Privacy Policy

Last updated: 2026/01/01

1. Information We Collect

When you make a purchase or create an account, we collect your name, email address, shipping address, and order history. Payment information is processed exclusively by Stripe and is never stored on our servers.

When you use the AI Blueprint service, we collect your birthdate and uploaded floor plan images solely for the purpose of generating your energy report.

We use functional cookies essential for site operation (cart persistence, session management). Analytics cookies are optional and only activated with your consent.

2. How We Use Your Information

Your information is used exclusively for: fulfilling orders, sending order confirmations and shipping updates, generating AI Blueprint reports, and — with your explicit consent — sending Weekly Energy Forecast emails.

We do not sell, rent, or trade your personal information to third parties. We do not use your data for automated profiling or decision-making.

3. Your Rights (CCPA & GDPR)

You have the right to:

Access all personal data we hold about you
Request deletion of your personal data
Export your data in a portable format (JSON)
Opt out of marketing communications at any time
Know what categories of data we collect and why

To exercise these rights, email privacy@himaalaia.com or use the account tools available in your account dashboard. We will respond within 30 days as required by law.

4. Data Retention

Order records are retained for 7 years as required by tax law. Non-purchase user data is automatically deleted after 2 years of inactivity. AI Blueprint uploads are deleted 90 days after report generation.

5. Security

All data transmission is encrypted via TLS 1.3. Database content is encrypted at rest. Payment processing is PCI DSS Level 1 compliant via Stripe. We implement rate limiting and input validation on all API endpoints.

6. Contact