Privacy Policy

At Pixel Fiddler, we take your privacy seriously. This Privacy Policy explains what information we gather when you use our digital asset management platform, how we handle that data, and the choices available to you regarding your personal information.

This policy applies to all users of Pixel Fiddler's services, whether accessed through our website.

1. What Information We Collect

1.1 Information You Give Us Directly

We collect data that you voluntarily provide when you:

• Sign up for an account or register for our services
• Upload, organize, or manage media files through our platform
• Reach out to our support team or communicate with us
• Sign up for newsletters or promotional materials

This information typically includes:

• Identity Details: Your full name, email address, company name, mailing address, and phone number
• Account Credentials: Username, password, and session tokens
• Payment Details: Billing information including credit card data (processed by our payment provider Stripe), billing address, and company tax identification numbers

1.2 Information Collected Automatically

When you interact with our platform, we automatically gather certain technical information:

• Connection Logs: Details about how you access our services, including your browser type, the times you visit, which pages you view, your IP address, and the referring page
• Device Data: Technical specifications of the device you're using, such as hardware model, operating system version, and unique device identifiers
• Service Usage Metrics: How you interact with our platform, including uploads performed, media organized, AI operations used, bandwidth consumed, errors encountered, and system performance data
• Cookies and Tracking Technologies: We and our service providers use cookies, web beacons, and similar tracking technologies to collect information about your browsing behavior and platform usage. Cookies help us improve our services, understand which features are popular, keep you securely logged in, and remember your preferences. Non-essential cookies are only activated after you provide consent via our cookie consent banner

1.3 Your Media Files

When you use Pixel Fiddler, we store and process the images, videos, and other digital media that you upload to your Projects. This processing happens solely to deliver the management, optimization, and delivery services you've requested. You retain full ownership of all media content you upload to the platform.

Some platform features — such as background removal, image generation, and AI editing — transmit your media to third-party AI service providers to perform the requested operation. These providers act as sub-processors under appropriate data processing agreements and are contractually prohibited from using your content for model training or any purpose beyond delivering the requested service. A full list of sub-processors is available at /legal/sub-processors.

1.4 Third-Party Information

We may supplement the information we collect with publicly available data or information from other sources, where legally permitted, to better understand your needs and improve our services.

2. How We Use Your Information

The data we collect serves the following purposes:

• Service Operations: To deliver, maintain, and enhance our media management platform, including storing and organizing your assets, processing AI operations, and ensuring reliable performance
• Account Management: To verify your identity, maintain your account security, and enable you to access all features of the platform
• Financial Transactions: To handle subscription payments, generate invoices, manage billing cycles, and respond to payment-related questions
• Customization: To adapt the platform to your specific needs based on your usage patterns, preferences, and configuration settings
• Security Protection: To safeguard our systems against threats, detect fraudulent activity, investigate security incidents, and enforce our Terms of Service
• Customer Care: To assist you with technical problems, answer your questions, provide support, and send critical service notifications such as security warnings, maintenance schedules, feature updates, and system alerts
• Service Improvement: To analyze how users interact with the platform, identify popular features, understand usage trends, and make data-driven improvements to the user experience
• Marketing (with permission): To send you newsletters, promotional offers, product announcements, and other content that may interest you, but only if you've opted in to receive such communications
• Legal Requirements: To meet our legal and regulatory obligations, respond to lawful requests, and enforce our agreements

We limit our use of personal data strictly to these stated purposes and what's necessary to operate the platform effectively.

3. When We Share Your Information

We disclose your personal information only in these specific situations:

• Service Vendors: We work with third-party companies that help us operate our platform, such as cloud hosting providers, payment processors (Stripe), analytics tools (PostHog), and customer support platforms. These vendors are contractually required to protect your data and may only use it for the specific services they provide to us
• AI Service Providers: When you use AI-powered features, your media is transmitted to third-party AI providers solely to perform the requested operation. These providers are bound by data processing agreements and are prohibited from using your content for any other purpose. See our Sub-Processor List for the full list of providers
• Corporate Transactions: In the event of a merger, acquisition, asset sale, or bankruptcy proceeding involving Pixel Fiddler, your personal data may be transferred to the acquiring entity. We'll notify you before your information is transferred and becomes subject to a new privacy policy
• Legal Obligations: We may disclose your information when required by law, court order, or government regulation, or when we believe in good faith that disclosure is necessary to:
  • Respond to valid legal processes or official requests
  • Protect the safety, rights, or property of Pixel Fiddler, our users, or the public
  • Prevent or investigate potential fraud, security breaches, or technical problems
  • Enforce our Terms of Service or other policies
• With Your Permission: We may share your information for other purposes when you explicitly consent or direct us to do so

We may also share aggregated or de-identified information that cannot reasonably identify you. This anonymous data may be used for research, analytics, or business purposes without restriction.

