Privacy Policy

Heavenly Heat Saunas (“Heavenly Heat Saunas,” “we,” “us,” or “our”) prioritizes the protection and confidentiality of your personal information. This Privacy Policy aims to clarify how we collect, utilize, and safeguard the data you provide while interacting with our website (the “Site”) and the services available through our Site (the “Services”).

Periodically, we may update this Privacy Policy and post the revised version on this webpage. Significant changes to the policy will be communicated through various means, such as email notifications or announcements on our website’s main page. In accordance with relevant data protection laws, we will seek your consent for any major changes where required. Regular review of this Privacy Policy is recommended.

Also, refer to our Terms of Use for guidance on proper engagement with our Sites and Services.

Covered in this Privacy Policy are:

The essence of Heavenly Heat Saunas Information Collection and Usage Use of Cookies and Other Tracking Mechanisms Third-Party Data Processors Transfers of Data Across Borders Handling of “Do Not Track” Signals Choices in Advertising and Marketing Links to Third-Party Websites Data Security Measures Privacy of Minors Your Options and Rights Regarding Data Specific Rights Regarding Personal Data in Europe and the United Kingdom Specific Rights Regarding Personal Data in the United States (Including California) Policy Accessibility Contact Information

  1. What is Heavenly Heat Saunas?

Heavenly Heat Saunas originated from a personal experience with infrared therapy’s healing effects. Our founder, Bob Morgan established Heavenly Heat Saunas in 1988 to share the extraordinary benefits of infrared therapy using safe construction practices unlike other practices he saw being used in the marketplace. The company continues to bring wellness-focused products to homes and businesses.

Heavenly Heat Saunas is headquartered at 543 E Andy Devine Ave, KingmanAZ 86401. We act as the data controller for all personal data collected from residents in the European Economic Area and the United Kingdom.

  1. Collecting and Using Information

Types of Personal Data We Collect

Your interaction with our Site and Services allows us to gather personal data. In this Privacy Policy, “Personal Data” refers to information about an identifiable individual that we maintain in an accessible format.

Information You Provide

You may offer various types of Personal Data when engaging with our Site or Services, including but not limited to:

Brochure Requests: When seeking information about products not listed on our website, you’ll provide your name, contact details, and intended product use. Online Purchases: Buying products online requires your name, address, contact details, and payment information. Live Chat: Engaging in live chat necessitates providing your name and email. Product Support Requests: For support, you may need to share your name, contact details, sauna model, issue description, and possibly a photograph of the issue. General Inquiries: Contacting us might require your name and contact details. Partner and Referral Programs: Joining these programs requires details like your name, company, contact information, and other relevant data. Site and Services Interactions: Feedback or other interactions may require your name and contact details. SMS Communications: We may send SMS messages as part of our service offerings.

Automatically Collected Information

As you navigate the Site and Services, we automatically collect certain Personal Data, including:

Usage Details: We track which pages you access on the Site and how often. Device Information: We gather data about the device you use, such as model, operating system, and browser type. Mobile Device Data: We collect mobile-specific data when you access our Site on such devices. Location Data: We collect city-level location information from Site visitors. Third-Party Data

Occasionally, we may receive Personal Data about third parties from you, like when you provide someone else’s details for product delivery. It’s your responsibility to ensure authority to share such data and its use aligns with this Privacy Policy.

Personal Data Usage

We use collected Personal Data to deliver Services, enhance our Site and Services, and safeguard our legal rights. Specific uses include:

Providing product and pricing information Administering promotions Sending marketing and informational communications Site and service improvements Legal compliance and rights protection Personal Data Sharing

We may share your data as follows:

With service providers for data-related services, under confidentiality agreements For advertising and marketing purposes As required by law or legal processes To defend or exercise our legal rights With entities involved in business transactions like mergers or asset sales Where you have consented to the sharing We do not share SMS consent with third parties.

  1. Cookies and Other Tracking Technologies

Like many companies, we utilize cookies and similar technologies (e.g., pixels, web beacons). Our Cookie Policy provides detailed information on our use of these technologies and how you can manage your preferences.

Google Analytics

We use Google Analytics to help analyze user interaction with our Site and Services, generating reports on activities and providing related services. Google may collect data like your IP address and visit details, but does not gather personally identifying information. Google’s privacy policies govern the handling of this data. For more on Google’s services and opt-out options, visit their website.

  1. Third-Party Processors

We have appropriate arrangements with third-party processors who handle your Personal Data, ensuring alignment with data security and privacy laws. This includes services for web analytics, eCommerce, payment processing, and data backup and recovery.

