies, and website functionality, and enhancing our service quality and competitiveness.
Legal Compliance: When necessary, we may use your personal data to comply with applicable laws and regulations, respond to legal process, protect our legal rights and interests, and ensure the security of our website and users.

5. Data Sharing and Disclosure
Third-Party Service Providers: We may share your personal data with third parties that provide services to us, such as logistics companies, payment processors, and email marketing service providers. These third parties will only access and process your data to the extent necessary to perform their service duties, and we require them to comply with strict data protection obligations to ensure the security of your data. Legal Requirements: We may disclose your personal data when required by law, such as in response to a subpoena, government investigation, or other legal process. We may also disclose your data when we believe it is necessary to protect our rights, property, or safety, or the rights, property, or safety of others.
Business Transfers: If we undergo a business transfer, merger, acquisition, or asset sale, your personal data may be transferred to the relevant third party as part of that transaction. We will notify you before any such transfer and ensure that the new owner adheres to this Privacy Policy or provides an equivalent level of data protection.

6. Data Security

We prioritize the security of your personal data and implement a series of technical and organizational measures to protect it from unauthorized access, use, disclosure, modification, or destruction. These measures include, but are not limited to:

Data Encryption: Sensitive data, such as payment information, is encrypted during transmission and storage to ensure confidentiality.

Access Control: We maintain a strict access control mechanism to limit access to your personal data to authorized personnel and assign appropriate access rights based on their job responsibilities.

Security Vulnerability Management: We conduct regular security vulnerability scans and assessments to promptly identify and address potential security issues and maintain system security. Employee Training: We provide data protection training to employees involved in processing your personal data to enhance their security and compliance awareness and ensure they handle data in accordance with this Privacy Policy and relevant laws and regulations.

Despite the measures we have taken, please note that the internet is not a completely secure environment, and we cannot guarantee the absolute security of data transmission. If you believe your personal data may be at risk, please contact us immediately.

7. Data Subject Rights

Under the EU General Data Protection Regulation, you, as a data subject, have the following rights:

Right of Access: You have the right to request a copy of the personal data we hold about you and to be informed of how we process it.

Right of Correction: If you discover that the personal data we hold about you is inaccurate or incomplete, you have the right to request that we correct it.

Right to Erasure (Right to Be Forgotten): You have the right to request that we erase your personal data under certain conditions. For example, if the data is no longer necessary for the purposes for which we collected and used it, or if you have withdrawn your consent and there is no other legal basis for the continued processing of the data. Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data, for example, if you contest the accuracy of the data, while we are verifying its accuracy, or in other specific circumstances. Right to Data Portability: You have the right to request that we provide you with your personal data in a structured, commonly used, and machine-readable format and, where technically feasible, to transmit that data directly to another data controller. Right to Object: You have the right to object to our processing of your personal data based on legitimate interests or the public interest, including processing for direct marketing purposes. If you exercise your right to object, we will cease the relevant processing unless we have compelling legitimate grounds to continue processing the data. Right to Withdraw Consent: If our processing of your personal data is based on your consent, you have the right to withdraw your consent at any time. Withdrawing consent will not affect the lawfulness of processing based on consent before its withdrawal. If you wish to exercise any of these rights, please contact us using the contact information provided in this Privacy Policy. We will respond to your request within one month of receiving it. If necessary, we may extend this time based on the circumstances, but we will notify you promptly. Before processing your request, we may need to verify your identity to ensure the security of your personal data.

8. Data Storage and Retention
We will retain your personal data only for as long as necessary to fulfill the purposes for which it was collected and used, taking into account applicable legal and regulatory requirements and business needs. When determining data retention periods, we consider the following factors:
Legal Requirements: Certain laws and regulations stipulate minimum periods for which we must retain certain types of data, such as tax records and contract documents.
Business Needs: We may need to retain your personal data for certain business purposes, such as maintaining customer relationships, handling after-sales issues, conducting market analysis, and improving our services.
Data Value and Use: We will promptly delete or anonymize data that is no longer of business value or relevant to current business activities so that it can no longer be used to identify you.

9. Protection of Minors
Our services are not intended for minors under the age of 16. If we discover that we have accidentally collected personal data from a minor under the age of 16, we will delete that data as soon as possible. If you believe we may have accidentally collected your child's personal data, please contact us immediately.

10. Policy Changes
We may update this Privacy Policy based on changes in laws and regulations, business development needs, or other reasons. We will post the updated Privacy Policy on our website and notify you by appropriate means before any changes take effect, such as by posting a notice on our website or sending you an email. Please review this Privacy Policy regularly to stay informed of any changes to our handling of your personal data.

11. Contact Information

If you have any questions, comments, or suggestions regarding this Privacy Policy or our handling of your personal data, or if you wish to exercise your rights as a data subject, please contact us through the following means: