Art Storefronts Privacy Policy

This is where you’ll find our Privacy Policy where you can learn about how we protect your privacy, and our Terms of Use which determine what you can and can’t do with our products and how we handle user accounts, and our Accessibility Statement.

Privacy Policy Statement

Art Storefronts (referred to as “Company,” “we,” or “us”) respects your privacy. This Policy describes the ways we collect information from and about you, and what we do with the information, so that you may decide whether or not to provide information to us. By accessing our website, or purchasing our products or services you agree to this Privacy Statement in addition to any other agreements we might have with you. Art Storefronts Privacy Statement does not govern the practices of entities that our Company does not own or control, or entities that do not own or control our company or people that our Company does not employ or manage. This Privacy Policy Statement incorporates the EU-U.S. Data Privacy Framework Principles Statement as well as the  the  Swiss-U.S Data Privacy Framework, as is listed below.  The EU-U.S. Data Privacy Framework Principles does NOT apply to SW-US Human Resource Data.

Collection of your Personal Information

The information we collect may include your personal information, such as your name, contact information, IP addresses, product and service selections and other things that identify you. We collect personal information from you at certain points, including but not limited to the following:

  • when we correspond with you as a customer or prospective customer;
  • when you visit our website;
  • when you register as an end-user of our services and an account is created for you;
  • when you contact us for help;
  • when you attend our customer conferences or webinars; and
  • when the site sends us error reports or application analytics data.

Our Use of your Personal Information

Our Company may use information that we collect about you to:

  • deliver the products and services that you have requested;
  • provide you with customer support;
  • perform research and analysis about your use of, or interest in, our products, services, or content, or products, services or content offered by others;
  • communicate with you by e-mail, postal mail, telephone and/or mobile devices about products or services that may be of interest to you either from us, or other third parties;
  • develop and display content and advertising tailored to your interests on our site and other websites;
  • verify your eligibility and deliver prizes in connection with promotions, contests and sweepstakes;
  • enforce our terms and conditions;
  • manage our business;
  • transfer personal information to third parties for any legally permissible purpose in our sole discretion.

Disclosure of your Personal Information to Third Parties

We may share your personal information with third parties in the following ways:

  • we may provide your information to our agents, vendors or service providers who perform functions on our behalf or who help us provide and support our Services. For example, if it is necessary to provide you something you have requested. Examples of our Vendors and Service Providers include payment processors, hosting services and content delivery services, such as Salesforce, Stripe, Zendesk, Google, Drip, Mailchimp and Intercom ;
  • third party contractors may have access to our databases. Usually these contractors sign a standard confidentiality agreement;
  • we may share your data with any parent company, subsidiaries, joint ventures, other entities under a common control or third party acquirers. We expect these other entities will honor this Privacy Statement;
  • we may allow a potential acquirer or merger partner to review our databases, although we would restrict their use and disclosure of this data during the diligence phase;
  • as required by law enforcement, government officials, or other third parties pursuant to a subpoena, court order, or other legal process or requirement applicable to our Company; or when we believe, in our sole discretion, that the disclosure of personal information is necessary to prevent physical harm or financial loss, to report suspected illegal activity or to investigate violations of our agreements or Company policies; and sometimes, we share your information with our third party Service Providers,
  • we may, from time to time, offer surveys, contests, sweepstakes, or other promotions on our Websites or through social media (collectively “Our Promotions”). Participation in our Promotions is completely voluntary. Information requested for entry may include personal contact information such as your name, address, date of birth, phone number, email address, username, and similar details. We use the information you provide to administer Our Promotions. We may also, unless prohibited by the Promotion’s rules or law, use the information provided to communicate with you, or other people you select, about our Services. We may share this information with our affiliates and other organizations or Service Providers in line with this policy and the rules posted for the Promotion.
  • other third parties with your consent or direction to do so.
  • Please note that these third parties may be in other countries where the laws on processing personal information may be less stringent than in your country.

Data Requests for California Residents

Art Storefronts complies with the California Consumer Privacy Act of 2018 (the “CCPA”) and other California privacy laws, and it applies solely to “consumers” as that term is defined in the CCPA. Any terms defined in the CCPA have the same meaning when used in this statement.

Only a consumer or a person registered with the California Secretary of State that a consumer authorizes to act on a consumer’s behalf may make a verifiable consumer request related to a consumer’s personal information. A consumer may also make a verifiable consumer request on behalf of that consumer’s minor child.

