Privacy policy

1. Data controller

The data controller is •••, whose registered office is at •••, registered under SIREN •••.

Contact for any question about personal data and to exercise your rights: •••.

This policy describes processing carried out by artchive.one in accordance with Regulation (EU) 2016/679 (GDPR) and the French Data Protection Act.

2. Scope

This policy applies to all data collected on artchive.one: browsing, waitlist sign-up, block purchase and generation, owner area, comments, reports and contact.

We apply data minimisation and privacy by design: only data strictly necessary for each purpose is collected.

3. Data processed and purposes

Block purchase and generation: prompt or image, title, attribution choice (anonymous by default), optional email, language, approximate country, amount paid, payment identifier, and — when detailed billing is enabled — the billing details collected at payment (name, postal address, phone, and VAT number for businesses). Purpose: contract performance (generation, permanent page, certificate) and issuing the receipt/invoice. Legal basis: performance of the contract (art. 6.1.b GDPR) and accounting legal obligation for invoicing.

Public display of your name: ONLY with your explicit consent, revocable at any time — legal basis: consent (art. 6.1.a). By default you are a “Private collector”; your legal identity is never displayed.

Payment and transaction: processed by Stripe, our PCI-DSS certified payment partner. Transaction data (amount, payment identifier, billing details) is collected and STORED SECURELY with our payment partner Stripe; we store NO card numbers. We keep a copy of the billing details and of the receipt and invoice links to meet our accounting and legal obligations. Legal basis: contract performance and legal obligation (accounting).

Contact form: name, email address and the content of your message, to handle and reply to your request. Legal basis: pre-contractual steps taken at your request and legitimate interest (support replies).

Waitlist: email and language, to notify you when an edition opens. Legal basis: consent (voluntary sign-up), withdrawable via the unsubscribe link.

Referral: referrer code and a technical key for the referee (email or hashed fingerprint), to attribute the reward. Legal basis: legitimate interest / contract performance.

Comments (guestbook): anonymous text, no identity collected. Legal basis: legitimate interest.

Content reports: permalink and reason, to handle unlawful content (DSA). Legal basis: legal obligation and legitimate interest.

Anti-abuse: an irreversible technical fingerprint (cryptographic hash) for purchase limits and anti-spam — never your raw IP address. Legal basis: legitimate interest (art. 6.1.f).

Audience measurement and marketing: only after consent via the cookie banner (see Cookies).

4. Mandatory or optional data

Data required to perform the contract (payment, block content) is mandatory: without it the purchase cannot be completed. Email is optional but recommended to receive your receipt, certificate and the management links for your block.

Displaying a public name, joining the waitlist and accepting measurement cookies are entirely optional and have no impact on access to the service.

When detailed billing is enabled, the billing details requested at payment (name, address and, for businesses, VAT number) are required to issue a compliant invoice; the phone number is optional.

5. Retention

Contractual data (purchase, invoicing): 10 years (accounting obligations).

Contact email: while the block exists or until erasure is requested.

Waitlist email: automatically deactivated (made inert, no longer used to contact you) 90 days after the edition opens, or at most 1 year after sign-up; permanently erased on request.

Anti-abuse fingerprints: 12 months maximum, then erased automatically.

Technical and audit logs: 90 days (security, traceability).

Cookie consent: 6 months (CNIL recommendation).

Contact requests: kept for as long as needed to handle the request, then archived for up to 3 years for evidence and relationship follow-up.

These durations are enforced automatically by a daily purge; beyond them, data is deleted or anonymised.

6. Recipients and processors

Your data is accessible only to authorised staff of the publisher and to its processors, bound by contract and confidentiality.

Processors: host (•••), Stripe (payments and secure storage of transaction and billing data), AI providers for image generation (your prompt is sent WITHOUT your identity), transactional email provider, anti-robot protection provider.

No data is sold or rented. No data is shared with third parties for advertising purposes.

7. Transfers outside the EU

Some processors (payment, image generation, security) may be located outside the European Union, notably in the United States.

These transfers are framed by appropriate safeguards: European Commission standard contractual clauses (art. 46 GDPR) and/or Data Privacy Framework adherence. The prompt sent to AI providers contains no identity data.

8. Minors

The service is open to persons aged at least 15. Below that, and until adulthood, use and any purchase require the consent of a legal guardian, who assumes responsibility for it.

No data is knowingly collected from a child under 15 without the consent of the holder of parental authority; where applicable, such data is deleted upon simple request to •••.

9. Your rights

You have the rights of access, rectification, erasure, restriction, portability, objection and consent withdrawal at any time: write to •••. We respond within one month.

For routine actions (attribution, prompt visibility, erasure), a self-service area is available on the site (“My data” page).

You may set directives regarding the fate of your data after your death.

Collective-artwork specificity: erasure removes your name and personal data (full anonymisation); the visual block, an integral part of the collective artwork sold to other participants, remains — this is the object of the contract accepted at purchase.

10. Complaint to the supervisory authority

If, after contacting us, you consider that your rights are not respected, you may lodge a complaint with the French data protection authority (CNIL), 3 place de Fontenoy, TSA 80715, 75334 Paris Cedex 07 — www.cnil.fr — or with your local supervisory authority.

11. Cookies and trackers

Audience-measurement and marketing trackers are set ONLY AFTER your consent, collected through a CNIL-compliant banner: accepting and refusing are equally simple, the choice is granular and revocable at any time via the “Cookies” footer link.

Strictly necessary cookies (session, security, checkout) are exempt from consent as they are essential to the site's operation.

Your consent (or refusal) is kept for 6 months, after which the choice is offered again.

12. No automated decision-making

A block's price is computed automatically from a public formula (zone and scarcity), but no decision producing legal effects concerning you is taken solely on the basis of automated processing, and no advertising profiling is performed.

13. Security

Encryption in transit (TLS), keys and secrets encrypted at rest (AES-256-GCM), hardened admin authentication (hashed password, two-factor, progressive lockout), strict input validation, action logging, and data minimisation applied to every public artefact (no email, no price, no transaction exposed).

In the event of a data breach likely to create a risk to your rights, we notify the CNIL within 72 hours and, where applicable, the data subjects, in accordance with articles 33 and 34 GDPR.

14. Changes to this policy

This policy may be updated to reflect legal or technical changes. The applicable version is the one published on this page; in case of a substantial change, appropriate information is provided.