4. How We Protect Your Information

We've implemented multiple layers of security controls to protect your personal data from unauthorized access, theft, alteration, and destruction:

• Data Encryption: All data transmitted between your device and our servers is encrypted using TLS/SSL protocols. Data stored on our systems is encrypted using industry-standard encryption algorithms
• Access Management: We use role-based permissions to ensure that only authorized team members who require access to perform their duties can view personal information
• Multi-Factor Authentication: We support and strongly encourage enabling multi-factor authentication on all accounts for an additional layer of security
• Regular Security Reviews: Our security team conducts periodic audits and vulnerability assessments to identify and address potential weaknesses
• Incident Procedures: We maintain detailed procedures for detecting, responding to, and recovering from security incidents
• Continuous Monitoring: Our infrastructure is monitored 24/7 for unusual activity, potential threats, and security anomalies

Data Breach Notification: In the event of a personal data breach, we will notify the Polish supervisory authority (UODO) within 72 hours of becoming aware of the breach where it is likely to result in a risk to your rights and freedoms. Where a breach is likely to result in a high risk to your rights and freedoms, we will also notify affected users directly without undue delay, describing the nature of the breach and the steps taken to address it.

For more comprehensive information about our security measures, please contact our security team at support@pixel-fiddler.com.

While we employ extensive security measures, no system connected to the internet can guarantee absolute security. We cannot ensure or warrant the complete security of any information you transmit to us, but we remain committed to using commercially reasonable safeguards to protect your personal data.

5. How Long We Keep Your Information

We retain your personal information only as long as needed to fulfill the purposes outlined in this Privacy Policy, unless the law requires or permits a longer retention period:

• Account Details: Retained for the life of your account and for 3 years after account closure to handle post-termination disputes and legal claims
• Financial Records: Payment transactions, invoices, and billing documentation are retained for 5 years as required under the Polish Accounting Act (ustawa o rachunkowości) and Tax Ordinance Act
• Activity Logs: Usage logs and analytics data are retained for 12 months to support service improvements and security investigations
• Media Content: Your uploaded media files are deleted from active systems within 30 days following account closure. Backup copies may persist for up to a further 60 days (90 days total from account closure), after which all copies are permanently deleted
• Marketing Contacts: We maintain your contact information for marketing purposes until you unsubscribe or request removal

When personal information is no longer necessary, we either securely delete it or anonymize it so it can no longer identify you. You may request deletion of your personal information at any time by contacting support@pixel-fiddler.com.

6. Your Privacy Rights and Options

Depending on where you're located, you may have specific rights regarding your personal information:

6.1 Accessing Your Information

You can request a copy of the personal information we maintain about you. We'll provide this in a structured, commonly used, machine-readable format that allows you to transfer it to another service provider if desired.

6.2 Correcting Inaccuracies

If you believe we have incorrect or incomplete information about you, you can request corrections. Most account information can be updated directly through your dashboard settings.

6.3 Deleting Your Data

You can request deletion of your personal information, subject to certain legal exceptions (such as records we're required to keep for tax or legal purposes). Account deletion can be initiated through your dashboard or by contacting our support team.

6.4 Limiting or Objecting to Processing

You have the right to object to certain uses of your personal information, particularly for direct marketing. You may also request that we limit how we process your data in specific circumstances.

6.5 Revoking Consent

When our use of your information is based on your consent, you can withdraw that consent at any time. This won't affect the lawfulness of any processing we conducted before you withdrew consent.

6.6 Managing Cookies and Tracking

We present a cookie consent banner on your first visit to our platform. Non-essential cookies — including analytics and session recording — are only activated after you provide your consent through this banner. You can update your preferences or withdraw consent at any time through the cookie settings accessible in your account dashboard.

• Essential Cookies: Authentication cookies are required for the platform to function. These are always active and are not subject to the consent banner
• Analytics Cookies: PostHog analytics is only activated with your consent. Withdrawing consent will disable it immediately
• Browser Controls: Most browsers also allow you to block or delete cookies through their privacy or security settings. Note that blocking essential cookies will prevent you from logging in

For more information about managing cookies, visit www.allaboutcookies.org.

6.7 Unsubscribing from Marketing

You can stop receiving promotional emails from us by clicking the unsubscribe link in any marketing message or by updating your communication preferences in your account settings. Note that even if you opt out of marketing, we'll still send essential account notifications, security alerts, and service-related messages.

6.8 Filing a Complaint

If you're concerned about how we handle your personal information, you have the right to lodge a complaint with the data protection authority in your country.

