The following information outlines the personal information we collect, how we use that information, and your rights and choices. The CollexArt service is currently offered primarily in the United States.
You are not required to provide any personal information on the public areas of this website. In order to provide our full range of services, however, we may collect certain information from you. Our primary goal in collecting your information is to provide you with the products and services available throughout our site, to communicate with you, and to manage your registered user account, if you have one. Users may update their personal information at any time by logging into their online account, or emailing info "at" collexart "dot" com.
• Information that you provide: In order to establish your account, participate in our exhibits, artist profile pages, store, marketplace, art calls, forum, enroll in new services, and/or visit the listings and sites of customers we host, you might be asked to provide certain personally identifiable information to us such as your name, mailing address, email address, and phone number, avatar image or photo. In order to receive more relevant services and information from CollexArt, you may be asked for information regarding your art related areas of interest and expertise. In order to provide store Buyers with better pre-sales information, with your approval, we may interview you on a recorded phone line. The information we obtain from such recorded sessions, may be shared with our pre-sales staff to offer pre-sales information to prospective buyers. This recorded information may also be shared with anyone looking into purchasing your work through CollexArt and we may publish it to provide information about you, your work, to promote CollexArt or to promote you or your works.
• Credit Card Information: If you choose to place a Purchase Request or purchase products or services from CollexArt, you will be asked to provide a valid credit card number and expiration date along with billing and shipping address information. You can choose not to provide this information, but then you might not be able to participate or receive some of our services or offerings. Credit card numbers are not stored in our servers but are processed in encrypted format to payment processing services such as PayPal and Stripe.
• Credit Card Authorization Hold and Risk Score Information: If you choose to place a Purchase Request or purchase products or services from CollexArt we may issue a credit card hold and retrieve a risk score rating from MaxMind and other the Payment Processing companies. This information is used in evaluating the risks associated with a new account, subscription or direct purchase from Kodexio. This information is also used when you place a Purchase Request in the Store to provide Seller an anonymous version of this information. A Seller who receives Purchase Request's authorization hold and risk score information may accept or decline the request. If a Purchase Request is accepted by a Seller we provide your point of contact and transaction information to the Seller so that they can fulfill the order you placed and issue a proper Seller Invoice.
• Newsletters: We use MailGun to deliver general announcements to keep you informed about CollexArt news, CollexArt art calls, and related CollexArt content or services that match interests and expertise you maintain in your profile. On our standard registration form users will see a checkbox checked by default to allow them to receive our Newsletter and information. For other registration methods, users will be set to receive bulk mails without being asked. Users who do not wish to receive our general announcements may click the unsubscribe link at the bottom of any such announcement. They may also login to their CollexArt account and manage email notifications. You may also request to unsubscribe in writing to privacy "at" Kodexio "dot" com. Please note that we always retain the ability to contact you for transactional, fraud, account related matters and for any reasons pertinent to your account and our services as they relate to you.
> This cookie contains the ID of your current session.
> Your member ID. Used to identify if you are logged in.
> This cookie is set after login, it is used by caching mechanisms to identify if you are logged in.
> A unique key to authenticate your member ID cookie. This cookie is set after you log in when you tick 'Remember Me' so you can be automatically logged in again in the future.
> This cookie is set after you log in when you tick 'Remember Me' so you can be automatically logged in again in the future. It is also used to improve account security.
Third parties: CollexArt uses a variety of third parties to help process orders, mitigate fraud, analyze and monitor traffic, promote and share content in social media, and deliver information by email.
Facebook. Facebook's cookies allow you to log in to your Facebook profile and 'Like' or share our pages. Find out more about the Facebook Data Use Policy HERE.
Twitter. Twitter's cookies allow you to log in to your Twitter profile and 'Like' or “share” our pages. Find out more about the Facebook Data Use Policy HERE.
Stripe. We use Stripe to process payments, authorizations, detect fraud and to manage transactions. Find out more about the Stripe’s Data Use Policy HERE.
PayPal. PayPal's cookies allow you to log in to your PayPal account to authorize order-requests, memberships and other CollexArt transactions. Find out more about the PayPal’s Data Use Policy HERE.
MinMax. We use MinMax's minFraud to receive risk scores for a variety of transactions and requests. Find out more about the MinMax’s Data Use Policy HERE.
Constant Contact. We use Constant Contact to deliver information to our users and subscribers via email. Find out more about the Constant Contact Data Use Policy HERE.
MailGun. We use MailGun to deliver information to our users and subscribers via email. Find out more about the MailGun Data Use Policy HERE.
• Advertising Servers: We do not partner with or have special relationships with any ad server companies. Nor do we sell, exchange or rent your data to third parties.
• User communications: When you send email or other communications to us, we may retain those communications in order to process your inquiries, respond to your requests and improve our services.
