Last updated: May 25, 2018

 

PIX System, LLC. (“PIX”, “we” or “us”) is committed to safeguarding our users’ privacy on the Internet and protecting the information and data that you may provide to us. This document (“Privacy Policy“) describes the privacy practices with respect to our website and your access and use of our services, whether through our desktop application, mobile application, web browser (presently located at https://project.pixsystem.com/web) or otherwise as part of the services that PIX offers to its customers (collectively, the “Services”), including, without limitation, how we process your personal data in relation to such Services and your rights with respect to the processing of personal data.

Reference in this Privacy Policy to the term “personal data” includes personally identifiable information and personal information. Users of the Services are subject to the terms and conditions set out in the PIX EULA and any separate agreement that PIX may have with the PIX customer for which you are providing work or services.

PIX is the data controller for processing of personal data in relation to registering and administrating your user account and your access to our Services.  PIX’s customers (“Customers”) are data controllers for any personal data contained in the content or other data uploaded by them to PIX or the Services (“Content”) and other personal data processed in relation to such Content.

This Privacy Policy does not concern processing of personal data for which PIX is not data controller.  If you have any questions regarding personal data contained in the Content, please contact the Customer responsible for such Content.

 

This Privacy Policy is intended to provide you with notice of the following:

1.    What personal data is collected and how it is collected.

2.    How your personal data that we have collected is used.

3.    Disclosure of your personal data.

4.    Transfers of your personal data, including internationally.

5.    PIX’s retention of your personal data, and your choices and control with respect to your personal data.

6.    Information on cookies and tracking technologies.

7.    The Services are not intended for children.

8.    How your personal data is protected.

9.    Inapplicability of our Privacy Policy.

10. Your rights in connection with this Privacy Policy and your personal data.

11. California residents and California privacy rights.

12. Contacting us.

13. Notice of changes to this Privacy Policy.

 

1. What personal data is collected and how it is collected.

Personal data is information that identifies you and may be used to contact you. PIX is provided personal data from the Customer and uses that information to create a user account or otherwise enable access to the Services. We do not require that anyone disclose more information than reasonably necessary in order to use the Services. 

PIX may collect, store and/or process some or all of the following types of personal data: your first name, last name, employer name, title, department, user name, e-mail address, phone number(s) and other contact details that you share with PIX. When you use our Services we also collect your IP address and log how you use our Services and access Content. The personal data we process about you is necessary in order for you to use our Services and failure to provide such data may result in you not being able to use our Services.

We also may automatically collect certain data when you use our Services, such as your geo-location coordinates, a device identifier (but not the UDID), operating system, computer type, software, and your activity. This data is not treated as personal data unless we combine it with or link it to any of the personal data mentioned above.

 

2. How your personal data we have collected is used.

We will use your personal data that we collect in accordance with this Privacy Policy and applicable law (including, without limitation, applicable data protection legislation) and for the following purposes and based on the following legal basis:

 

Purpose of the processing

Legal basis for the processing

a) To provide you access to the Services, to administrate your user account and communicate with you regarding your user account and use of the Services.

a) Performance of contract.

 

b) To (i) prevent, detect, investigate and take measures against criminal activity, fraud and misuse of or damage to our Services or network or the Content, (ii) take measures against other threats against PIX's or a third party's rights, (iii) establish or exercise our legal rights or defend against legal claims, or (vi) protect the safety or property of our employees, contractors, customers, users or others.

 

 

 

 

b) Balancing of interests where PIX has pursued the following legitimate interests:

  • PIX's interest of investigating suspicion of and taking measures against misuse of or damage to our services, network or the Content;
  • PIX's and/or third party's interest of investigating and producing evidence regarding criminal activity, fraud and other threats against its interest;
  • PIX's interest of establishing and exercising its legal rights;
  • PIX's and/or third party's right to protect its safety or property;
  • Competent authority's interest of conducting law enforcement activities and collecting evidence for such purposes.

c) To comply with (i) applicable laws, regulations, court orders, government requests, and law enforcement agencies’ requests, or (ii) the extent otherwise required by applicable law.

 

c) Compliance with a legal obligation to which PIX is subject.

