Privacy Policy

This Policy explains what Pixsprint collects, how it is used, when it is visible to clients or public visitors, and how deletion works.

Effective

June 19, 2026

Privacy Policy

This Policy explains what Pixsprint collects, how it is used, when it is visible to clients or public visitors, and how deletion works.

Publication notice

This Privacy Policy reflects Pixsprint’s current product, vendors, integrations, and data-handling practices as of the effective date. We update it when those practices materially change.

01. Introduction

Pixsprint is a creator-facing SaaS app for photographers, influencers, and similar creators to upload media, publish creator profiles, build galleries and media kits, manage leads, use AI-powered tools, and connect supported integrations.

This Policy applies to creators and account users, website and public gallery visitors, trial or free users, paid subscribers, people who contact support, and people whose information appears in content submitted to Pixsprint.

Some creator information may be visible to clients or public visitors when a creator publishes a profile, gallery, media kit, package, call to action, social link, Instagram-related metric, selected place, or other profile field.

02. Information we collect

  • Account and authentication data, such as name, email, username, Clerk user ID, login/session metadata, and account preferences.
  • Profile and public page data, such as profile photo, bio, social links, footer settings, creator slug, public profile settings, media-kit settings, and custom domain settings.
  • Creator content, such as uploaded photos, image metadata, captions, alt text, tags, gallery content, selected photos, packages, trust content, lead forms, and saved AI outputs.
  • Billing data, such as Stripe customer IDs, subscription status, invoice metadata, transaction metadata, billing contact details, tax identifiers, and limited payment method details. Stripe processes payment card details.
  • AI-related data, such as selected photos, image URLs, gallery text, profile details, marketing context, generated descriptions, tags, embeddings, content ideas, and AI usage records.
  • Integration data from Instagram/Meta, including authorized account identifiers, username, profile metadata, follower and media counts, insights, media metadata, encrypted access tokens, scopes, expiry dates, sync status, and rate-limit or error metadata.
  • Location and place data that creators enter or select, including locations served, target brand/place details selected through Google Places, selected city/region/country, and coarse visitor country for analytics. Based on the current codebase, we do not use precise browser GPS.
  • Usage and technical data, such as pages viewed, gallery events, CTA clicks, lead submissions, download requests, shortlist activity, device type, referrer, session identifiers, consent state, browser storage identifiers, hashed user-agent data, coarse country, diagnostics, and security or rate-limit logs.
  • Communications data, such as support requests, transactional emails, marketing preferences, unsubscribe tokens, delivery logs, and email provider webhook events.

Your privacy rights, handled with care

03. How we use information

  • Create and manage accounts, authenticate users, secure accounts, and prevent fraud or abuse.
  • Provide creator profiles, galleries, media kits, lead capture, share links, downloads, analytics, billing, email, custom domain, and account settings features.
  • Display profile, gallery, location, package, social, Instagram, and media-kit information to clients or public visitors when a creator publishes or shares it.
  • Process subscriptions, invoices, cancellations, billing support, taxes, accounting, and payment-provider records.
  • Provide AI features, measure AI usage limits, generate image descriptions, tags, search support, marketing copy, content ideas, and related suggestions.
  • Send transactional emails, support messages, product notices, and marketing communications where permitted.
  • Analyze product usage, debug issues, improve features, aggregate gallery performance, enforce limits, protect the service, and comply with legal obligations.

04. AI features

Premium or plan-based AI features may process user-uploaded photos, selected images, image URLs, gallery text, profile details, Instagram metrics, and other context to generate content, suggest content, describe images, support image search, or recommend photos.

AI results are automated suggestions and may be inaccurate, incomplete, repetitive, biased, unsafe, or unsuitable. Users are responsible for reviewing AI outputs before publishing or relying on them.

We do not use your photos, profile content, or AI prompts to train our own AI models. We use third-party AI providers to operate premium AI features. As currently configured, we do not opt in to third-party model training using your AI inputs or outputs. If this changes, we will update this Policy and provide any required notices or choices.

Based on the current codebase, Pixsprint does not use AI features for face recognition, identity verification, biometric identification, sensitive-trait inference, or automated decisions with legal or similarly significant effects.

05. Location and place information

Pixsprint uses creator-entered or creator-selected place information, such as locations served, target brand locations, Google Places suggestions, selected place IDs, city, region, country, address labels, and primary place type. We also use coarse visitor country signals for analytics.

Based on the current codebase, we do not use precise browser GPS or retain location trails. If a creator publishes a location, location-served field, or target brand/place detail, that information may be visible to public visitors or clients. Creators can edit, hide, or remove these fields through available settings and editor flows.

06. Public and client-visible information

Depending on creator settings and publication choices, public visitors or shared-link recipients may see usernames, display names, profile photos, bios, social links, published galleries and media kits, uploaded media, captions, package details, availability, calls to action, Instagram metrics, selected locations or target brands, and other fields selected for publication.

Creators are responsible for deciding what to publish and for making sure they have permission to publish people, places, brands, client names, logos, and third-party content.

07. Service providers and integrations

We disclose information to service providers that help us host, secure, operate, analyze, support, and improve Pixsprint, process payments, provide authentication, send emails, provide AI features, and support integrations.

