Privacy Policy

Home
>

COLLEXART PRIVACY POLICY

Last Modified: 2/14/2020

The following information outlines the personal information we collect, how we use that information, and your rights and choices.  The CollexArt service is currently offered primarily in the United States.

Throughout this Privacy Policy, "we", "us", "our"  is a reference to InfoSource, Inc. d/b/a Kodexio (“Kodexio”), a business corporation in the State of Maine.  This Privacy Policy applies to all products, services, and websites associated with CollexArt.

Information We Collect:

You are not required to provide any personal information on the public areas of this website. In order to provide our full range of services, however, we may collect certain information from you. Our primary goal in collecting your information is to provide you with the products and services available throughout our site, to communicate with you, and to manage your registered user account, if you have one. Users may update their personal information at any time by logging into their online account, or emailing info "at" collexart "dot" com.


The types of information and the means by which we collect it are as follows:

• Information that you provide: In order to establish your account, participate in our exhibits, artist profile pages, store, marketplace, art calls, forum, enroll in new services, and/or visit the listings and sites of customers we host, you might be asked to provide certain personally identifiable information to us such as your name, mailing address, email address, and phone number, avatar image or photo. In order to receive more relevant services and information from CollexArt, you may be asked for information regarding your art related areas of interest and expertise. In order to provide store Buyers with better pre-sales information, with your approval, we may interview you on a recorded phone line. The information we obtain from such recorded sessions, may be shared with our pre-sales staff to offer pre-sales information to prospective buyers. This recorded information may also be shared with anyone looking into purchasing your work through CollexArt and we may publish it to provide information about you, your work, to promote CollexArt or to promote you or your works.

• Credit Card Information: If you choose to place a Purchase Request or purchase products or services from CollexArt, you will be asked to provide a valid credit card number and expiration date along with billing and shipping address information. You can choose not to provide this information, but then you might not be able to participate or receive some of our services or offerings. Credit card numbers are not stored in our servers but are processed in encrypted format to payment processing services such as PayPal and Stripe.

• Credit Card Authorization Hold and Risk Score Information: If you choose to place a Purchase Request or purchase products or services from CollexArt we may issue a credit card hold and retrieve a risk score rating from MaxMind and other the Payment Processing companies. This information is used in evaluating the risks associated with a new account, subscription or direct purchase from Kodexio. This information is also used when you place a Purchase Request in the Store to provide Seller an anonymous version of this information. A Seller who receives Purchase Request's authorization hold and risk score information may accept or decline the request.  If a Purchase Request is accepted by a Seller we provide your point of contact and transaction information to the Seller so that they can fulfill the order you placed and issue a proper Seller Invoice.

• Newsletters: We use MailGun to deliver general announcements to keep you informed about CollexArt news, CollexArt art calls, and related CollexArt content or services that match interests and expertise you maintain in your profile. On our standard registration form users will see a checkbox checked by default to allow them to receive our Newsletter and information. For other registration methods, users will be set to receive bulk mails without being asked. Users who do not wish to receive our general announcements may click the unsubscribe link at the bottom of any such announcement. They may also login to their CollexArt account and manage email notifications. You may also request to unsubscribe in writing to privacy "at" Kodexio "dot" com.  Please note that we always retain the ability to contact you for transactional, fraud, account related matters and for any reasons pertinent to your account and our services as they relate to you.

• Cookies: A cookie is a small amount of data sent by our website and stored on your computer's hard drive that our website can read and which helps us keep track of how you use our website and to tell you apart from other users. We do not use cookies to collect personally identifiable information. Most web browsers automatically accept cookies. If you do not wish it to do this, you can use your browser's editing function to instruct your browser to stop accepting cookies or to notify you before accepting a cookie from the websites you visit.  Disabling cookies will break parts of CollexArt that use them in order to operate correctly.  Our standard cookies are:

ips4_IPSSessionFront
> This cookie contains the ID of your current session.
ips4_member_id
> Your member ID. Used to identify if you are logged in.
ips4_loggedIn
> This cookie is set after login, it is used by caching mechanisms to identify if you are logged in.
ips4_login_key
> A unique key to authenticate your member ID cookie. This cookie is set after you log in when you tick 'Remember Me' so you can be automatically logged in again in the future.
ips4_device_key
> This cookie is set after you log in when you tick 'Remember Me' so you can be automatically logged in again in the future. It is also used to improve account security.