As a Polish company, our lead supervisory authority is the Urząd Ochrony Danych Osobowych (UODO), ul. Stawki 2, 00-193 Warszawa, Poland — uodo.gov.pl. Users in other EU countries may also contact their local supervisory authority; a full list is available at the European Data Protection Board website.

6.9 Automated Decision-Making

You have the right not to have significant decisions about you made solely through automated systems, including profiling, when those decisions would have legal consequences or similarly substantial effects on you.

To exercise any of these rights, please contact us using the information provided at the end of this Privacy Policy. We'll respond to all legitimate requests within 30 days.

7. International Data Transfers

Pixel Fiddler operates primarily from Poland within the European Union. However, we may need to transfer your personal information to countries outside the European Economic Area (EEA) when working with certain service providers or partners.

When we transfer data internationally, we ensure appropriate safeguards are in place:

• We only transfer data to countries recognized by the European Commission as providing adequate data protection
• For transfers to other countries, we use Standard Contractual Clauses approved by the European Commission
• We require all third parties receiving your data to implement security and privacy measures at least as protective as those described in this policy

If you'd like more information about the safeguards we use for international data transfers, please contact support@pixel-fiddler.com.

8. Children's Privacy

Pixel Fiddler is not intended for use by individuals under 16 years of age, and we do not knowingly collect personal information from children under 16. If you're a parent or guardian and believe your child has shared personal information with us, please contact support@pixel-fiddler.com immediately. Upon discovering that we've inadvertently collected information from a child under 16, we'll promptly delete that information from our systems.

9. Links to Other Websites and Services

Our platform may contain links to websites, applications, or services operated by third parties. This Privacy Policy does not apply to those external sites. We have no control over and assume no responsibility for the privacy practices of third-party services. We encourage you to review the privacy policies of any external website or service before providing them with your personal information.

10. Analytics and Performance Monitoring

10.1 Analytics Services

We use PostHog to understand how users navigate our platform and to track specific product events (such as feature usage and key actions). Analytics are only activated with your consent. Specifically, we collect:

• Page views and navigation patterns
• Custom product events (e.g., uploading a file, using a feature)

Privacy Protections: We implement the following measures to protect your privacy:

• Consent-based: Analytics are only enabled after you give consent via our cookie banner
• Data Minimization: We collect only the minimum data necessary to improve our Services
• Anonymization: Where possible, we anonymize or pseudonymize analytics data to prevent identification of individual users
• Limited Retention: Analytics data is retained only for as long as necessary for the purposes described
• No Sale of Data: We never sell analytics data to third parties

You can withdraw analytics consent at any time through the cookie settings in your dashboard, or by contacting us at support@pixel-fiddler.com.

10.2 Cookies and Tracking Technologies

We use cookies, web beacons, and similar tracking technologies for various purposes, including:

• Essential cookies: Required for the Services to function properly (e.g., authentication, security). Always active
• Performance cookies: Help us understand how the Services are used and identify technical issues. Consent-gated
• Functional cookies: Remember your preferences and settings. Consent-gated
• Analytics cookies: Collect information about usage patterns to improve our Services. Consent-gated

You can manage your cookie preferences at any time through our consent banner or the cookie settings in your account. For more information about cookies and how to manage them, visit www.allaboutcookies.org.

11. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our data practices, new technologies, legal requirements, or other business needs. When we make material changes, we will:

• Update the "Last Updated" date at the top of this page
• Notify you via email or through a prominent notice on our website or dashboard at least 30 days before the changes take effect
• Request your consent when required by applicable privacy laws

We encourage you to periodically review this Privacy Policy to stay informed about how we're protecting your information and your privacy rights. Continued use of Pixel Fiddler after changes become effective indicates your acceptance of the updated Privacy Policy.

12. Legal Basis for Processing (EEA Users)

If you're located in the European Economic Area, United Kingdom, or Switzerland, we process your personal information based on the following legal grounds:

You can withdraw your consent at any time when we're relying on consent as the legal basis for processing. You also have the right to object to processing based on legitimate interests. To exercise these rights, please contact us using the information below.

13. Contact Us

If you have questions about this Privacy Policy, want to exercise your privacy rights, or have concerns about how we handle your personal information, please reach out via email support@pixel-fiddler.com

Data Controller:
Damian Borys
Szyszki 28, 16-100 Sokółka
Poland
NIP: 545-182-08-77

Data Protection Officer: Based on the nature and scale of our processing activities, Pixel Fiddler is not required to appoint a Data Protection Officer under Article 37 GDPR. For all privacy-related enquiries, please contact support@pixel-fiddler.com.