Last Update: November, 2021
Introduction and Definitions
Pixton Comics Inc. is committed to maintaining the security, confidentiality and privacy of your Personal Information.
“Add-on” means one or more of the Pixton mini-apps: the "Pixton" app available in the Canva Apps Directory at https://www.canva.com/apps; the "Pixton Comics Characters" add-in available in Microsoft AppSource directory at https://appsource.microsoft.com; and/or the "Pixton" add-on available through Google Slides at https://www.google.com/slides.
“Content” means any expression fixed in a tangible medium and includes, without limitation, ideas, text, graphics, avatars, designs, presets (including but not limited to: backgrounds, scene configurations, characters, outfits, body poses, facial expressions, color filters, overlays, effects), combinations of presets, drawings, logos, images, trademarks, copyrights, information, software, and any intellectual property therein, any of which may be created, submitted, or otherwise made accessible on or through the Add-on and/or Services.
“Services” means creation of avatars, characters and scenes with accompanying text for a comic strip accessed through the Add-on, as well as access to preset Content including but not limited to: backgrounds, scene configurations, characters, outfits, body poses, facial expressions, color filters, overlays and effects.
“User” means someone who uses the Add-on.
Acceptance of Terms and Revisions
Pixton is compliant with the requirements of Canadian and US privacy laws including the Personal Information Protection and Electronic Documents Act, and the Personal Information Protection Act within British Columbia. Pixton also intends for its data privacy and security practices to be consistent with the EU General Data Protection Regulation (“GDPR”).
Types of Information We Collect
There are two types of information we may collect through your access to and use of the Add-on and/or Services:
“Personal Information” means information about an identifiable individual (including any “Personal Information” as such term is defined in the applicable privacy statute). Personal Information may include, but is not limited to, a person’s first and last name, an email address, persistent identifiers such as IP address or device number, or any anonymous information combined with a persistent identifier or other Personal Information.
“Non-Personal Information” means information that does not identify you and cannot be used to identify you personally and may include your browser and operating system descriptor, gender, and non-precise geolocation information (e.g., your city). Non-Personal Information also includes “Usage Data” which is anonymous data associated with your computer that includes activities and time on the Add-on, when not linked to any persistent identifier or other Personal Information.
Collection of Information
We may collect information (including Personal Information) as follows:
Information you submit to us. If you choose to submit your information to us for any other reason in any other form, we will collect such information and use it for the purposes for which you submitted it.
Visiting the Add-on. We will not collect any Personal Information from you simply by virtue of your visiting the Add-on; we only collect Personal Information if you choose to submit it to us. We may, however, collect Non-Personal Information such as Usage Data, whenever you use the Add-on and/or Services. If prohibited in your jurisdiction, such Non-Personal Information is not combined with Personal Information.
Browser privacy preference. We will use reasonable efforts to comply with the privacy preference setting in any browser, but generally do not comply with any Do-Not-Track requests on browsers.
Email messages. We may collect Non-Personal Information through emails we send you which contain code that allows us to track whether the message was opened and/or links were clicked.
Cookies. In connection with the foregoing collection of information, we may also use “cookies” or similar technologies (small amounts of data that are stored on your computer's hard drive when you use or access the Add-on and/or Services that identify your computer and may store information about you such as behavioural data). Should you choose to submit Personal Information to us, we may link cookie information to such Personal Information. If you do not wish to accept cookies, you have the option of blocking or disabling cookies. However, please be aware that some of the Add-on and/or Services will not function properly if you do so.
Third party advertisers. No third-party advertising is permitted on the Add-on.
We strongly advise you not to submit Personal Information as part of UGC, comics or other content you create. However, if you do, the Personal Information will be stored in our database and treated the same as other Personal Information collected from you.
Use of Your Information
We may use your information (including Personal Information) for the following purposes:
to provide you with any services or functionality you have requested, including the Services;
to improve the Add-on and/or Services, and to inform the creation of future Services;
to send you information related to the Add-on and/or Services, including confirmations, Add-on news, technical notices, updates, security alerts, and support and administrative messages;
to respond to customer service inquiries;
to troubleshoot problems with the Add-on and/or Services;
to protect against unlawful activities or other misuse of the Add-on and/or and Services or for other security reasons;
to compile statistics;
to invite you to participate in Pixton surveys, contests or special events;
to allow you to share Content with other people.
SPECIFIC THIRD-PARTY SERVICES
The Add-on may make use of one or more of the following third-party services:
Google Analytics collects Non-Personal Information, which we use aggregated and anonymized to track the usage of the Add-on. No Personal Information is passed to Google Analytics.
Hubspot.com is a customer communication tool that allows us to process feedback from users. This service may collect limited Personal Information, such as name and email address.
