Privacy Policy

About Us

This is a privacy policy for Fabulous Frames & Art. Our homepage on the Web is located at https://www.fabframes.com/. The full text of our privacy policy is available on the Web at https://www.fabframes.com/privacy.html.

This is also a privacy policy for the Charley Harper Store, at https://www.charleyharper.com/, which is a site owned by Fabulous Frames & Art; this is also a privacy policy for the Charley Harper Art Studio, at https://www.charleyharperartstudio.com/, which is a site owned by Brett M. Harper and operated by Fabulous Frames & Art, and for Charley Harper Wholesale, at https://www.charleyharperwholesale.com/, a site for wholesale customers of the Charley Harper Art Studio.

Users may go to https://www.fabframes.com/optout.html for information on how to opt in or opt out of use of their information.

We invite you to contact us if you have questions about this policy. You may contact us by mail at the following address:

Fabulous Frames & Art
5612 Cheviot Rd.
Cincinnati, Ohio 45247-7006
United States

You may contact us by e-mail at admin@fabframes.com.

You may call us at +1 513-598-4599.

Dispute Resolution and Privacy Seals

We have the following privacy seals and/or dispute resolution mechanisms. If you think we have not followed our privacy policy in some way, they can help you resolve your concern.

General Dispute: You may generally dispute anything with us by phone, e-mail, or post, or in person.

Additional Information

This policy is valid for 999 weeks from the time that it is loaded by a client.

Data Collection

P3P policies declare the data they collect in groups (also referred to as statements). This policy contains 3 data groups. The data practices of each group will be explained separately.

We collect information in the following ways:

Information that you provide to us directly (Group Transaction Info)

We gather information that you provide to us when you:

purchase products from us
subscribe to our mailing list
fill in forms, conduct searches, or use any other features of our websites
make an inquiry, provide feedback, submit correspondence, or make a complaint over the phone, by e-mail, or by post
register for, and update an online account with us (including if you access through an open IP provider)
enter into a contract with us
submit a job application, CV, cover letter, or social-media profile to a job vacancy, or attend an interview, assessment, or meeting
follow, like, post to, or interact with, our social-media accounts, including Facebook, Twitter, and Instagram

The information you provide to us will include (depending on the circumstances):

Identity and contact data
title, names, addresses, e-mail addresses, and phone numbers: Account profile data
a password and user preferences: Financial data
payment details, which may include billing addresses, credit and debit card details, and bank account details: Any other information that you choose to share with us
for example, any information that you provide via correspondence or any information that you choose to provide in person at events or over the phone.

This data will be used by ourselves and our agents.

Information we collect through technology related to our products (Group Access log information)

We collect the following information:

Click-stream data
HTTP protocol elements

This data will be used by ourselves and our agents.

The following explanation is provided for why this data is collected:

Our Web server collects access logs containing this information.

We collect personal information for the following purposes:

Completion and support of the current activity.
Web site and system administration.
Research and development.

Information we collect through online technology (Group Cookies)

Technologies such as cookies, beacons, tags, local storage, and scripts are used by us and our affiliates, and other companies, such as third-party technology service providers and web analytics providers. These technologies make it easier for you to navigate our website and to help us manage the content on our website and are used to analyze trends, administer the sites, track users’ movements around the site (including which site you clicked from to arrive at our site), and gather demographic information about our user base.

We use cookies to allow our server to maintain information about the contents of your shopping cart and your current login session, and in order to process your purchase.

Cookies

Cookies are a technology that can be used to provide you with tailored information from a Web site. A cookie is an element of data that a Web site can send to your browser, which may then store it on your system. You can set your browser to notify you when you receive a cookie, giving you the chance to decide whether to accept it.

