Privacy Policy
This Privacy Policy explains how US Creative Ideas LLC ("id.art", "we", "us", "our"), operator of the id.art platform and website at https://id.art (the "Service"), collects, uses, shares and protects your personal data. id.art lets you create, manage and share digital art identities and portfolios. This Policy is designed to meet the EU General Data Protection Regulation (GDPR), the UK GDPR and Data Protection Act 2018, the California Consumer Privacy Act as amended by the CPRA, and other applicable laws.
By using id.art, you agree to this Privacy Policy.
1. Who we are (controller)
US Creative Ideas LLC, 1875 K St NW, 5th Floor, Washington, D.C. 20006, United States.
- General & privacy enquiries: support@id.art
- Data protection contact: privacy@id.art
2. Scope
This Policy applies to visitors and registered users of id.art (artists and other users), and to anyone who contacts us or subscribes to our updates, wherever you are located — including the EU/EEA, the UK, California, the wider United States and elsewhere.
3. Personal data we collect
| Category | Examples | When |
|---|---|---|
| Account data | full name, email address, username, and the credentials used to sign in | when you register or sign in |
| Profile & content | biography, artworks and images, links, and other profile materials you add | when you build your profile or upload content |
| Newsletter / updates | email address | if you subscribe |
| Communications | the content of messages you send to support | if you contact us |
| Technical & security | IP address, device and browser information, usage data (pages visited, actions taken), log data | automatically |
| Analytics & advertising | usage events and identifiers — only if you consent (Google Analytics, X/Twitter Pixel, via Google Tag Manager) | with your consent |
4. How we use your data and our legal bases
| Purpose | Legal basis (Art. 6 GDPR) |
|---|---|
| Create and manage your account; provide and maintain the Service; display your profile and content | Performance of a contract |
| Personalise your experience; respond to enquiries and provide support | Legitimate interests |
| Send newsletters / marketing updates | Consent |
| Operate, secure and improve the platform; prevent fraud and abuse | Legitimate interests |
| Analytics & advertising | Consent |
| Comply with legal and accounting obligations | Legal obligation |
Where we rely on consent you may withdraw it at any time (see the Cookie Policy and "Cookie settings", or unsubscribe) without affecting processing carried out before withdrawal.
5. Accounts & sign-in
To use certain features you create an account. Sign-in is handled through our group single sign-on (SSO) service at oauth.art.art; you may sign in with an email and password and, where offered, with supported third-party identity providers. You are responsible for keeping your credentials confidential and for activity under your account.
6. Cookies, consent and tracking
We use the Usercentrics consent platform together with Google Consent Mode. Strictly necessary technologies (sign-in, security, consent storage) run the Service; analytics and advertising load only after you consent, and Google Tag Manager and its tags are not loaded before consent. We honour the Global Privacy Control (GPC) signal. Full details, and how to change your choice, are in our Cookie Policy.
7. Sharing and processors
We do not sell your personal data for money. We share it only with providers acting on our instructions under a data processing agreement, and where required by law (for example with legal authorities, or in connection with a merger or acquisition).
| Provider | Purpose | Location |
|---|---|---|
| Cloud hosting & infrastructure providers | Hosting, storage and delivery of the Service | US / global |
| Group identity service (oauth.art.art) | Account authentication (single sign-on) | EU / global |
| Usercentrics GmbH | Consent management | EU (Germany) |
| Google LLC | Tag Manager, Analytics, reCAPTCHA and Fonts | US |
| X Corp. | X (Twitter) Pixel — advertising (consent-based) | US |
| Google LLC (YouTube) | Embedded video content | US |
8. International transfers
We are based in the United States and several of our providers are in the US. If you are in the EU/EEA, the UK or elsewhere, your data may be transferred outside your region. Where it is, we rely on appropriate safeguards — Standard Contractual Clauses (with the UK Addendum where relevant) and, where applicable, the EU–US Data Privacy Framework. We maintain data processing agreements with our processors.
9. Retention
| Data | Retention |
|---|---|
| Account & profile data | while your account is active; deleted within a reasonable period after you close your account (subject to legal retention needs) |
| Support communications | up to 24 months after the matter is resolved |
| Newsletter subscription | until you unsubscribe |
| Analytics | per the Google Analytics setting (default 14 months) |
You may request deletion of your data at any time (see "Your rights"). The Usercentrics consent record is kept for up to 12 months; analytics and advertising cookies last up to about 2 years (see the Cookie Policy).
10. Your rights
EU / EEA / UK users. You have the right to access, rectification, erasure, restriction, portability and objection, and to withdraw consent. You may also complain to a supervisory authority: in the EU, your national data protection authority; in the UK, the Information Commissioner's Office (ico.org.uk).
California users (CCPA / CPRA). You have the right to know what we collect, to delete and correct your information, to opt out of its "sale" or "sharing", and to non-discrimination. We do not sell personal information for money; our use of advertising technology (the X/Twitter Pixel) may constitute "sharing" for cross-context behavioural advertising. You can opt out via the cookie banner "Reject", the "Do Not Sell or Share My Personal Information" / "Your Privacy Choices" control, or a Global Privacy Control (GPC) signal, which we honour.
To exercise any of these rights, contact support@id.art or privacy@id.art; we respond within the time required by applicable law.
11. Children
The Service is not directed to children under 13 (or under 16 in the EU). We do not knowingly collect personal data from children below the applicable age.
12. Security
We use appropriate technical and organisational measures to protect your personal data, including encryption, access controls and secure storage. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.
13. Changes and contact
We may update this Policy from time to time; the "Last updated" date above will change, and we will notify you of significant changes through the Service or by email. Questions:
US Creative Ideas LLC · 1875 K St NW, 5th Floor, Washington, D.C. 20006, United States · support@id.art · privacy@id.art.