Ainsley Art Privacy Policy

 

Effective Date: February 24, 2026

1. Introduction

Ainsley Art (“we,” “us,” “our”) respects your privacy and is committed to protecting the personal information you share with us. This Privacy Policy describes how we collect, use, and protect information when you visit ainsleyart.com or use our commission services.

2. Information We Collect

2.1 Information You Provide

  • Name (first and last) when submitting a commission request
  • Email address for communication about your commission
  • Phone number (optional)
  • Commission details: subject, medium, style, dimensions, description, budget range
  • Reference images and videos you upload
  • Messages you send through our communication system
  • Review text and ratings you submit after project completion
  • Payment information (processed by Stripe; we do not store credit card numbers)

2.2 Information Collected Automatically

  • IP address (recorded when you accept our Terms of Service and for security purposes)
  • Browser type and user agent string (recorded with TOS acceptance)
  • Date and time of your visit and interactions
  • Pages viewed on our website

2.3 Information from Security Monitoring

Our website uses McCrossen Security Shield to protect against unauthorized access and malicious activity. This system may collect:

  • IP addresses of all visitors
  • Login attempt details (username, IP, user agent, timestamp)
  • Threat scores calculated from behavioral analysis
  • Geographic location data derived from IP addresses

3. How We Use Your Information

  • To process and fulfill your art commission
  • To communicate with you about your project (proposals, updates, completion)
  • To process payments through our payment processor (Stripe)
  • To send you a confirmation email when your commission request is received
  • To display completed works in our gallery (with your permission)
  • To screen uploaded content for inappropriate material
  • To protect our website from unauthorized access and security threats
  • To maintain records of Terms of Service acceptance for legal purposes
  • To improve our services and commission process

4. Third-Party Services

We use the following third-party services to operate our business. Each service receives only the data necessary for its specific function:

Service Data Shared Purpose
Stripe Email, invoice amounts Secure payment processing
Cloudflare Browser data, IP address Website security, CDN, CAPTCHA (Turnstile)
McCrossen Marketing License data, text for AI features Plugin licensing, AI description enhancement
OpenAI Image data for moderation Automated content screening of uploads
LiquidWeb All website data (hosting) Web hosting infrastructure
Site Mailer Email addresses, email content Transactional email delivery
Google (Analytics / GA4) IP address (anonymized), pages visited, session duration, device info, referral source Website analytics and performance measurement
Google (Ads) Conversion events, anonymized user interaction data Advertising measurement and remarketing
Meta (Facebook/Instagram) Page views, conversion events via Meta Pixel Advertising measurement and audience targeting

We do not sell, rent, or trade your personal information to any third party. Advertising and analytics services listed above may use cookies or tracking technologies to measure campaign performance and display relevant advertisements on other platforms. You may opt out of targeted advertising at any time (see Section 7).

5. Data Storage and Security

Your information is stored on our web server hosted by LiquidWeb in Michigan, United States. We implement the following security measures:

  • Cloudflare Web Application Firewall (WAF) and DDoS protection
  • McCrossen Security Shield with automated threat detection and blocking
  • HTTPS encryption for all data in transit
  • Protected upload directories that prevent unauthorized direct access to your reference files
  • Secure payment processing through Stripe (PCI DSS Level 1 certified)
  • CAPTCHA protection on all forms to prevent automated abuse
  • Uploaded files are renamed with random identifiers to prevent enumeration attacks

6. Data Retention

We retain your information as follows:

  • Commission records, proposals, and project data: retained for our business records and to support warranty or dispute claims
  • Reference images and uploaded files: retained on our server for the duration of the commission and removed upon request after project completion
  • TOS acceptance records: retained for the duration required by applicable law to demonstrate your consent
  • Security logs: retained per our security monitoring schedule
  • Payment records: Stripe retains payment data per their retention policy; we retain only Stripe reference identifiers
  • Analytics data: Google Analytics retains anonymized data per Google’s data retention settings (default 14 months, configurable)

You may request deletion of your personal information by contacting us at the address below. Certain information may be retained as required by law or for legitimate business purposes.

7. Your Rights

Depending on your location, you may have the following rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request that we correct inaccurate information
  • Deletion: Request that we delete your personal information
  • Portability: Request your information in a portable format
  • Opt-out of targeted advertising: Request that we stop using your data for targeted advertising purposes

7.1 Texas Residents

Under the Texas Data Privacy and Security Act (TDPSA, Chapter 541, Texas Business & Commerce Code, effective July 1, 2024), Texas residents have the right to:

  • Confirm whether we are processing your personal data and access that data
  • Correct inaccuracies in your personal data
  • Request deletion of your personal data
  • Obtain a portable copy of your data
  • Opt out of the processing of your personal data for targeted advertising, the sale of personal data, or profiling

We do not sell personal data. To exercise your rights, contact us using the information below. We will respond within 45 days. You may also submit opt-out preferences through a universal opt-out mechanism such as Global Privacy Control.

7.2 California Residents

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA, Cal. Civ. Code § 1798.100 et seq.), including the right to know, delete, and opt out of the sale of personal information. We do not sell personal information.

8. Children’s Privacy

Our website and commission services are intended for individuals 18 years of age or older. We do not knowingly collect personal information from children under 13 years of age. If you believe a child under 13 has submitted information through our site, please contact us immediately and we will delete it.

9. Cookies and Tracking Technologies

Our website uses the following cookies and tracking technologies:

Essential Cookies (Required for Site Function)

  • WordPress session cookies: required for site functionality and user login
  • Cloudflare cookies: used for security, CDN performance, and CAPTCHA verification
  • Stripe cookies: set during payment processing for fraud prevention

Analytics Cookies

  • Google Analytics 4 (GA4): collects anonymized usage data including pages visited, session duration, device type, geographic region (not precise location), and referral source. IP addresses are anonymized before storage. Used to understand how visitors interact with our site and improve our services.

Advertising and Marketing Cookies

  • Google Ads conversion tracking: measures the effectiveness of our advertising campaigns by recording when visitors complete specific actions after clicking an ad
  • Meta Pixel (Facebook/Instagram): tracks page views and conversion events to measure advertising effectiveness and enable remarketing audiences on Facebook and Instagram

You may manage your cookie preferences through your browser settings. Most browsers allow you to block or delete cookies. Blocking analytics or advertising cookies will not affect your ability to use our commission services. You may also opt out of targeted advertising through:

  • Google: https://adssettings.google.com
  • Meta/Facebook: https://www.facebook.com/settings/?tab=ads
  • Network Advertising Initiative: https://optout.networkadvertising.org
  • Digital Advertising Alliance: https://optout.aboutads.info
  • Global Privacy Control (GPC): supported browser signal for universal opt-out

10. Changes to This Policy

We may update this Privacy Policy from time to time. The effective date at the top of this policy indicates when it was last updated. We encourage you to review this policy periodically.

11. Contact Us

For questions about this Privacy Policy or to exercise your data rights, please contact:

Ainsley Art Website: https://ainsleyart.com via chat.

In writing via USPS Certified Mail:

Ainsley Art
RE: Privacy C/O McCrossen Marketing
11844 Bander Rd.
Ste 300
Helotes, Texas 78023