HEVA

Privacy Policy

1. Introduction

Heva Unique Art Gallery ("we," "our," "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, and safeguard your information when you visit our website or make a purchase.

2. Data We Collect

We collect the following personal information:

  • Purchase information: Full name, email address, shipping address
  • Commission inquiries: Full name, email, phone (optional), project details
  • Contact form: Name, email, message content
  • Analytics data: Page views, session duration (via Google Analytics 4, with consent)

We never store credit card or payment data. All payment processing is handled securely by Stripe. Card information never touches our servers.

3. How We Use Your Data

  • To process and fulfill your order
  • To communicate about your purchase or commission inquiry
  • To send order confirmation and shipping updates
  • To respond to contact form messages
  • To analyze website traffic and improve our services (with consent)

4. Data Retention

  • Order data (name, email, shipping address): Retained for 3 years
  • Commission inquiry data: Retained for 2 years
  • Analytics data: Per Google Analytics retention settings

5. Third-Party Services

We use the following third-party services to operate our business:

  • Stripe — Payment processing
  • Supabase — Database and authentication
  • Cloudinary — Image delivery and optimization
  • Resend — Transactional email delivery
  • Google Analytics 4 — Website analytics (with consent)
  • Vercel — Website hosting

6. Cookies

We use cookies only for essential site functionality and analytics (with your consent). A cookie consent banner is displayed on your first visit. You may accept or decline analytics cookies. Essential cookies required for site functionality cannot be disabled.

7. Your Rights (GDPR)

If you are located in the EU/EEA, you have the right to:

  • Access your personal data
  • Request correction of inaccurate data
  • Request deletion of your data
  • Object to processing of your data
  • Request data portability
  • Withdraw consent at any time

To exercise these rights, contact us via our contact form.

8. Data Security

We implement appropriate security measures including encryption at rest, HTTPS/SSL encryption in transit, and access controls to protect your personal data. No data is sold or shared with third parties for marketing purposes.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page. We encourage you to review this page periodically.

10. Contact

For privacy-related questions or requests, please use our contact form or email us at geni@hevauniqueart.com.

Last updated: February 2026