 

 

 

3. Disclosure of your personal data.

Your personal data may be disclosed to Customers that control the projects, and/or to users in the projects, you access as part of the Services. Such disclosure is necessary in order to control, restrict and log access to Content, and as may otherwise be necessary for PIX to provide the Services. Your personal data may also be disclosed to authorities and other legal bodies in order to (i) prevent, detect, investigate and take measures against criminal activity, fraud and misuse of or damage to our Services or network or Content; (ii) take measures against other threats against PIX's or a third party's rights; (iii) comply with applicable laws, regulations, court orders, government requests, and law enforcement agencies’ requests; (iv) exercise our legal rights or defend against legal claims; or (v) protect the rights, property or safety of our website, users of our website or Services and others.

The data you provide, including, without limitation, your personal data, may also be collected, shared, and/or retained by one (1) or more of our service providers, suppliers and/or contractors (“Third Parties”) that assist PIX in conducting its business, including, without limitation individuals or entities that we retain to perform some or all of our business operations or who provide support to our business operations, all acting on our behalf or for our benefit and in a manner consistent with this Privacy Policy. Such Third Parties may process personal data on PIX's behalf (e.g. software providers, hosting suppliers, and/or legal, accounting, audit and other professional service providers). References in this Privacy Policy to “PIX”, “us” or “we” include such individuals or entities, including, without limitation, Third Parties.

In the event that PIX is acquired by or merged with another company, entity or individual, we may disclose and/or transfer your personal data to such other company, entity or individual. 

 

4. Transfers of personal data, including internationally.

PIX’s principal office is located in the state of California, United States of America. The Customers also have locations in a number of states in the United States of America.  As PIX and Customers have locations in the United States of America, any data provided to PIX or the Customers will be transferred, stored and/or accessed from the United States of America. To the extent the processing is subject to the General Data Protection Regulation (2016/679) ("GDPR"), such transfers of personal data outside the EU/EES are necessary for the performance of the contract between you and PIX (article 49.1 (b) of the GDPR).

Some of the third parties identified under "Disclosure of your personal data" may also be located in the United States of America or elsewhere outside the EU/EEA, in which case we will take necessary steps required under the GDPR (if applicable) in order for such transfer of data across borders to be compliant with the GDPR. In cases where there is no adequacy decision by the Commission, this may, for example, include the use of EU model clauses (under Article 46.2 of the GDPR) or the recipient being certified under the US-EU Privacy Shield Framework (under Article 45 of the GDPR). You may receive a copy of the relevant safeguards by contacting PIX at privacy@pixsystem.com.

 

5. PIX’s retention of your personal data, and your choices and control with respect to your personal data.

PIX does not retain your personal data for longer than is necessary considering the purpose for which such personal data is processed.

Your personal data is saved for long as you have a user account for the Services and may be retained for up to five (5) years after you have terminated your account.  However, if retention of your personal data is required to comply with applicable law, contractual obligation or to protect the legal interests of PIX (e.g. in connection to an ongoing legal process) PIX may retain your data for as long as it is necessary to fulfill the purpose with the continued processing.

Please note that even if you terminate your user account, the Services may still contain personal data regarding you for which the Customer is data controller and to which this Privacy Policy is not applicable, e.g. in relation to Content.

If you wish to terminate your user account and remove your personal data, please email us at privacy@pixsystem.com.

 

6. Information on cookies and tracking technologies.

PIX uses cookies minimally as part of the Services and website and no personal data is stored in a cookie. Cookies are small files that are downloaded to your device through your web browser that enables the website or Service to recognize your browser and capture and remember certain data. Cookies enable us to enhance the user experience with our Services.  A cookie usually contains the name of the domain from which the cookie came, the retention period of the cookie, and a value (usually a randomly generated unique number). We use the following types of cookies in our Service and on our website:

-       Session cookies: temporary cookies that remain in the cookie file of your browser until you leave the site. Session cookies are used to validate your session and carry information across pages of the Services so you don’t have to re-enter information in order to access different files your account has permission to view.

-       Persistent cookies: cookies that remain in the cookie file of your browser for a longer period of time (how long will depend on the lifetime of the specific cookie). Persistent cookies are used to help us recognize you as a unique user when you return to our Services or website. We may also use persistent cookies to compile anonymous, aggregated statistics that allow us to understand how our Services and website is used and to help us improve the Services and website.

-       Third Party Cookies: we may allow third party service providers such as Google Analytics to use cookies on our website but we do not control the use or contents of such third party cookies.

