Pixelbook.io
Sign In
Early access - new packs added weekly. Join the waitlist or register your interest as a seller.
Legal

Privacy Policy

Last updated: May 2026

This Privacy Policy explains how Pixelbook (“we”, “us”, “our”) collects, uses, and protects your personal data when you use pixelbook.io. We are committed to protecting your privacy and complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who Is Responsible for Your Data

Pixelbook is the data controller for personal data collected through this Platform. If you have any questions or concerns about how we handle your data, contact us at privacy@pixelbook.io.

2. What Data We Collect

Data you provide directly

  • Account data: name, email address, and password when you register.
  • Profile data: display name, avatar, bio, and portfolio links if you set up a creator profile.
  • Waitlist data: email address and interest type (buyer or seller) when you join the waitlist.
  • Payment data: billing information processed securely by Stripe. We do not store card details directly.
  • Communications: messages you send to support or other users through the Platform.

Data collected automatically

  • Usage data: pages visited, assets viewed, search queries, and time spent on the Platform.
  • Device data: browser type, operating system, and IP address.
  • Cookies: session cookies required for authentication and preference cookies if you consent. See section 7 for more detail.

Data from third parties

  • Google OAuth: if you sign in with Google, we receive your name, email address, and profile picture from Google.

3. How We Use Your Data

We use your personal data to:

  • Create and manage your account.
  • Process purchases and payouts.
  • Send transactional emails (receipts, download links, account notifications).
  • Send waitlist and launch update emails (you can unsubscribe at any time).
  • Improve the Platform through usage analytics.
  • Detect and prevent fraud or abuse.
  • Comply with legal obligations.

4. Legal Basis for Processing

We process your data on the following legal bases under UK GDPR:

  • Contract: processing necessary to provide the service you signed up for (account management, purchases, payouts).
  • Legitimate interests: improving the Platform, detecting fraud, and maintaining security.
  • Consent: marketing emails and non-essential cookies, where you have opted in.
  • Legal obligation: retaining transaction records for tax and legal compliance.

5. Who We Share Your Data With

We do not sell your personal data. We share data only with trusted third-party services necessary to operate Pixelbook:

  • Supabase - database and authentication infrastructure.
  • Stripe - payment processing and seller payouts.
  • Vercel - hosting and deployment infrastructure.
  • Resend - transactional and notification emails.
  • Google - OAuth authentication if you choose to sign in with Google.

All third-party providers are required to handle your data securely and in accordance with applicable data protection law.

We may disclose your data if required by law, court order, or to protect the rights and safety of Pixelbook, its users, or others.

6. How Long We Keep Your Data

  • Account data: retained while your account is active and for 2 years after deletion, in case of disputes.
  • Transaction records: retained for 7 years to comply with HMRC requirements.
  • Waitlist data: retained until you unsubscribe or request deletion.
  • Usage analytics: retained in aggregated, anonymised form indefinitely.

7. Cookies

We use the following cookies:

  • Essential cookies: required for authentication and keeping you logged in. These cannot be disabled.
  • Preference cookies: remember your theme (light/dark) and display preferences.
  • Analytics cookies: help us understand how the Platform is used. Only set with your consent.

You can manage cookie preferences in your browser settings. Disabling essential cookies will prevent you from logging in.

8. Your Rights Under UK GDPR

You have the right to:

  • Access the personal data we hold about you.
  • Rectify inaccurate or incomplete data.
  • Erase your data (the “right to be forgotten”), subject to legal retention requirements.
  • Restrict processing of your data in certain circumstances.
  • Data portability - receive your data in a structured, machine-readable format.
  • Object to processing based on legitimate interests.
  • Withdraw consent at any time for processing based on consent (e.g. marketing emails).

To exercise any of these rights, email us at privacy@pixelbook.io. We will respond within 30 days. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

9. Data Security

We use industry-standard security measures including encrypted connections (HTTPS), secure authentication, and access controls to protect your data. However, no system is completely secure and we cannot guarantee absolute security.

In the event of a data breach that is likely to affect your rights and freedoms, we will notify you and the ICO as required by law.

10. International Transfers

Some of our third-party providers (including Supabase, Stripe, and Vercel) may process data outside the UK. Where this occurs, we ensure appropriate safeguards are in place, such as standard contractual clauses approved by the ICO.

11. Children's Privacy

Pixelbook is not directed at children under 16. We do not knowingly collect personal data from anyone under 16. If you believe a child has provided us with personal data, please contact us at privacy@pixelbook.io and we will delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users by email of any material changes. The date at the top of this page will always reflect the most recent update.

13. Contact

For any privacy-related questions or to exercise your rights, contact us at privacy@pixelbook.io.