Privacy Policy

Last updated: 30 November 2025

1. Introduction

This Privacy Policy describes how Janey the Artist ("we," "our," or "us") collects, uses, and protects your personal information when you visit our website and use our services. We are committed to protecting your privacy and ensuring the security of your personal data.

2. Information We Collect

Personal Information

When you commission artwork or contact us, we may collect the following personal information:

  • Contact Information: Full name, email address (collected when commissioning artwork or contacting us)
  • Shipping Information: Full address including street address, city, postal code, and country (for commission delivery)
  • Commission Details: Pet information (name, type), canvas subjects, project descriptions
  • Payment Information: Processed securely through Stripe (we do not store payment card details)
  • Contact Form Messages: Messages sent through our contact form are forwarded to us via email and stored in our email system (we do not maintain separate databases for these)

Technical Information

We automatically collect certain technical information when you visit our website:

  • IP address and general location information
  • Browser type and version
  • Device information
  • Website usage patterns and analytics data
  • Log files and error reports

3. How We Use Your Information

We use your personal information for the following purposes:

  • Commission Processing: To create and deliver your custom artwork
  • Communication: To respond to inquiries and provide customer support
  • Order Fulfillment: To process payments and arrange shipping
  • Service Improvement: To analyze usage patterns and improve our website
  • Legal Compliance: To comply with applicable laws and regulations

4. Data Storage and Security

Storage Location

Your data is securely stored using Amazon Web Services (AWS) infrastructure in the UK region, ensuring compliance with UK data protection standards.

Security Measures

  • End-to-end encryption for data transmission
  • Secure cloud storage with access controls
  • Regular security monitoring and updates
  • Payment processing through PCI-compliant Stripe
  • Limited access to personal data on a need-to-know basis

5. Data Sharing and Third Parties

We do not sell, trade, or rent your personal information to third parties. We only share your information with trusted service providers who assist us in operating our website and conducting our business:

  • Payment Processing: Stripe for secure payment processing
  • Email Services: Resend for transactional emails and notifications
  • Cloud Infrastructure: AWS for secure data storage and hosting
  • Monitoring and Tracing: AWS X-Ray for request tracing and performance monitoring
  • Shipping Partners: Courier services for artwork delivery (shipping address only)

All third-party providers are bound by strict confidentiality agreements and are required to maintain the security and privacy of your information.

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this privacy policy, comply with legal obligations, resolve disputes, and enforce our agreements:

  • Commission Records: Retained for 7 years for tax and legal purposes
  • Contact Form Submissions: Retained for up to 7 years in our email system for potential dispute resolution, in accordance with UK business record-keeping standards (we do not maintain separate databases for contact submissions)
  • Technical Logs (API Gateway): Automatically deleted after 7 days
  • Idempotency Keys: Automatically deleted after 24 hours
  • Payment Records: Retained per Stripe's data retention policies

7. Your Rights

Under UK data protection law (UK GDPR), you have the following rights regarding your personal data:

  • Right to Access: Request a copy of the personal data we hold about you
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data (subject to legal requirements, such as if we no longer need it for our purposes)
  • Right to Restriction: Request limitation of processing in certain circumstances
  • Right to Data Portability: Request transfer of your data in a machine-readable format
  • Right to Object: Object to processing of your personal data for marketing purposes

To exercise any of these rights, please contact us at contact@janeytheartist.com with details of your request. We will respond within 30 days. Some requests may require verification of your identity to ensure we are releasing data to the correct person.

8. Local Storage and Analytics

Our website uses browser local storage for specific functionality:

  • Shopping Cart: We store your cart data in your browser's local storage so your selections are remembered when you return

We do not use traditional cookies or external analytics tracking services. Local storage data is stored only on your device and is not transmitted to our servers. You can clear your local storage anytime through your browser settings.

9. Children's Privacy

Our services are not intended for children under the age of 16. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us immediately.

10. International Transfers

While we primarily store data within the UK using AWS UK infrastructure, some of our service providers may process data internationally. Where international transfers occur, we ensure appropriate safeguards are in place to protect your personal data in accordance with UK data protection standards.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any material changes by updating the "Last updated" date at the top of this policy and, where appropriate, by sending you an email notification.

12. Contact Us

If you have any questions about this Privacy Policy, want to exercise your rights, or have concerns about how we handle your personal data, please contact us:

Email: contact@janeytheartist.com

Website: Contact form on our website

Response Time: We aim to respond to all privacy inquiries within 30 days

13. Complaints

If you are not satisfied with how we handle your personal data or privacy concerns, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's data protection authority. You can contact the ICO at ico.org.uk or by calling their helpline at 0303 123 1113.

14. Related Documents

Please also review our other policies:

  • Terms of Service - Govern the commission process, payment terms, and important conditions related to ordering artwork
  • Refund Policy - Details about refund eligibility, timelines, and procedures