Privacy Policy

Last updated: Jun 2025

At PromptPixels, we take the privacy and security of your personal data seriously. This Privacy Policy explains how we collect, use, store, and protect your data when you use our comprehensive suite of AI-powered creative tools.

1. Data Controller

The data controller for this website is PromptPixels, operating at promptpixels.app.

2. Personal Data Collected

We collect and process the following categories of personal data:

2.1 Account Information

• Authentication Data: Email address, username, and profile information obtained during Google OAuth authentication.
• Account Settings: User preferences, dashboard settings, and notification preferences.

2.2 AI Generation Data

• Text Prompts: Text prompts submitted for AI image generation through our AI Image Studio (including specialized themes like cars, nail art, etc.).
• Negative Prompts: Optional negative prompts used to refine AI generation results.
• Generation Parameters: Aspect ratios, safety filter levels, style preferences, and other generation settings.
• Generated Content: AI-generated images, avatars, and edited content are delivered directly to you and not stored on our servers.
• Generation Metadata: Technical information about generation requests may be temporarily logged for system optimization purposes.

2.3 Image Processing Data

• Uploaded Images: Images uploaded for enhancement, upscaling, editing, or avatar/character training purposes.
• Character Training Data: Custom images uploaded for AI avatar and character training (stored securely during training process).
• Image Metadata: Technical information about uploaded images including file format, dimensions, and creation data.

2.4 Browser-Based Tool Data

• Add Text to Image: This tool operates entirely within your browser. No image data or text content is transmitted to our servers.
• Local Storage: Some tools may use browser local storage for user preferences and temporary data.

2.5 Transaction and Credit Data

• Credit Purchase Information: Amount of credits purchased, transaction history, and purchase timestamps.
• Credit Usage: Records of credit consumption across different AI tools and services.
• Payment Processing: Transaction data processed through our third-party payment provider (Polar SH).

2.6 Communication Data

• Contact Messages: Name, email address, subject, and message content submitted through contact forms.
• Support Communications: Email exchanges and support ticket information.

2.7 Technical Data

• Session Information: Django session cookies (sessionid, csrftoken) for authentication and security.
• IP Addresses: User IP addresses for security, fraud prevention, and rate limiting.
• User Agent Data: Browser information for compatibility and security purposes.
• Usage Analytics: Aggregated data about tool usage, popular features, and system performance.
• Error Logs: Technical logs for debugging and system optimization.

3. Purpose of Data Processing

We process personal data for the following specific purposes:

3.1 Service Provision

• User authentication and account management
• AI image generation and processing through our AI Image Studio
• Image enhancement, upscaling, and editing services
• Character and avatar training and generation
• Credit management and usage tracking
• System optimization and performance monitoring

3.2 Platform Security and Performance

• Rate limiting and abuse prevention
• Fraud detection and prevention
• System security monitoring
• Performance optimization and error debugging

3.3 Customer Support

• Processing and responding to user inquiries
• Technical support and troubleshooting
• Account assistance and dispute resolution

3.4 Service Improvement

• Analyzing usage patterns to improve our AI models
• Developing new features and tools
• Optimizing user experience and interface design

4. Data Retention Periods

• AI Generated Images: No generated images are stored on our servers; all AI-generated content is delivered directly to you and not retained in our systems.
• Generation Prompts: Text prompts and generation parameters may be temporarily logged for system optimization and debugging purposes, then automatically deleted.
• Character Training Data: Stored during active training periods; deleted upon training completion or user request.
• Uploaded Images: Temporarily processed and automatically deleted after enhancement/editing completion.
• Contact Messages: Stored for customer service purposes; can be deleted upon request.
• User Accounts: Retained while account is active; deleted upon account deletion request.
• Transaction Records: Retained for tax and legal compliance purposes as required by law.
• Technical Logs: Retained for 90 days for security and debugging purposes.

5. Third-Party Service Providers

We work with the following trusted third-party services:

• Google OAuth: For secure user authentication and account creation.
• Polar SH: For secure credit purchase processing; payment details are never stored in our system.
• AI Model Providers: For powering our AI generation capabilities (image data processed according to strict privacy agreements).
• Cloud Infrastructure: For secure hosting and data storage with industry-standard security measures.

6. Data Security

We implement comprehensive security measures:

• Encryption: All data transmission uses SSL/TLS encryption
• Access Control: Personal data accessible only by authorized personnel
• Infrastructure Security: Regular security updates and monitoring
• Data Minimization: We collect only necessary data for service provision
• Secure Processing: All AI processing occurs on secure, encrypted systems

7. Cookie Policy

We use essential cookies for platform functionality:

• Essential Cookies: Session management (sessionid), CSRF protection (csrftoken), and authentication
• Functional Cookies: User preferences and tool settings
• No Tracking: We do not use third-party tracking or advertising cookies

8. Your Rights Under GDPR and Privacy Laws

You have the following rights regarding your personal data:

• Access: Request access to all personal data we hold about you
• Rectification: Correct inaccurate or incomplete personal data
• Erasure: Request deletion of your personal data ("right to be forgotten")
• Restriction: Limit how we process your personal data
• Portability: Receive your data in a machine-readable format
• Objection: Object to processing based on legitimate interests
• Withdraw Consent: Withdraw consent for data processing at any time

To exercise these rights, please contact us at [email protected].

9. Children's Privacy

Our services are not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal data from a child under 13, we will take steps to delete such information.

10. International Data Transfers

Your data may be processed in countries outside your residence for AI generation and cloud hosting purposes. We ensure adequate protection through appropriate safeguards and standard contractual clauses.

11. Data Breach Notification

In the unlikely event of a data breach affecting your personal information, we will notify you and relevant authorities within 72 hours as required by applicable law.

12. Policy Updates

This Privacy Policy may be updated periodically to reflect changes in our services or legal requirements. We will notify users of material changes through our platform or via email. The updated policy becomes effective upon posting.

13. Contact Information

For any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

• Email: [email protected]
• Subject Line: "Privacy Policy Inquiry"
• Response Time: We aim to respond within 48 hours

14. Regulatory Compliance

This Privacy Policy complies with applicable data protection regulations including GDPR (EU), CCPA (California), and other relevant privacy laws. We are committed to maintaining the highest standards of data protection and user privacy.