Privacy Policy – Solo version
Last Update: May, 2024
Introduction and Definitions
Pixton Comics Inc. is committed to maintaining the security, confidentiality and privacy of your Personal Information (which includes the Personal Information of Children).
This privacy policy (the “Privacy Policy”) constitutes an agreement between you, or if you are under the age of majority in your local jurisdiction, you, with the consent of your parent or legal guardian, (“user”, “you” or “your”) and Pixton Comics Inc. and its affiliates and subsidiaries (collectively, “Pixton”, “us”, “our” or “we”). Pixton is dedicated to protecting the privacy rights of our users. This Privacy Policy describes how Pixton collects, protects, uses, retains, discloses, purges and destroys information and data created in the course of your access to and use of the Site, Content and/or Services (each as defined below). Please note that this Privacy Policy applies only to information collected through the Site and/or Services.
We have designated a Privacy Officer who is responsible for this Privacy Policy. The Privacy Officer's contact information is as follows: Name: Clive Goodinson Address: c/o Pixton Comics Inc., PO Box 123, Qualicum Beach, BC, Canada V9K 1S7 Phone: 1 (888) 774-9866 Email: privacy@pixton.com
For the purposes of this Privacy Policy:
“Account” means an account created on the Site.
“Child or Children” means any child or children under the age of 13 years old.
“Parent” means a parent or guardian of a Child or Children.
“Content” means any expression fixed in a tangible medium and includes, without limitation, ideas, text, graphics, avatars, designs, presets (including but not limited to: backgrounds, scene configurations, characters, outfits, body poses, facial expressions, color filters, overlays, effects), combinations of presets, drawings, logos, images, trademarks, copyrights, information, software, and any intellectual property therein, any of which may be created, submitted, or otherwise made accessible on or through the Site and/or Services.
“Pixton Content” means all Content that is not User Generated Content.
“Services” means creation of avatars, characters and scenes with accompanying text for a comic strip accessed through the Site, as well as access to preset Content including but not limited to: backgrounds, scene configurations, characters, outfits, body poses, facial expressions, color filters, overlays and effects.
“Site” means www.pixton.com, app.pixton.com, and other affiliated subdomains of pixton.com.
“User” means someone who signs up for an Account on the Site.
“User Generated Content” or “UGC” means any material whatsoever, including comics, that a user, including you, submits, creates, transfers or otherwise makes available by access to the Site or through the Services, including but not limited to ideas, information, images, data, text, graphics, designs, drawings posted in any area within the Site or through the Services.
Compliance with Privacy Laws
Pixton's data privacy and security practices are consistent with the requirements of Canadian, US, and other privacy laws including:
Canada
- Canada: the Personal Information Protection and Electronic Documents Act (“PIPEDA”)
- Alberta: the Freedom of Information and Protection of Privacy Act (“FOIP”)
- British Columbia: the Personal Information Protection Act (“PIPA”)
- Manitoba: the Freedom of Information and Protection of Privacy Act (“FIPPA”)
- Newfoundland: the Access to Information and Protection of Privacy Act
- New Brunswick: the Right to Information and Protection of Privacy Act
- Northwest Territories: the NWT Access to Information and Protection of Privacy Act
- Nova Scotia: the Freedom of Information and Protection of Privacy Act (“FOIPOP”)
- Nunavut: the Nunavut Access to Information and Protection of Privacy Act
- Ontario: the Municipal Freedom of Information and Protection of Privacy Act (“MFIPPA”)
- Prince Edward Island: the Freedom of Information and Protection of Privacy Act
- Québec: Law 25 / Bill 64
- Yukon: the Access to Information and Protection of Privacy (“ATIPP”)
- Saskatchewan: the Freedom of Information and Protection of Privacy Act (“FOIP”)
The United States
- United States: the Children’s Online Privacy Protection Act (“COPPA”); the Family Educational Rights and Privacy Act (“FERPA”)
- California: the California Consumer Privacy Act (“CCPA”); the Student Online Personal Information Protection Act (“SOPIPA”)