Third parties: CollexArt uses a variety of third parties to help process orders, mitigate fraud, analyze and monitor traffic, promote and share content in social media, and deliver information by email.  

Here is a list of third party services used by CollexArt:

Google Analytics.  Google Analytics and their third party cookies are used to collect information about how visitors use this site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited. Find out more about the Google Privacy Policy HERE.
Facebook.  Facebook's cookies allow you to log in to your Facebook profile and 'Like' or share our pages. Find out more about the Facebook Data Use Policy HERE.
Twitter.  Twitter's cookies allow you to log in to your Twitter profile and 'Like' or “share” our pages. Find out more about the Facebook Data Use Policy HERE.
Stripe.  We use Stripe to process payments, authorizations, detect fraud and to manage transactions.  Find out more about the Stripe’s Data Use Policy HERE.
PayPal.  PayPal's cookies allow you to log in to your PayPal account to authorize order-requests, memberships and other CollexArt transactions.  Find out more about the PayPal’s Data Use Policy HERE.
MinMax.  We use MinMax's minFraud to receive risk scores for a variety of transactions and requests.  Find out more about the MinMax’s Data Use Policy HERE.
Constant Contact.  We use Constant Contact to deliver information to our users and subscribers via email.  Find out more about the Constant Contact Data Use Policy HERE.
MailGun.  We use MailGun to deliver information to our users and subscribers via email.  Find out more about the MailGun Data Use Policy HERE.


• IP Address: We analyze IP addresses for fraud detection when a Purchase Request or a Purchase takes place. We also analyze IP addresses in the aggregate for system administration purposes and to gather broad demographic information. We may link IP addresses to your computer's User ID, to track and prevent fraudulent resource utilization, and when you place an order using our online checkout process we record your computer's IP address with your order to help us identify fraudulent credit card use. We may share this information with the financial institution that issued the credit card with which an order was placed, or with law enforcement authorities if we determine, or are notified, that the use of the credit card was fraudulent.  The Third Parties listed above may use IP address information to provide their services and to check location and risk factors.  To learn more about how third parties may use your IP address visit the third parties privacy policy links previously listed.

• Advertising Servers: We do not partner with or have special relationships with any ad server companies. Nor do we sell, exchange or rent your data to third parties.

• Location data: When you access some parts of CollexArt, we may access, collect, monitor and/or remotely store “location data,” which may include GPS coordinates (e.g. latitude and/or longitude) or similar information regarding the location of your computing device. Location data may convey to us information about how you browse and use the Service. Some features of the Service, particularly location-based services, may not function properly if use or availability of location data is impaired or disabled.  The Third Parties listed above may use location data to to check location and risk factors.  To learn more about how third parties may use your location data visit the third parties privacy policy links previously listed.

• User communications: When you send email or other communications to us, we may retain those communications in order to process your inquiries, respond to your requests and improve our services.

• Log information: When you access our services, our servers automatically record information that your browser sends whenever you visit a website. These server logs may include information such as your web request, Internet Protocol address, browser type, browser language, the date and time of your request and one or more cookies that may uniquely identify your browser. Also, in order to protect you from fraud, phishing, and other misconduct, we may collect information about your interaction with our services. Any such information we collect will only be used to detect and prevent fraud or other misconduct.

• Links: We might provide links in a format that enables us to keep track of whether these links have been followed. We use this information to improve the quality of our search technology, customized content and advertising.