• Log information: When you access our services, our servers automatically record information that your browser sends whenever you visit a website. These server logs may include information such as your web request, Internet Protocol address, browser type, browser language, the date and time of your request and one or more cookies that may uniquely identify your browser. Also, in order to protect you from fraud, phishing, and other misconduct, we may collect information about your interaction with our services. Any such information we collect will only be used to detect and prevent fraud or other misconduct.
• Links: We might provide links in a format that enables us to keep track of whether these links have been followed. We use this information to improve the quality of our search technology, customized content and advertising.
Your personally identifiable information will not be sold to a third party. We may share your information as follows:
• We share your personal information with your consent when we feature your content in an Artist Page, Profile Pages, Member Signatures, and other areas of CollexArt that identify your content or showcase it. We share the content you have created in the CollexArt Community and Forum areas as the purpose of this content is to engage with others in these public areas of CollexArt.
• When we have your consent. This will require you to opt-in before we can share any sensitive personal information or send us written notice by email or other means of your acceptance.
• With companies who work on our behalf. From time to time, we contract with certain trusted third party companies to support business functions on our behalf and provide services to us. These can include, without limitation, order processing, maintenance, customer relationship, database storage and management, and direct marketing campaigns. We will share your personally identifiable information with these third parties, but only to the extent necessary to perform these functions and provide such services.
• With another office and/or affiliate of ours for purposes of service support, maintenance, or protection.
• With government and law enforcement officials or private parties to enforce and comply with the law. We may disclose any information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate to respond to claims, legal process (including subpoenas), to protect our property and rights of those or a third party, the safety of the public or any person, to prevent or stop any illegal, unethical, or legally actionable activity, or to comply with the law.
We take appropriate security measures to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of data. We use industry-standard encryption technologies when customers log in to their account or access e-commerce areas.
In the event that any information under our control is compromised as a result of a breach of security, Kodexio will take reasonable steps to investigate the situation and where appropriate, notify those individuals whose information may have been compromised and take other steps, in accordance with any applicable laws and regulations.
Personal information for non-active accounts will be retained for the purpose of complying with record keeping regulations in the jurisdictions we operate in. We have a legal obligation to see that your information is kept accurate and up to date. Please assist us to comply with this obligation by ensuring that you inform us of any changes to your information. You have the right to request details of the information we hold about you and to delete or rectify any inaccurate information about you by sending us a written request to privacy "at" kodexio "dot" com. Your personal information will be retained in our system unless you specifically request its deletion.
The Site is not directed to persons under 18. Young people between the ages of 15 and 18 years of age may use non selling parts of the service when supervised by their parents. If a parent or guardian becomes aware that his or her child has provided us with personally identifiable information without their consent, he or she should contact us at privacy "at" kodexio "dot" com. We do not knowingly collect personally identifiable information from children under 15. If we become aware that a child under 15 has provided us with personal identifiable Information, we will delete such information from our files.
If you are based in the EU or EEA and interact with us, the processing of your personal data (or personal information) may fall under the General Data Protection Regulation. This depends on whether your personal data is processed in the context of us providing you services or monitoring your behavior. All the information above is applicable to you as well. In addition:
Know that we are controller of the processing of personal data in relation to conducting our activity. We process your personal data:
You have the right to obtain access, rectification, erasure, restriction of personal data, portability of personal data and to object to the processing, under the conditions and restrictions laid out in Chapter III of the GDPR. You can also withdraw your consent at any time, when processing is based on consent, as described above. Just send us an e-mail at firstname.lastname@example.org with any request you may have regarding these rights.
We transfer your personal data to the United States whenever you interact with us. The US has not sought, nor obtained adequacy status from the European Union. The EU-US Privacy Shield framework obtained an adequacy decision. The level of protection of your personal data is not deemed equivalent to the one in the EU, unless the receiving organization is self-certified under the EU-US Privacy Shield. As a not-for-profit organization, we are not able to adhere to the EU-US Privacy Shield Principles.
We transfer your personal data on the basis of the derogations in Article 49 GDPR, particularly:
As for safeguards to your personal data, we directly apply the GDPR provisions to your personal data.
As a matter of principle, we do not engage in any onward transfers regarding your data, beyond the access that our processors have to your data. Exceptionally, we share personal data with our partners when we organize events jointly. We select carefully our processors and our partners, having regard to their stance related to privacy, to their adherence to the EU-US Privacy Shield Framework or their implementation of other mechanisms that ensure lawful transfers of personal data from the EU.
If you have concerns, questions or requests about how we process personal data, write to us at privacy "at" kodexio "dot" com. If we will not be able to ease your concerns, you can address them to the data protection Supervisory Authority in your country, pursuant to Article 77 GDPR.
privacy "at" kodexio "dot" com
533 Congress Street
Portland, ME 04101