- Colorado: the Colorado Privacy Act (“CPA”)
- Connecticut: the Connecticut Data Privacy Act (“CTDPA”)
- Delaware: the Delaware Personal Data Privacy Act
- Georgia: the Georgia Consumer Privacy Protection Act
- Hawaii: the Hawaii Consumer Data Protection Act
- Illinois: the Student Online Personal Protection Act (“SOPPA”)
- Indiana: the Indiana Consumer Data Protection Act
- Iowa: the Iowa Consumer Data Protection Act
- Kentucky: the Kentucky Consumer Data Act
- Louisiana: the Louisiana Consumer Privacy Act
- Maine: the Maine Consumer Privacy Act; Data Privacy and Protection Act
- Maryland: the Maryland Online Data Privacy Act
- Massachusetts: the Massachusetts Data Privacy Act
- Michigan: the Michigan Personal Data Privacy Act
- Minnesota: the Minnesota Consumer Data Privacy Act
- Montana: the Montana Consumer Data Privacy Act
- Nebraska: the Nebraska Data Privacy Act
- New Hampshire: the New Hampshire Privacy Act
- New Jersey: the New Jersey Privacy Act
- New York: Education Law Section 2-D (“Ed 2d”)
- North Carolina: the North Carolina Consumer Privacy Act
- Ohio: the Ohio Personal Privacy Act
- Oregon: the Oregon Consumer Privacy Act
- Pennsylvania: the Pennsylvania Consumer Data Privacy Act
- Rhode Island: the Rhode Island Data Transparency and Privacy Protection Act
- Tennessee: the Tennessee Information Protection Act
- Texas: the Texas Data Privacy and Security Act
- Utah: the Utah Consumer Privacy Act (“UCPA”)
- Vermont: the Vermont Data Privacy Act
- Virginia: the Virginia Consumer Data Protection Act (“VCDPA”)
- West Virginia: the Consumer Data Protection Act
- Washington: the Student User Privacy in Education Rights (“SUPER”) Act
- Wisconsin: the Wisconsin Data Privacy Act
International
- European Union: GDPR
- United Kingdom: UK GDPR
- Australia: the Privacy Act 1988 and Privacy Principles of Australia (“APP”)
- New Zealand: the Privacy Act 2020 and Privacy Principles of New Zealand
Don't hesitate to contact privacy@pixton.com if you are unsure whether Pixton is consistent with your local privacy laws – chances are, we are!
Pixton Comics participates in the iKeepSafe Safe Harbor program. If you reside in the United States and have any questions or need to file a complaint related to our privacy policy and practices, please do not hesitate to contact the iKeepSafe Safe Harbor program at COPPAprivacy@ikeepsafe.org.
Acceptance of Terms and Revisions
Pixton intends to be compliant with the requirements of Canadian and US privacy laws including the Personal Information Protection and Electronic Documents Act, the Personal Information Protection Act within British Columbia, the California Consumer Privacy Act (“CCPA”) within California, and the Children’s Online Privacy Protection Act (“COPPA”). As such, if you are a Child under the age of 13 years old, you may not use Pixton EDU (Solo version). When you attempt to sign up, you will be directed to ask your parent to sign up instead. Parents can sign up https://edu.pixton.com/parents/.
By accessing the Site, submitting information to us (regardless of whether you register an Account with us) or downloading, installing or using any of the Content or Services you accept the terms of this Privacy Policy. If you do not accept the terms of this Privacy Policy you must not submit information to or register an Account with us, access the Site or download, install or use any of the Content or Services.
We reserve the right to revise this Privacy Policy at any time. We will give you notice of such revisions by posting the revised Privacy Policy at https://www.pixton.com/privacy-policy/solo and by posting a popup notification when you next log in, containing a link to the latest Privacy Policy as well as an "I Agree" button that you must click in order to accept those revisions and continue using the Site and/or Services. If we make a material change to this Privacy Policy which affects the types of personal information that we collect from you we shall notify you by email of such changes to this Privacy Policy, no fewer than 30 days before said changes are put into effect. If additional verifiable consent is required by law when changing the Privacy Policy, Pixton requires a Child’s Parent to provide consent to such amendments and provide consent on behalf of any Child prior to the collection, use or disclosure of any personal information not previously consented to.
