• Privacy policy

Melanated Vault™ Privacy Policy | Data Protection, Compliance & CHLOM Readiness

The official privacy and data protection policy for Melanated Vault™, operated by CrownThrive LLC in Gretna, Virginia. Defines how we collect, protect, and process data across auctions, live channels, analytics systems, and CHLOM integrations under full global compliance.

Melanated Vault™ Privacy Policy


Effective Date: October 29, 2025
Last Updated: October 29, 2025

1. Introduction

Welcome to Melanated Vault™, operated by CrownThrive LLC. This Privacy Policy explains how we collect, use, protect, and share personal data when you engage with Melanated Vault™—including auctions, marketplace activities, live streaming, user profiles, media uploads, and affiliate interactions.

Melanated Vault™ is a curated fine art and cultural auction platform designed to serve artists, collectors, photographers, and cultural institutions. We value your privacy and comply with major international data protection frameworks, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA) and its amendments (CPRA), the Virginia Consumer Data Protection Act (VCDPA), the Brazilian LGPD, Canada’s PIPEDA, and other global privacy standards.

2. Ownership and Governance

Melanated Vault™ is owned and operated by CrownThrive LLC, headquartered in Gretna, Virginia 24557, Pittsylvania County, United States. CrownThrive LLC serves as the Data Controller responsible for processing all personal data under this policy. We maintain centralized governance through CrownThrive’s Legal, Privacy, and Compliance divisions.

3. Contact Information

For privacy-related inquiries, data requests, or rights exercise, contact:

4. Scope of This Policy

This policy covers all users of Melanated Vault™, including:

  • Artists and creators listing or exhibiting works
  • Collectors and bidders participating in live or timed auctions
  • Artisans, photographers, and curators using our platform
  • Viewers and subscribers of Melanated Vault™ Live (Vault Live, Vault TV, MVN)
  • Partners, affiliates, ambassadors, and CrownThrive ecosystem participants

It applies to all digital touchpoints, including MelanatedVault.com, mobile interfaces, live broadcast channels, payment systems, communications, and analytics integrations via CrownLytics, CrownPulse, and ThrivePush.

5. Data Collection Overview

We collect information directly from users, through automated systems, and from verified third-party integrations. The following categories apply:

  • Identity Data: name, contact information, government-issued verification (for artists, sellers, and bidders), and associated account credentials.
  • Transaction Data: bidding history, purchases, listings, payouts, and invoices.
  • Financial Data: payment processor details (via Stripe or PayPal), tax documentation, and relevant financial history.
  • Behavioral Data: browsing activity, engagement metrics, and auction participation tracked by CrownLytics and CrownPulse.
  • Device Data: IP address, browser type, device identifiers, operating system, and cookies.
  • Media Data: uploaded images, video, or content for exhibition or authentication.
  • Communication Data: support tickets, chat logs (ThriveAI), and email interactions.
  • Affiliate & Ambassador Data: referral links, performance analytics, payout information, and compliance tracking through Crown Affiliates and Crown Ambassadors.

6. Purpose of Processing

Melanated Vault™ processes personal data for specific, lawful, and transparent purposes:

  • To create and manage user accounts and verify identity (Know Your Customer / KYC)
  • To list, authenticate, and promote artworks and cultural items
  • To conduct live and timed auctions and facilitate transactions between artists and collectors
  • To process payments and issue invoices, receipts, and payout statements
  • To ensure compliance with tax, anti-fraud, and anti-money laundering laws
  • To deliver platform insights and personalized experiences via CrownLytics and CrownPulse
  • To manage affiliate and ambassador programs and calculate commissions
  • To send relevant updates, newsletters, or event notifications via ThrivePush (opt-in required)
  • To provide customer support through ThriveAI and the Help Center
  • To maintain platform integrity, security, and service performance

7. CHLOM™ Integration & Data Integrity Readiness

Melanated Vault™ is engineered for future integration with the CHLOM™ Framework (Compliance Hybrid Licensing and Ownership Model)—the CrownThrive compliance and digital licensing architecture. Under CHLOM™ integration, select transaction and license data may be mirrored to CHLOM LEX and verified by the Decentralized Licensing Authority (DLA) for traceability and authenticity.

