David Crandall

Privacy Policy

Updated May 24, 2018

In an effort to comply with the EU GDPR laws, I wanted to create a very user-friendly, human readable Privacy Policy, something I think will be short and sweet for you. What’s more, I wanted to tell you all about cookies, and how cookies are used on this website.


What even is a cookie?

Let’s start off with what a cookie is. A cookie is a text file your browser puts on your machine that contains data. Typically, this is used to customize your experience. For example, if you came to a website and asked the website to remember your login information, a cookie is dropped with minimal information about your account, to keep you logged in.

However, in order to do that, that kind of cookie needs information about you in some fashion, whether that’s your account ID for the website, or something that uniquely but anonymously identifies you.

How do I use cookies?

I don’t knowingly use cookies that identify you as an individual. Period. There is not one cookie dropped on your machine by my website that you can use to identify an individual. Even for logging in/out of this website.

Instead, a cookie is used to identify the things you do in your session. No information about you as an individual is stored as a cookie. I may store data about your session – like whether or not your session is in a logged in or logged out state, or to identify which products have been added to your cart, but nothing is ever used to identify you personally.

Why? So I can make sure you get the right experience on the website, and so the necessary functionality of the website can still take place. It would be a huge bummer if you added something to your cart, then visited your cart, and nothing was there.

Sometimes, this website or a third party tool on this website, like Google Analytics, may drop a cookie on your machine that assigns you an anonymous ID. We do this to track statistical data about how people interact with the website – like number of orders, revenue generated, number of pageviews, etc.

However, I never information with third parties that may identify anyone personally. All information captured about activity on this website is shared with third parties, but information about YOU is never shared.

Personally Identifiable Information (PII)

How I collect PII

The only PII that is collected by this website is the PII you, the user, willingly share with me. For example, when you buy something, you knowingly send me your address so I can ship it to you. You also send me your credit card information for payment processing.

What PII do I share with third parties?

I never secretly collect information about you as a human individual. Period. In the event that I discover a third party service is collecting information without my will or knowledge, I take the appropriate action by either removing the service altogether from this website, or by ensuring the data is erased, and making the necessary modifications to prevent it from happening again.

What information is shared with third parties?

We do send some event-based information to Google Analytics. For example, when a purchase is made, we’ll send information about the purchase to Google Analytics and Jetpack, like revenue generated, product(s) purchased, etc., but I will never anything about the purchaser.

The only information passed to a third party is credit  card information. Why? Because we use Square and Paypal for payment processing. The data is sent over an encrypted connection, and is never used for any reason than to either process a purchase, or process a refund. It’s not much  different than when you swipe your cart at a grocery store, and the data is sent securely over a line to a bank to process the payment.

This is so confusing, can you put it in simpler terms?

Think of it this way: you come to this website and you buy a canvas print for $30. While we capture and maintain data about you and your purchase – like your address, email, etc., so that we can fulfill your order – Google Analytics doesn’t know ANYTHING about you. All Google Analytics will see is that someone somewhere made a purchase for $30. It does not know who made the purchase, what their email address is, where it’s being shipped, any payment information, or any information that could be used to identify you as human individual.

Bottom line: your personal information is precious, and I do not knowingly share any of your personal information with anyone without your consent. In the event that someone does obtain your information without your consent, I am quick to act and ensure data is no longer sent to that third party.

Ok, so what third party software is on this site that drops cookies on my machine?

Before I proceed, I’d like to reiterate that I do NOT, under any circumstances, knowingly send PII to these third parties, nor do I use third parties who track user behavior on my website un-anonymously.

With that out of the way, here are the services that may use cookies on this website:

Google Analytics

I use this to track what pages on the site are most popular, how often people frequent the website or return to the website, and ecommerce data (purchases made, products purchased, and revenue). A transaction ID may be passed to Google Analytics, too. Your personal data is never shared with Google Analytics. You can read about the cookies it uses here: https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage


Jetpack is a tool I use to track redundant analytics, like pageview data. I also use it to enhance features on the website. If you use WordPress.com, Jetpack may allow you to use your account to leave comments on this website. You can view their cookie policy here, which will be also true here: https://jetpack.com/support/cookies/