Types of Information We Collect
There are two types of information we may collect through your access to and use of the Site and/or Services:
-
“Personal Information” means information about an identifiable individual (including any “Personal Information” as such term is defined in the applicable privacy statute). Personal Information may include, but is not limited to, a person’s first and last name, date of birth, email address, payment card information, persistent identifiers such as IP address or device number, a photograph, or any anonymous information combined with a persistent identifier or other Personal Information.
-
“Non-Personal Information” means information that does not identify you and cannot be used to identify you personally and may include your browser and operating system descriptor, age, gender, and non-precise geolocation information (e.g., your city). Non-Personal Information also includes “Usage Data” which is anonymous data associated with your computer that includes activities and time on the Site, when not linked to any persistent identifier or other Personal Information.
Application of this Privacy Policy
This Privacy Policy only applies to the information that Pixton collects and uses, or is supplied, through the access to and use of the Site and/or Services. Any information disclosed to any third party is dealt with in accordance with the privacy policies adopted by each of those third parties. We do, however, only use third party services whose policies are consistent with our own. We encourage you to review the privacy policies maintained by each of those third parties to understand how their information will be used by those entities to process requests. For example, we partner with third party service providers and vendors to provide access to existing payment gateways and your credit card, banking and other billing information is kept with our payment processor, Stripe, and you can read about its privacy policy at the following link: https://www.stripe.com/privacy-center/legal. If COPPA applies in your jurisdiction, a Parent has the choice to consent to the disclosure of their Child’s personal information to third parties unless such disclosure is integral to the Services.
Collection of Information
We may collect information (including Personal Information) as follows:
-
Information you provide to us upon registration. If you choose to register, complete a sign-up form or group register form, open an Account or become a member with us, request support, or in any other way take steps that require the submission of information, we may collect Personal Information such as your email address, your full name and the name of your company.
-
Purchases. If you choose to subscribe to the Site and/or Services, our payment processor, Stripe, will collect your credit card information. We do not collect or store your credit card information.
-
Information you submit to us. If you choose to submit your information to us for any other reason in any other form, we will collect such information and use it for the purposes for which you submitted it. If COPPA applies, you will need to submit verifiable consent of your Parent prior to submitting personal information if not previously consented to.
-
Visiting our Site. We will not collect any Personal Information from you simply by virtue of your visiting the Site; we only collect Personal Information if you choose to submit it to us. We do, however, collect Non-Personal Information such as Usage Data, whenever you use the Site and/or Services. If prohibited in your jurisdiction, such Non-Personal Information is not combined with Personal Information.
-
Where permitted by law. We may also collect information, including Personal Information as otherwise permitted by law.
-
Browser privacy preference. We will use reasonable efforts to comply with the privacy preference setting in any browser, but generally do not comply with any Do-Not-Track requests on browsers.
-
Email messages. We may collect Non-Personal Information through emails we send you which contain code that allows us to track whether the message was opened and/or links were clicked.
-
Cookies. In connection with the foregoing collection of information, we may also use “cookies” or similar technologies (small amounts of data that are stored on your computer's hard drive when you use or access the Site and/or Services that identify your computer and may store information about you such as behavioural data). Should you choose to submit Personal Information to us, we may link cookie information to such Personal Information. If you do not wish to accept cookies, you have the option of blocking or disabling cookies. However, please be aware that some of the Site and/or Services will not function properly if you do so and you may lose access to Services you purchased. In light of the above, if you are a Child and happen to be in a jurisdiction in which COPPA applies, we will not collect any Personal Information with cookies and will not link any cookie information with Personal Information without verifiable parental consent.
-
Third party advertisers. No third-party advertising is permitted on the Site.