We may also use other tracking technologies such as pixel tags, web beacons, or other programming code. Such technologies may be used for a number of purposes, including, without limitation, to log access to the Service, and to monitor how users navigate the Service. Such technologies may also enable us to send email messages in a format that users can read. Data collected by or from such technologies will be treated as non-personal data.  

You can change the cookie settings of your web browser, for example erase existing cookies from your hard drive, block the use of cookies and/or be notified when cookies are encountered. If you choose to block cookies, please note that some functions of our Services and website may not work properly.

 

7. The Services are not intended for children.

The Services are not targeted at or intended for children and we do not knowingly collect personal data from anyone under the age of 16. If you believe we may have collected personal data regarding your child, please contact us and we will make reasonable efforts to delete the information from our Services.

 

8. How your personal data is protected.

We have implemented technical, administrative and physical security measures to attempt to protect your personal data from unauthorized access and improper use. However, please understand that no security measure is perfect or impenetrable and therefore we cannot guarantee the absolute security of your personal data.

We also protect your personal data offline. Only employees, contractors and/or suppliers who need the data to perform a specific job (for example, customer service) are granted access to personal data. The servers on which personal data is stored are kept in a secure environment.

 

9. Inapplicability of this Privacy Policy.

The Services and website may contain links to other websites. To the extent allowed by law, we are not responsible for the content or privacy practices of such other websites. This Privacy Policy does not apply to your use of any Customer’s systems or websites, or any third party websites. Please read the privacy statements of any other system or website that collects personal data since your rights will be governed by those third party policies (and not by this Privacy Policy or PIX).

 

10. Your rights in connection with this Privacy Policy and your personal data.

If the processing of your personal data is subject to the GDPR you have the following rights: 

(i) You are at any time and free of charge entitled to receive a copy of the personal data that we hold about you and information about the processing. Please note that PIX needs to, in order to be able to answer your request, be able to determine your identity.

(ii) You have the right to, without undue delay, have inaccurate or incomplete personal data about you corrected. Furthermore, you have the right to request that PIX restricts the processing of your personal data under certain conditions; for example, if you contest the accuracy of the personal data, the processing may be restricted for a period enabling PIX to verify the accuracy of the personal data or if PIX no longer needs the personal data for the purposes of the processing but you require the personal data for the establishment, exercise or defense of legal claims.

(iii) You have the right to have your personal data deleted without undue delay if, for example, the personal data is no longer necessary in relation to the purpose for which it was collected or otherwise processed. Please note that PIX is not obligated to delete the personal data if PIX can show that the processing is necessary, for example, for the establishment, exercise or defense of a legal claim.

(iv) You have the right to object, on grounds relating to your particular situation, at any time to PIX's processing of your personal data if the processing is based on, for example, legitimate interests. If you object to such processing, PIX will no longer be entitled to process your personal data based on such legal basis, unless PIX can demonstrate compelling legitimate grounds for the processing which overrides your interests, rights and freedom or if it is conducted for the establishment, exercise or defense of a legal claim.

(v) You have, under certain conditions, the right to receive the personal data concerning you and which you have provided to PIX, in a structured, commonly used and machine-readable format and have the right to transmit such personal data to another data controller without PIX trying to prevent this, where PIX's processing of your personal data is based a contract and the processing is carried out by automated means. In such case you have the right to request that the personal data shall be transmitted from PIX directly to another data controller, where technically feasible.

(vi) If you are unhappy with our processing of your personal data you may lodge a complaint with a competent supervisory authority, for example in the country of your habitual residence, place of work or of an alleged infringement of the GDPR or other applicable data privacy laws.

 

11. California residents and California privacy rights.

California Civil Code Section 1798.83 permits California residents to request from companies conducting business in California a list of third parties to which the company has disclosed personal data during the preceding year for direct marketing purposes. PIX has not and will not share your personal data with third parties for their direct marketing purposes. If you are a resident of California and want additional information, you may contact us at privacy@pixsystem.com.

 

12. Contacting us.

If you have any questions regarding this Privacy Policy or PIX's processing of your personal data or if you would like to exercise your rights described in this Privacy Policy you may contact us at privacy@pixsystem.com. You may also write to us at:

 

PIX System, LLC

100 1st Street, Suite 300,

San Francisco, California 94105

 

13. Notice of changes to this Privacy Policy.

We may change this Privacy Policy at any time by posting a notice of the change. All changes will be effective when posted.

 

[end]