Revised 23/06/2025
Privacy policy
1. Introduction
Pixels Interactive Software (“we”, “us”, “our”) is committed to protecting and respecting data privacy. This Privacy Policy explains how we collect, use, and protect information in the course of providing our software products and services (“Services”) to our business clients (“you”, “your”).
This policy has been updated to reflect the requirements of UK data protection law, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, as amended by the Data (Use and Access) Act 2025.
For the purpose of data protection law, Pixels Interactive Software acts as a Data Controller in relation to the personal data of our clients’ representatives (e.g., your employees who manage your account with us). We act as a Data Processor in relation to the analytical data generated by your end-users’ interaction with our Services. Our data processing relationship is governed by the Data Processing Agreement section of our Terms of Use.
Our Data Protection Officer can be contacted at [dpo@pixel-future.com].
2. Our Processing of Personal Data: Purposes and Lawful Bases
We process different types of data for specific purposes. UK data protection law requires us to have a “lawful basis” for each processing activity we undertake as a Data Controller. The table below outlines these activities and the legal grounds we rely on.1
|
Processing Activity |
Categories of Data Processed |
Lawful Basis |
|
Client Account Management |
Name, business email, phone number, job title, billing information of our client’s representatives. |
Contractual Necessity: To fulfil our contract to provide you with our Services. |
|
Service Communication |
Name, business email of our client’s representatives. |
Contractual Necessity: To send essential service updates, security alerts, and support messages. |
|
Security and Fraud Prevention |
IP addresses, login timestamps, device information of our client’s representatives accessing our management portals. |
Recognised Legitimate Interests: To ensure the security and integrity of our network and information systems.1 |
|
Business-to-Business Marketing |
Name, business email, job title of potential or existing client representatives. |
Legitimate Interests: To promote our services to other businesses. You can opt-out at any time. |
Processing as a Data Processor (Client’s User Analytics)
When your end-users interact with our software, we process analytical data on your behalf. This data helps us maintain and improve our Services.
|
Processing Activity |
Categories of Data Processed |
Our Role |
|
Service Analytics & Improvement |
Anonymised or pseudonymised user ID, feature usage events, device type, operating system, session duration, crash reports. |
Data Processor: We process this data based on your instructions as the Data Controller. You are responsible for establishing the lawful basis for this processing. |
3. Automated Decision-Making (ADM)
Automated Decision-Making (ADM) is the process of making a decision by automated means without any human involvement.
Currently, Pixels Interactive Software does not use ADM in any way that produces a legal or similarly significant effect on individuals.1
However, as we innovate and develop our Services, we may in the future introduce features that utilise ADM, such as an AI-powered recommendation engine to enhance user experience. In line with the Data (Use and Access) Act 2025, if we introduce such features (and they do not involve special category data), you will be protected by the following safeguards 1:
- We will update this policy to provide you with meaningful information about the logic involved in the decision.
- You will have the right to request human intervention to review the decision.
- You will have the right to express your point of view and contest the automated decision.
We will not use ADM for decisions based on special category data (e.g., health or ethnicity) without your explicit consent or another lawful basis under Article 9 of the UK GDPR.
4. International Data Transfers
We are committed to storing and processing your data securely.
All client data and client’s user data processed by Pixels Interactive Software is currently stored on secure servers located within the United Kingdom.2
Should it become necessary in the future to transfer data outside of the UK, we will only do so in full compliance with UK data protection law. This means we will only transfer data to:
- Countries that have been deemed to provide an adequate level of protection for personal data by the UK Government.
- Organisations where we have put in place appropriate safeguards, such as the UK’s International Data Transfer Agreement (IDTA), ensuring the protection standard is “not materially lower” than in the UK.3
We will update this policy to reflect any changes to our international data transfer practices.
5. Data Retention
We adhere to the principle of storage limitation, meaning we do not keep personal data for longer than is necessary for the purpose for which it was collected.2
- Client Account Data: We will retain personal data relating to your business account for the duration of our contractual relationship with you, plus an additional 6 years to comply with our legal and financial record-keeping obligations.
- Client’s User Analytics Data: As a Data Processor, we retain this data in accordance with the instructions of our client (the Data Controller), as specified in our Data Processing Agreement. By default, aggregated and anonymised analytics data used for service improvement may be retained indefinitely.
- Prospective Client Data: Where we hold data for marketing purposes, we will retain it for as long as we have a legitimate business interest, or until you opt-out.
6. Your Data Protection Rights
Under UK data protection law, you have several rights concerning your personal data. These include:
- Right of Access: The right to request a copy of the personal data we hold about you.
- Right to Rectification: The right to have any inaccurate personal data corrected.
- Right to Erasure: The right to request that we delete your personal data, under certain conditions.
- Right to Restrict Processing: The right to request that we limit the processing of your personal data, under certain conditions.
- Right to Object: The right to object to our processing of your personal data where we rely on legitimate interests as our lawful basis.
- Right to Data Portability: The right to receive your personal data in a structured, commonly used, and machine-readable format.
To exercise any of these rights, please contact our Data Protection Officer at [dpo@pixelimage.co.uk]. We will respond to your request within one month.
7. Your Right to Complain
The Data (Use and Access) Act 2025 requires all organisations to have a formal process for handling data protection complaints.6 We are committed to resolving any concerns you may have swiftly and fairly.
Step 1: Complain to Us Directly
If you have a complaint about how we have handled your personal data, we ask that you first contact us so we can investigate the matter. Please submit your complaint to our Data Protection Officer via:
- Email: [dpo@pixelimage.co.uk]
- Post: Data Protection Officer, Pixel Image Ltd, 38 Thistle Street, Edinburgh, EH2 1EN.
Please include your name, contact details, and a full description of your complaint. We will acknowledge receipt of your complaint within 3 working days and provide a full, substantive response within 30 calendar days.1
Step 2: Complain to the Information Commission
If you are not satisfied with our response, or if you believe we are not processing your data in accordance with the law, you have the right to lodge a complaint with the UK’s data protection regulator, the Information Commission.
The Information Commission
Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Helpline: 0303 123 1113
Website: www.ico.org.uk
