This Privacy Policy applies to users in the UK. Users from outside of the United Kingdom should be aware that data protection laws may differ in their jurisdiction. By using our Site, you consent to the collection, processing, and storage of your data as described in this policy.
This Privacy Policy and any disputes related to our services will be governed by and construed in accordance with the laws of the United Kingdom, and any legal actions or proceedings relating to this policy shall be brought in the courts of the United Kingdom.
www.heavenly-messages.com (the "Site") is owned and operated by Heavenly Messages. Any questions surrounding this policy can be directed at privacy@heavenly-messages.com.
The purpose of this privacy policy (this "Privacy Policy") is to inform users of our Site of the following:
This Privacy Policy applies in addition to the terms and conditions of our Site.
We adhere to the General Data Protection Regulation (GDPR) for users in the United Kingdom, as well as the Data Protection Act 2018.
We have not appointed a Data Protection Officer (DPO) as we do not meet the criteria under Article 37 of the GDPR. However, we have implemented measures to protect your privacy and personal data in compliance with GDPR requirements.
Users from outside of the United Kingdom should be aware that data protection laws in their jurisdiction may differ, and by using our Site, you consent to the collection, processing, and storage of your personal data in accordance with this Privacy Policy, regardless of your location.
By using our Site users agree that they consent to the conditions set out in this Privacy Policy.
We collect and process personal data about users in the UK only when we have a legal basis for doing so under Article 6 of the GDPR.
We process your personal data based on the following legal grounds under the GDPR:
We collect only the data necessary to provide our services, process payments, fulfill orders, and communicate with users about their accounts. This includes both automatically collected data and data provided by users. We will not collect any additional data without notifying you first.
We do not process any sensitive personal data unless explicitly provided by you (e.g., data related to health, personal circumstances, or special category data).
When you visit and use our Site, we may automatically collect and store the following information:
We may also collect the following data when you perform certain functions on our Site:
This data may be collected using the following methods:
Data collected on our Site will only be used for the purposes specified in this Privacy Policy or indicated on the relevant pages of our Site. We will not use your data beyond what we disclose in this Privacy Policy.
The data we collect automatically is used for the following purposes:
The data we collect when the user performs certain functions may be used for the following purposes:
We may disclose user data to any member of our organisation who reasonably needs access to user data to achieve the purposes set out in this Privacy Policy.
We may share your data with trusted third parties such as payment processors (e.g., Stripe) to complete transactions or provide you with our services. These third parties are required to adhere to strict data protection standards and are only allowed access to your data as necessary to fulfill their services. We will never sell your personal data to third parties.
Please note that some of the third-party service providers we use, such as payment processors, may store or process your personal data outside of the UK. When we transfer data outside of the UK, we ensure that adequate safeguards are in place to protect your personal information, in accordance with applicable data protection laws.
We may share user data with the following third parties:
We may share the following user data with third parties:
We may share user data with third parties for the following purposes:
Third parties will not be able to access user data beyond what is reasonably necessary to achieve the given purpose.
We will not sell or share your data with other third parties, except in the following cases:
If you follow hyperlinks from our Site to another Site, please note that we are not responsible for and have no control over their privacy policies and practices.
We store your personal data for as long as necessary to fulfill the purposes for which it was collected, including compliance with legal obligations. User data will be retained for a maximum of 3 months after the last message has been sent, or if no purchases have been made AND no activity is recorded in your account for 12 months, whichever is earlier.
You will be notified if your data is kept for longer than this period.
You can request to have your personal data deleted earlier than this retention period by contacting us at privacy@heavenly-messages.com.
We implement encryption standards (e.g., SSL/TLS) to ensure that data transmission between users and our servers is secure and store all of our data on servers in secure facilities. Additionally, we conduct regular security audits to identify and address potential vulnerabilities.
All data is only accessible to our employees. Our employees are bound by strict confidentiality agreements and a breach of this agreement would result in the employee's termination.
We regularly review and update our security measures to ensure your data remains as protected as possible. However, please be aware that no method of transmission over the internet or electronic storage is completely secure, and while we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.
As a user, you have the following rights under the GDPR:
If you wish to exercise any of these rights, please contact us at privacy@heavenly-messages.com.
When you use our service to send a message to a recipient, you (the user) are responsible for ensuring that the recipient consents to receiving the message. We will only use the recipient's contact details to deliver the message as instructed by you, and for no other purpose. Recipients may opt-out from receiving further communications.
If you (as a recipient) have received a message from us and do not wish to receive further communications, please contact us at privacy@heavenly-messages.com, or use the links included in the email containing the message, and we will promptly address your request and remove your details from our system.
The minimum age to use our website is 18 years of age. We do not knowingly collect or use personal data from people under 18 years of age. If we learn that we have collected personal data from a person under 18 years of age, the personal data will be deleted as soon as possible. If a person under 18 years of age has provided us with personal data their parent or guardian may contact us at privacy@heavenly-messages.com.
If you would like to know if we have collected your personal data, how we have used your personal data, if we have disclosed your personal data and to who we disclosed your personal data, if you would like your data to be deleted or modified in any way, or if you would like to exercise any of your other rights under the GDPR, please contact us at privacy@heavenly-messages.com
In addition to the method(s) described in the How to Access, Modify, Delete, or Challenge the Data Collected section, we provide the following specific opt-out methods for the forms of collection, use, or disclosure of your personal data specified below:
As part of our commitment to user safety, we have implemented automated checks to monitor the creation and activation of messages. These checks are designed to detect potential risks, such as self-harm or other distressing behaviors. If a message is flagged for review, it will be manually assessed by our team. If we believe the content poses a threat to a user's safety, we may notify the relevant authorities, which could involve sharing the content of the message. We aim to inform users of any actions taken in these situations, provided it is safe and appropriate to do so.
These checks are applied selectively, based on specific triggers, such as flagged content or message scheduling.
The checks include:
If a message is flagged by the system, it will be reviewed manually by a member of our team. If the review raises concerns about the safety or well-being of any individuals, we may notify the appropriate authorities. This may include sharing the content of the flagged message and any relevant details to ensure proper intervention and support.
We handle all data collected during these checks with the utmost care and in compliance with applicable data protection laws.
We do not use automated decision-making or profiling that has a legal or similarly significant effect on users, except for the automated checks mentioned earlier in the Safeguarding and Safety Checks section.
We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. Any updates will be posted on this page, and if there are any significant changes to this Privacy Policy, we will notify you by email or through a prominent notice on our website, and we will update the 'Last updated' date at the top of this policy.
If you have any complaints or queries about how we process your personal data, please contact us at privacy@heavenly-messages.com.
If you feel we have not addressed your concern or query in a satisfactory manner you may contact a supervisory authority. You also have the right to directly make a complaint to a supervisory authority. You can lodge a complaint with a supervisory authority by contacting the Information Commissioner's Office in the UK.