Privacy Policy

Please read this agreement carefully before accessing or using the website. You agree to abide by the terms and conditions of this agreement by accessing or using any part of the website. Oxaart (“us,” “we,” or “our”) operates the https://www.oxaart.com website (the “Service”). This page informs you of our policies regarding collecting, using, and disclosing personal data when you use our service and the choices you have associated with that data. We use your data to provide and improve the service. By using the service, you agree to the collection and use of information per this policy.

The type of personal information we collect

When ordering or registering on our site, you may be asked to enter your name, email address, mailing address, phone number, credentials, or other details to help you with your experience. When the individual requests its removal, we will keep this information on file for as long as is necessary.

When do we collect information and How do we use your information?

We collect information from you when you register or fill up any form on our site, place an order, subscribe to a newsletter, respond to a survey, fill out a form, open a support ticket, enter information on our site, and provide us with feedback on our products or services.

We may use the information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways:

  • To personalize your experience and to allow us to deliver the type of content and product offerings in which you are most interested.
  • To improve our website to serve you better.
  • To allow us to better serve you in responding to your customer service requests.
  • To administer a contest, promotion, survey, or other site feature.
  • To quickly process your transactions.
  • To ask for ratings and reviews of services or products
  • To follow up with them after correspondence (email or phone inquiries),

Data collection on our website

We collect personal information when you provide it to us, automatically as you navigate through the Sites or other people when you use services associated with with with themes. We also collect your personal information when you provide it to us when you complete user registration and submit a support (or pre-purchase) request, subscribe to a newsletter, or email list, submit feedback, fill out a survey, or send us a communication.

Cookies

Some of our web pages use cookies. Cookies do not harm your computer and do not contain any viruses. Cookies help make our website more user-friendly, efficient, and secure. Cookies are small text files stored on your computer and saved by your browser.

Most of the cookies we use are so-called “session cookies.” They are automatically deleted after your visit. Other cookies remain in your device’s memory until you delete them. These cookies make it possible to recognize your browser when you visit the site. We use permanent cookies to enable users who have not logged in store specific website settings in their browser (like dismissing the cookie bar or disabling features like Youtube videos or Google Analytics tracking)

If you leave a comment on our site, you may opt-in to save your name, email address, and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will set up several cookies to save your login information and screen display choices. Login cookies last two days, and screen options cookies last for a year. If you select “Remember Me,” your login will persist for two weeks. The login cookies will be removed if you log out of your account.

Server log files

The website provider automatically collects and stores information your browser transmits to us in “server log files.” These are:

  • Browser type and browser version
  • Operating system used
  • Referrer URL
  • The hostname of the accessing computer
  • Time of the server request
  • IP address
  • These data will not be combined with data from other sources.

The basis for data processing is Art. 6 (1) (f) GDPR, which allows data processing to fulfill a contract or measures preliminary to a contract.

Registration on this website

You can register on our website to access additional functions offered here. The input data will only be used to use the respective site or service you have registered. The mandatory information requested during registration must be provided in full. Otherwise, we will reject your registration.

We will use the email address specified during registration to inform you about significant changes, such as those within the scope of our site or technical changes.

We will only process the data provided during registration based on your consent per Art. 6 (1)(a) GDPR. You may revoke your consent at any time with future effect. The data processed before we receive your request may still be legally processed.

An informal email making this request is sufficient.

We will continue to store the data collected during registration for as long as you remain registered on our website. Statutory retention periods remain unaffected.

Third party access to your data

We don’t share your data with third parties in a way as to reveal any of your personal information like email, name, etc. The only exceptions to that rule are for partners we have to share limited data with to provide the services you expect from us. Please see below:

Google Analytics

This website uses Google Analytics, a web analytics service. It is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google Analytics uses so-called “cookies.” These are text files that are stored on your computer and that allow an analysis of the use of the website by you. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. Google Analytics cookies are stored based on Art. 6 (1) (f) GDPR. The website operator is interested in analyzing user behavior to optimize its website and advertising. If you want to opt out of Google Analytics monitoring your behavior on our site.

Youtube

Our website uses plugins from YouTube, which Google operates. The operator of the pages is YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. A connection to the YouTube servers is established if you visit one of our pages featuring a YouTube plugin. Here the YouTube server is informed about which of our pages you have visited. If you’re logged in to your YouTube account, YouTube allows you to associate your browsing behavior directly with your profile. You can prevent this by logging out of your YouTube account. YouTube is used to help make our website appealing and also to display the capabilities of the website. This constitutes a justified interest under Art. 6 (1) (f) GDPR.

Google Fonts

For uniform representation of fonts, this page uses web fonts provided by Google. When you open a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly. For this purpose, your browser has to establish a direct connection to Google servers. Google thus becomes aware that our web page was accessed via your IP address. The use of Google Web fonts is done in the interest of a uniform and attractive presentation of our website and also to display the capabilities of the website. This constitutes a justified interest under Art. 6 (1) (f) GDPR. If your browser does not support web fonts, a standard font is used by your computer.

Facebook

Our website includes plugins for the social network Facebook, Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA. The Facebook plugins can be recognized by the Facebook logo or the Like button on our site. When you visit our site, a direct connection between your browser and the Facebook server is established via the plugin. This enables Facebook to receive information that you have visited our site from your IP address. If you click on the Facebook “Like button” while you are logged into your Facebook account, you can link the content of our site to your Facebook profile. This allows Facebook to associate visits to our site with your user account. Please note that, as the operator of this site, we do not know the content of the data transmitted to Facebook or how Facebook uses these data.