We cannot respond to a consumer’s request or provide a consumer with personal information if we cannot verify the consumer’s identity or authority to make the request and confirm the personal information relates to that consumer. Making a verifiable consumer request does not require a consumer to create an account with us. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

Data Deletion Requests (“Delete My Information”)

We may deny a consumer’s deletion request if retaining the information is necessary for us or our service providers or customers to; (a) complete the transaction for which we collected the personal information, provide a good or service that a consumer requested, take actions reasonably anticipated within the context of our ongoing business relationship with that consumer, or otherwise perform our contract with that consumer; (b) detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities; (c) debug products to identify and repair errors that impair existing intended functionality; (d) Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law; (e) comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.); (f) Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if a consumer previously provided informed consent; (g) enable solely internal uses that are reasonably aligned with consumer expectations based on a consumer’s relationship with us; (h) Comply with a legal obligation; )(i) make other internal and lawful uses of that information that are compatible with the context in which a consumer provided it.

To initiate a data deletion request, submit your information using our California Privacy Rights Data Request Form or email us at privacy@artstorefronts.com. If you do choose to email us please include the following information: (a) email address; (b) first and last name; and (d) mobile phone number.

Once we receive and confirm a verifiable consumer opt-out request, we will no longer sell that consumer’s personal information, unless an exception applies, and direct our customers to do the same.

Opt-out Requests (“Do Not Sell My Information”)

California residents have the right to opt-out of the sale of their personal information.

To initiate an opt-out request, submit your information using our California Privacy Rights Data Request Form or email us at privacy@artstorefronts.com. If you do choose to email us please include the following information: (a) email address; (b) first and last name; and (d) mobile phone number.

Once we receive and confirm a verifiable consumer opt-out request, we will no longer sell that consumer’s personal information, unless an exception applies, and direct our customers to do the same.

Requesting Your Information (“Right to Know”)

The California Consumer Privacy Act (CCPA) further gave California residents the right to know what PII a business has collected on them.

A consumer may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must include: a) provide sufficient information that allows Indiemark to reasonably verify a consumer is the person about whom we collected personal information or an authorized representative; b) describe a consumer’s request with sufficient detail that allows Indiemark to properly understand, evaluate, and respond to it.

To initiate a Right to Know request, submit your information using our California Privacy Rights Data Request Form or email us at privacy@artstorefronts.com. If you do choose to email us please include the following information: (a) email address; (b) first and last name; and (d) mobile phone number.

Indiemark typically collects first name, last name, postal address, email address, IP address, date of birth, phone, email activity, risk score, quality score and modeled inferences.

Once we receive and confirm the verifiable consumer “Right to Know” request, we will provide you with; (a) the categories of personal information it has collected about you; (b) the categories of sources from which the personal information is collected; (c) the business or commercial purpose for collecting or selling personal information; (d) the categories of third parties with whom the business shares personal information; (e) the specific pieces of personal information it has collected about you.

Response Timing and Format.

We endeavor to respond to a verifiable request within 45 days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. We will deliver our written response by mail or electronically. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. All information will be provided in Rich Text or PDF format.

Public Information

  • We have public blogs on our Website. Any information you include in a comment on our blog may be read, collected, and used by anyone. If your Personal Information appears on our blogs and you want it removed, contact us at privacy@artstorefronts.com or click the “unsubscribe” link found at the bottom of every email.
  • Social media platforms and widgets. Our Websites include social media features, these features may collect information about your IP address and which page you are visiting on our Website, and they may set a cookie to make sure the feature functions properly. Social media features and widgets are either hosted by a third party or hosted directly on our Website. We also maintain presences on social media platforms including Facebook, Twitter, and Instagram. Any information, communications, or materials you submit to us via a social media platform is done at your own risk without any expectation of privacy. We cannot control the actions of other users of these platforms or the actions of the platforms themselves.

Our Security Measures to Protect your Personal Information

Our Company uses industry-standard technologies when transferring and receiving data exchanged between our Company and other companies to help ensure its security. This site has security measures in place to help protect information under our control from the risk of accidental or unlawful destruction or accidental loss, alteration or unauthorized disclosure or access. However, “perfect security” does not exist on the Internet. Also, if this website contains links to other sites, our Company is not responsible for the security practices or the content of such sites.