The cookies used on our website and the purposes for which these cookies are used are set out in the table below:

Cookies Used by Fabulous Frames & Art
Cookie	Purpose	Duration
Cookie	Purpose	Duration
FabFrames (Magento) `PHPSESSID`	associates your browser session with a session stored on the server, to keep you logged in if you are, or to allow your cart to persist even if not logged in	30 minutes
FabFrames (Magento) `guest-view`	allows guests to view and edit their orders	30 minutes
FabFrames (Magento) `persistent_shopping_cart`	a link to information about your cart and viewing history, if you have asked for this	30 minutes
FabFrames (Magento) `form_key`	helps protect against XSRF	1 day
Fabframes (Magento) `mage-cache-sessid`	whether to cache the session ID	until the browser is closed
Fabframes (Magento) `mage-cache-storage`	a JSON string with a few keys and values	until the browser is closed
Fabframes (Magento) `mage-cache-storage-section-invalidation`	a JSON string with a few keys and values	until the browser is closed
Fabframes (Magento) `mage-messages`	messages from within the Magento system	until the browser is closed
Fabframes (Magento) `mage-translation-file-version`	a JSON string with a few keys and values, in case the site is presented in a language other than the default (English)	until the browser is closed
Fabframes (Magento) `mage-translation-storage`	a JSON string with a few keys and values, specific to any internally translated version of the site	until the browser is closed
Fabframes (Magento) `private_content_version`	facilitates caching of content on the browser to make pages load faster	until the browser is closed
Fabframes (Magento) `product_data_storage`	a JSON string with a few keys and values	until the browser is closed
Fabframes (Magento) `recently_compared_product`	a JSON string with a few keys and values about the currently compared product, if any	until the browser is closed
Fabframes (Magento) `recently_compared_product_previous`	a JSON string with a few keys and values about the previously compared product, if any	until the browser is closed
Fabframes (Magento) `recently_viewed_product`	a JSON string with a few keys and values about the product being viewed, if any	until the browser is closed
Fabframes (Magento) `recently_viewed_product_previous`	a JSON string with a few keys and values about the previously viewed product, if any	until the browser is closed
Fabframes (Magento) `section_data_ids`	a JSON string with a few keys and values, related to the structure of the site	until the browser is closed
FabFrames (Magento) `stf`	information on products you have e-mailed to friends	30 minutes
FabFrames (Magento) `store`	indicates which storefront to load, in case multiple storefronts are hosted on one Magento instance	1 day
FabFrames (Magento) `user_allowed_save_cookie`	indicates whether a customer allowed to use cookies	1 day
Fabframes (Magento) `x-magento-vary`	facilitates caching of content on the browser to make pages load faster	until the browser is closed
FabFrames (custom) `resolution`	based on the screen width of your device, used in responsive Web design	1 year
FabFrames (custom) `notice_read`	set if the user indicates having read the notice about usage of tracking and analytics	many millennia
FabFrames (custom) `analytics`	whether to allow tracking and analytics, enabled only if the user explicitly consents	many millennia
Google Analytics `_ga`	used to track visitors to a website	2 years
Google Analytics `_gat`	used to limit the request rate to Google Analytics servers, with no data sent from this cookie	30 seconds
Google Analytics `_gat_second`	used to limit the request rate to Google Analytics servers, with no data sent from this cookie	30 seconds
Google Analytics `_gid`	used to trace the journey taken by a visitor within a website	1 day
Google Analytics `_gali`	Enhanced Link Attribution, to help distinguish between multiple links to the same URL on one page	30 seconds
Bing Analytics `_uetsid`	Universal Event Tracking ID, used to track visitors to a website	30 minutes
AdRoll `__ar_v4`	retargeting	about 5 years, 8 months, and 15 days
AddThis `__atuvc`	used to ensure that a visitor who shares a page and returns to it before its cached share count is updated sees the correct share count, but no data is sent back to AddThis	about 1 year and 1 month
AddThis `__atuvs`	social integration	30 minutes

If you do not wish for cookies to be installed on your device, you can change the settings on your browser or device to reject cookies; if you reject first-party cookies, the ones marked as FabFrames (Magento), you will not be able to shop on this site.

