We, Pixelslab (“Pixelslab”, “we”, “us”, or “our”) understand that anyone who shares data on the Internet wants to be sure that their data does not fall into the wrong hands and that’s why we take great care to protect your data. Doing so, we follow the Dutch GDPR Implementation Act (“UAVG”) and the EU`s General Data Protection Regulation (“GDPR”).
What is Personal Data?
Personal data is all data that can be related to you personally, e.g., name, e-mail addresses, user behavior. The personal data of users processed within the scope of our website includes inventory data (e.g., names, e-mail addresses and addresses), usage data (e.g., the websites visited on our website, interest in our products) and content data (e.g., information in messages and forms you fill in).
Who is responsible?
Responsible for the collection and processing of personal data is:
Pixelslab trading as Pixelslab
What do we process your data for (purpose of processing) and on what legal basis?
In accordance with the UAVG and the GDPR, the following legal basis, unless specifically described below apply to the processing of your personal data:
- you have given your consent (Art. 6 para. 1 lit. a GDPR),
- the data is necessary for the fulfillment of a contract / pre-contractual measures (Art. 6 para. 1 lit. b GDPR),
- the data is necessary for the fulfillment of a legal obligation (Art. 6 para. 1 lit. c GDPR) or
- the data is necessary to protect the legitimate interests of our company, provided that your interests are not overridden (Art. 6 para. 1 lit. f GDPR).
What data protection rights do I have?
These rights are standardized in both the UAVG and GDPR. This includes:
- the right to information (Art. 15 GDPR),
- the right to rectification (Article 16 GDPR),
- the right to erasure (Article 17 GDPR),
- the right to restriction of data processing (Article 18 GDPR),
- the right to data portability (Article 20 GDPR),
- the right to object to data processing (Article 21 GDPR),
- the right to revoke any consent you have given (Art. 7 (3) GDPR),
You may withdraw your consent and request us to stop using and/or disclosing your Personal Data for any or all of the Purposes by submitting your request to us in writing. Should you withdraw your consent to the collection, use or disclosure of your Personal Data, it may impact our ability to proceed with your transactions, agreements, or interactions with us. Prior to you exercising your choice to withdraw your consent, we will inform you of the consequences of the withdrawal of your consent. Please note that your withdrawal of consent will not prevent us from exercising our legal rights (including any remedies) or undertaking any steps as we may be entitled to at law.
Processing of Personal Data
a) Collection of access data and log files
We collect data on every access to our website. The access data includes the name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user’s operating system, referrer URL (the previously visited page), IP address and the requesting provider.
Log file information is stored for security reasons (e.g., for the clarification of abuse or fraud) for a maximum of 7 days and then deleted. Data whose further storage is necessary for evidentiary purposes is exempt from deletion until the respective incident is finally clarified. The legal basis for the data processing is our legitimate interest in providing an appealing website (Art. 6 para. 1 lit. f GDPR).
c) Contacting us
If you contact us, we process the following data from you for the purpose of processing and handling your request: first name, last name, e-mail address, and, if applicable, other information if you have provided it, and your message. The legal basis for the data processing is our obligation to fulfill the contract and/or to fulfill our pre-contractual obligations (Art. 6 para. 1 lit. b GDPR) and/or our overriding legitimate interest in processing your request (Art. 6 para. 1 lit. f GDPR).
b) Data management and customer support
For optimal customer support, we use first name, last name, e-mail address, and the data related to your contract with us. Your data may be stored on our website and or our customer relationship management system (“CRM system”). This data processing is based on our legitimate interest in providing our customer service (Art. 6 para. 1 lit. f GDPR).
e) Contract processing
We process your first name, last name, e-mail address, and the data related to your contract with us data to handle the contractual relationship between you and us. The legal basis for the data processing is the fulfillment of our contractual obligations (Art. 6 para. 1 lit. b GDPR) and, in individual cases, the fulfillment of our legal obligations (Art. 6 para. 1 lit. c GDPR).
f) Member Registration and profile
As part of the registration process, users provide their e-mail address, Full Name, Job Title. Optional a profile photo, State and Country, as well as your date of birth. The data provided will be used for the purposes of creating and using the account and providing and/or purchasing our offerings and using our services.
Users may be informed by e-mail about information relevant to the offer or registration, such as changes to the scope of the offer or technical circumstances. If users have terminated their user account, their data with regard to the user account will be deleted, subject to their retention is necessary for commercial or tax reasons. It is the responsibility of the users to save their data in the event of termination before the end of the contract.
In the context of the use of our registration and login functions as well as the use of the user account, we store the IP address and the time of the respective user action. The storage is based on our legitimate interests, as well as the user’s protection against misuse and other unauthorized use.
