Who I am

My website address is:


When visitors leave comments on the site I collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: After approval of your comment, your profile picture is visible to the public in the context of your comment.


If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.


If you leave a comment on my site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit my login page, I will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, I will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Who we share your data with

If you request a password reset, your IP address will be included in the reset email.

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so I can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on my website (if any), I also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data I hold about you, including any data you have provided to me. You can also request that I erase any personal data I hold about you. This does not include any data I am obliged to keep for administrative, legal, or security purposes.

Where your data is sent

Visitor comments may be checked through an automated spam detection service.

Controller of this register

Damian Whitley

Contact me at

Your privacy is critically important to me. As an artist, blogger, and fellow human, I have a few fundamental principles:

  • I am thoughtful about the personal information I ask you to provide and the personal information that I collect about you through the operation of my services.
  • I store personal information for only as long as I have a reason to keep it.
  • I aim to make it as simple as possible for you to control what information is shared publicly (or kept private) and permanently deleted.
  • I aim for full transparency on how I gather, use, and share your personal information.

Below is my Privacy Policy, which incorporates and clarifies these principles.

Who I am and What This Policy Covers

I am the designer behind the Damian Whitley website and its related social media platforms. This site was designed to serve as a gateway through which I sell prints of my decoupage art, portfolio for my work, and as a way to contact me for order questions and inquiries.

This Privacy Policy applies to information that I collect about you when you use:

  • My website, ;
  • Any of my shop links; although I am not responsible for any information third party sites may collect about you.

Throughout this Privacy Policy I’ll refer to my website, and other products and services collectively as “Services.”

Below we explain how I collect, use, and share information about you, along with the choices that you have with respect to that information.

Creative Commons Sharealike License

An altered version of this Privacy Policy is available under a Creative Commons Sharealike license. You can grab a copy of that version of this Privacy Policy and other legal documents on GitHub. You’re more than welcome to copy it, adapt it, and repurpose it for your own use. Just make sure to revise the language so that your policy reflects your actual practices. If you do use it, I’d appreciate a credit and link to its original publisher, Automattic, somewhere on your site.

Information I Collect

I respect your privacy and only collect information about you if I have a reason to do so — for example, to provide my Services, to communicate with you, or to make my Services better.

I collect this information from three sources: if and when you provide information to I, automatically through using my Services, and from outside sources. Let’s go over the information that I collect.

Information You Provide to Us

It’s probably no surprise that I collect information that you provide to me directly. Here are some examples:

  • Basic account information: I may ask for basic information from you if you wish to leave a comment, follow my blog, or sign up for my mailing list. For example, I may require individuals who sign up for my mailing list to provide an email address and a username or name — and that’s it. You may provide me with more information — like your address and other information you want to share — but I don’t require that information.
  • Payment and contact information: If you buy something from me, I’ll collect information to process that payment and contact you. For example, if you purchase a print or order a commission piece, you’ll provide additional personal and payment information like your name, credit card information, and contact information. I also keep a record of the purchases you’ve made. I will not use this information in any way outside what is required for these services.
  • Content information: You might provide me with information about you in draft and published content (a blog post or comment that includes biographic information about you, or any media or files you upload). My commission work does require photo references, however any media or files you upload will not be used except, to create the original work, without your express permission.
  • Communications with me (Hi there!): You may also provide me with information when you respond to emails, communicate with me about a support question, post a question or comment, or sign up for a newsletter. When you communicate with me via form, email, comment, or otherwise, I store a copy of our communications (including any call recordings as permitted by applicable law).