Information from Other Sources

In certain circumstances, we will receive information about you from other sources, including third parties. For example, we may receive personal information from any of the following, who may be based inside and/or outside the EU:

other website users
your agents or representatives who are acting on your instructions
commercial contact lists that we acquire from other organizations
organizations that we acquire or merge with
organizations with whom we provide co-branded events, websites, products, and services
fraud-detection agencies
your current and former employers, recruitment agencies, and referees
service providers including our website developers, IT support providers, cloud services providers, payment services providers, billing service providers, contractors, consultants, advertising agencies and platforms, digital performance monitoring and management providers, advertising analytics providers, marketing and sales service providers, user experience testing platforms, B2B contact databases, recruitment agencies, survey tool providers, customer relationship and customer support service providers, event ticket retailers, event management platform service providers, customer identity account management providers, HR service providers, couriers, instant messaging service providers
publicly available sources such as LinkedIn

We might also receive information about you from other third parties if you have indicated to such third parties that you would like to hear from us.

Using Persoonal Information

How We Use Information We Collect

We use your information for the following purposes:

to provide access to our website in a manner convenient and optimal and with personalized content relevant to you (on the basis of our legitimate interest to ensure our website is presented in an effective and optimal manner)
to register and maintain your website account (on the basis of performing our contract with you)
to process and fulfill your orders for products (on the basis of performing our contract with you)
to process and facilitate transactions and payments, and recover money owed to us (on the basis of performing our contract with you, and on the basis of our legitimate interest to recover debts due)
to monitor your account and use of services to ensure compliance with our end-user agreements and prevent and identify unlawful content use and violations (on the basis of our legitimate interests to operate a safe and lawful business, or where we have a legal obligation to do so)
to manage our relationship with you, which will include notifying you about changes to our terms of service or privacy policy (on the basis of performing our contract with you, to comply with our legal obligations, and our legitimate interest in keeping our records updated and study how our website and services are used)
to conduct business with you or your employer, including to contact you and manage and facilitate our business relationship with you and your employer (on the basis of performing our contract with you, and our legitimate interest in running our business)
to provide customer service and support, like dealing with inquiries or complaints about the website, which may include sharing your information with our website developer, IT support provider, and payment services provider as necessary (on the basis of performing our contract with you, our legitimate interest in providing the correct products and services to our website users, and to comply with our legal obligations)
to carry out marketing and let you know about our news, events, new website features, products, or services that we believe may interest you, including sharing your information with our marketing services providers (either on the basis of your consent where we have requested it, or our legitimate interests to provide you with marketing communications where we may lawfully do so)
to interact with users on social media platforms (on the basis of our legitimate interest in promoting our brand and communicating with interested individuals)
to conduct data analytics to improve our website, products/services, marketing, customer relationships and experiences (on the basis of our legitimate interests in defining types of customers for our website and services, to keep our website updated and relevant, to develop our business, to provide the right kinds of products and services to our customers, and to inform our business and marketing strategy)
to carry out marketing research and user testing to assess the levels of satisfaction of existing and proposed products and services (on the basis of our legitimate interest in carrying out research, providing the right kinds of products and services to our customers)
to protect, investigate, and deter against fraudulent, unauthorized, or illegal activity (on the basis of our legitimate interests to operate a safe and lawful business, or where we have a legal obligation to do so)
to enable us to comply with our policies and procedures and enforce our legal rights, and to protect the rights, property, or safety of our employees and share your information with our technical and legal advisors (on the basis of our legitimate interests to operate a safe and lawful business, or where we have a legal obligation to do so).

We will use your information for the purposes listed above either on the basis of:

your consent (where we request it);
performance of your contract with us and the provision of our services to you;
where we need to comply with a legal or regulatory obligation; or
our legitimate interests or those of a third party (see the next section for more information).

Legitimate Interests

As outlined above, in certain circumstances we may use your personal information to pursue legitimate interests of our own or those of third parties. Where we refer to our legitimate interests, we mean our legitimate business interests in conducting and managing our business and our relationship with you, including the legitimate interests we have specified in the previous section.

Where we use your information for our legitimate interests, we make sure that we take into account any potential impact that such use may have on you. Our legitimate interests don’t automatically override yours and we won’t use your information if we believe your interests should override ours unless we have other grounds to do so (such as your consent or a legal obligation). If you have any concerns about our processing please refer to details of Your Rights in a later section.