CHLOM-readiness ensures that all certificates of authenticity, licensing records, and provenance attestations can be tokenized in the future while maintaining user privacy. Personally identifiable information (PII) is never stored directly on the blockchain; only encrypted or pseudonymized metadata is recorded.

8. Legal Bases for Processing

Depending on your location and relationship with Melanated Vault™, we process personal data under the following legal bases:

  • Consent: for optional communications, marketing, and participation in promotions.
  • Contractual necessity: for user registration, auction participation, payments, and service fulfillment.
  • Legal obligation: to comply with financial, anti-fraud, export, and tax regulations.
  • Legitimate interest: to improve platform functionality, detect fraud, and maintain cultural integrity and safety.

9. Data Collection from Third Parties

We may receive data from trusted third-party partners for verification and service purposes:

  • Payment Processors: Stripe, PayPal, or bank partners providing transaction verification.
  • Authentication Partners: The Artful Mane Gallery and other CrownThrive institutions providing artwork verification.
  • Analytics Systems: CrownLytics (macro analytics), CrownPulse (sentiment tracking), and CrownLytics API integrations for cross-platform data alignment.
  • Marketing & Communications: ThrivePush for event notifications, Crown Affiliates and Crown Ambassadors for campaign analytics.
  • Media Distribution: Melanated TV for live stream engagement, Vault TV, and the Melanated Vault Network (MVN) for content delivery.

10. Data Retention

Melanated Vault™ retains personal data only for as long as necessary to fulfill its purposes or comply with legal obligations. Retention periods vary based on data type:

  • User Account Data: retained while your account is active or required by law (typically up to seven years after closure).
  • Financial & Transaction Records: retained for legal accounting and compliance (minimum of seven years).
  • Analytics & Behavior Data: retained for up to three years and anonymized thereafter.
  • Support Tickets & Communications: retained for up to two years for service quality assurance.

11. Internal Systems and Ecosystem Disclosures

Melanated Vault™ is part of the CrownThrive ecosystem, which uses a unified infrastructure for analytics, rewards, and communications:

  • CrownLytics: Aggregates anonymized activity data to measure engagement, sales, and performance trends.
  • CrownPulse: Tracks real-time audience sentiment and keyword trends to improve user experience and platform curation.
  • ThrivePush: Sends system notifications, alerts, and campaign messages (with opt-in consent).
  • Crown Affiliates & Ambassadors: Records referral data, link tracking, and commission activity; all data is limited to performance metrics and payout administration.
  • AdLuxe Network: May provide advertising delivery analytics, without storing personal identity details.

12. Children’s Privacy

Melanated Vault™ is not directed at children under the age of 16. We do not knowingly collect data from minors. If we learn that a child has provided personal information, we delete it promptly and notify guardians where legally required. Parental consent is mandatory for any youth participation in art programs or media features.

13. Security Practices

We use administrative, technical, and physical safeguards to protect data integrity and confidentiality, including:

  • Encryption of data in transit (TLS 1.3) and at rest (AES-256).
  • Two-factor authentication (2FA) for staff and sensitive user actions.
  • Access controls, audit logging, and regular vulnerability assessments.
  • Quarterly security reviews under CrownThrive Legal and IT Governance.

14. Automated Decision-Making and Profiling

Melanated Vault™ may use limited profiling for:

  • Detecting fraudulent or high-risk transactions
  • Recommending art categories or curated exhibitions based on past interests
  • Predictive analytics through CrownLytics for auction timing and engagement optimization

Users may object to profiling where applicable law provides such rights.

15. Policy Updates

This Privacy Policy is reviewed at least annually and may be updated to reflect platform or regulatory changes. All revisions will carry an updated “Last Updated” date and be posted publicly at MelanatedVault.com/privacy-policy. Material updates will be communicated through email or in-app notices.

16. Your Rights Under Global Privacy Laws

Depending on your country or region, you may have specific legal rights relating to your personal data. Melanated Vault™ ensures these rights are respected globally.