Disclosure of Information
Protection of Your Information
Pixton has implemented reasonable physical and technical measures to protect the information we collect or are provided with from unauthorized access and against loss, misuse or alteration by third parties, including but not limited to:
- Containment of database(s) inside a Virtual Private Cloud (VPC), access to which is extremely restricted;
- Encryption of database data in transit and at rest;
- Use of SSL / HTTPS for all data transmission over the Internet;
- Multifactor authentication on administrator-level access;
- Code reviews and scans to monitor for security vulnerabilities;
- Firewalls, private keys, anti-virus protection, IP address whitelists, and encrypted local hard drives.
Further, while we attempt to ensure the integrity and security of our network and systems, we cannot guarantee that our security measures will prevent third-party “hackers” from illegally obtaining access to this information. We do not warrant or represent that your information will be protected against, loss, misuse, or alteration by third parties. No method of transmission over the Internet, or method of electronic storage, is 100% secure.
PIXTON STRIVES TO EXCEED COMMERCIALLY REASONABLE EFFORTS TO PROTECT YOUR PERSONAL INFORMATION, HOWEVER, TO THE MAXIMUM EXTENT PERMITTED BY LAW, WE EXPRESSLY DISCLAIM ANY GUARANTEE OF SECURITY IN CONNECTION WITH YOUR PERSONAL INFORMATION.
For further information on how we safeguard information we collect or are provided with, contact us via email at email@example.com.
Incident Response Plan
If we ever discover or receive reports of a security breach, we will take the following steps to address it:
- The staff member who detects or receives a report of a breach will forward all details to Pixton's privacy officer at firstname.lastname@example.org.
- The privacy officer will:
- Determine the severity of the potential impact. Is it real or perceived? Is it still in progress? What data is threatened and how critical is it? What is the impact on the business should the attack succeed – minimal, serious, or critical?
- If the breach is real, determine the system(s) being targeted, along with all relevant details such as the attacker's IP address.
- Determine how the incident can be contained, and contain it. This may involve changing passwords, encryption keys, or other system access information.
- Determine what data has been compromised, and who should be notified about the incident.
- Notify affected parties by email no more than seven calendar days after the discovering of the breach, including relevant details such as: the data that was compromised; the measures being taken to prevent any future such incidents.
- Document the incident, including date detected, date occurred, notifications issued, and response.
- Consider how the intrusion could have been prevented, and make changes to systems and/or policies accordingly.
Retention of Your Information
The data and information that we collect will be stored and maintained by Pixton or our third-party service providers unless you instruct us to delete it, or until the data is deleted by us. We will only retain data for as long as is reasonably necessary to fulfill the purpose for which the information was collected.
Currently, Pixton or our third-party service providers retain and store information collected by, or provided to, us in the cloud and on secure servers in Canada. You hereby consent to Pixton storing any Personal Information you provide to us on secure servers in Canada.
Access and Accuracy
Pixton will use commercially reasonable efforts to provide you access to your Personal Information (to the extent we are in possession of any) if you submit your request for access via email@example.com. Pixton may charge you a reasonable fee for doing so. Subject to applicable law, Pixton reserves the right to deny access to your Personal Information on any of the following grounds:
when denial of access is required by law;
when granting you access is reasonably likely to negatively impact other people's privacy;
when granting access is, in our judgement and acting reasonably, cost prohibitive; or
when we have reason to believe that such requests are frivolous or made in bad faith.
You are responsible for ensuring that all information created through your access to and use of the Add-on and/or Services is accurate, reliable and complete and you acknowledge and accept that the use of such information is at your own risk. We can only provide accurate Services if we are in possession of your current and accurate information, therefore, we ask that you keep any Personal Information that you provide to us current and accurate. You represent and warrant that all Personal Information you provide us is true and accurate and relates to you and not to any other person. If you believe that the Personal Information maintained by Pixton about you is inaccurate or incomplete, you may notify us by describing in detail any inaccuracies or omissions via email at firstname.lastname@example.org. Following receipt of a properly submitted notice, we will, within a reasonable time period and acting in our sole discretion, use commercially reasonable efforts to either: (a) amend or correct your Personal Information to reflect corrected or additional information provided by you, or (b) in connection with your Personal Information, make note of any claimed inaccuracies or omissions reported in the notice submitted by you.
Our Policy Regarding Children
Pixton recognizes the privacy interest of children and we encourage parents/guardians to take an active role in their children’s use of the Add-on and/or Services. Users under the age of majority in their local jurisdiction may NOT submit Personal Information to us via the Add-on and/or Services.
If Pixton discovers or if a Parent becomes aware that a User under the age of majority in their local jurisdiction has submitted Personal Information to us via the Add-on and/or Services on their own and without the proper consent required in their jurisdiction, please contact us at email@example.com. We will delete such information from our files within a reasonable time and within the timeframe required by applicable laws.
QUESTIONS OR COMMENTS
Pixton Comics Inc.
Attention: Privacy Officer