Privacy Policy
This Privacy Policy describes how artistmayho.art (the "Site", "we", "us", or "our") collects, uses, and discloses your personal information when you visit, use our services, or make a purchase from www.artistmayho.art (the "Site") or otherwise communicate with us (collectively, the "Services"). For purposes of this Privacy Policy, "you" and "your" means you as the user of the Services, whether you are a customer, website visitor, or another individual whose information we have collected pursuant to this Privacy Policy.
Please read this Privacy Policy carefully. By using and accessing any of the Services, you agree to the collection, use, and disclosure of your information as described in this Privacy Policy. If you do not agree to this Privacy Policy, please do not use or access any of the Services.
1. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes to our practices or for other operational, legal, or regulatory reasons. We will post the revised Privacy Policy on the Site and update the "Last updated" date. If required by law, we will notify you of significant changes via email or other means.
2. How We Collect and Use Your Personal Information
2.1 Information Collection and Use
We collect the following types of information:
Transactional Data: Name, shipping address, email address, phone number, and payment details (handled by third-party payment processors).
Membership Data: Birthdate, order history, and account credentials upon registration.
Automated Data: IP address, device type, browser information, page interaction metrics (e.g., clicks, time spent on pages), and other technical data collected via cookies and similar technologies.
2.2 Purposes of Data Processing
We process your personal information for the following purposes:
|
Purpose |
Data Types |
Legal Basis |
|
Order Fulfillment |
Name, address, payment details |
Contractual Necessity |
|
Membership Benefits |
Birthdate, loyalty points, tier |
Explicit Consent |
|
Targeted Marketing |
Browsing behavior, ad engagement |
Legitimate Interest + Consent |
|
Fraud Prevention |
IP address, device fingerprint |
Legal Obligation |
|
Website Analytics |
IP address, browser data |
Legitimate Interest |
3. Consent and Withdrawal
3.1 Consent Mechanisms
Implicit Consent: By completing a transaction, you grant consent for us to process your data to fulfill your order.
Explicit Consent: We require separate opt-in consent (e.g., via checkbox or pop-up) for: Email marketing communications. Sharing data with third-party partners within the artistmayho.art network for marketing purposes.
3.2 Withdrawal Options
You may withdraw your consent or exercise your rights by contacting us at dearmyfurture@gmail.com.
Access or Delete Your Data: Requests are processed within 15 business days (or up to 30 calendar days in exceptional cases, such as technical issues or legal requirements).
Unsubscribe from Marketing: Processed within 72 hours.
4. Shopify Platform Integration
Our website is built on Shopify and hosted on Shopify. Your data is stored securely on Shopify’s servers, which are protected by industry-standard security measures, including encryption and access controls.
Shopify’s Privacy Policy: For details on how Shopify handles your data, please see their Privacy Policy.
Shopify Data Collection: Features such as comments, user accounts, or e-commerce functionality (e.g., via WooCommerce) may collect additional data. For example, WooCommerce’s privacy policy is available at WooCommerce Privacy Policy.
4.1 Data Retention
Transactional Data: Retained for 7 years to comply with tax and legal obligations, unless you request deletion.
Membership Data: Retained until your account is deleted.
Automated Data: Retained for 12 months for analytics purposes, unless you opt out.
4.2 Data Disclosure
We may disclose your personal information if required by law or if you violate our Terms of Service. We may also share hashed data (e.g., device IDs, emails) with third-party advertising partners (e.g., Google Ads, Meta) for retargeting purposes, with reverse engineering prohibited.
5. Third-Party Services
We use third-party service providers to support our Services, including:
Payment Processing: We use [Stripe/PayPal] for secure payment transactions. Their privacy policies are available at Stripe Privacy Policy or PayPal Privacy Policy.
Analytics: We use Google Analytics to track website usage. Their privacy policy is available at Google Privacy Policy.
Advertising: We use tools like Shopify Analytics SDK and third-party ad platforms (e.g., Google Ads, Meta) for retargeting.
These providers may collect, use, and disclose your information as necessary to perform their services. Some providers may be located in jurisdictions with different data protection laws (e.g., the United States). By using our Services, you consent to the transfer of your data to such jurisdictions, subject to safeguards like Standard Contractual Clauses where applicable.
If you click on links to third-party websites, you will be subject to their privacy policies, not ours. We encourage you to review those policies.
6. Security Measures
We implement robust technical and organizational measures to protect your personal information:
Encryption: TLS 1.3 for data transmission; AES-256-GCM for data storage.
Access Control: Role-based permissions for staff access.
Incident Response: In the event of a data breach, we will notify affected users within 72 hours of confirmation.
We also maintain a bug bounty program to identify vulnerabilities. To report security issues, please email dearmyfurture@gmail.com.
7. Cookie Policy
We use cookies and similar technologies to enhance your experience, provide analytics, and deliver targeted advertising.
Types of Cookies:
Necessary Cookies: Enable core functionality, such as login sessions (e.g., login cookies last 2 days; “Remember Me” cookies last 2 weeks).
Analytics Cookies: Track page navigation and user behavior (e.g., Google Analytics).
Advertising Cookies: Support targeted ads (e.g., Google Ads, Meta).
Cookie Consent: We obtain your consent for non-essential cookies via a consent banner when you first visit our Site. You can manage cookie preferences through your browser settings or by contacting us at dearmyfurture@gmail.com.
Comment Cookies: If you leave a comment, you may opt-in to cookies storing your name, email, and website for convenience. These cookies last for one year.
8. Children’s Privacy
Our Site is not directed toward children under 13, and we prohibit users under 13 from registering or providing personal information, in compliance with the Children’s Online Privacy Protection Act (COPPA). If you believe we have collected data from a child under 13, please contact us at dearmyfurture@gmail.com with supporting documentation (e.g., birth certificate, ID).
9. Do Not Track
We do not alter our data collection practices in response to “Do Not Track” signals from browsers, as there is no consistent industry standard for interpreting these signals.
10. Your Rights
Depending on your jurisdiction, you may have the following rights regarding your personal data:
Access: Request a copy of your data.
Rectification: Correct inaccurate data.
Erasure: Delete your data.
Restriction: Limit how we process your data.
Objection: Object to certain processing (e.g., marketing).
Data Portability: Receive your data in a structured, machine-readable format.
To exercise these rights, contact us at dearmyfurture@gmail.com. We will respond within 15 business days (or up to 30 calendar days in exceptional cases).
11. International Data Transfers
As our Site is hosted on Shopify, your data may be stored on servers located in various countries. By using our Services, you consent to the transfer of your data to jurisdictions outside your country of residence, which may have different data protection laws. We ensure such transfers comply with applicable safeguards, such as Standard Contractual Clauses under GDPR/CCPA.
12. Policy Updates
We may update this Privacy Policy to reflect changes in our practices or legal requirements. We will post the revised version on the Site and update the “Last updated” date. If required by law, we will notify you of significant changes.
13. GDPR/CCPA
If you are a resident of the EEA, you have the right to access the personal information we hold about you, to transfer it to a new service, and to request that your personal information be corrected, updated, or erased. If you would like to exercise these rights, please contact us through the contact information provided below.
If you are a resident of California, you have the right to access the personal information we hold about you (also known as the ‘Right to Know’), to transfer it to a new service, and to request that your personal information be corrected, updated, or erased. If you would like to exercise these rights, please contact us through the contact information provided below. If you would like to designate an authorized agent to submit these requests on your behalf, please contact us at the information provided below.
13. Contact
For questions about this Privacy Policy or to exercise your rights, please contact our Privacy Compliance Officer at dearmyfurture@gmail.com.
