Who we are
We are Maya’s Art Studio, a space dedicated to capturing memories through art. Our website can be found at https://mayasartstudio.com.
What personal data we collect and why we collect it
Comments
When you leave comments on our site, we collect the data you enter in the comments form. Additionally, we gather your IP address and browser user agent string to aid in spam detection. If you use the Gravatar service, an anonymized string created from your email (a hash) might be sent to Gravatar. Their privacy policy can be found at https://automattic.com/privacy/. Once your comment is approved, your profile picture is publicly visible within your comment’s context.
Media
Uploading images to our website is possible. However, to protect your privacy, we recommend avoiding images with embedded location data (EXIF GPS). Please note, other visitors can extract this data from your uploaded images.
Contact forms
When you use our contact forms, we collect the following information:
- Name: To address you personally in our communications.
- Email Address: To respond to your inquiries or send updates.
- Phone Number: For direct communication, if necessary.
This data may be shared with third-party services essential for our operations, including but not limited to email management systems and customer service software. These third parties are bound by their own privacy policies and are committed to safeguarding your data. We do not sell or trade your information with unauthorized entities.
Cookies
Cookies are small data pieces stored on your device. If you comment on our site, you may opt to save your name, email, and website in cookies. This ensures you don’t re-enter your details for future comments.
Visiting our login page will set a temporary cookie to check if your browser accepts them. This cookie has no personal data and is discarded when you close your browser.
Logins will set cookies to remember your information and display choices. “Remember Me” will keep your login for two weeks, and editing or publishing an article will set an additional cookie that lasts a day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
Who we share your data with
Analytics and E-commerce:
Google Analytics: We utilize Google Analytics to better understand our audience and improve user experience. It provides insights into how users find and interact with our website, collecting data such as location, device type, and user behavior. This data is aggregated and anonymized. For detailed information on Google Analytics’ data practices, please refer to their privacy policy.
Site Kit by Google: We employ Site Kit, a Google product, to gain insights into website traffic and performance. This helps us optimize content and improve user experience. As it’s a Google product, the data collection aligns with Google’s privacy practices.
WooCommerce: Our online store is powered by WooCommerce. It collects essential data for order processing, such as personal details, order content, and payment information. Note that complete payment details are typically managed by payment gateways, not stored directly within WooCommerce. WooCommerce also uses cookies to enhance your shopping experience, remembering cart contents as you explore our offerings.
Printful: We partner with Printful for print-on-demand services. When you order a product, necessary details such as your name, shipping address, and order content are shared with Printful to fulfill your request. For more about how Printful handles data, refer to their privacy policy.
Email and Contact Forms:
MailChimp: Our email updates and newsletters are managed through MailChimp. When you subscribe, your email address and preferences are stored in MailChimp. Their platform also provides us with analytics on email open rates and clicks. MailChimp’s privacy policy provides more details.
Gravity Forms: We use Gravity Forms to power our contact forms. When you submit a query or feedback, the data you provide is stored on our website and also sent to us via email through Google. This helps us respond to your needs promptly.
Payment Processors:
Stripe & PayPal: For seamless transactions, we offer Stripe and PayPal as payment options. While we receive confirmation and details of your purchase, we do not store your full payment information; this is managed by the respective payment gateways. For more on their data practices, refer to Stripe’s privacy policy and PayPal’s privacy policy.
Cryptocurrency: For those preferring decentralized payments, we accept select cryptocurrencies. Transactions are processed through our chosen gateway, and details such as wallet addresses might be stored for record-keeping.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
Visitor comments may be checked through an automated spam detection service.
Your contact information
Users may contact us at sales@mayasartstudio.com
Additional information
How we protect your data
At Maya’s Art Studio, we prioritize the security of our users’ data. To that end, we have undertaken several measures:
- SSL Certificate: Our website operates under a Secure Socket Layer (SSL) certificate, ensuring that all data transferred between our web server and browsers remain private and integral.
- Regular Updates: We continuously update our WordPress core, themes, and plugins to ensure we are protected against known vulnerabilities.
- Strong Password Policies: Our team adheres to strong password protocols, reducing the risk of unauthorized access.
- Two-Factor Authentication (2FA): We have implemented 2FA for our backend operations, adding an extra layer of security during login.
- Wordfence Security Plugin: We utilize Wordfence, a comprehensive security solution for WordPress, which provides firewall protection, malware scans, and more.
- XML-RPC Disabled: To counter potential security risks, we have disabled the XML-RPC functionality on our website.
- Loginizer: To bolster the security of our website, we use Loginizer. It assists in preventing unauthorized access by monitoring and blocking suspicious login attempts.
- Namecheap: Our domain and certain web services are hosted by Namecheap. They employ measures to ensure the privacy and security of data on our website. Their privacy policy offers more insights.
- Disabled Directory Listings: To prevent potential unauthorized access and exposure, we have disabled directory listings for our domain, ensuring that folder contents aren’t publicly accessible.
What data breach procedures we have in place
In the unfortunate event of a data breach, Maya’s Art Studio will initiate the following steps:
- Detection and Assessment: Once we become aware of a breach, we will quickly assess the nature and extent of the breach to determine the associated risks, such as the potential harm to our users.
- Containment: Immediate action will be taken to contain the breach, preventing further unauthorized access or data loss.
- Notification: Affected users will be notified of the breach, provided with information about the nature of the breach, and offered guidance on protective measures. Where required by law, relevant authorities or regulatory bodies will also be informed.
- Investigation: A thorough investigation will be conducted to understand the cause and rectify any vulnerabilities.
- Prevention of Recurrence: Based on our findings, we will implement measures to prevent future breaches.
What third parties we receive data from
At Maya’s Art Studio, we primarily collect data directly from our users. However, we might receive aggregated analytical data from third parties such as Google Analytics, which provides insights into website traffic and user behavior. This data is non-personal and is used to improve our website and services.
What automated decision making and/or profiling we do with user data
Currently, Maya’s Art Studio does not employ automated decision-making processes or user profiling. All decisions related to user data or service provision are made by our team or in direct consultation with users. Should this change, users will be informed, and this section will be updated accordingly.
Industry regulatory disclosure requirements
As an art studio and online retailer, Maya’s Art Studio adheres to industry standards and regulations pertinent to e-commerce and art sales. We are committed to transparent business practices, ethical sourcing of materials, and ensuring user data privacy. Any specific regulatory disclosures required by law or industry standards will be promptly communicated to our users.