-
User-generated content. You can enter comic titles, speech / thought bubble text, and captions with no restrictions other than length. You can create an avatar, which may or may not be an accurate representation of you in real life. If you have an all-access subscription, you can upload images into the backgrounds of your comic panels.
We strongly advise you not to submit Personal Information as part of UGC, comics or other content you create. However, if you do, the Personal Information will be stored in our database and treated the same as other Personal Information collected from you.
Public Disclosure of User Generated Content and Other Internet Activity
By default, all UGC is visible only to you, and is not shared publicly.
You may choose to disclose information about yourself in the course of creating User Generated Content to us or through your use of the Site and/or Services. You may generate a “Share Link” on the Site for any of your comics. Comics viewable via a Share Link never include your name. However, the comic title and any text in the comic are displayed unchanged. You have the ability to edit a comic and remove any Personal Information from it, before sharing it publicly.
We are not responsible for the Personal Information you choose to make public through a Share Link, or through printing or downloading copies of UGC outside of the Site. Please see our Terms of Use at https://www.pixton.com/terms-of-use/solo for other guidelines about sharing content on the Site.
Use of Your Information
We may use your information (including Personal Information) for the following purposes:
-
to provide you with any services or functionality you have requested, including the Services;
-
to improve the Site and/or Services, and to inform the creation of future Services;
-
to send you information related to the Site and/or Services, including confirmations, Site news, technical notices, updates, security alerts, and support and administrative messages;
-
to process transactions for the Services;
-
to manage your Account with Pixton;
-
to respond to customer service inquiries;
-
to troubleshoot problems with the Site and/or Services;
-
to enforce our Terms of Use (available at https://www.pixton.com/terms-of-use/solo);
-
to protect against unlawful activities or other misuse of the Site and/or and Services or for other security reasons;
-
to compile statistics;
-
to invite you to participate in Pixton surveys, contests or special events;
-
to allow you to share your User Generated Content with your colleagues, friends or family;
-
to authenticate your identity; and
-
to integrate third-party authentication, including Google single sign on.
By providing Personal Information through the access to, or use of, the Site and any of the Services, you acknowledge, consent and agree that we may use the Personal Information for the purposes set out in this Privacy Policy and by accessing, using, or installing any of the Site and/or Services or submitting information to us you also agree that we may use the Non-Personal Information for the purposes set out in this Privacy Policy.
SPECIFIC THIRD-PARTY SERVICES
The Site makes use of the following third-party services:
-
Hubspot.com is a customer communication tool that allows us to send email and in-application messages to users. We use it to segment users for more specific messaging; to organize messages; and to communicate product updates such as feature releases. This service collects limited Personal Information, such as name and email address.
-
Stripe.com is a payment processor, which we use to collect credit card payments from users. This service collects limited Personal Information, such as name and credit card information.
-
Google, Microsoft, or Clever facilitate single sign-on to the Site. We use them to authenticate users and to retrieve the name and/or email address of the user, for the purposes of provisioning and then enabling access to a Pixton account. These services collect and pass to Pixton limited Personal Information (name and email address).
-
Amazon Web Services is a set of cloud-based web hosting services. We use it to host the Site, including the database where user data are stored. This service does not collect Personal Information, although it may store (in an encrypted format) such data as collected and stored by Pixton.
Disclosure of Information
We will not transfer your Personal Information to third parties beyond the specific third-party services listed above. Notwithstanding the foregoing, we reserve the right to disclose information, including Personal Information, if we reasonably believe that we are required to do so by law or legal process or if we are otherwise requested by any law enforcement officer or agency acting under colour of law. In addition, we reserve the right to disclose Personal Information and Non-Personal Information in order to (a) enforce the Terms of Use (available at https://www.pixton.com/terms-of-use/solo); (b) investigate and/or take action against unlawful activity, suspected abuse or unauthorised use of the Site and Services; (c) protect and defend the rights or property of Pixton; or (d) act in urgent circumstances to protect the safety or security of the public or users of the Site and Services. We may also disclose your information (including Personal Information) in connection with a corporate re-organization, a merger or amalgamation with another entity, or a sale of all or a substantial portion of our assets provided that the information disclosed continues to be used for the purposes permitted by this Privacy Policy by the entity acquiring the information. In the event of a merger, amalgamation, or sale, we will provide you notice by email no fewer than 30 days in advance of said event. We will take all steps necessary to inform all users of all data collection conducted by legal authorities through all legal channels.
