ArtVault Works

Privacy Policy

Last updated: February 10, 2026

1. Introduction

ArtVault Works (“we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform at artvaultworks.com and any related services (collectively, the “Service”).

2. Information We Collect

Account Information

When you create an account, we collect your name, email address, password, and role selection (gallery, artist, or collector). You may optionally provide a business name, phone number, website, address, and bio.

Artwork & Inventory Data

We store artwork information you enter including titles, descriptions, dimensions, pricing, images, provenance, condition reports, and any other details you provide about your artworks.

Contact & CRM Data

Contact information you add to your CRM including names, emails, phone numbers, addresses, and relationship notes.

Usage Data

We automatically collect information about how you use the Service, including pages visited, features used, viewing room analytics, and device/browser information.

Uploaded Content

Images and files you upload to the platform are stored securely in our cloud storage infrastructure.

3. How We Use Your Information

We use your information to:

  • Provide, maintain, and improve the Service
  • Process transactions and send related information
  • Send administrative notifications (security alerts, support messages)
  • Generate viewing room analytics for your presentations
  • Provide customer support
  • Detect and prevent fraud or abuse

4. Data Storage & Security

Your data is stored on Supabase, which uses Amazon Web Services (AWS) infrastructure with encryption at rest and in transit. We implement row-level security policies to ensure users can only access their own data. Images are stored in secure cloud storage buckets with access controls.

5. Third-Party Services

We use the following third-party services:

  • Supabase — Database, authentication, and file storage
  • Vercel — Website hosting and deployment
  • Square / PayPal — Payment processing (only if you enable e-commerce)
  • Resend — Transactional email delivery

Each service has its own privacy policy governing their use of your data.

6. Data Sharing

We do not sell your personal information. We may share your information only:

  • With your consent
  • To comply with legal obligations
  • To protect our rights and prevent fraud
  • With service providers who assist in operating the Service (under strict data processing agreements)

When you create public viewing rooms or portfolio websites, the content you choose to make public will be accessible to anyone with the link.

7. Your Rights

You have the right to:

  • Access your data at any time through your account dashboard
  • Export your data using our CSV export functionality
  • Correct inaccurate information through your account settings
  • Delete your account and associated data by contacting support
  • Restrict processing of your data in certain circumstances
  • Object to processing based on legitimate interests
  • Data portability — receive your data in a structured, commonly used format

8. GDPR Compliance (EU Users)

If you are located in the European Economic Area (EEA), we process your data under the following legal bases:

  • Contract performance — to provide the Service you signed up for
  • Legitimate interests — to improve the Service and prevent fraud
  • Consent — for optional analytics and marketing communications

You may withdraw consent at any time. You also have the right to lodge a complaint with your local supervisory authority.

9. CCPA Compliance (California Users)

California residents have additional rights under the CCPA, including the right to know what personal information we collect, the right to delete it, and the right to opt-out of the sale of personal information. We do not sell personal information.

10. Cookies

We use essential cookies to maintain your authentication session and preferences. For details, see our Cookie Policy.

11. Data Retention

We retain your data for as long as your account is active. If you delete your account, we will remove your personal data within 30 days, except where we are required to retain it for legal purposes.

12. Children's Privacy

The Service is not intended for children under 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected such data, we will delete it promptly.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the “Last updated” date.

14. Contact Us

If you have questions about this Privacy Policy or your data, contact us at:

privacy@artvaultworks.com