Last Updated on May 14, 2019
We are committed to protecting the privacy of any information and personal
data that are entrusted to Pixel
Actions Ltd. All data we collect, and process are handled with transparency. Personal data we
collect and
process are subject to the requirements of the client and the services we will be providing to him, as stated
in our agreement.
For all information and personal data we gather, we make sure that it is always provided a description to you,
of what information is collected, their purpose, when and how this information is used, as well as who has
access to them and for how long. Moreover, we keep you informed on your rights in relation to your data and we
provide contact details for additional information or queries.
This is an overview of how Pixel Actions Ltd processes information and personal data and acknowledges your
rights under the Law 125(I)/2018 and the EU General Data Protection Regulation (GDPR).
For our privacy policy to be fully comprehensive to everyone please refer to the following definitions, as
given in the general provisions of the GDPR:
-
“personal data” means any information relating to an identified or identifiable natural
person (“data subject”); an identifiable natural person is one who can be identified,
directly or indirectly, in particular by reference to an identifier such as a name, an identification
number, location data, an online identifier or to one or more factors specific to the physical,
physiological, genetic, mental, economic, cultural or social identity of that natural person.
-
“processing” means any operation or set of operations which is performed on personal data
or on sets of personal data, whether or not by automated means, such as collection, recording,
organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by
transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure
or destruction.
-
“controller” means the natural or legal person, public authority, agency or other body
which, alone or jointly with others, determines the purposes and means of the processing of personal data;
where the purposes and means of such processing are determined by Union or Member State law, the
controller or the specific criteria for its nomination may be provided for by Union or Member State law.
-
“processor” means a natural or legal person, public authority, agency or other body which
processes personal data on behalf of the controller.
-
“third party” means a natural or legal person, public authority, agency or body other
than the data subject, controller, processor and persons who, under the direct authority of the controller
or processor, are authorised to process personal data.
To whom this privacy policy applies?
This notice is addressed to natural persons or authorized representatives of legal entities or natural persons
that are either past, current or potential customers of Pixel Actions Ltd.
We acknowledge to you how we process and protect your personal data when:
- we provide any services to you or to our clients
- you visit or use our website, or,
- we hold any other activities that form part of the operation of Pixel Actions Ltd.
What personal information we collect, when and how we process them
We collect personal data through email, telephone, message or in writing. We only collect and process your
data when it is allowed by law. Most commonly, we use these personal data in the following circumstances:
- Prior to signing an agreement, we use personal data such as name, email, contact number, mobile number
for the purpose of contacting you and preparing your proposal.
- We may collect some personal data through our Website. Please refer to our cookie policy for further
information.
- We also collect personal data (such as name, email, phone numbers) via a separate Consent Form, after
signing an agreement with you in order to be able to perform our obligations under the contract that we
will enter with you.
- While under a Contractual agreement with you we store these data and use them to perform our obligations
(such as contacting you through transaction emails) under the agreement.
- When we have a non-directly contractual relationship with you and we obtain your personal data by our
client, we take all necessary actions to ensure that the procedures followed by our client are fully
compliant with the privacy laws and regulations relevant to that information. Furthermore, the client (in
this paragraph referred to as the controller) is requested to sign an agreement with Pixel Actions Ltd (in
this paragraph referred to as the processor) prior to processing any personal data. The personal data that
we will collect on behalf of the controller may vary depending on the nature of the services that we will
provide to the client. The subject matter, the duration of the processing, the nature and purposes of the
processing and the type of personal data, are stated in the agreement between Pixel Actions Ltd and the
controller. Pixel Actions Ltd takes all measures in order to meet the requirements of Law 125(I)/2018 and
the EU General Data Protection Regulation and we can provide sufficient guarantees for the security of the
processing to the data controller if requested.
- We may ask for your consent when we wish to collect personal data for providing marketing information to
you in relation to our services. You can withdraw your consent to such processing at any time by
contacting [email protected] or by clicking “Unsubscribe” in our marketing communications.
Change on Purpose
We only use personal data for the purpose for which it was collected. In case we need to use your personal
data for another purpose we will notify you and explain the relevant legal basis which allows us to do so. We
may also process personal data without your prior consent, in compliance with the above policy, when required
or permitted by law.