Information I Collect Automatically

I also collect some information automatically:

  • Log information: Like most online websites, my site collects information that web browsers, mobile devices, and servers typically make available, including the browser type, IP address, unique device identifiers, language preference, referring site, the date and time of access, operating system, and mobile network information. It collects log information when you use my Services — for example, when you make a comment, or contact me about a commission.
  • Usage information: I collect information about your usage of my Services. For example, I collect information about what happens when you use my Services (e.g., page views, interactions with me, and other aspects of my Services. I use this information to, for example, provide my Services to you, get insights on how people use my Services so I can make my Services better.
  • Location information: I may determine the approximate location of your device from your IP address. I collect and use this information to, for example, calculate how many people visit my Services from certain geographic regions.
  • Information from cookies & other technologies: A cookie is a string of information that a website stores on a visitor’s computer, and that the visitor’s browser provides to the website each time the visitor returns. Pixel tags (also called web beacons) are small blocks of code placed on websites and emails. My website uses cookies and other technologies like pixel tags to help me identify and track visitors, usage, and access preferences for my Services, as well as track and understand email campaign effectiveness. For more information about my use of cookies and other technologies for tracking, including how you can control the use of cookies, please see my Cookie Policy.

Information We Collect from Other Sources

We may also get information about you from other sources. For example, if you use Google or a social media platform to access my site, I may receive information you have linked publicly from those accounts. As another example, if you use WooCommerce Payments, I’ll receive information relating to your Stripe account, such as your email address and phone number. The information I receive depends on which services you use or authorize and what options are available.

How and Why I Use Information

Purposes for Using Information

I use information about you for the purposes listed below:

  • To provide my Services. For example, to sell art prints and products, take on art commissions, provide customer service, process payments and orders, and verify user information.
  • To ensure quality, maintain safety, and improve my Services. For example, by providing automatic upgrades and new versions of my Services. Or, for example, by monitoring and analyzing how users interact with my Services so I can create new features that I think our users will enjoy or make my Services easier to use.
  • To measure, gauge, and improve the effectiveness of my marketing. 
  • To protect my Services, my clients, and the public. For example, by detecting security incidents; detecting and protecting against malicious, deceptive, fraudulent, or illegal activity; fighting spam; complying with my legal obligations; and protecting the rights and property of Damian Whitley and others, which may result in me, for example, declining a transaction or terminating Services.
  • To fix problems with my Services. For example, by monitoring, debugging, repairing, and preventing issues.
  • To communicate with you. For example, by emailing you to ask for your feedback or keep you up to date on Damian Whitley designs. If you don’t want to hear from me, you can opt out of communications at any time. (If you opt out, I’ll send you an email confirming such)

Legal Bases for Collecting and Using Information

A note here for those in the European Union about my legal grounds for processing information about you under EU data protection laws, which is that my use of your information is based on the grounds that:

(1) The use is necessary in order to fulfill my commitments to you under the applicable terms of service or other agreements with you or is necessary to administer your account — for example, in order to enable access to our website on your device or charge you for a paid work; or

(2) The use is necessary for compliance with a legal obligation; or

(3) The use is necessary in order to protect your vital interests or those of another person; or

(4) I have a legitimate interest in using your information — for example, to provide and update my Services; to improve my Services so that I can offer you an even better user experience; to safeguard my Services; to communicate with you; to measure, gauge, and improve the effectiveness of my advertising; and to understand my user retention and attrition; to monitor and prevent any problems with my Services; or

(5) You have given me your consent — for example before my site places certain cookies on your device, as described in my Cookie Policy.


What we collect and store

For the purposes of processing recurring subscription payments, we store the customer’s name, billing address, shipping address, email address, phone number and credit card/payment details.

How Long I Keep Information

I generally discard information about you when it’s no longer needed for the purposes for which I collect and use it — described in the section above on How and Why I Use Information. I am required to keep financial information used in transactions and relevant customer data for 7-10 years.

For example, I keep web server logs that record information about a visitor to my website, like the visitor’s IP address, browser type, and operating system. I retain the logs for this period of time in order to, among other things, analyze traffic to my website and investigate issues if something goes wrong on the site.