X (Formerly Twitter)

The functions of the X service have been integrated into our website and app. X Inc. offers these features at 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. When you use X and the “Retweet” function, the websites you visit are connected to your X account and made known to other users. In doing so, data will also be transferred to X. We want to point out that, as the provider of these pages, we do not know the content of the data transmitted or how X will use it.

Instagram

Our website contains the functions of the Instagram service. Instagram Inc. offers these functions at 1601 Willow Road, Menlo Park, CA 94025, USA. If you are logged into your Instagram account, you can click the Instagram button to link the content of our pages with your Instagram profile. This means that Instagram can associate visits to our pages with your user account. As the provider of this website, we expressly point out that we receive no information on the content of the transmitted data or its use by Instagram.

Font Awesome

We use Font Awesome fonts loaded from a CDN on the site. Font Awesome requires an IP address to be collected and stored at the CDN location, and it collects data about what icon files are downloaded and when.

Cloudflare

We use Cloudflare for our website security, CDN, page optimization, etc. Cloudflare maintains GDPR and privacy policy. They believe that protecting their customers’ and end users’ data is fundamental to this mission.

How we keep your personal information secure

Our website is scanned regularly for security holes and known vulnerabilities to make your visit to our site as safe as possible. We use regular malware scanning services.

Your personal information is contained behind secured networks. It is only accessible by a limited number of persons with special access rights to such systems and must keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.

We implement various security measures when a user places an order, enters, submits, or accesses their information to maintain the safety of your personal information.

All transactions are processed through a gateway provider and are not stored or processed on our servers.

Our hosting provider adheres to the EU/US “Privacy Shield,” ensuring that your data is securely stored and GDPR compliant.

Our security measure

We use the SSL/HTTPS protocol throughout our site. This encrypts our user communications with the servers so that personally identifiable information is not captured/hijacked by third parties without authorization. In case of a data breach, system administrators will immediately take all necessary steps to ensure system integrity, contact affected users, and attempt to reset passwords if needed.

Third-party disclosure

We do not sell, trade, or otherwise transfer your Personally Identifiable Information to outside parties unless we provide users with advance notice. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or serving our users, so long as those parties agree to keep this information confidential. We may also release information when it’s appropriate to comply with the law, enforce our site policies, or protect others’ rights, property, or safety.

However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.

While we make every effort to preserve your privacy, personal information may be disclosed when required by law where we have a good-faith belief that such action is necessary to comply with a judicial proceeding, court order, or legal process.

COPPA (Children Online Privacy Protection Act)

When collecting personal information from children under 18, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, the nation’s consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online. We do not specifically market to children under 13.

Fair Information Practices

The Fair Information Practices Principles form the backbone of privacy law in the United States, and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.

To be in line with Fair Information Practices, we will take the following responsive action should a data breach occur:

  • We will notify you via email within ten business days.

We also agree with the Individual Redress Principle, which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users but also that individuals have recourse to courts or government agencies to investigate and prosecute non-compliance by data processors.

CAN-SPAM Act

The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.

We collect your email address in order to:

  • Send information, respond to inquiries, and/or other requests or questions
  • Send information and updates about work orders.
  • Send you additional information related to your product and/or service
  • Market to our mailing list or continue to send emails to our clients after the original transaction has occurred.

To be by CAN-SPAM, we agree to the following:

  • Not use false or misleading subjects or email addresses.
  • Identify the message as an advertisement in some reasonable way.
  • Include the physical address of our business or site headquarters.
  • Monitor third-party email marketing services for compliance if one is used.
  • Honor opt-out/unsubscribe requests quickly.
  • Allow users to unsubscribe by using the link at the bottom of each email.

If at any time you would like to unsubscribe from receiving future emails, you can email us at [email protected] follow the instructions at the bottom of each email, and we will promptly remove you from ALL correspondence.

Who has access to your data

If you are not a registered client for our site, there is no personal information we can retain or view regarding you. If you are a client with a registered account, your data can be accessed by:

  • Our system administrators.
  • Our support agents, when they (to provide support) need to get the information about the client accounts and access.

How long we retain your data

If you complete a purchase on our website, our system automatically creates an account for you to store your order data and create your subscription. This account information is stored indefinitely to allow us to keep accurate records of any data we are obliged to keep for administrative, legal, or security purposes.

If you fill out one of our contact forms, your data is stored in our website database indefinitely. This information is stored in our website backups for 90 days.

If you sign up for our mailing list, your data is stored indefinitely or until that data is no longer valid or necessary for us to contact you by our mailing list procedures.

What data breach procedures we have in place

The third-party services we use to store data are equipped to monitor unauthorized access and share any known system breaches with us. These third-party services include Cloudflare, MalCare, iTheme Security, and Google.com.

Additionally, if, at any point, Oxaart becomes aware of a data breach through one of the third parties listed above or by our measures, we will immediately contact all affected parties and also take immediate action by the rules and regulations of the authority having jurisdiction.

Notification of changes

We reserve the right to amend the privacy policy to bring it in line with changes in the legal situation or the event of modifications to the service or data processing related to our services. If we change our privacy policy, we will post those changes to this privacy statement. Please check this page for updates regularly.

If you have any questions about this Privacy Policy, please get in touch with us via our contact form.

Update Date: September 26, 2023.