Effective July 6, 2026 · Version 1.1
This Privacy Policy explains how Pixla collects, uses, shares, and protects personal data when you use our applications, online services, and websites (collectively, the "Services"). It also describes your rights and choices.
1. Scope and roles
- For our websites and accounts, and for billing, Pixla acts as a data controller.
- For content and data you deploy or process through Pixla Hosting, and for recipient data you upload to Pixla Mail, Pixla generally acts as a data processor acting on your instructions; you are the controller of that data. A Data Processing Addendum (DPA) is available at https://pixla.app/legal/dpa.
- Vaporware, Pixla Sites, and Pixla Editor run locally on your device. They process your projects and files locally and transmit personal data to Pixla only where a feature you invoke requires it (e.g., checking for updates, or publishing to Pixla Hosting).
2. Information we collect
a) Information you provide.
- Account and contact information (name, email, organization, password) when you register for an account or a paid Service.
- Billing information processed by our payment processor (see Section 5); Pixla stores limited billing metadata (e.g., plan, last four digits, billing country) but does not store full card numbers.
- Support communications and any information you include in them.
b) User Content.
- Files, code, applications, sites, templates, domains, email content, and recipient lists you create, upload, deploy, or send through the Services.
c) Information collected automatically.
- The Pixla desktop apps (Vaporware, Pixla Sites, Pixla Editor) do not collect analytics, usage tracking, or crash/telemetry data. The only data they transmit automatically is a periodic update check (e.g., via Sparkle) that sends limited technical data such as the app version and operating-system version to determine whether an update is available.
- For our online services and websites (Pixla Hosting, Pixla Mail, pixla.app), our servers keep standard operational logs (such as IP address, request metadata, and timestamps) necessary to run, secure, and troubleshoot the Services.
- Essential cookies on our websites (see Section 6).
d) Information from third parties.
- Limited information from our payment processor and infrastructure providers as needed to operate the Services.
Pixla operates no analytics or telemetry in its products. The apps run locally and contact Pixla only for update checks; the online services keep only the operational logs needed to run and secure them.
3. How we use information
We use personal data to:
- provide, operate, maintain, and secure the Services;
- authenticate accounts and process transactions and billing;
- provide customer support and respond to inquiries;
- monitor, diagnose, and improve performance, reliability, and features;
- detect, prevent, and address fraud, abuse, and security incidents;
- comply with legal obligations and enforce our Terms; and
- send you service-related communications and, where permitted, marketing communications (from which you may opt out).
4. Legal bases (EEA/UK)
Where the GDPR or UK GDPR applies, we process personal data on the following bases: performance of a contract (to provide the Services), legitimate interests (to secure and improve the Services, prevent abuse), consent (e.g., certain cookies and marketing), and compliance with legal obligations. Where we rely on consent, you may withdraw it at any time.
5. Payment processing
Payments for paid Services are processed by Stripe, which acts as an independent controller/processor of your payment data under its own privacy policy at https://stripe.com/privacy. Pixla does not receive or store full payment-card numbers.
6. Cookies
Our websites use only essential cookies needed for core functionality, preferences, and account sessions. We do not use third-party analytics, advertising, or cross-site tracking cookies. You can control cookies through your browser settings.
7. How we share information
We do not sell your personal data. We share personal data only as follows:
- Subprocessors / service providers who process data on our behalf under contract, including:
- Fly.io — application runtime hosting (Pixla Hosting);
- Neon — managed PostgreSQL database hosting for Pixla Hosting deployments and for Pixla's account and service data;
- Cloudflare — content delivery, DNS, and network security;
- Stripe — payment processing;
- Amazon SES (Amazon Web Services) — transmission of emails (Pixla Mail) and transactional email.
- Legal and safety — when required by law, legal process, or to protect the rights, safety, and property of Pixla, our users, or the public.
- Business transfers — in connection with a merger, acquisition, financing, or sale of assets, subject to this Policy.
- With your consent or at your direction.
A current list of Subprocessors is maintained at https://pixla.app/legal/subprocessors.
8. International data transfers
Pixla and its Subprocessors may process data in the United States and other countries. Where we transfer personal data from the EEA, UK, or Switzerland, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses or an equivalent mechanism. Contact us for more information.
9. Data retention
We retain personal data for as long as necessary to provide the Services, comply with legal obligations, resolve disputes, and enforce agreements. As general guidance: account and profile data are retained while your account is active and deleted or anonymized within 90 days of account closure; User Content (deployed apps, uploaded files, and recipient lists) is deleted within 30 days of account closure or upon your earlier deletion request; operational and security logs are retained for up to 12 months; and billing and transaction records are retained for up to 7 years as required by tax and accounting laws.
10. Security
We implement reasonable technical and organizational measures designed to protect personal data, including encryption in transit, access controls, and secured infrastructure. No method of transmission or storage is completely secure, and we cannot guarantee absolute security. You are responsible for safeguarding your account credentials and API keys.
11. Your rights and choices
Depending on your location, you may have rights to: access, correct, delete, or receive a copy of your personal data; restrict or object to processing; withdraw consent; and lodge a complaint with a supervisory authority.
- EEA/UK (GDPR): the rights described above.
- California (CCPA/CPRA): rights to know, delete, correct, and opt out of "sale"/"sharing" of personal information (we do not sell or share it as defined), and the right not to be discriminated against for exercising your rights.
- To exercise any right, contact privacy@pixla.app. We will respond as required by applicable law. If Pixla processes your data as a processor on behalf of a customer (e.g., Hosting/Mail content), we will refer your request to that customer.
12. Children's privacy
The Services are not directed to children under 13, and we do not knowingly collect personal data from them. If you believe a child has provided us personal data, contact us and we will delete it.
13. Third-party links and services
The Services may link to or integrate with third-party sites and services that we do not control. Their privacy practices are governed by their own policies.
14. Product-specific notes
- Vaporware, Pixla Sites, Pixla Editor — operate primarily on your local device; project files and databases stay on your machine unless you use a feature that transmits them (e.g., Publish to Pixla Hosting). Update checks transmit limited version/OS data. Vaporware downloads third-party database engines directly to your device from their respective sources.
- Pixla Hosting — processes the applications, sites, and associated data you deploy, as your processor, to build, host, and serve them.
- Pixla Mail — processes the campaign content and recipient lists you upload, as your processor, to send email on your behalf and provide related analytics (e.g., opens/clicks, where enabled). You are responsible for the lawful basis to contact your recipients.
15. Changes to this Policy
We may update this Policy from time to time. We will post the updated Policy with a new effective date and, for material changes, provide additional notice where appropriate.
16. Contact us
Pixla LLC
5706 Neubert Springs Rd, Knoxville, TN 37920
Privacy: privacy@pixla.app — General: support@pixla.app
[EU/UK Representative, if applicable: NAME / ADDRESS]
[Data Protection Officer, if appointed: CONTACT]