Privacy Policy

Last updated: 21/06/2026

This Privacy Policy explains how [YOUR BUSINESS/ARTIST NAME] (“I”, “me”, “my”) collects, uses, and protects personal information when you visit [YOUR WEBSITE URL] (the “Site”) or purchase artwork, prints, commissions, or other products or services from me.

By using this Site, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use the Site.

1. Who I Am

Eneyi Oruwari
London, UK.
eneyioruwari@eneyi.uk

For UK and EU data protection purposes, I am the data controller of the personal information described in this policy.

2. Information I Collect

Depending on how you use the Site, I may collect the following information:

Information you provide directly

  • Name, email address, and postal address (for contact, newsletter signup, or checkout)

  • Order details such as items purchased and commission details

  • Messages, reference images, or information you send in relation to commissions

Payment details are handled securely by third-party providers and are not stored by me (see Section 4).

Information collected automatically

  • IP address

  • Browser type and device information

  • Pages visited and time spent on the Site

This is collected through cookies and analytics tools (see Section 5).

Information from third parties

  • Payment confirmation from payment processors

  • Basic interaction data from embedded social media content (such as Instagram)

3. How I Use Your Information

Your information is used to:

  • Process and fulfil orders and commissions

  • Communicate with you about orders, enquiries, or commissions

  • Send newsletters or updates if you have opted in (you can unsubscribe at any time)

  • Improve the Site through analytics

  • Meet legal, tax, and accounting requirements

  • Prevent fraud and protect my business and customers

Legal bases under UK/EU GDPR:

  • Contract: to process orders and commissions

  • Consent: for marketing emails and non-essential cookies

  • Legitimate interest: for analytics and fraud prevention

  • Legal obligation: for tax and accounting records

4. Payments

Payments are processed securely. I do not store your full payment card details. These are handled directly by the payment processor in accordance with their own privacy and security policies.

5. Cookies and Third-Party Services

This site uses cookies and similar technologies, including:

  • Analytics tools (e.g. Google Analytics) to understand Site usage

  • Email marketing services (e.g. Mailchimp) for newsletters

  • Booking or commission management tools

  • Embedded social media content, such as Instagram

You can control or disable cookies through your browser settings. Some features of the Site may not work properly if cookies are disabled. Where required, a cookie consent banner is displayed when you first visit the site.

6. Sharing Your Information

I do not sell your personal data.

I may share your information with:

  • Service providers who support the running of the Site and business (such as payment processors, email services, hosting providers, and shipping companies)

  • Legal or regulatory authorities where required by law

  • A third party in the event of a business sale or transfer

All service providers are required to handle your data securely and only for the purposes agreed with me.

7. International Transfers

As I work with clients internationally, your data may be processed outside the UK or EEA. Where this occurs, appropriate safeguards are used, such as Standard Contractual Clauses or equivalent legal protections.

8. Data Retention

Personal data is kept only for as long as necessary:

  • Order and transaction records: typically 6 years (for tax purposes)

  • Marketing data: until you unsubscribe

  • Enquiry messages: up to 12 months unless they result in an order

9. Your Rights

If you are based in the UK or EU, you have the right to:

  • Access your personal data

  • Request correction of inaccurate data

  • Request the deletion of your data

  • Object to or restrict certain processing

  • Request data portability

  • Withdraw consent at any time (for example, unsubscribing from emails)

  • Lodge a complaint with the UK Information Commissioner’s Office (ICO) at ico.org.uk

If you are located outside the UK or EU, I will still aim to respond to reasonable requests regarding your data.

To exercise any of these rights, contact me at [YOUR EMAIL ADDRESS].

10. Data Security

Reasonable technical and organisational measures are used to protect your data from unauthorised access, loss, or misuse. However, no online system can be guaranteed to be completely secure.

11. Children’s Privacy

This site is not intended for children under 16, and I do not knowingly collect personal data from children.

12. Changes to This Policy

This Privacy Policy may be updated from time to time. The “Last updated” date at the top will reflect any changes. Continued use of the Site after updates means you accept the revised policy.

13. Contact

If you have any questions about this Privacy Policy or how your data is handled, you can contact us.