16.1 GDPR (European Union & United Kingdom)

If you are located in the European Economic Area (EEA) or the United Kingdom, you have the following rights under the General Data Protection Regulation (GDPR) and the UK Data Protection Act (DPA):

  • Right of Access: to request a copy of your personal data and understand how it is used.
  • Right to Rectification: to correct inaccuracies or incomplete data.
  • Right to Erasure: to request deletion of data when it is no longer needed or consent is withdrawn.
  • Right to Restrict Processing: to limit how your data is used in specific contexts.
  • Right to Data Portability: to receive a portable copy of your data in a machine-readable format.
  • Right to Object: to object to processing based on legitimate interests, profiling, or marketing.
  • Right to Lodge a Complaint: with a local data protection authority if you believe your rights have been violated.

16.2 CCPA / CPRA (California)

California residents have specific rights under the California Consumer Privacy Act (CCPA) and its amendment, the California Privacy Rights Act (CPRA):

  • Right to Know: what personal data we collect, disclose, or sell.
  • Right to Delete: to request deletion of your data unless it is required for transactions or compliance.
  • Right to Opt-Out: to opt out of the sale or sharing of personal information.
  • Right to Correct: to update inaccurate personal information.
  • Right to Non-Discrimination: for exercising any of these rights.

Melanated Vault™ does not sell personal data in exchange for money. However, limited information may be shared with analytics and affiliate systems to operate the platform. Users may opt out of all data sharing by contacting privacy@crownthrive.com.

16.3 VCDPA (Virginia)

As a Virginia-based company, CrownThrive LLC complies with the Virginia Consumer Data Protection Act (VCDPA). Virginia residents may:

  • Access, correct, delete, or port their personal data.
  • Opt out of targeted advertising or profiling.
  • Submit an appeal if a request is denied within the statutory time frame.

16.4 Other Jurisdictions

Melanated Vault™ also adheres to other major privacy frameworks:

  • Brazil (LGPD) – Data subject rights mirror GDPR standards.
  • Canada (PIPEDA) – Right to access and correct personal information, and withdraw consent at any time.
  • South Africa (POPIA) – Protection of Personal Information Act compliance for African-based creators.
  • Australia (Privacy Act 1988) – Adherence to APP principles regarding data security and cross-border transfers.

17. Exercising Your Rights

To exercise any data rights, email privacy@crownthrive.com with the subject “Data Rights Request.” Please include the following:

  • Your full name and registered account email
  • The specific rights you wish to exercise
  • Proof of identity (e.g., signed statement or ID verification)

We will respond within 30 days or as required by law. Appeals for denied requests can be submitted to legal@crownthrive.com.

18. Cookies and Tracking

Melanated Vault™ uses cookies, local storage, and similar tracking technologies for platform functionality and analytics through CrownLytics and CrownPulse.

  • Essential Cookies: required for authentication, auctions, and security.
  • Analytics Cookies: aggregate engagement data to improve user experience.
  • Marketing Cookies: manage affiliate referrals and campaign performance.

Users can adjust cookie preferences in their browser or select “Do Not Track” (DNT). We honor DNT signals where technically possible.

19. Cross-Border Data Transfers

Melanated Vault™ operates globally and may transfer data to or from servers in the United States, the European Union, Canada, or other jurisdictions. Transfers are secured using:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • UK International Data Transfer Addendums
  • Encryption-in-transit and at-rest (TLS 1.3 and AES-256)
  • Restricted access through least-privilege principles

Users in the EU and UK are informed that their data may be processed in countries where privacy laws differ but are safeguarded by these protective mechanisms.

20. Sharing and Disclosure

Melanated Vault™ may share limited personal data only with:

  • Payment processors: Stripe, PayPal (for payments and KYC).
  • Verification partners: The Artful Mane Gallery (for artwork authentication and provenance checks).
  • Analytics platforms: CrownLytics and CrownPulse (aggregated metrics and insights).
  • Communication tools: ThrivePush and internal email servers (for account updates and alerts).
  • Affiliate systems: Crown Affiliates and Ambassadors (for performance tracking and commission payouts).
  • Legal and regulatory bodies: when required by court order, law enforcement, or government agencies.