  1. International Data Transfers

The U.S. may have different privacy laws that might be less protective than those of your country. By using our Services, you consent to the transfer, processing, and storage of your data in the U.S., regardless of your home country. This applies to various interactions with our Site and Services. We implement safeguards for these transfers, including standard contractual clauses for transfers from the EEA, Switzerland, or the U.K. For more information, contact us at [email protected].

  1. “Do Not Track” Signals

We do not currently respond to “Do Not Track” signals from web browsers, as there is no uniform standard for such signals.

  1. Advertising and Marketing Choices

Based on your location and applicable laws, you may have set preferences or given consent for marketing communications. Regardless of location, we will respect your choices.

If you wish to opt out of email marketing, use the unsubscribe link in our emails or contact us at [email protected]. For telephone marketing, you can express your preference during the call.

To opt out of text messages or calls, text “STOP” for SMS or request opt-out during calls. Opt-outs are specific to the phone number used.

  1. Third-Party Links

Our Site and Services may include links to other websites. These external sites are not under our control, and this Privacy Policy does not apply to them. We are not responsible for the privacy practices of other sites.

  1. Security

We implement reasonable security measures to protect your Personal Data from loss, misuse, unauthorized access, or destruction. However, no internet-based system is entirely secure. While we strive for the highest level of protection, we cannot guarantee absolute security.

  1. Children’s Privacy

Our Site and Services are not meant for individuals under 18. We do not knowingly collect data from children under this age.

  1. Your Choices and Rights

Depending on your location, you may have additional rights regarding your Personal Data. These may include rights to access, delete, update, or correct your data, or to object to or opt out of direct marketing. To exercise these rights, contact us at [email protected]. We will process requests in line with legal requirements.

  1. Your Personal Data and Your Rights – Europe and the United Kingdom Only

Residents of the EEA or the U.K. have specific rights and legal bases for processing Personal Data:

Legal Bases for Processing

We process your data based on consent, legitimate interests, contract fulfillment, or legal obligations. Withdrawal of consent does not affect the lawfulness of prior processing.

Your Rights

You have rights to access, rectify, restrict, object to, delete, and transfer your Personal Data. For more details or to exercise these rights, contact us using the information provided below.

Make a Complaint

If you have concerns or complaints about our data processing, please reach out to us. You also have the right to complain to your local supervisory authority.

Data Retention

We retain Personal Data as long as necessary for the purposes outlined in this Privacy Policy and to comply with legal obligations.

  1. Your Personal Data and Your Rights – United States Only (Including California)

Notice to Nevada Residents

Nevada law allows residents of Nevada to opt out of the sale of certain types of personal information. Subject to various exceptions, Nevada law defines “sale” as the exchange of certain kinds of personal information for monetary gains to a third party for the third party to license or resell the information to others. Heavenly Heat Saunas does not engage in the sale of personal information as interpreted by Nevada law. Nevertheless, Nevada residents may submit a verified request to opt-out of sales, and we will record and honor these instructions should our policy change in the future. Opt-out requests may be sent to [email protected].

Notice to California Residents

The California Consumer Privacy Act (CCPA) mandates that we provide California residents with a privacy policy that comprehensively describes our practices concerning the collection, use, disclosure, and sale of personal information, and the rights of California residents regarding their personal information. This section of the Privacy Policy is specifically for California residents. If you are not a resident of California, this section does not apply to you.

The CCPA defines “personal information” as information that identifies, relates to, describes, can be associated with, or could reasonably be linked, directly or indirectly, with a particular California resident or household. Personal information does not include publicly available, deidentified, or aggregated information. For this “Notice to California Residents” section, we refer to this as “Personal Information.”

The CCPA has an exemption that applies to us. Certain CCPA privacy rights do not apply to personal information collected in a business-to-business context. This refers to information reflecting communication or a transaction between us and a consumer, where the consumer is acting as an employee, owner, director, officer, or contractor of another entity and when the communication or transaction occurs solely within the context of us conducting due diligence regarding, or providing or receiving a product or service to or from such entity.

Your Right to Know About Personal Information Collected, Disclosed, or Sold

As a California resident, you have the right to request disclosure of Personal Information we have collected about you in the 12 months preceding your request. This right includes requesting:

  • Specific pieces of Personal Information we collected about you.
  • Categories of Personal Information we collected about you.
  • Categories of sources from which the Personal Information was collected.
  • Categories of Personal Information we sold or disclosed for a business purpose.
  • Categories of third parties to whom the Personal Information was sold or disclosed for a business purpose.
  • The business or commercial purpose for collecting or, if applicable, selling Personal Information.