As a registered user, you have the opportunity to create a user profile with just a few clicks and details. If you make use of the option, the relevant profile data you provide will be transferred to your profile. Of course, you can change the information at any time via the settings in your profile. When creating a profile, you can submit personal data such as your profile picture, photos and images etc. Content and data are publicly viewable.
You have choices about the information on your profile. You don’t have to provide additional information on your profile; however, profile information helps you to get more from our Services. It’s your choice whether to include sensitive information on your profile and to make that sensitive information public.
Please do not post or add personal data to your profile that you would not want to be available. The legal basis for the processing of your personal data is the establishment and implementation of the user contract for the use of the service. We store the data until you delete your user account. Insofar as legal retention periods are to be observed, storage also takes place beyond the time of deletion of a user account.
Some of the data you choose to provide to us may be considered “special” or “sensitive” in certain jurisdictions, for example your racial or ethnic origins, sexual orientation, and religious beliefs. By choosing to provide this data, you consent to our processing of that data.
Where any Personal Data relates to a third party, you represent and warrant that the Personal Data is up-to-date, complete, and accurate and that you have obtained the third party’s prior consent for our collection, use and disclosure of their Personal Data for the Purposes. You agree that you shall promptly provide us with written evidence of such consent upon demand by us.
The legal basis for the data processing is the fulfillment of our contractual obligations (Art. 6 para. 1 lit. b GDPR) and, in individual cases, the fulfillment of our legal obligations (Art. 6 para. 1 lit. c GDPR) as well as your Consent (Art. 6 para. 1 lit. a GDPR).
If you buy a subscription, the processing is done to fulfill the contractual service including payment processing and billing. The provision of this personal data and order data is necessary for the conclusion of the contract (Art. 6 para. 1 lit. b GDPR).
The sales contract with you is the legal basis for this processing. We will also process your data to the extent required by law to fulfill our archiving and retention obligations under Dutch commercial and tax law.
The duration of processing depends on the purpose of fulfilling the contract and the associated further legal requirements for storage and provision of evidence. For direct advertising, we use the data as long as you have not objected.
h) Newsletter subscription
If you subscribe to our newsletter, you consent to us informing you regularly by e-mail about current and new offers and services as well as information from us about our services. You can revoke your consent at any time, by clicking on the unsubscribe link in each newsletter or by contacting us using the contact details provided above.
When you register for the newsletter, we collect your e-mail address. Your e-mail address will be passed on to our service provider for newsletter dispatch, which we use as processor. You will receive another confirmation e-mail to confirm your consent (so-called double opt-in procedure.) We will use your data until you revoke your consent. A revocation does not affect the lawfulness of the processing of your personal customer and health data carried out on the basis of the consent until the revocation. This consent is voluntary, you can order from us regardless of the consent given. The legal basis for the data processing is your Consent (Art. 6 para. 1 lit. a GDPR).
i) Use of our App
The App can be downloaded from the “Google Playstore” and the “Apple App Store“. Downloading the App may require prior registration with the respective App Store and/or installation of the respective App Store software.
Installation of the App via the Google Playstore.
You may use the Google service “Google Play” of Google LLC, to install the App. As far as we are aware, Google collects and processes the following data: License verification, network access, network connection, WLAN connections and location information.
It cannot be ruled out that Google also transfers the information to a server in a third country. We have no influence on which personal data Google processes during your registration and the provision of downloads in the respective app store and app store software. Google as the operator of the Google Play Store is solely responsible for this.
App installation via the Apple App Store.
You may use the Apple app service “App Store”, a service of Apple Inc, to install the App. As far as we are aware, Apple collects and processes the following data: Device identifiers, IP addresses and location information.
It cannot be excluded that Apple also transmits the information to a server in a third country. We have no influence on which personal data Apple processes during your registration and the provision of downloads in the respective App Store and the App Store Software. In this respect, Apple is solely responsible as the operator of the Apple App Store.
General app accesses
As with every server request, information such as IP address, user agent, etc. is transmitted and stored anonymously for 30 days in the server log. The provision of personal data is not required by law or contract, nor is it necessary for the conclusion of a contract. You are also not obliged to provide the personal data. However, failure to provide the data could result in you not being able to use our App or not being able to use it to its full extent.
Network access data
The provision of network access data is necessary if you wish to make full use of our App. However, failure to provide this data could result in you not being able to use our App or not being able to use it to its full extent. Your data will be treated confidentially by us and deleted if you revoke the rights of use, or they are no longer required for the provision of services and there is no legal obligation to retain them.
When you use the App, you will receive so-called push messages, even if you are not currently using the app. These are messages that we send you as part of the performance of the contract (Art. 6 para. 1 lit. b GDPR). You can adjust or stop receiving push messages at any time via the device settings of your device.
