2. PRIVACY POLICY

Illumine Canvas (“we,” “us,” or “our”) respects your privacy and is committed to protecting the personal information you share with us. This Privacy Policy explains what information we collect, how we use it, with whom we share it, and the rights and choices you have. This Policy applies to information collected through www.illuminecanvas.com and related communications.

2.1 Information We Collect

a) Information You Provide Directly

•      Contact details: name, email address, mailing address, phone number.

•      Order and billing information: shipping address, billing address, payment details (processed by secure third-party processors).

•      Account information (if accounts are offered): username, password, profile details.

•      Communications: messages, inquiries, commission briefs, feedback, testimonials, survey responses.

•      Newsletter and marketing subscriptions: email address and preferences.

b) Information Collected Automatically

•      Technical data: IP address, browser type, device type, operating system, referring URL.

•      Usage data: pages visited, time spent on pages, links clicked, scrolling behavior, traffic sources.

•      Cookies and similar tracking technologies (see Section 2.5 below).

c) Information from Third Parties

We may receive limited information from payment processors, shipping carriers, social media platforms (if you interact with our profiles), and analytics providers, used solely to fulfill orders, improve services, or comply with legal obligations.

2.2 How We Use Your Information

We use the personal information we collect for the following purposes:

•      To process and fulfill orders, including payment, shipping, and customer communications.

•      To respond to inquiries, commission requests, and customer service issues.

•      To send newsletters, promotional emails, or marketing communications (only with your consent, where required).

•      To improve the Website, products, and user experience through analytics and feedback.

•      To prevent fraud, enforce our Terms, and comply with legal obligations.

•      To personalize your browsing and shopping experience.

2.3 Legal Basis for Processing (for EU/EEA Visitors)

If you are located in the European Economic Area (EEA) or the United Kingdom, we process your personal data on the following legal bases under the General Data Protection Regulation (GDPR):

•      Performance of a contract (e.g., processing your order).

•      Consent (e.g., marketing emails, optional cookies).

•      Legitimate interests (e.g., fraud prevention, improving our services).

•      Legal obligations (e.g., tax records, regulatory compliance).

2.4 Sharing of Information

We do not sell, rent, or trade your personal information. We may share limited information with trusted third parties only as necessary to operate our business, including:

•      Payment processors (e.g., Stripe, PayPal, Square) to securely process transactions.

•      Shipping carriers (e.g., USPS, UPS, FedEx, DHL) to deliver your orders.

•      E-commerce and website platforms (e.g., Shopify, WooCommerce, Squarespace) that host our Website.

•      Email marketing providers (e.g., Mailchimp, ConvertKit, Substack) for newsletters and announcements.

•      Analytics providers (e.g., Google Analytics) to understand Website usage.

•      Legal and regulatory authorities, if required by law, subpoena, or court order.

All third-party providers are contractually required to handle your data in accordance with applicable data protection laws.

2.5 Cookies and Tracking Technologies

Our Website uses cookies and similar technologies (pixels, web beacons, local storage) to provide essential functionality, remember preferences, analyze traffic, and personalize content. Cookies may be:

•      Essential: required for the Website to function (e.g., shopping cart, secure checkout).

•      Functional: remember your preferences and settings.

•      Analytics: help us understand how visitors interact with the Website.

•      Marketing: deliver relevant ads and measure campaign performance.

You can control or disable cookies through your browser settings; however, doing so may affect Website functionality. Where required by law, we will request your consent before placing non-essential cookies.

2.6 Data Retention

We retain personal information only as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, tax, and reporting requirements. Order records are typically retained for a minimum of seven (7) years for tax and audit purposes. Marketing data is retained until you unsubscribe or request deletion.

2.7 Data Security

We implement reasonable administrative, technical, and physical safeguards designed to protect your personal information against unauthorized access, alteration, disclosure, or destruction. This includes SSL encryption for transmitted data, secure payment processing through PCI-compliant providers, and limited access to personal data. However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

2.8 Your Rights and Choices

Depending on your jurisdiction (including the EU/EEA under GDPR, California under CCPA/CPRA, and other state and international privacy laws), you may have the following rights:

•      Right to access the personal information we hold about you.

•      Right to correct inaccurate or incomplete information.

•      Right to request deletion of your personal information (“right to be forgotten”).

•      Right to restrict or object to processing.

•      Right to data portability.

•      Right to withdraw consent at any time (where processing is based on consent).

•      Right to opt out of the “sale” or “sharing” of personal information (we do not sell personal information).

•      Right to lodge a complaint with a supervisory authority.

To exercise any of these rights, contact us at [INSERT EMAIL]. We will respond to verified requests within the time frames required by applicable law (typically 30–45 days).

2.9 Children’s Privacy

The Website is not directed at children under the age of 13 (or 16 in the EU/EEA). We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us immediately so we can delete it.

2.10 International Data Transfers

Illumine Canvas is based in the United States. If you access the Website from outside the U.S., please note that your information may be transferred to, stored in, and processed in the United States, where data protection laws may differ from those in your jurisdiction. By using the Website, you consent to such transfers.

2.11 Third-Party Links

The Website may contain links to external sites that are not operated by us. We are not responsible for the privacy practices or content of third-party sites. We encourage you to review their privacy policies before sharing any personal information.

2.12 Updates to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other reasons. The “Last Updated” date will be revised accordingly. Material changes will be communicated through prominent notice on the Website or by email where appropriate.

2.13 Contact Us About Privacy

For any privacy-related questions, requests, or concerns, contact:

Illumine Canvas — Privacy Officer

Website: www.illuminecanvas.com

Address: Rochester Hills, Michigan, USA