The CCPA defines “sell” as selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating a California resident’s Personal Information to another business or a third party for monetary or other valuable consideration.

Collection of Personal Information

Over the past 12 months, we have collected the following categories of Personal Information about California residents from them directly and from data analytics providers and social networks:

  • Identifiers like name, postal address, internet protocol address, email address, account name, Social Security number.
  • Unique personal identifiers such as device identifier, cookies, pixel tags, mobile ad identifiers, or other similar technology; telephone numbers, or other forms of persistent or probabilistic identifiers.
  • Telephone number.
  • Credit and debit card number.
  • Internet or other electronic network activity information (browsing history, search history, and information regarding interaction with our Site).
  • Geolocation data.
  • Commercial information (records of products or services purchased, obtained, or considered, and other purchasing or consuming histories or tendencies).

Besides the purposes stated in the section “Collecting and Using Information,” these categories of Personal Information are collected for various business or commercial purposes including:

  • Detecting security incidents and protecting against malicious, deceptive, fraudulent, or illegal activity.
  • Debugging to identify and repair errors.
  • Short-term, transient use, without disclosing the information to another third party or using it to build a consumer profile.
  • Performing services on behalf of the business, like customer service, processing orders, verifying customer information, or providing similar services.
  • Conducting internal research for technological development and demonstration.
  • Ensuring the quality or safety of a service or device and improving, upgrading, or enhancing the service or device.
  • Advancing commercial or economic interests.

Disclosure or Sale of Personal Information

In the past 12 months, we disclosed for a business purpose to service providers, or sold to third parties, the following categories of Personal Information, specifying for each category the type of service providers or third parties to whom the Personal Information was sold or disclosed:

  • [Insert table or list of Personal Information categories and corresponding third parties]

We do not knowingly collect or sell the Personal Information of minors under 16 years of age.

Right to Request Deletion of Personal Information

As a California resident, you have the right to request the deletion of Personal Information about you that we have collected. However, according to the CCPA, we are not required to comply with a deletion request if it is necessary to maintain your Personal Information for specific purposes such as completing a transaction, detecting security incidents, complying with legal obligations, or other internal uses that are lawfully compatible with the context in which you provided the information.

Submitting a Request to Know or Delete

You may submit a request to know or delete by completing the online form, emailing us at [email protected], or by calling us at 1-804-338-0612.

Process for Verifying a Request to Know or Delete

Upon receiving your request, if it is subject to an exemption or exception, we will inform you of our decision. If your request is not exempt or excepted, we will comply with it upon verifying your identity to a “reasonable degree of certainty” or a “reasonably high degree of certainty,” depending on the sensitivity of the Personal Information and the risk of harm by unauthorized disclosure or deletion.

  • For requests to access categories of Personal Information or delete non-sensitive Personal Information posing no risk of harm by unauthorized deletion, we will verify your identity to a “reasonable degree of certainty” by verifying at least two data points you previously provided to us.
  • For requests to access specific pieces of Personal Information or delete sensitive Personal Information posing a risk of harm by unauthorized deletion, we will verify your identity to a “reasonably high degree of certainty,” requiring at least three pieces of previously provided Personal Information and a signed declaration under penalty of perjury.

Right to Opt-Out of Sale of Personal Information

If you are a California resident, you have the right to direct businesses to stop selling your Personal Information. We do not currently sell Personal Information as defined in the CCPA.

Right to Non-Discrimination for Exercising Privacy Rights

We will not discriminate against California residents for exercising any CCPA rights. This means we will not deny goods or services, charge different prices or rates, provide a different level or quality of goods or services, or suggest that you will receive a different price or rate for goods or services or a different level or quality of goods or services. However, we may charge a different price or rate or provide a different level or quality of goods or services if that difference is reasonably related to the value provided to us by the individual’s data.

Authorized Agents

Requests submitted by an authorized agent on behalf of a California resident will be processed once we have verified the agent’s authority to act on the resident’s behalf.

Shine the Light Law

We do not disclose personal information obtained through our Site or Services to third parties for their direct marketing purposes. Therefore, we have no obligations under California Civil Code § 1798.83.

  1. Accessibility

Heavenly Heat Saunas is dedicated to ensuring this Privacy Policy is accessible to individuals with disabilities. If you need to access this Privacy Policy in an alternative format, please contact us as outlined below.

  1. How to Contact Us

For inquiries or concerns regarding our privacy policies or practices, please contact us via email at [email protected] or by mail at:

Heavenly Heat Saunas, LLC. [543 E Andy Devine Ave, KingmanAZ 86401] [804 338-0612]