GDPR Privacy Policy
Last updated: September 13, 2025
This Privacy Policy describes how Pixelongate ("we", "us", or "our") collects, uses, stores, and protects personal data in accordance with the General Data Protection Regulation (EU) 2016/679 ("GDPR"). By using our platform at pixelongate.com, you acknowledge the practices described in this document.
1. Data Controller
Pixelongate acts as the data controller for personal data collected through this platform. If you have any questions regarding the processing of your personal data, you may contact us at:
Email: help@pixelongate.com
Phone: +380573705166
Address: Korol'ova St, 46, Zhytomyr, Zhytomyr Oblast, Ukraine, 10001
2. Personal Data We Collect
We collect personal data that you voluntarily provide and data that is automatically generated when you use our platform.
2.1 Data You Provide Directly
| Category | Examples | Purpose |
|---|---|---|
| Identity data | Full name, username | Account creation and identification |
| Contact data | Email address, phone number | Communication and support |
| Account credentials | Password (hashed), security settings | Authentication and security |
| Payment data | Billing address, transaction identifiers | Processing purchases |
| Profile data | Learning preferences, progress records | Personalised platform experience |
| Communications | Support requests, feedback submissions | Customer service and improvement |
2.2 Data Collected Automatically
| Category | Examples | Purpose |
|---|---|---|
| Technical data | IP address, browser type, device identifiers | Security, fraud prevention |
| Usage data | Pages visited, features used, session duration | Platform analytics and improvement |
| Cookie data | Session tokens, preference cookies | Functionality and analytics |
3. Legal Bases for Processing
We process your personal data only where a valid legal basis exists under Article 6 of the GDPR.
| Legal Basis | When We Rely on It |
|---|---|
| Contract performance (Art. 6(1)(b)) | Providing access to courses, processing payments, managing your account |
| Legitimate interests (Art. 6(1)(f)) | Platform security, fraud prevention, product analytics, improving our services |
| Legal obligation (Art. 6(1)(c)) | Compliance with applicable laws, responding to lawful requests |
| Consent (Art. 6(1)(a)) | Marketing communications, optional analytics cookies |
4. How We Use Your Personal Data
We use the personal data we collect for the following purposes:
— To create and manage your account on the platform
— To deliver course content, assignments, and interactive exercises
— To process payments and issue receipts or invoices
— To send transactional messages such as registration confirmations and password resets
— To respond to inquiries submitted through support channels
— To send marketing communications where you have given explicit consent
— To monitor and improve platform performance and user experience
— To detect, investigate, and prevent fraudulent or unauthorised activity
— To fulfil any applicable legal or regulatory obligations
5. Data Retention
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected or as required by applicable law.
| Data Type | Retention Period |
|---|---|
| Account data | Duration of account plus 3 years after closure |
| Transaction records | 7 years for accounting and legal compliance |
| Support communications | 3 years from the date of last contact |
| Marketing consent records | Until consent is withdrawn plus 1 year |
| Technical and usage logs | 13 months on a rolling basis |
When data is no longer required, it is securely deleted or anonymised so that it can no longer be associated with you.
6. Data Sharing and Third Parties
We do not sell your personal data. We may share data with trusted third parties only where necessary and under appropriate contractual safeguards.
6.1 Categories of Recipients
Service providers: We engage third-party processors for hosting infrastructure, payment processing, email delivery, and analytics. All processors are bound by data processing agreements requiring GDPR-compliant handling.
Legal authorities: We may disclose data to competent authorities when required by law, court order, or to protect the rights and safety of our users or the public.
Business transfers: In the event of a merger, acquisition, or asset sale, personal data may be transferred as part of that transaction. Affected users will be notified in advance where legally required.
6.2 International Transfers
Where personal data is transferred outside the European Economic Area, we ensure that appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission, adequacy decisions, or other lawful transfer mechanisms.
7. Your Rights Under GDPR
As a data subject under the GDPR, you have the following rights with respect to your personal data:
| Right | Description |
|---|---|
| Right of access (Art. 15) | Request a copy of the personal data we hold about you |
| Right to rectification (Art. 16) | Request correction of inaccurate or incomplete data |
| Right to erasure (Art. 17) | Request deletion of your data where no legitimate basis remains |
| Right to restriction (Art. 18) | Request that we limit the processing of your data in certain circumstances |
| Right to data portability (Art. 20) | Receive your data in a structured, machine-readable format |
| Right to object (Art. 21) | Object to processing based on legitimate interests or for direct marketing |
| Right to withdraw consent | Withdraw consent at any time without affecting prior processing |
| Right to lodge a complaint | File a complaint with the competent supervisory authority |
To exercise any of these rights, please contact us at help@pixelongate.com. We will respond within 30 days. In complex cases, this period may be extended by a further two months, and you will be informed of any such extension.
We may need to verify your identity before processing your request.
8. Cookies and Tracking Technologies
Our platform uses cookies and similar technologies to ensure functionality, analyse usage, and where consented, to support marketing activities.
8.1 Types of Cookies We Use
| Type | Purpose | Legal Basis |
|---|---|---|
| Essential cookies | Session management, authentication, security | Contract / Legitimate interest |
| Functional cookies | User preferences, language settings | Legitimate interest |
| Analytics cookies | Platform usage statistics and performance monitoring | Consent |
| Marketing cookies | Targeted communications and retargeting | Consent |
You may manage or withdraw cookie consent at any time through your account settings or browser controls. Withdrawing consent for non-essential cookies will not affect your ability to use core platform features.
9. Data Security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, alteration, or disclosure. These measures include:
— Encryption of data in transit using TLS protocols
— Encryption of sensitive data at rest
— Access controls and role-based permissions for internal staff
— Regular security assessments and vulnerability testing
— Incident response procedures aligned with GDPR notification requirements
In the event of a personal data breach that is likely to result in risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and inform affected users without undue delay where required by law.
10. Children's Privacy
Our platform is not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data without appropriate consent, please contact us at help@pixelongate.com and we will take steps to delete such data promptly.
11. Automated Decision-Making
We do not make decisions solely based on automated processing, including profiling, that produce legal effects or similarly significant effects concerning you. Where any automated processing is used for personalisation or recommendations, it does not constitute a solely automated decision as defined under Article 22 of the GDPR.
12. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, platform features, or applicable law. When we make material changes, we will notify registered users by email and update the "Last updated" date at the top of this page. We encourage you to review this policy periodically.
Continued use of the platform after notification of changes constitutes acceptance of the updated policy.
13. Contact and Complaints
For any questions, concerns, or requests related to this Privacy Policy or the processing of your personal data, please contact us:
Email: help@pixelongate.com
Phone: +380573705166
Address: Korol'ova St, 46, Zhytomyr, Zhytomyr Oblast, Ukraine, 10001
You also have the right to lodge a complaint with the supervisory authority responsible for data protection in your country of residence or place of work. We would, however, appreciate the opportunity to address your concerns directly before you approach any authority.
This policy was last reviewed and updated on September 13, 2025.