ProviderPurposeData involved
Google Cloud PlatformHosting, Cloud Run infrastructure, storage, delivery, logsApplication data, files, uploaded media, generated sizes, logs, and related technical data
MongoDB AtlasDatabaseAccount, profile, gallery, media, billing metadata, analytics, integration, and app data
StripePayments and subscriptionsCustomer IDs, subscription status, invoices, transaction metadata, billing contact data, limited payment method details
ClerkAuthenticationAccount credentials, user IDs, emails, auth/session metadata, login security data
OpenAIAI featuresSelected images, prompts, profile or gallery context, AI inputs and outputs needed for requested features
ResendEmail deliveryEmail addresses, message content, preferences, delivery and webhook metadata
Google Places/MapsPlace search and autocompleteSearch terms, selected places, place IDs, formatted addresses, place types, network/device data processed by Google
Instagram/MetaCreator integrationAuthorized account data, profile and media metadata, insights, tokens, scopes, sync metadata

08. Cookies and similar technologies

Pixsprint uses cookies, local storage, session storage, SDKs, and similar technologies for authentication, security, billing, preferences, consent, analytics, diagnostics, and product functionality. See the Cookie and Tracking Policy for current details.

09. EU/UK privacy layer

This EU/UK privacy layer applies where Pixsprint is intentionally offered to people in the EEA or the UK, or where Pixsprint monitors behavior of people located there through analytics, tracking, profiling, or similar technologies.

For the current B2C creator product, Pixsprint generally acts as the controller for creator account data, profile data, uploaded creator content, optional current location, subscription and billing metadata, AI feature usage, analytics and product improvement data, support communications, and integration connection status or tokens.

Vendors and integrations such as Google Cloud Platform, MongoDB Atlas, Clerk, Stripe, Resend, OpenAI, Google Places/Maps, and Instagram/Meta may act as processors, independent controllers, or separate service providers depending on the specific data flow and their terms.

This draft does not list a DPO, EU representative, UK representative, legal entity name, or postal address because those details are not discoverable in the repository. Add those details before publication where legally required.

Where applicable, you may complain to a relevant supervisory authority, and you may contact Pixsprint first so we can try to resolve your request.

11. International processing

The deployment scripts and deployment documentation in this repository use Google Cloud's europe-west1 region, Belgium, as the default primary Cloud Run and related Google Cloud deployment region when that default or matching deployment secret is used. MongoDB Atlas and other provider regions must be confirmed from provider configuration before making an EU-only storage claim.

Some service providers and integrations may process information in other countries. Where required, we use appropriate safeguards for international transfers.

12. Automated decision-making and profiling

For the current MVP, Pixsprint positions AI photo recommendations, image analysis, search support, and content generation as creator-controlled suggestions. Pixsprint does not make final decisions about users' legal rights, employment, credit, eligibility, pricing, or access.

If future features rank creators, hide creators, determine eligibility, price services, score attractiveness, or otherwise affect access or opportunity, Pixsprint should revisit automated decision-making, profiling, fairness, transparency, and privacy risk-assessment requirements before launch.

13. Retention and deletion

  • Raw analytics events and daily analytics rollups are configured with 90-day retention in the codebase.
  • Uploaded media, saved AI outputs, public profile data, optional location fields, and integration data are kept while needed to provide the service, until deleted by the user, disconnected, unpublished, or deleted through a verified deletion request, subject to limited retention needs.
  • If you request account deletion, Pixsprint aims to remove or anonymize account profile data, uploaded creator content, saved AI outputs, optional location data, and integration tokens from production systems within 30 days after verification, unless limited retention is needed for legal, billing, tax, security, fraud-prevention, dispute-resolution, or compliance purposes.
  • Backups are deleted on their normal rotation, usually within 90 days.
  • Billing, tax, accounting, fraud, security, support, marketing suppression, consent, and legal records may be retained longer where necessary.

14. Your rights and choices

  • You can update profile, public page, billing contact, email preference, published content, and integration settings through available account tools.
  • You can unsubscribe from non-transactional emails using unsubscribe or preference links.
  • You can accept, reject, or revisit analytics cookie choices through the cookie banner or settings button.
  • Depending on your location, you may request access, correction, deletion, portability, restriction, objection, consent withdrawal, or appeal of a denied request.
  • Where applicable, you may also object to legitimate-interest processing, object to direct marketing, withdraw consent for consent-based processing, and complain to a relevant supervisory authority.
  • To make a privacy request, contact support@pixsprint.app.

15. Children and minors

Pixsprint is not directed to children under 13, and users under 13 may not create accounts. Paid creator/client-facing use is intended for users who are at least 18 or the age of majority where they live.

16. Security

Pixsprint uses technical and organizational measures designed to protect information, such as authentication, access controls, encryption in transit, provider security controls, rate limiting, logging, monitoring, backups, and incident response practices. No online service can be guaranteed to be 100% secure.

17. Changes and contact

We may update this Policy from time to time. For material changes, we will provide reasonable notice where required.

Contact Pixsprint at support@pixsprint.app.

Changes and contact

We may update this Policy from time to time. For material changes, we will provide reasonable notice where required.

Contact Pixsprint at support@pixsprint.app.