Sharing Information

How I Share Information

I share information about you in limited circumstances, and with appropriate safeguards on your privacy. These are spelled out below, as well as in the section called Ads and Analytics Services Provided by Others:

  • Third-party vendors: I may share information about you with third-party vendors who need the information in order to provide their services to me, or to provide their services to you. This includes vendors that help me provide my Services to you (like Stripe, which powers WooCommerce Payments, payment providers that process your credit and debit card information, fraud prevention services that allow me to analyze fraudulent payment transactions, cloud storage services, postal and email delivery services that help me stay in touch with you or mail prints and commission work to you, email support services that help me communicate with you; those that help me understand and enhance my Services (like analytics providers); those that make tools to help me run my operations (like programs that help me with task management, scheduling, word processing, email and other communications); other third-party tools that help me manage operations; and companies that make products available on my, who may need information about you in order to, for example, provide technical or other support services to you.
  • Business transfers: In connection with any merger, sale of company assets, or acquisition of all or a portion of our business by another company, or in the unlikely event that Damian Whitley goes out of business or enters bankruptcy, user information would likely be one of the assets that is transferred or acquired by a third party. If any of these events were to happen, this Privacy Policy would continue to apply to your information and the party receiving your information may continue to use your information, but only consistent with this Privacy Policy.
  • Aggregated or de-identified information: I may share information that has been aggregated or de-identified, so that it can no longer reasonably be used to identify you. For instance, I may publish aggregate statistics about the use of my Services, or share a hashed version of your email address to facilitate customized ad campaigns on other platforms.

I have a policy that I do not sell our users’ data. I am not a data broker, I don’t sell your personal information to data brokers, and I don’t sell your information to other companies that want to spam you with marketing emails.

What we collect and store

While you visit our site, we’ll track:

  • Products you’ve viewed: we’ll use this to, for example, show you products you’ve recently viewed
  • Location, IP address and browser type: we’ll use this for purposes like estimating taxes and shipping
  • Shipping address: we’ll ask you to enter this so we can, for instance, estimate shipping before you place an order, and send you the order!

We’ll also use cookies to keep track of cart contents while you’re browsing our site.

Note: you may want to further detail your cookie policy, and link to that section from here.

When you purchase from us, we’ll ask you to provide information including your name, billing address, shipping address, email address, phone number, credit card/payment details and optional account information like username and password. We’ll use this information for purposes, such as, to:

  • Send you information about your account and order
  • Respond to your requests, including refunds and complaints
  • Process payments and prevent fraud
  • Set up your account for our store
  • Comply with any legal obligations we have, such as calculating taxes
  • Improve our store offerings
  • Send you marketing messages, if you choose to receive them

If you create an account, we will store your name, address, email and phone number, which will be used to populate the checkout for future orders.

We generally store information about you for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it. For example, we will store order information for XXX years for tax and accounting purposes. This includes your name, email address and billing and shipping addresses.

We will also store comments or reviews, if you choose to leave them.

Who on our team has access

Members of our team have access to the information you provide us. For example, both Administrators and Shop Managers can access:

  • Order information like what was purchased, when it was purchased and where it should be sent, and
  • Customer information like your name, email address, and billing and shipping information.

Our team members have access to this information to help fulfill orders, process refunds and support you.

What we share with others

In this section you should list who you’re sharing data with, and for what purpose. This could include, but may not be limited to, analytics, marketing, payment gateways, shipping providers, and third party embeds.

We share information with third parties who help us provide our orders and store services to you; for example —

MailPoet newsletter & emails

If you have subscribed to our newsletter or if you are a member of our website (you can log in) or if you have purchased on our website, there is a good chance you will receive emails from us.

We will only send you emails which you have signed up to receive, or which pertain to the services we provided to you.

To send you emails, we use the name and email address you provide us. Our site also logs the IP address you used when you signed up for the service to prevent abuse of the system.

This website can send emails through the MailPoet sending service. This service allows us to track opens and clicks on our emails. We use this information to improve the content of our newsletters.

No identifiable information is otherwise tracked outside this website except for the email address.

MailPoet creates and stores two cookies if you are using WooCommerce and MailPoet together. Those cookies are:

Cookie name: mailpoet_revenue_tracking
Cookie expiry: 14 days.
Cookie description: The purpose of this cookie is to track which newsletter sent from your website has acquired a click-through and a subsequent purchase in your WooCommerce store.