Protection of Your Information
Pixton has implemented reasonable physical and technical measures to protect the information we collect or are provided with from unauthorized access and against loss, misuse or alteration by third parties, including but not limited to:
- Containment of database(s) inside a Virtual Private Cloud (VPC), access to which is extremely restricted;
- Encryption of database data in transit and at rest;
- Use of SSL / HTTPS for all data transmission over the Internet;
- Multifactor authentication on administrator-level access;
- Code reviews and scans to monitor for security vulnerabilities;
- Firewalls, private keys, anti-virus protection, IP address whitelists, and encrypted local hard drives.
Further, while we attempt to ensure the integrity and security of our network and systems, we cannot guarantee that our security measures will prevent third-party “hackers” from illegally obtaining access to this information. We do not warrant or represent that your information will be protected against, loss, misuse, or alteration by third parties. No method of transmission over the Internet, or method of electronic storage, is 100% secure.
PIXTON STRIVES TO EXCEED COMMERCIALLY REASONABLE EFFORTS TO PROTECT YOUR PERSONAL INFORMATION, HOWEVER, TO THE MAXIMUM EXTENT PERMITTED BY LAW, WE EXPRESSLY DISCLAIM ANY GUARANTEE OF SECURITY IN CONNECTION WITH YOUR PERSONAL INFORMATION.
For further information on how we safeguard information we collect or are provided with, contact us via email at privacy@pixton.com.
Incident Response Plan
If we ever discover or receive reports of a security breach, we will take the following steps to address it:
- The staff member who detects or receives a report of a breach will forward all details to Pixton's privacy officer at privacy@pixton.com.
- The privacy officer will:
- Determine the severity of the potential impact. Is it real or perceived? Is it still in progress? What data is threatened and how critical is it? What is the impact on the business should the attack succeed – minimal, serious, or critical?
- If the breach is real, determine the system(s) being targeted, along with all relevant details such as the attacker's IP address.
- Determine how the incident can be contained, and contain it. This may involve changing passwords, encryption keys, or other system access information.
- Determine what data has been compromised, and who should be notified about the incident.
- Notify affected parties by email no more than seven calendar days after the discovering of the breach, including relevant details such as: the data that was compromised; the measures being taken to prevent any future such incidents.
- Document the incident, including date detected, date occurred, notifications issued, and response.
- Consider how the intrusion could have been prevented, and make changes to systems and/or policies accordingly.
Retention of Your Information
The data and information that we collect will be stored and maintained by Pixton or our third-party service providers until you delete it or instruct us to delete it, or until your Account is terminated by us. We will retain data and information we collect for a period of 60 days after your Account is terminated, at which time it will be permanently deleted. We intend to only retain data, including Dependent data, for as long as is reasonably necessary to fulfill the purpose for which the information was collected.
To request deletion of your account, please email our Privacy Office at privacy@pixton.com with specific details, such as the email address on your account and the date you wish it to be deleted. In order to verify your identity and authorization to make a deletion request, we will only correspond using the email address associated with your Account.
If you have not logged into your Pixton account for more than 365 days, we reserve the right to terminate it.
Currently, Pixton or our third-party service providers retain and store information collected by, or provided to, us in the cloud and on secure servers in Canada. You hereby consent to Pixton storing any Personal Information you provide to us on secure servers in Canada.
Account Security
If you access the Site and/or use any of the Services, you are responsible for protecting the confidentiality of your Account password and elected codes, and for restricting access to your computer and you agree to accept responsibility for all activities that occur under your Account. Please notify us immediately if you detect suspected misuse of your Account via email at: privacy@pixton.com.