Google and Apple may collect information from and about the device(s) you use to access our App, including hardware and software information such as IP address, device ID and type, device-specific and App settings and properties, App crashes, advertising IDs, information about your wireless and mobile network connection such as your service provider and signal strength; information about device sensors such as accelerometer, gyroscope, and compass.
Authorizations and access
We may request access or permission from your mobile device for certain features (gallery and file manager and push notifications). The legal basis for data processing is our legitimate interest (Art. 6 para. 1 lit. f GDPR) and the provision of contractual or pre-contractual measures (Art. 6 para. 1 lit. b GDPR), as well as your consent (Art. 6 para. 1 lit. a GDPR). You can change your permissions at any time via the settings menu of your device.
You can stop the collection of data by the App by uninstalling it using the standard uninstall procedure for your device.
Third-party services and content and Sharing
Integration of third-party services and content
We use content or service offers of third-party providers on the basis of our legitimate interest (Art. 6 para. 1 lit. f GDPR) in order to integrate their content and services.
This always requires that those third-party providers are aware of your IP address, and or other online identifiers. This data is necessary for the display of the content and the proper functioning of the services. Some of those Third-party providers may also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes.
The following overview lists our third-party providers and their content and services, together with links to their Privacy Policies, which may contain additional information on the processing of data and so-called opt-out measures, if any:
- Contact Form: Contact Form 7 by Google LLC
- Hosting and Storage Provider: Digital Ocean and Amazon Web Services AWS
- Content Management System: WordPress by Automatic Inc
- Fonts: Google Font API by Google LLC
- Newsletter: Sendinblue, mailerlite,
- Database System: MongoDB atlas
- Social Media Presences: Twitter, Instagram, LinkedIn
Passing on of data
Your personal data will only be passed on to third parties,
- if you have given your express consent to this;
- if the disclosure is necessary for the fulfillment of contractual obligations;
- if we are legally obligated to disclose the data;
- if the disclosure of the data is in the public interest;
- if the disclosure of the data is necessary for the protection of our legitimate interests or the legitimate interests of a third party unless your interests in the protection of your data override these interests.
Security, Storage and Automated decision making
We secure our website and App and other systems through appropriate technical and organizational measures against loss, destruction, access, modification, or distribution of your data by unauthorized persons. However, and despite regular checks, complete protection against all dangers is not possible.
Our website and App use the industry standard SSL (Secure Sockets Layer) for encryption. This ensures the confidentiality of your Personal Data over the Internet. You can tell whether encrypted transmission is taking place by the closed key/lock symbol in your browser display.
Databases or data sets that include Personal Data may be breached inadvertently or through wrongful intrusion. Upon becoming aware of a data breach, we will notify all affected individuals whose Personal Data may have been compromised, and the notice will be accompanied by a description of action being taken to reconcile any damage as a result of the data breach. Notices will be provided as expeditiously as possible after which the breach was discovered.
Duration of storage of personal data
Your data will be stored by us for as long as it is needed for the respective purposes underlying the processing. Beyond that, we only store data insofar as we are legally obligated to do so, e.g., due to statutory retention obligations.
Automated decision making
Automated decision-making including profiling according to Art. 22 (1) and (4) GDPR does not take place.
Data Subject Access Request and Updating your personal data
The UAVG and GDPR give you the right to access your Personal Data. Your right of access can be exercised in accordance with the UAVG and GDPR. Any access request may be subject to a fee of an administrative fee at our rates then in force to meet our costs in providing you with details of the information we hold about you.
In the event that you wish to correct and/or update your Personal Data in our records, you may inform us in writing of the same by sending us an email at firstname.lastname@example.org. In certain cases, Personal Data may also be corrected or updated via the website or App.
We will respond to requests regarding access and correction as soon as reasonably possible. Should we not be able to respond to your request within thirty (30) days after receiving your request, we will inform you in writing within thirty (30) days of the time by which we will be able to respond to your request. If we are unable to provide you with any Personal Data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the UAVG and GDPR).
Is there an obligation for me to provide data?
Within the scope of our business relationship, you are only required to provide personal data that is necessary for the establishment, implementation, and termination of a business relationship or that we are legally obliged to collect. Without this data, we will usually have to refuse to conclude the contract or will no longer be able to perform an existing contract and may have to terminate it.
We endeavor to ensure that all decisions involving your Personal Data are based upon accurate and timely information. However, we rely on you to disclose all relevant information to us and to inform us of any changes in your Personal Data. As such, please disclose all relevant information necessary for us to provide services to you and ensure all information submitted to us is up-to-date, complete, and accurate. Kindly inform us promptly if there are any changes in your Personal Data.
Validity and questions
If you have any data protection questions enforce your rights or withdraw your consent, please feel free to contact us using the details provided above.