Cookie name: mailpoet_abandoned_cart_tracking
Cookie expiry: 3,650 days.
Cookie description: The purpose of this cookie is to track a user that has abandoned their cart in your WooCommerce store to then be able to send them an abandoned cart newsletter from MailPoet.

Note: User must be opted-in and a confirmed subscriber.

Infinite Scroll

Data Used: In order to record page views via Jetpack Stats (which must be enabled for page view tracking here to work) with additional loads, the following information is used: IP address, user ID (if logged in), username (if logged in), user agent, visiting URL, referring URL, timestamp of event, browser language, country code.

Activity Tracked: Page views will be tracked with each additional load (i.e. when you scroll down to the bottom of the page and a new set of posts loads automatically). If the site owner has enabled Google Analytics to work with this feature, a page view event will also be sent to the appropriate Google Analytics account with each additional load.

Jetpack Comments

Data Used: Commenter’s name, email address, and site URL (if provided via the comment form), timestamp, and IP address. Additionally, a IFrame receives the following data: blog ID attached to the site, ID of the post on which the comment is being submitted, commenter’s local user ID (if available), commenter’s local username (if available), commenter’s site URL (if available), MD5 hash of the commenter’s email address (if available), and the comment content. If Akismet (also owned by Automattic) is enabled on the site, the following information is sent to the service for the sole purpose of spam checking: commenter’s name, email address, site URL, IP address, and user agent.

Activity Tracked: The comment author’s name, email address, and site URL (if provided during the comment submission) are stored in cookies. Learn more about these cookies.

Data Synced (?): All data and metadata (see above) associated with comments. This includes the status of the comment and, if Akismet is enabled on the site, whether or not it was classified as spam by Akismet.


This feature is only accessible to users logged in to

Data Used: In order to process a post like action, the following information is used: IP address, user ID, username, site ID (on which the post was liked), post ID (of the post that was liked), user agent, timestamp of event, browser language, country code.

Activity Tracked: Post likes.

Mobile Theme

Data Used: A visitor’s preference on viewing the mobile version of a site.

Activity Tracked: A cookie (akm_mobile) is stored for 3.5 days to remember whether or not a visitor of the site wishes to view its mobile version. Learn more about this cookie.


While no online service is 100% secure, I work very hard to protect information about you against unauthorized access, use, alteration, or destruction, and take reasonable measures to do so. Should you contact me with a request to delete your personal data, I will do my best to delete all data not required by legislation, such as financial transaction information.

We collect information about visitors who comment on Sites that use our Akismet anti-spam service. The information we collect depends on how the User sets up Akismet for the Site, but typically includes the commenter’s IP address, user agent, referrer, and Site URL (along with other information directly provided by the commenter such as their name, username, email address, and the comment itself).

Brute Force Attack Protection

Data Used: In order to check login activity and potentially block fraudulent attempts, the following information is used: attempting user’s IP address, attempting user’s email address/username (i.e. according to the value they were attempting to use during the login process), and all IP-related HTTP headers attached to the attempting user.

Activity Tracked: Failed login attempts (these include IP address and user agent). We also set a cookie (jpp_math_pass) for 1 day to remember if/when a user has successfully completed a math captcha to prove that they’re a real human. Learn more about this cookie.

Data Synced (?): Failed login attempts, which contain the user’s IP address, attempted username or email address, and user agent information.

Your Rights

If you are located in certain parts of the world, including California and countries that fall under the scope of the European General Data Protection Regulation (aka the “GDPR”), you may have certain rights regarding your personal information, like the right to request access to or deletion of your data.

European General Data Protection Regulation (GDPR)

If you are located in a country that falls under the scope of the GDPR, data protection laws give you certain rights with respect to your personal data, subject to any exemptions provided by the law, including the rights to:

  • Request access to your personal data;
  • Request correction or deletion of your personal data;
  • Object to our use and processing of your personal data;
  • Request that we limit our use and processing of your personal data; and
  • Request portability of your personal data.