Access and Accuracy
Pixton will use commercially reasonable efforts to provide you access to your Personal Information (to the extent we are in possession of any) if you submit your request for access via privacy@pixton.com. Pixton may charge you a reasonable fee for doing so. Subject to applicable law, including COPPA, Pixton reserves the right to deny access to your Personal Information on any of the following grounds:
-
when denial of access is required by law;
-
when granting you access is reasonably likely to negatively impact other people's privacy;
-
when granting access is, in our judgement and acting reasonably, cost prohibitive; or
-
when we have reason to believe that such requests are frivolous or made in bad faith.
You are responsible for ensuring that all information created through your access to and use of the Site and/or Services is accurate, reliable and complete and you acknowledge and accept that the use of such information is at your own risk. We can only provide accurate Services if we are in possession of your current and accurate information, therefore, we ask that you keep any Personal Information that you provide to us current and accurate. You represent and warrant that all Personal Information you provide us is true and accurate and relates to you and not to any other person. If you believe that the Personal Information maintained by Pixton about you is inaccurate or incomplete, you may notify us by describing in detail any inaccuracies or omissions via email at privacy@pixton.com. Following receipt of a properly submitted notice, we will, within a reasonable time period and acting in our sole discretion, use commercially reasonable efforts to either: (a) amend or correct your Personal Information to reflect corrected or additional information provided by you, or (b) in connection with your Personal Information, make note of any claimed inaccuracies or omissions reported in the notice submitted by you.
Our Policy Regarding Children
Pixton recognizes the privacy interest of children and we encourage parents/guardians to take an active role in their children’s use of the Site and/or Services. Users under the age of majority in their local jurisdiction may only use the Site and/or Services with parental consent and if the User is a Child obtain and provide verifiable parental consent to Pixton if required by applicable laws, for example COPPA.
If Pixton discovers or if a Parent becomes aware that a User under the age of majority in their local jurisdiction has accessed the Site and/or Services on their own and without the proper consent required in their jurisdiction, or provided us with information without the proper consent, please contact us at privacy@pixton.com. We will delete such information from our files within a reasonable time and within the timeframe required by applicable laws.
If you are below the age of majority in your local jurisdiction, please obtain your Parent’s permission before accessing or using any of the Site and/or Services and before providing us with any Personal Information.
In the interests of the safety and comfort of all users under the age of majority in your local jurisdiction, we reserve the right, acting in our sole discretion but without any obligation, to restrict the access of any user to any space on the Site.
Governing Law
Those who choose to use or access the Site and/or Services from outside Canada do so on their own initiative and are responsible for compliance with local laws, if and to the extent local laws are applicable. Pixton is compliant with US privacy laws, as listed above, but does not make the same claim for all countries outside Canada. Notwithstanding the foregoing, and recognizing the global nature of the Internet, each viewer and user shall comply with all local rules regarding online conduct and creation of acceptable materials. This Privacy Policy and your legal relationship with Pixton shall be governed by, and will be enforced, construed, and interpreted in accordance with the laws of the province of British Columbia, Canada and the federal laws of Canada applicable therein, without regard to principles of conflicts of law. All disputes between you and Pixton will be resolved by, and you hereby submit to, the exclusive jurisdiction of the courts of British Columbia in Vancouver.
International Transfer
We may transfer information that we collect about you to third parties across borders and from your country or jurisdiction to other countries or jurisdictions around the world. Please note that these countries and jurisdictions may not have the same personal information protection laws as your own jurisdiction, and you consent to the transfer of information over international borders and the use and disclosure of information about you, including Personal Information, as described in this Privacy Policy. We or our third-party service providers store your Personal Information in Canada.
QUESTIONS OR COMMENTS
We welcome questions or comments about this Privacy Policy. Please direct any questions or comments to the individual below who oversees Pixton’s compliance with privacy requirements:
Pixton Comics Inc.
Attention:
Privacy Officer
Email: privacy@pixton.com