How We Share and Disclose Personal Information

We consider your personal information to be a vital part of our relationship with you and do not sell your personal information to third parties. There are, however, certain circumstances in which we may share your personal information with certain third parties, as follows:

Our service providers who are acting as processors and who assist us with our administrative or business functions, or in the provision of any of our products to you.
Regulators and governmental bodies like the IRS, HMRC, and other authorities and regulators acting as processors or joint controllers who require reporting of processing activities in certain circumstances.
Any prospective buyer of our business or assets, only in the event that we wish to sell any part of our business or assets.
Other third parties including legal, professional, or other advisors, regulatory authorities, courts, law enforcement agencies and government agencies) where necessary to enable us to enforce our legal rights, or to protect the rights, property, or safety of our employees or where such disclosure may be permitted or required by law.

How We Look After Your Personal Information and How Long We Keep It

Security

We use administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of personal data against loss, misuse and unauthorized access, disclosure, alteration, and destruction. We also operate a policy of privacy by design by looking for opportunities to minimize the amount of personal information we hold about you.

The safeguards we use include:

ensuring the physical security of our offices, warehouses, or other sites
ensuring the physical and digital security of our equipment and devices by using appropriate password protection and encryption
using standard security protocols and mechanisms (such as TLS encryption) to transmit sensitive data such as credit-card details
maintaining a data-protection policy for, and delivering data-protection training to, our employees
limiting access to your personal information to those who need to use it in the course of their work

If you have any questions about the security of your personal information, please contact us using the methods outlined in the Contact Us section above.

Retention

We will keep your information for as long as is necessary to provide you with the services that you have requested from us or for as long as we reasonably require to retain the information for our lawful business purposes, such as for the purposes of exercising our legal rights or where we are permitted to do. We operate a data retention policy and look to find ways to reduce the amount of information we hold about you and the length of time that we need to keep it.

Please contact us using the methods outlined in the Contact Us section above if you would like to obtain details of our retention periods for different aspects of your personal data.

Help Keep Your Information Safe

You can also play a part in keeping your information safe by:

choosing a strong account password, changing it regularly, and using different passwords for different online accounts
keeping your login and password details confidential
logging out of the website and closing the browser each time you have finished using it, especially when using a shared computer
informing us if know or suspect that your account has been compromised, or if someone has accessed your account without your permission
keeping your devices protected by using the latest version of your operating system and maintaining any necessary anti-virus software
being vigilant to any fraudulent e-mails that may appear to be from us. Any e-mails that we send will come from an e-mail address ending in one of these domains:
- @fabframes.com
- @charleyharper.com
- @charleyharper.net
- @charleyharperartstudio.com
- @charleyharperwholesale.com
- @fabulousframesandart.com
or will come from kencarl22 [nospam] gmail.com, mmcarl [nospam] gmail.com, or kaiti.fabframes [nospam] gmail.com

International Transfers of Your Information

Fabulous Frames & Art and the Charley Harper Art Studio are both based in the United States of America.

Special Note to Users Outside of the United States

We transact business throughout the world, even though our offices and servers are all located within the United States.

If you reside in the European Union, please be advised that your personal data will be processed outside of the European Economic Area (EEA). We will take all steps necessary to ensure that your information is adequately protected and processed in accordance with this Privacy Policy.

Your Rights: Access and Accuracy, Updating, Correcting, or Deleting Information

Your Rights—Summary

You have certain rights in respect of the information that we hold about you, including:

the right to be informed of the ways in which we use your information, as we seek to do in this Privacy Policy
the right to ask us not to process your personal data for marketing purposes
the right to request access to the information that we hold about you
the right to request that we correct or rectify any information that we hold about you which is out of date or incorrect
the right to withdraw your consent for our use of your information in reliance of your consent (refer to Using Personal Information above to see when we are relying on your consent), which you can do by contacting us using any of the details at the top of this Privacy Policy
the right to object to our using your information on the basis of our legitimate interests (refer to Using Personal Information above to see when we are relying on our legitimate interests or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground
the right to receive a copy of any information we hold about you (or request that we transfer this to another service provider) in a structured, commonly-used, machine readable format, in certain circumstances
in certain circumstances, the right to ask us to limit or cease processing or erase information we hold about you
the right to lodge a complaint about us with the relevant authority in your country of work or residence

How to Exercise Your Rights

You may exercise your rights above by contacting us using the methods outlined in the Contact Us section above and we will comply with your requests unless we have a lawful reason not to do so.