You also have the right to make a complaint to a government supervisory authority.

California Consumer Privacy Act (CCPA)

The California Consumer Privacy Act (“CCPA”) requires me to provide California residents with some additional information about the categories of personal information I collect and share, where I get that personal information, and how and why I use it.

The CCPA also requires me to provide a list of the “categories” of personal information I collect, as that term is defined in the law, so, here it is. In the last 12 months, I collected the following categories of personal information from California residents, depending on the Services used:

  • Identifiers (like your name, contact information, and device and online identifiers);
  • Commercial information (your billing information and purchase history, for example);
  • Characteristics protected by law (for example, you might provide your gender as part of a research survey for me);
  • Geolocation data (such as your location based on your IP address);
  • Audio, electronic, visual or similar information (such as your profile picture, if you uploaded one);

You can find more information about what I collect and sources of that information in the Information I Collect section above.

I collect personal information for the business and commercial purposes described in the How and Why I Use Information section. And I share this information with the categories of third parties described in the Sharing Information section.

If you are a California resident, you have additional rights under the CCPA, subject to any exemptions provided by the law, including the right to:

  • Request to know the categories of personal information I collect, the categories of business or commercial purpose for collecting and using it, the categories of sources from which the information came, the categories of third parties I share it with, and the specific pieces of information I collect about you;
  • Request deletion of personal information I collect or maintain;
  • Not receive discriminatory treatment for exercising your rights under the CCPA.

I don’t knowingly sell personal information of anyone. Learn how you can opt out by going to California: Do Not Sell My Personal Information.

Contacting Me About These Rights

If you would like to reach me to request deletion of your personal data, please use the form on the Contact Me page of this site.

When you contact me about one of your rights under this section, I’ll need to verify that you are the right person before I disclose or delete anything. For example, I will need you to contact me from the email address associated with your account.

How to Reach Me

If you have a question about this Privacy Policy, or you would like to contact me about any of the rights mentioned in the Your Rights section above, please contact me through my web form or via email at

Other Things You Should Know (Keep Reading!)

Transferring Information

Because Damian Whitley’s Services are offered worldwide, the information about you that I process when you use the Services in the EU may be used, stored, and/or accessed by individuals operating outside the European Economic Area (EEA), or third-party data processors. This is required for the purposes listed in the How and Why I Use Information section above.

When providing information about you to entities outside the EEA, I will take appropriate measures to ensure that the recipient protects your personal information adequately in accordance with this Privacy Policy as required by applicable law. These measures include entering into European Commission approved standard contractual arrangements with entities based in countries outside the EEA.

You can ask me for more information about the steps I take to protect your personal information when transferring it from the EU.

Ads and Analytics Services Provided by Others

Ads appearing on any of my Services may be delivered by advertising networks. Other parties may also provide analytics services via my Services. These ad networks and analytics providers may set tracking technologies (like cookies) to collect information about your use of my Services and across other websites and online services. These technologies allow these third parties to recognize your device to compile information about you or others who use your device. This information allows myself and other companies to, among other things, analyze and track usage, determine the popularity of certain content, and deliver ads that may be more targeted to your interests. Please note this Privacy Policy only covers the collection of information by Damian Whitley and does not cover the collection of information by any third-party advertisers or analytics providers.

Privacy Policy Changes

Although most changes are likely to be minor, Damian Whitley may change its Privacy Policy from time to time. Damian Whitley encourages visitors to frequently check this page for any changes to its Privacy Policy. If I make changes, I will notify you by revising the change log below, and, in some cases, I may provide additional notice (like adding a statement to my homepage or sending you a notification through email or your dashboard). Your further use of the Services after a change to my Privacy Policy will be subject to the updated policy


This Privacy Policy was originally written in English (US). I may translate it into other languages.

In the event of a conflict between a translated version of my Privacy Policy and the English version, the English version will control.

That’s it! Thanks for reading.

Art Print Lifestyle Image

Sign up to receive 10% off your first order!

We don’t spam! Read our privacy policy for more info.

error: Content is protected!