Erasure
Personal data collected are held by Pixel Actions Ltd for as long as there is a legally binding relationship
between Pixel Actions Ltd and the client. When the contractual agreement with a client is terminated, all the
client’s personal data held by Pixel Actions Ltd is erased, unless any legally binding obligations remain open
and when there is a retention period that is required by law.
Special Data Categories
We do not obtain or process personal data that belong to the “sensitive” or “special categories” of personal
data such as health or ethnic data.
Disclosure to third parties
We may disclose your personal data to third-parties in the following cases:
- We may provide hosting for your data via a third-party hosting partner.
- We may provide personal data to third-party service providers that facilitate the managing, storing,
collection and analysis of data and the provision and use of our services.
- We may disclose your data to third-party marketing and business development service providers.
- In case it is required by law to disclose your personal data or if we have to fulfil any legal
obligations in order to comply with the law.
- In order to enforce any terms, conditions or agreements.
- Please note that in case you use our site or payment portal for payments you are directly disclosing
your data to our payment processing partner and that makes you the controller.
The third-parties to whom we disclose your personal data will have previously set their own privacy policies
and we will have assessed whether they are compliant with the privacy laws and regulations in effect. It is
our policy to only disclose your data to third-parties that are fully compliant with the law and to ensure
that your privacy rights are protected.
If you wish to have the full list of third-parties to whom we might disclose your data, please send us your
request by email at [email protected].
What are the third-parties who might receive your data?
We use these partners for some of Pixel Actions’ processes that are not part of our area of expertise but are
crucial to our customers having a quality experience. Here is the list of third-parties:
Zoho |
Business analysis & Customer payments |
Godaddy |
Domain provider |
Mailchimp |
Marketing & customer interactions |
Hubspot |
Marketing & customer interactions |
Google |
Site analytics |
Basecamp |
Business organization tool |
Paypal |
Customer payments |
Freshdesk |
Customer support |
Data Security Measures
Pixel Actions Ltd minimizes collection of personal data that are necessary for its operation. Additionally, we
use a combination of physical, electronic and managerial measures to ensure that we keep your personal data
secure, accurate and up to date. These measures include:
- Staff education and training to ensure that they are aware of their privacy obligations when handling
personal data
- Restriction of access to personal data on a ‘need to know’ basis using administrative and technical
controls
- Technological security measures such as encryption
- Physical security measures such as security alarm system in our premises
What are the rights of data subjects?
Under GDPR you have the right to:
- Receive access to your personal data. This allows you to request a copy of the personal data
we hold
about you and to check that we are lawfully processing it.
- Request correction of the personal data we hold about you. You may complete and/or correct
any
incomplete or inaccurate personal data.
- Request erasure of your personal data. You may request from us to erase your personal data
when there is
not a valid reason for us to keep processing it. You also have the right to request data erasure even when
you have previously exercised your right to object to data processing (refer to Object to processing
point)
- Object to processing of your personal data, including profiling, where we rely on a
legitimate interest
(or those of a third party) and there is something about your specific situation which makes you want to
object to processing on this ground. You also have the right to object where we are processing your
personal data for direct marketing purposes. In case you object to processing for direct marketing
purposes, then we shall stop the processing of your personal data for such purposes.
- Request the restriction of processing of your personal data. With this right you may to ask
us to
suspend the processing of your personal data, for example if you want us to establish its accuracy or the
reason for processing it.
- Request to receive a copy of your personal data in a format that is structured and commonly
used.
- Withdraw your consent with regards to the processing of your personal data for certain
purposes at any
time.
- Request transfer of your personal data to another party.
Right to complain
You have the right to lodge a complaint at any time in case you are not satisfied with the way we have handled
your personal data or if you have a privacy query or request. For this you can contact us by email at [email protected].
Changes to this privacy policy
We may modify or amend this privacy policy from time to time. We encourage you to periodically review this
policy to be informed about how we are protecting your information. The modified or amended privacy policy
will be in effect from the revision date stated at the top of this page.