Privacy Policy

1. Information We Collect

We collect information that you provide directly, that is created through your use of the platform, and limited technical data necessary to operate the service.

• Account information: name, email address, phone number, gallery or studio name, and role (gallery, foundry, studio, collector)
• Artwork records: titles, descriptions, dimensions, medium, edition details, images, provenance records, and certificates of authenticity
• Production data: milestone updates, production photos, notes, and timeline records posted by foundries and studios
• Collector information: name, email, shipping addresses, and collection records (entered by galleries on behalf of their collectors)
• Payment information: billing details processed exclusively by Stripe. We do not store credit card numbers, CVVs, or full payment account numbers on our servers.
• Usage data: pages visited, features used, device type, browser information, and IP address

2. How We Use Your Information

• Provide, maintain, and improve the Craftlog platform
• Generate and deliver certificates of authenticity and archival records
• Send transactional emails (edition assignments, production updates, certificate delivery) via SendGrid
• Process subscription payments via Stripe
• Monitor platform stability and diagnose errors via Sentry
• Respond to customer support requests
• Comply with legal obligations
• We do not sell your personal information. We do not use your data for advertising.

3. Data Storage and Infrastructure

Your data is stored using the following infrastructure providers:

• Database: PostgreSQL hosted on Railway. All structured data including account records, artwork metadata, edition registries, provenance records, and collector information is stored here.
• File storage: Cloudflare R2 for all uploaded files including artwork images, production photos, certificates of authenticity, and condition report documents. Files are accessed via signed URLs with limited expiry.
• All data is transmitted over HTTPS. Database access is restricted to authorized services. Passwords are hashed using industry-standard algorithms.

4. Third-Party Services

We share data with the following third-party service providers solely to operate the platform:

• Stripe— payment processing. Stripe receives billing details necessary to process subscription payments. Stripe’s privacy policy governs their handling of payment data.
• SendGrid — transactional email delivery. SendGrid receives recipient email addresses and message content for system notifications, certificate delivery, and production updates.
• Sentry — error monitoring. Sentry receives anonymized error reports and technical diagnostics to help us identify and fix platform issues. No personally identifiable artwork or collector data is sent to Sentry.
• Cloudflare — hosting, CDN, and file storage (R2). Cloudflare processes requests to deliver platform content and stores uploaded files.
• Railway — infrastructure and database hosting.

We never sell personal information to third parties. We never share collector data between galleries unless explicitly authorized by both parties.

5. How We Share Your Information

• With galleries: collector data is shared only with the gallery that created the collector relationship
• With collectors: artwork information, production updates, and certificates are shared as directed by the gallery
• With foundries and studios: only artwork and production job details relevant to their assigned work
• We may disclose information if required by law, regulation, or valid legal process

6. Data Retention and Deletion

• Account data: retained while your account is active. Upon account deletion request, personal data is removed within 30 days.
• Artwork and edition records: retained as long as the gallery account that created them is active
• Provenance records: retained permanently by design. Provenance records are append-only and form the historical record of artwork ownership. This is a core feature of the platform.
• Production photos and updates: retained as long as the associated edition record exists. Files are permanently deleted from Cloudflare R2 when the parent record is deleted.
• Payment records: retained as required by financial regulations (typically 7 years)
• Upon deletion: provenance records may be anonymized rather than deleted to preserve artwork history for future owners

7. Cookie Policy

Craftlog uses a minimal cookie approach:

• Authentication token: a single secure, HTTP-only cookie used to maintain your login session. This cookie is essential for the platform to function and cannot be disabled.
• No advertising cookies. We do not use tracking pixels, retargeting cookies, or any third-party advertising scripts.
• No analytics cookies. We do not use Google Analytics or similar third-party analytics services that place cookies on your browser.
• Because we only use a strictly necessary authentication cookie, no cookie consent banner is required under GDPR. However, we disclose this usage here for full transparency.

8. Your Rights (GDPR and CCPA)

Regardless of where you are located, we provide the following rights to all Craftlog users:

• Right to access: request a copy of all personal data we hold about you
• Right to correction: update inaccurate information through your account settings or by contacting us
• Right to deletion: request deletion of your personal data. Note: provenance records may be anonymized rather than deleted to preserve artwork history.
• Right to data portability: export all your data at any time through the platform’s data export feature (CSV, PDF certificates, images)
• Right to opt out: unsubscribe from non-transactional emails at any time
• Right to object: object to processing of your personal data for specific purposes

For EU/EEA residents (GDPR): we process your data under legitimate interest (providing the service you signed up for) and contractual necessity. You may lodge a complaint with your local data protection authority.

For California residents (CCPA): we do not sell your personal information. You have the right to know what data we collect, request deletion, and opt out of any future sale (though we have no plans to sell data). We will not discriminate against you for exercising your rights.

To exercise any of these rights, contact us at privacy@craftlog.io. We respond to all requests within 30 days.

9. Collectors’ Privacy

• Collectors’ personal information is managed by their gallery
• Collector data is never shared between galleries
• Collectors can request data access or deletion through their gallery or by contacting us directly at privacy@craftlog.io
• Collectors can view and manage their notification preferences
• Galleries are responsible for obtaining appropriate consent before entering collector data into the platform

10. Data Security

• All data transmitted over HTTPS/TLS
• Database access restricted to authorized services with environment-scoped credentials
• Passwords hashed using bcrypt
• File storage secured with signed URLs (15-minute expiry) — files cannot be accessed without a valid, time-limited link
• Regular security reviews and dependency audits
• In the event of a data breach, we will notify affected users and relevant authorities within 72 hours as required by applicable law

11. International Data Transfers

Craftlog is operated from the United States. If you access the platform from outside the United States, your information will be transferred to, stored, and processed in the United States. By using Craftlog, you consent to this transfer. We take reasonable measures to ensure your data is treated securely and in accordance with this Privacy Policy regardless of where it is processed.

12. Children’s Privacy

Craftlog is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us at privacy@craftlog.io and we will promptly delete it.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes via email at least 30 days before they take effect. The “Last updated” date at the top of this page indicates when the policy was last revised. Continued use of the platform after changes constitutes acceptance of the updated policy.