Our Use of Cookies, Web Beacons, Web Analytics Services, and Links

  • Cookies are text files we place in your computer’s browser to store your preferences. Cookies, by themselves, do not tell us your e-mail address or other personally identifiable information unless you choose to provide this information to us by, for example, registering at one of our sites. However, once you choose to furnish the site with personal information, this information may be linked to the data stored in the cookie. We use cookies to allow you to login to your account, and also for us to understand site usage and to improve the content and offerings on our sites. We also may use cookies to offer you products, programs, or services. You have many choices with regards to the management of cookies on your computer. All major browsers allow you to block or delete cookies from your system. To learn more about your ability to manage cookies, please consult the privacy features in your browser.
  • Web Beacons. Our Company and third parties may also use small pieces of code called “web beacons” or “clear gifs” to collect anonymous and aggregate advertising metrics, such as counting page views, promotion views, or advertising responses. These “web beacons” may be used to deliver cookies that conform to our Company’s cookie requirements.
  • Web Analytics Services. We use Google Analytics, a service for the marketing analysis of the site provided by Google, Inc. Google Analytics uses cookies to allow us to see how you use our site so we can improve your experience. Google’s ability to use and share information collected by Google Analytics about your visits to the site is restricted by the Google Analytics Terms of Use available at http://www.google.com/analytics/terms/us.html and the Google Privacy Policy available at http://www.google.com/policies/privacy/. You can prevent Google Analytics from recognizing you on return visits to the site by disabling cookies in your browser. If you prefer to not have data reported by Google Analytics, you can install the Google Analytics Opt-out Browser Add-on available at https://tools.google.com/dlpage/gaoptout.
  • We may create links to other websites. We will make a reasonable effort to link only to sites that meet similar standards for maintaining each individual’s right to privacy. However, many other sites that are not associated with or authorized by our Company may have links leading to our site. Our Company cannot control these links and we are not responsible for any content appearing on these sites. Since this website does not control the privacy policies of third parties, you are subject to the privacy practices of that third party. We encourage you to ask questions before you disclose any personal information to others.

  • Our Company websites may use third parties to present or serve the advertisements that you may see at its web pages and to conduct research about the advertisements and web usage. This Privacy Statement does not cover any use of information that such third parties may have collected from you or the methods used by the third parties to collect that information.

Our Retention of your Personal Information

We will retain any personal information only for as long as is necessary to fulfill the business purpose it was collected. We will also retain and use your personal information for as long as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

Your Right to Opt-Out or Unsubscribe from Communication

If you do not want to receive communication from us in the future, please let us know by sending us e-mail at privacy@artstorefronts.com. If you supply us with your postal address online you will only receive the information for which you provided us your address. 

International Transfers of your Personal Information

Information collected from you may be stored and processed in the United States or any other country in which our Company or agents or contractors maintain facilities, and by accessing our sites and using our services, you consent to any such transfer of information outside of your country. European Union or Swiss individuals may refer to the EU-U.S. Data Privacy Framework Principles statement and the Swiss-U.S Data Privacy Framework with regard to the transfer of their personal data. We have appropriate security measures in place in our physical facilities to protect against the loss, misuse or alteration of information that we have collected from you at our site.

Merchants and Partners

The GDPR also applies to the merchants and partners of Art Storefronts who operate in the EU/EEA (European Union/European Economic Area) or Switzerland and offer goods or services to residents of the EU/EEA or Switzerland. While Art Storefronts is performing action to be compliant with GDPR, and to provide its merchants with tools to help its merchants comply, each merchant is ultimately responsible for ensuring that their business complies with the laws of the jurisdictions in which they operate or have buyers. Using Art Storefronts does not guarantee that a merchant or partner complies with GDPR. 

Merchants and Partners Access to and Updating or Deletion of your Personal Information

The GDPR also gives certain rights to identified or identifiable persons (referred to as data subjects), including Art Storefronts merchants. These include the right to request at no cost;

  • Deletion of personal data
  • Correction of their data
  • Access to their data
  • An export of their data in a portable format

Buyers

The GDPR also gives certain rights to identified or identifiable persons (referred to as data subjects), including buyers visiting stores belonging to Art Storefronts merchants. These include the right to request;

  • Deletion of personal data
  • Correction of their data
  • Access to their data
  • An export of their data in a portable format

COPPA (Children Online Privacy Protection Act)

When it comes to the collection of personal information from children under the age of 13 years old, the Children's Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States' consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children's privacy and safety online.

We do not specifically market to children under the age of 13 years old.

