Privacy policy
This Privacy Policy describes how your personal information is collected, used, and shared when you visit or make a purchase from artesty.com (the “Site”).
Personal information we collect
When you visit the Site, we automatically collect certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies that are installed on your device. Additionally, as you browse the Site, we collect information about the individual web pages or products that you view, what websites or search terms referred you to the Site, and information about how you interact with the Site. We refer to this automatically-collected information as “Device Information”.
We collect Device Information using the following technologies:
- “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org.
- “Log files” track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.
- “Web beacons”, “tags”, and “pixels” are electronic files used to record information about how you browse the Site.
Additionally when you make a purchase or attempt to make a purchase through the Site, we collect certain information from you, including your name, billing address, shipping address, payment information (including credit card numbers), email address, and phone number. We refer to this information as “Order Information”.
When we talk about “Personal Information” in this Privacy Policy, we are talking both about Device Information and Order Information.
How do we use your personal information?
We use the Order Information that we collect generally to fulfill any orders placed through the Site (including processing your payment information, arranging for shipping, and providing you with invoices and/or order confirmations). Additionally, we use this Order Information to:
- Communicate with you;
- Screen our orders for potential risk or fraud; and
- When in line with the preferences you have shared with us, provide you with information or advertising relating to our products or services.
We use the Device Information that we collect to help us screen for potential risk and fraud (in particular, your IP address), and more generally to improve and optimize our Site (for example, by generating analytics about how our customers browse and interact with the Site, and to assess the success of our marketing and advertising campaigns).
Sharing you personal Information
We share your Personal Information with third parties to help us use your Personal Information, as described above. For example, we use Shopify to power our online store--you can read more about how Shopify uses your Personal Information here: https://www.shopify.com/legal/privacy. We also use Google Analytics to help us understand how our customers use the Site -- you can read more about how Google uses your Personal Information here: https://www.google.com/intl/en/policies/privacy/. You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.
Finally, we may also share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights.
Behavioural advertising
As described above, we use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.
You can opt out of targeted advertising by using the links below:
- Facebook: https://www.facebook.com/settings/?tab=ads
- Google: https://www.google.com/settings/ads/anonymous
- Bing: https://advertise.bingads.microsoft.com/en-us/resources/policies/personalized-ads
Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at: http://optout.aboutads.info/.
Do not track
Please note that we do not alter our Site’s data collection and use practices when we see a Do Not Track signal from your browser.
Your rights
If you are a European resident, you have the right to access personal information we hold about you and to ask that your personal information be corrected, updated, or deleted. If you would like to exercise this right, please contact us through the contact information below.
Additionally, if you are a European resident we note that we are processing your information in order to fulfill contracts we might have with you (for example if you make an order through the Site), or otherwise to pursue our legitimate business interests listed above. Additionally, please note that your information will be transferred outside of Europe, including to Canada and the United States.
Data retention
When you place an order through the Site, we will maintain your Order Information for our records unless and until you ask us to delete this information.
Text Message Privacy Laws in the United States
Electronic communications in the United States are carefully regulated through strict SMS rules. In addition to these federal regulations, businesses must also observe all text messaging laws by state that may apply to their region.
Four stakeholders oversee wireless device laws for texting in the U.S.:
- Cellular Telecommunications Industry Association (CTIA), a group that represents the wireless communications industry.
- Mobile Marketing Association (MMA), which encourages marketing transformation and innovation through mobile devices (like SMS marketing).
- Federal Communications Commission (FCC), an independent government agency that regulates electronic and media communications by wire, satellite, cable, TV and radio.
- Federal Trade Commission (FTC), another government agency that protects consumers by dealing with complaints or violations that occur via media communications.
The CTIA and MMA advocate for ethical wireless communications and aim to establish the best marketing practices for mass SMS texting.
The FCC and FTC, on the other hand, have legislative powers to enact laws, regulations and penalties for businesses.
Next, we’ll cover the two text messaging privacy laws enforced in the U.S.: the Telephone Consumer Protection Act and the CAN-SPAM Act.
1. Telephone Consumer Protection Act (TCPA)
The Telephone Consumer Protection Act (TCPA) is a product of the FCC. The TCPA is the primary anti-telemarketing law and the leading regulator of SMS marketing.
Under the TCPA, businesses may not send messages to consumers without their consent. Even if an individual provides their phone number or has a long-standing relationship with the business, the company cannot text the individual if they have not granted written consent.
Businesses are required to obtain explicit written consent (not verbal) to add subscribers to their subscription list. Written consent doesn’t refer to writing on paper, but rather consent that is documented and saved.
