Personal data is collected via the forms you submit when interacting with Whimsy services, such as when registering an account, gallery or artwork.
Personal data that may be requested includes:
The content of the galleries or artworks you register may incidentally contain personal data.
Your use of Whimsy services may be logged.
The minimum amount of personal data that is required for functionality of Whimsy services is collected.
Activity logs are analyzed to improve security, performance and user experience.
Communication with Whimsy services is encrypted using HTTPS to reduce the risk of personal data being intercepted.
User passwords are held encrypted according to current best practices and haveibeenpwned.com is used (without sharing your password) to disallow over 517 million passwords previously exposed in data breaches.
If you lose access to a device that is logged in to Whimsy services, you can remotely logout all sessions at whimsy.art/logout.
Whimsy strives to explain how your personal data will be shared when it’s collected in forms such as user registration and settings, or when confirming user interactions such as requesting to exhibit an artwork.
The following personal data is shared with the public for user profiles:
The following personal data is occasionally shared with relevant users as a result of user interactions to enable Whimsy services functionality:
Third party companies or individuals may be employed to facilitate or analyze Whimsy services. They will only access your personal data to perform tasks on our behalf and are obligated not to disclose or use it for any other purpose.
Whimsy may be compelled to share your personal data with authorities according to the laws and regulations where the data is held (mostly the USA) or where Whimsy operates from (Australia).