You may opt out of receiving newsletters or other communications by following the opt-out instructions included in each newsletter or communication or by contacting us using the methods outlined in the Contact Us section above.

You can opt out of our Google Analytics data collection and AdRoll re-targeting by using the tools available in the respective links.

Please note that even after you have chosen to withdraw your consent, we may continue to process your personal information when required or permitted by law, in particular in connection with exercising and defending our legal rights, or meeting our legal and regulatory obligations.

What We Need from You to Process Your Requests

We may need to request specific information from you to help us confirm your identity and to enable you to exercise the rights set out above. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

You will not have to pay a fee to exercise the rights set out above. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive. Alternatively, we may refuse to comply with your request in these circumstances. We will try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

Children’s Privacy

Our website is not intended for children. We do not knowingly collect or maintain the personal information of children under the age of 13, and in some jurisdictions under the age of 16. If you are under the age of 13, please do not access our website at any time or in any manner. If we learn that we have collected personal information of children under the age of 13 or 16 (as applicable), we will take appropriate steps to delete that data.

Sharing Data with Third Parties

You might provide personal information directly to third parties as a consequence of your interactions with our website and other services offered by us. For example, our website may contain content and links to other third-party websites, plug-ins, and applications that are operated by third parties that may also operate cookies. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We don’t control these third-party websites or cookies, we are not responsible for their privacy statements, and this Privacy Policy does not apply to them. Please check the terms and conditions and privacy policy of the relevant third-party website to find out how they collect and use your information. If you do not want us to share your personal information with these companies, contact us using one of the methods described in the Contact Us section above.

Please be responsible with personal information of others when using our website and the services available on it. We are not responsible for your misuse of personal information, or for the direct relationship between you and others that takes place outside of the website or our services.

Compact Policy Summary

The compact policy which corresponds to this policy is:

    CP="IDC DSP COR CURa ADMa DEVa TAIa OUR NOR IND PHY ONL UNI PUR COM NAV STA"

The following table explains the meaning of each field in the compact policy.

Field	Meaning
`CP=`	This is the compact policy header; it indicates that what follows is a P3P compact policy.
`IDC`	Access is available to contact information.
`DSP`	The policy contains at least one dispute-resolution mechanism.
`COR`	Violations of this policy will be corrected.
`CURa`	The data is used for completion of the current activity.
`ADMa`	The data is used for site administration.
`DEVa`	The data is used for research and development.
`TAIa`	The data is used for tailoring the site.
`OUR`	The data is given to ourselves and our agents.
`NOR`	The data is not kept beyond the current transaction.
`IND`	The data will be kept indefinitely.
`PHY`	Physical contact information is collected.
`ONL`	Online contact information is collected.
`UNI`	Unique identifiers are collected.
`PUR`	Purchase information is collected.
`COM`	Computer information is collected.
`NAV`	Navigation and clickstream data is collected.
`STA`	State-management data is collected

The compact policy is sent by the Web server along with the cookies it describes. For more information, see the P3P deployment guide at https://www.w3.org/TR/p3pdeployment.

Policy Evaluation

Microsoft Internet Explorer 6 will evaluate this policy’s compact policy whenever it is used with a cookie. The actions IE will take depend on what privacy level the user has selected in their browser (Low, Medium, Medium High, or High; the default is Medium. In addition, IE will examine whether the cookie’s policy is considered satisfactory or unsatisfactory, whether the cookie is a session cookie or a persistent cookie, and whether the cookie is used in a first-party or third-party context. This section will attempt to evaluate this policy’s compact policy against Microsoft’s stated behavior for IE6.

Note: this evaluation is currently experimental and should not be considered a substitute for testing with a real Web browser.

Satisfactory policy: this compact policy is considered satisfactory according to the rules defined by Internet Explorer 6. IE6 will accept cookies accompanied by this policy under the High, Medium High, Medium, Low, and Accept All Cookies settings.