We never sell your personal data or disclose it for profit.

21. Do Not Sell or Share My Personal Information (California and Global)

We respect global “Do Not Sell or Share” requests. You can opt out by emailing privacy@crownthrive.com with the subject “Do Not Sell or Share.” Once processed, we will restrict any data flow to advertising, affiliate, or analytics systems that involve cross-context behavioral tracking.

22. Data Security Measures

  • Full encryption of stored and transmitted data (TLS 1.3, AES-256).
  • Firewalled servers and segmented databases with role-based access.
  • Regular vulnerability scans and quarterly penetration testing.
  • Incident response procedures reviewed under CrownThrive Legal and IT Governance.
  • Zero-trust policy enforcement for all internal systems, including CHLOM readiness environments.

23. Data Retention and Deletion Policy

Personal data is retained as long as necessary to fulfill obligations or comply with law:

  • Account data: deleted upon verified user request or after seven years of inactivity.
  • Transaction records: retained for at least seven years for legal and accounting obligations.
  • Analytics data: anonymized after 36 months.
  • Media uploads: deleted upon request, unless linked to an active listing or legal archive.

Deletion requests can be submitted via privacy@crownthrive.com.

24. CHLOM™ Data Transparency and Blockchain Interface

Melanated Vault™ operates under the CHLOM™ (Compliance Hybrid Licensing and Ownership Model) standard being implemented across CrownThrive’s ecosystem. Once activated:

  • License attestations and Certificates of Authenticity (COAs) may be represented as blockchain entries on CHLOM LEX.
  • No personal identifying information will ever appear on-chain; only pseudonymized data hashes and timestamps.
  • Users may receive blockchain transaction IDs for transparency and future verification.
  • All blockchain transactions will be governed by CHLOM’s Decentralized Licensing Authority (DLA) and comply with privacy-by-design principles.

25. Marketing, Communication, and Opt-Out

Melanated Vault™ may send communications related to account updates, promotions, or affiliate programs via ThrivePush or email. You may opt out by following the unsubscribe link in any message or emailing privacy@crownthrive.com.

Transactional messages (invoices, confirmations, compliance notices) are mandatory communications and cannot be opted out of while maintaining an active account.

26. Third-Party Links and Embedded Media

Our website may contain links to third-party sites (e.g., Melanated TV, Viloud players, or payment processors). These external sites are governed by their own privacy policies, and Melanated Vault™ is not responsible for their practices. We recommend reviewing their privacy policies before engaging.

27. Automated Systems and AI Interactions

Melanated Vault™ uses limited artificial intelligence for analytics and customer assistance via ThriveAI. Conversations with ThriveAI are logged for quality and compliance. No biometric or emotional profiling is performed. Users may request transcript deletion under applicable laws.

28. Complaints and Supervisory Authorities

Users who believe their privacy rights have been violated can file complaints directly with the CrownThrive Privacy Office or with an applicable supervisory authority:

  • EU: Contact your national Data Protection Authority.
  • UK: Information Commissioner’s Office (ICO) — ico.org.uk
  • US: Federal Trade Commission (FTC) — ftc.gov
  • Brazil: Autoridade Nacional de Proteção de Dados (ANPD).

We commit to resolving complaints within 30 business days.

29. Policy Updates and Version Control

This Privacy Policy is reviewed and updated annually, or sooner when laws or operations change. A historical record of revisions will be maintained for audit and transparency.

30. Contact Us

For questions about this Privacy Policy or how we handle your information, please contact:

Melanated Vault™ Privacy Office
CrownThrive LLC
Gretna, VA 24557, Pittsylvania County, United States
Email: privacy@crownthrive.com
Legal Inquiries: legal@crownthrive.com

31. Closing Statement

Melanated Vault™ stands committed to protecting user privacy, ensuring lawful data practices, and maintaining the cultural and technological integrity of the CrownThrive ecosystem. Our systems are designed to balance transparency, security, and compliance as we prepare for full CHLOM integration by 2030.

© 2025 CrownThrive LLC. All rights reserved. Melanated Vault™ is a registered entity within the CrownThrive ecosystem.