• Marketing efforts: Some of the online technologies we use to advertise our services rely on third party re-marketing or similar online advertising solutions. This means our third-party vendors, including Google, may show our ads on sites across the Internet. Third-party vendors, including Google, use cookies to serve ads based on someone's past visits to our website or client's websites. You may obtain information about how you can opt out of Google's use of cookies by visiting Google's Ads Settings. Alternatively, you can visit Network Advertising Initiative opt-out page.

• Other sites: This Privacy Policy applies to our services only. We do not exercise control over the sites linked from within CollexArt such as those that appear in forum listings, artist portfolio website links, etc. These other sites may place their own cookies or other files on your computer, collect data or solicit personal information from you. Please remember that when you use a link to go from the Service to another website, our Privacy Policy does not apply to third-party websites or services. Your browsing and interaction on any third-party website or service, including those that have a link on our website, are subject to that third party’s own rules and policies. In addition, we are not responsible and we do not exercise control over any third-parties that you authorize to access your User Content. If you are using a third party website or service (like Facebook or Twitter) and you allow such a third party access to your User Content in CollexArt, you do so at your own risk. This Privacy Policy does not apply to information we collect by other means (including offline) and from other sources other than through the Service.


Information Sharing

Your personally identifiable information will not be sold to a third party. We may share your information as follows:

• We share your personal information with your consent when we feature your content in an Artist Page, Profile Pages, Member Signatures, and other areas of CollexArt that identify your content or showcase it. We share the content you have created in the CollexArt Community and Forum areas as the purpose of this content is to engage with others in these public areas of CollexArt.  

• When we have your consent. This will require you to opt-in before we can share any sensitive personal information or send us written notice by email or other means of your acceptance.

• With companies who work on our behalf. From time to time, we contract with certain trusted third party companies to support business functions on our behalf and provide services to us. These can include, without limitation, order processing, maintenance, customer relationship, database storage and management, and direct marketing campaigns. We will share your personally identifiable information with these third parties, but only to the extent necessary to perform these functions and provide such services.

• With another office and/or affiliate of ours for purposes of service support, maintenance, or protection.

• With government and law enforcement officials or private parties to enforce and comply with the law. We may disclose any information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate to respond to claims, legal process (including subpoenas), to protect our property and rights of those or a third party, the safety of the public or any person, to prevent or stop any illegal, unethical, or legally actionable activity, or to comply with the law.

Information Security

We take appropriate security measures to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of data. We use industry-standard encryption technologies when customers log in to their account or access e-commerce areas.


Compromise of information

In the event that any information under our control is compromised as a result of a breach of security, Kodexio will take reasonable steps to investigate the situation and where appropriate, notify those individuals whose information may have been compromised and take other steps, in accordance with any applicable laws and regulations.


Data Retention

Personal information for non-active accounts will be retained for the purpose of complying with record keeping regulations in the jurisdictions we operate in.  We have a legal obligation to see that your information is kept accurate and up to date. Please assist us to comply with this obligation by ensuring that you inform us of any changes to your information. You have the right to request details of the information we hold about you and to delete or rectify any inaccurate information about you by sending us a written request to privacy "at" kodexio "dot" com. Your personal information will be retained in our system unless you specifically request its deletion.


Children's Privacy

The Site is not directed to persons under 18. Young people between the ages of 15 and 18 years of age may use non selling parts of the service when supervised by their parents.  If a parent or guardian becomes aware that his or her child has provided us with personally identifiable information without their consent, he or she should contact us at privacy "at" kodexio "dot" com. We do not knowingly collect personally identifiable information from children under 15. If we become aware that a child under 15 has provided us with personal identifiable Information, we will delete such information from our files.

ARE YOU BASED IN THE EU/EEA?

