Privacy Policy
SA LLC (doing business as “Sacred Arts,” “we,” “our,” or “us”)
Website: https://www.sacredarts.com
Last updated: 8 May 2025
1. Who We Are
SA LLC is a Maryland-registered company offering creative, educational, and consulting services online and in person under the trade name “Sacred Arts.” We act as the data controller for information collected through this website and related services.
2. Information We Collect
| Category | Examples | Source |
|---|---|---|
| Identifiers | Name, address, email, phone, IP, cookie IDs | Forms, cookies, bookings |
| Commercial info | Products/services purchased; appointment details | Square, Acuity |
| Internet / device data | Browser type, pages visited, referring site | Cookies, analytics |
| Payment data | Last four of card, amount, billing ZIP | Square (encrypted) |
| User-generated content | Messages, booking notes | Direct from you |
We do not intentionally collect sensitive personal information. If you believe you supplied such data in error, please let us know so we can delete it.
3. How & Why We Use Your Data
| Purpose | Legal Basis (GDPR) |
|---|---|
| Manage appointments (Acuity) | Contract |
| Process payments (Square) | Contract |
| Customer support communications | Legitimate interests |
| Site improvement & security | Legitimate interests |
| Advertising & analytics (Google Ads / cookies) | Consent (EEA/UK) / Legitimate interests |
| Newsletters & offers (opt-in) | Consent |
| Legal & tax compliance | Legal obligation |
4. Cookies, Analytics & Google Ads
We and selected partners use cookies, pixels, and similar technologies to remember preferences, analyse traffic, and deliver personalised advertising. Third-party vendors, including Google, use cookies to serve ads based on a user’s past visits to our site and other sites.
- Opt out of personalised Google ads at Ads Settings.
- Opt out of interest-based ads from many providers at aboutads.info.
- Block or delete cookies in your browser preferences.
Visitors from the EEA/UK/CH see a banner requesting consent for analytics and advertising cookies, in line with Google’s EU User Consent Policy.
5. Sharing & Disclosure
| Recipient | Purpose | Safeguards |
|---|---|---|
| Square, Inc. | Payment processing | PCI-DSS Lv 1 |
| Squarespace / Acuity | Appointment booking | Squarespace Privacy Policy |
| Google LLC | Ads & analytics | SCCs / Consent |
| Advisers & authorities | Legal, tax, compliance | Confidentiality / legal duty |
We do not sell or share personal information for monetary value. If that ever changes, we will add the “Do Not Sell or Share My Personal Information” link required by the CCPA.
6. Data Retention
| Data Type | Retention Period |
|---|---|
| Bookings & transaction records | 7 years (tax) |
| Marketing contact list | Until unsubscribe / deletion request |
| Analytics logs | 26 months |
| Server backups | 30-day rolling |
7. Security
- TLS 1.2+ encryption site-wide (
https://). - Square processes payments on PCI-DSS Level 1 servers; we never store full card numbers.
- Role-based access controls and annual security reviews.
8. Your Rights
| Region | Rights You Hold |
|---|---|
| Worldwide | Access, correct, delete, export, object to direct marketing |
| EEA / UK / CH (GDPR) | Restrict processing, withdraw consent, lodge a complaint |
| California (CCPA/CPRA) | Know, delete, opt out of “sale/share,” no discrimination |
To exercise any right, email shaneacuff@gmail.com or write to our address below. We confirm receipt within 10 days and respond within 30–45 days.
9. Children
We do not knowingly collect data from anyone under 13. If a child has provided personal information, please contact us so we can delete it.
10. International Transfers
Our primary servers are in the United States. When we transfer data from other regions, we rely on Standard Contractual Clauses, adequacy decisions, or your explicit consent, as required by law.
11. Changes
We may update this Policy from time to time. The “Last updated” date above reflects the latest revision. Material changes will be announced on this page or via email where appropriate.
12. Contact
Data controller: SA LLC (d/b/a Sacred Arts)
Mailing address: 216 N. Market Street, Frederick, MD 21701, USA
Email: shaneacuff@gmail.com