Changes to our Privacy Statement

Our Company may amend this Privacy Statement at any time by posting a new version. It is your responsibility to review this Privacy Statement periodically as your continued use of this website represents your agreement with the then-current Privacy Statement.

Contacting Us

If you have any questions about this Privacy Statement, the practices or concerns of this site, or feel that the site is not following its said policy, please contact our Privacy Officer at: privacy@artstorefronts.com

EU-U.S. Data Privacy Framework Principles Statement

Art Storefronts complies with the EU-US EU-U.S. Data Privacy Framework Principles Framework and the Swiss-US EU-U.S. Data Privacy Framework Principles Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland.

If there is any conflict between the policies in this privacy policy and the EU-U.S. Data Privacy Framework Principles or Swiss-U.S Data Privacy Framework , the EU-U.S. Data Privacy Framework Principles shall govern. To learn more about the EU-U.S. Data Privacy Framework Principles program, and to view our certification page, please visit https://www.dataprivacyframework.gov/ . This Privacy Statement outlines our general policy and practices for implementing the Principles, including the types of information we gather, how we use it and the notice and choice affected individuals have regarding our use of and their ability to correct that information.

EU-U.S. Data Privacy Framework Principles does NOT apply to SW-US Human Resource Data.

A) Definitions

“Personal Data” means information that (1)is transferred from the EU/EEA or Switzerland to the United States; (2) is recorded in any form; (3) is about, or pertains to a specific individual; and (4) can be linked to that individual.

“Sensitive Personal Information” means personal information that reveals race, ethnic origin, sexual orientation, political opinions, religious or philosophical beliefs, trade union membership or that concerns an individual’s health.

B) Principles

Art Storefronts may receive Personal Data from its own personnel as well as from its affiliates and other parties located in the EU/EEA. Such information may contain names, addresses, email addresses and payment information and may be about customers, clients of customers, business partners, consultants, employees, and candidates for employment and includes information recorded on various media as well as electronic data.

Other than its own human resources data, Art Storefronts generally does not collect Personal Data directly from individuals. Art Storefronts, however, acting as a data processor may receive Personal Data via its customers.
 
Personal Data Collection Principles:

  1. We shall inform an individual of the purpose for which we collect and use their Personal Data and the types of third parties to which our Company discloses or may disclose that Personal Data. Our Company shall provide the individual with the choice and means for limiting the use and disclosure of their Personal Data. Notice will be provided in clear and conspicuous language when individuals are first asked to provide Personal Data to our Company, or as soon as practicable thereafter, and in any event before our Company uses or discloses the Personal Data for a purpose other than for which it was originally collected. Art Storefronts may be required to disclose Personal Data in response to lawful request by public authorities, including to meet national security or law enforcement requirements.
  2. Individuals have the opportunity to choose (opt out) whether their Personal Data is (1) to be disclosed to a non-Agent third party or (2) to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual by contacting our privacy officer via email at privacy@artstorefronts.com.  Agents, technology vendors and/or contractors of Art Storefronts or its  affiliates may have access to an individual’s Personal Data on a need to know basis for the purpose of performing services on behalf of Art Storefronts or providing or enabling elements of the services. All such agents, technology vendors and contractors who have access to such information are contractually required to keep the information confidential and not use it for any other purpose than to carry out the services they are performing or as otherwise required by law.
  3. Accountability for Onward Transfer. Prior to disclosing Personal Data to a third party, we shall notify the individual of such disclosure and allow the individual the choice (opt out) of such disclosure. We will: 
  • Limit the data we share with our partners and vendors to only that data we  have permission to share.
  • Proactively confirm that our partners and vendors understand purpose limitations.
  • Ensure partners and vendors will make at least the same level of privacy protection as required by the EU-U.S. Data Privacy Framework Principles and the Swiss-U.S Data Privacy Framework to comply with the purpose limitation and appropriate protection of that data.
  • Transfer such data only for limited and specified purposes as detailed in the privacy policy. 
  • Ascertain that the agent is obligated to provide at least the same level of privacy protection as is required by the Principles.
  • Take reasonable and appropriate steps to ensure that the agent effectively processes the personal information transferred in a manner consistent with our organization’s obligations under the Principles.
  • Upon notice, take reasonable and appropriate steps to stop and remediate unauthorized processing.
  • Art Storefronts requires any third party agent to notify us in the event that it makes a determination that it can not longer meet its obligation to provide the same level of protection as is required by the EU-U.S. Data Privacy Framework Principles and the Swiss-U.S Data Privacy Framework.
  • Provide a summary or representative copy, of the relevant privacy policy provision of its contract with that agent, to the department upon request. 
  • Unless we prove that we are not responsible for the event giving rise to the damage.  Art Storefronts recognizes its responsibility and potential liability for onward transfers.  
  1. Data Security. We shall take reasonable steps to protect the Personal Data from loss, misuse and unauthorized access, disclosure, alteration and destruction. Our Company has put in place appropriate physical, electronic and managerial procedures to safeguard and secure the Personal Data from loss, misuse, unauthorized access or disclosure, alteration or destruction. However, our Company cannot guarantee the security of Personal Data on or transmitted via the Internet.
  2. Data Integrity and Purpose Limitation. We shall only process Personal Data in a way that is compatible with and relevant for the purpose for which it was collected or authorized by the individual. To the extent necessary for those purposes, our Company shall take reasonable steps to ensure that Personal Data is accurate, complete, current and reliable for its intended use.
  3. Access and Recourse. We acknowledge the individual’s right to access their Personal Data. We shall allow an individual access to their Personal Data and allow the individual the opportunity to correct, amend or delete inaccurate information, except where the burden or expense of providing access would be disproportionate to the risks to the privacy of the individual in the case in question or where the rights of persons other than the individual would be violated. Individuals may contact our Privacy Officer via email to request access.
  4. Enforcement and Liability. The Federal Trade Commission has jurisdiction over Art Storefronts compliance with the EU-U.S. Data Privacy Framework Principles. In compliance with the EU-U.S. Data Privacy Framework Principles, Art Storefronts commits to resolve complaints about privacy and our collection or use of Personal Data. European Union or Swiss individuals with inquiries or complaints regarding this privacy policy should first contact us at:

Art Storefronts
Privacy Officer
9901 Brodie Lane Suite 160 #1095 
Austin, TX 78748, USA
E-mail: privacy@artstorefronts.com

  1.  Human Resources Data. Art Storefronts would generally not collect human resources data.  If there was reason to collect such information and there was a complaint it would be addressed within a timely period.  If your complaint is not satisfactorily addressed by Art Storefronts, and your inquiry or complaint involves human resource data, you may have your complaint considered by an independent recourse mechanism: for EU/EEA Data Subjects, a panel established by the EU data protection authorities (“DPA Panel”), and for Swiss Data Subjects, the Swiss Federal Data Protection and Information Commissioner (“FDPIC”). To do so, you should contact the state or national data protection or labor authority in the jurisdiction where you work.  Art Storefronts agrees to cooperate with the relevant national DPAs and to comply with the decisions of the DPA Panel and the FDPIC.  The services of EU DPAs are provided at no cost to you.
  2. Independent Recourse - Non-Human Resources Data. Art Storefronts has further committed to refer unresolved EU-U.S. Data Privacy Framework Principles complaints and the Swiss-U.S Data Privacy Framework complaints to EU data protection authorities (“DPA Panel”) and  The Swiss Federal Data Protection and Information Commissioner (“FDPIC”), an alternative dispute resolution provider located in the     (the EU, or Switzerland, as applicable). If you do not receive timely acknowledgment of your complaint from us, or if we have not resolved your complaint, please contact or visit :

    Art Storefronts complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Art Storefronts has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF. Art Storefronts has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/

EU DPA Contact: 

https://ec.europa.eu/info/departments/justice-and-consumers_en#contactPhone number+32 2 299 11 11 (Commission switchboard)Postal address:Directorate-General for Justice and ConsumersEuropean Commission1049 Bruxelles/Brussel Belgium

FDPIC Contact: 

https://www.edoeb.admin.ch/edoeb/en/home/the-fdpic/links/data-protection---switzerland.html

Data Protection and Information Commissioner of Switzerland

Tell. +41 58 462 43 95; Fax +41 58 462 99 96 

Please note that if your complaint is not resolved through any of the above channels, under limited circumstances, a binding arbitration option may be available before a EU-U.S. Data Privacy Framework Principles Panel or the Swiss-U.S Data Privacy Framework.


C) Information Subject to Other Policies
We are committed to following the Principles for all Personal Data within the scope of the EU-U.S. Data Privacy Framework Principles Frameworks and Swiss-U.S Data Privacy Framework. However, certain information is subject to policies of Art Storefronts that may differ in some respects from the general policies set forth in this Privacy Statement.


Updated: April 02, 2024

x

Sell More Art Online

If we can't teach you, no one can!