If you are based in the EU or EEA and interact with us, the processing of your personal data (or personal information) may fall under the General Data Protection Regulation. This depends on whether your personal data is processed in the context of us providing you services or monitoring your behavior. All the information above is applicable to you as well. In addition:

LEGAL BASES AND PURPOSES

Know that we are controller of the processing of personal data in relation to conducting our activity. We process your personal data:

  • on the basis of your consent when you subscribe to our newsletters, when you request to be included among our contacts for future events or to follow our activity, when we take photos during the events we organize in the EU and when our website places non-essential cookies on your device,
  • on the basis of necessity to enter a contract or for the performance of a contract when you provide us information to register for participation to the conferences and other events we organize,
  • on the basis of our legitimate interests to:
  • engage with relevant stakeholders to promote principled data practices in support of emerging technologies, when we obtain your professional contact details, we maintain them and contact you as one of our stakeholders; we’ve balanced your rights and our legitimate interest and we believe that the small amount of personal data we process, the type of data (your professional contact information and your affiliation), your probable expectation to be contacted in relation with your professional expertise, as well as the possibility you have to opt-out of this processing at any time, allow us to rely on our legitimate interests for this processing.
  • communicate with the relevant representatives of our Members for the purpose of providing our services; we can rely on this ground, since there is a clear expectation of the relevant representatives of our Members that they will be engaged in our activities and that we will communicate with them.

YOUR RIGHTS

You have the right to obtain access, rectification, erasure, restriction of personal data, portability of personal data and to object to the processing, under the conditions and restrictions laid out in Chapter III of the GDPR. You can also withdraw your consent at any time, when processing is based on consent, as described above. Just send us an e-mail at info@fpf.org with any request you may have regarding these rights.

INTERNATIONAL TRANSFERS

We transfer your personal data to the United States whenever you interact with us. The US has not sought, nor obtained adequacy status from the European Union. The EU-US Privacy Shield framework obtained an adequacy decision. The level of protection of your personal data is not deemed equivalent to the one in the EU, unless the receiving organization is self-certified under the EU-US Privacy Shield. As a not-for-profit organization, we are not able to adhere to the EU-US Privacy Shield Principles.

We transfer your personal data on the basis of the derogations in Article 49 GDPR, particularly:

  • consent, for newsletter subscribers and certain processing in relation to organizing events – such as collecting and storing images;
  • necessity to enter and for the performance of a contract for registration information to participate to our events;
  • our compelling legitimate interests to engage with stakeholders to advance our mission and bridge the understanding of the American and European privacy cultures, for obtaining the professional contact details and communicating with stakeholders for sending occasional invitations to events or exchanging information. For this last derogation, we took into account that we only process personal data occasionally, mostly from publicly available sources, concerning a very limited number of data subjects, in a non-intrusive way and posing no risks to rights of individuals.

As for safeguards to your personal data, we directly apply the GDPR provisions to your personal data.

As a matter of principle, we do not engage in any onward transfers regarding your data, beyond the access that our processors have to your data. Exceptionally, we share personal data with our partners when we organize events jointly. We select carefully our processors and our partners, having regard to their stance related to privacy, to their adherence to the EU-US Privacy Shield Framework or their implementation of other mechanisms that ensure lawful transfers of personal data from the EU.  

CONCERNS

If  you have concerns, questions or requests about how we process personal data, write to us at privacy "at" kodexio "dot" com. If we will not be able to ease your concerns, you can address them to the data protection Supervisory Authority in your country, pursuant to Article 77 GDPR.

CHANGES TO OUR PRIVACY POLICY

Kodexio may, in its sole discretion, modify or update this Privacy Policy from time to time, and so you should review this page periodically. When we change the policy in a material manner, we will update the ‘last modified’ date at the top of this page.


HOW TO CONTACT US

If you have any questions about this Privacy Policy, please feel free to contact us through our website or write to us at:

privacy "at" kodexio "dot" com

KODEXIO
533 Congress Street
Portland, ME 04101