As consumers opt in to SMS marketing campaigns, they must receive clear, conspicuous disclosure of the text messages they will receive. They must also agree to receive these messages on their mobile device.
Here are some compliant ways for an individual to join an SMS marketing subscription database:
- Keyword texting: Customers text a keyword from their mobile device to join an SMS database.
- Paper form: Customers fill out a paper form that clearly states they agree to receive text messages through their phone number from a business.
- Online form: Likewise, an online form must explicitly state that the consumer is subscribing to receive text messages from the company once they provide their phone number.
- Website popups: A popup form on your website can share details of your SMS program and allow engaged visitors to opt in.
It’s critical to be completely transparent with subscribers. Here’s what contacts should expect to receive:
- A description of the program they are subscribing to.
- The approximate number of messages they should expect to receive in a defined period (such as per week or month).
- A link to the full terms and conditions of the privacy policy.
- Instructions on how to opt out from receiving messages (STOP instructions), as well as how they can get help information (HELP instructions). Businesses can provide a link that contains detailed information about these instructions.
Businesses should send texts via short codes, which are five or six-digit phone numbers that prevent messages from getting flagged as spam. Using shortcodes ensures that communications are regulated by wireless carriers and CTIA guidelines.
2. CAN-SPAM Act
The CAN-SPAM Act works in conjunction with TCPA and is the main text spam law in the United States.
Under the CAN-SPAM Act, the FCC can regulate commercial texts sent to wireless devices to protect consumers from unwanted mobile commercial messages.
The CAN-SPAM Act makes it illegal for businesses to send unwanted text messages to cell phone numbers and requires that any commercial message be easily identifiable by the receiver as an advertisement. Consumers must also be able to unsubscribe from receiving messages.
The CAN-SPAM Act does not apply to messages regarding existing transactions or relationships, such as delivery notifications.
Text Message Privacy Laws in Canada
Canada passed the Canada Anti-Spam Legislation, otherwise known as CASL, in 2014. This text spam law is similar to the Telephone Consumer Protection Act.
Canada’s Anti-Spam Legislation (CASL)
Under the CASL, businesses who wish to send electronic messages to consumers must fulfill three core requirements:
- Obtain consent
- Provide identification information
- Provide an unsubscribe mechanism
There are also two avenues for obtaining consent: implied or express.
- Implied consent refers to an individual providing or disclosing their contact information to a business, thus permitting consent.
- Express consent refers to an individual explicitly agreeing to receive electronic communications from a business.
Text Message Privacy Laws in the European Union
The European Union (EU) also has SMS rules and regulations regarding electronic communications, namely the General Data Protection Regulation (GDPR).
General Data Protection Regulation (GDPR)
The GDPR, enacted in May 2018, applies to any country that wants to do business with the European Union or use EU citizens’ personal data.
Businesses must adhere to these seven principles to be GDPR-compliant:
- Obtain consent
- Report any security breaches to customers within 72 hours
- Provide customers the rights to access their personal data
- Provide customers the rights to reuse their personal data outside the business
- Provide customers the rights to have their data erased completely
- Deploy appropriate security measures to safeguard data collection
- Have the capability to appoint a Data Protection Officer (DPO) if necessary
The GDPR applies to all commercial text messages and data security in general. Therefore, GDPR may affect other aspects of an organization’s marketing activities. Non-compliance will result in a costly penalty.
Text Message Privacy Laws in the United Kingdom
The U.K. has supporting regulations that work in conjunction with the GDPR. They are the Privacy and Electronic Communications Regulations (PECR) and the Data Protection Act.
Privacy and Electronic Communications Regulations (PECR) and Data Protection Act
The PECR applies to any electronic marketing methods and website tracking (such as cookies) and their respective security measures and privacy rights.
These laws “[recognise] that widespread public access to digital mobile networks and the internet opens up new possibilities for businesses and users, but also new risks to their privacy.”
The U.K.’s Data Protection Act regulates how businesses can store and use consumers’ personal information. Under this act, personal info must be used “fairly, lawfully and transparently.” Businesses can only use data when relevant and appropriate, and cannot store the data longer than necessary.
Similar to GDPR principles, customers have the right to know how their data is being used or have data updated or erased.
Changes
We may update this privacy policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal or regulatory reasons.
Minors
The Site is not intended for individuals under the age of 18 .
Contact us
For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e‑mail at info.artesty@gmail.com or by mail using the details provided below:
Artesty.com
Glibochinska 13, Kyiv, 04050, Ukraine