Privacy Policy

1. Information We Collect

We collect information in several categories depending on how you interact with our Services:

Personal Information You Provide

• Full name and business name
• Email address and phone number
• Business address and website URL
• Business descriptions, service offerings, and other content you provide for website generation
• Images, logos, and branding materials you upload
• Messages and communications you send through our contact form
• Phone call and SMS/text message records when you communicate with us by phone
• Account credentials (username and password)

Information Collected Automatically

• IP address and approximate geographic location
• Browser type, version, and operating system
• Device type and screen resolution
• Pages visited, time spent on pages, and navigation paths
• Referring website or source
• Click patterns, scroll behavior, and mouse movements (see Section 3)
• Date, time, and frequency of visits

2. How We Collect Information

We collect information through the following methods:

• Directly from you — when you create an account, fill out our website generation form, submit a contact inquiry, call us, text us, or otherwise communicate with us.
• Automatically — through cookies, analytics tools, and session replay technology when you browse pixlel.com (see Sections 3 and 6).
• From third-party services — we may receive information from payment processors (Stripe) and analytics providers (Google Analytics, PostHog) in connection with your use of the Services.

3. Analytics & Session Replay

Google Analytics

We use Google Analytics to collect standard usage data such as page views, traffic sources, geographic location, device information, and user behavior patterns. Google Analytics uses cookies to track your interactions with our website. Google may use this data in accordance with its own privacy policy.

PostHog Analytics & Session Replay

We use PostHog for product analytics and session replay on pixlel.com only (not on client-generated websites). PostHog collects:

• Page views, feature usage, and user flow data
• Click events, button interactions, and form engagement
• Custom event tracking related to your use of our platform features

Session Replay: On certain pages of pixlel.com, we use PostHog's session replay feature. Session replay captures a reconstruction of your browsing session by recording DOM (Document Object Model) changes, mouse movements, clicks, scrolls, and keyboard interactions. This is not a video recording of your screen — it is a data-based reconstruction of how you interacted with our website.

Session replay data may include:

• Mouse movements, clicks, and scroll positions
• Text typed into forms and input fields
• Page content visible during your session
• Elements you interact with (buttons, links, menus)
• Time spent on various parts of the page

We use session replay data solely to understand how users interact with our platform, identify usability issues, debug errors, and improve our product. Session replay data is not sold to third parties and is not used for advertising purposes.

4. AI Processing of Your Data

When you use our AI-powered website generation tools, the business information you provide (including business name, descriptions, services, location, and other content) is sent to third-party AI infrastructure providers that power our website generation engine.

You should be aware that:

• Your business information is transmitted to third-party AI infrastructure providers for processing in accordance with their respective data processing agreements.
• The AI-generated content (text, layout suggestions, design elements) is returned to Pixlel and stored as part of your website.
• Only the business information necessary for website generation is sent to the AI provider — we do not send your payment information or account password to AI systems.

5. How We Use Your Information

We use the information we collect for the following purposes:

• Provide our Services — to generate, host, and maintain your AI-powered website.
• Process payments — to charge subscription fees through our payment processor, Stripe.
• Communicate with you — to respond to inquiries, send service-related notifications, and provide customer support.
• Improve our platform — to analyze usage patterns, diagnose technical issues, and enhance the user experience using analytics and session replay data.
• Ensure security — to detect, prevent, and respond to fraud, abuse, security incidents, and technical issues.
• Comply with legal obligations — to meet applicable legal requirements, enforce our Terms of Service, and protect our rights.
• Connect your domain — to configure and manage custom domain connections for your website.

6. Cookies & Tracking Technologies

We use cookies and similar tracking technologies on pixlel.com to collect information and improve our Services. The types of cookies we use include:

• Essential cookies — required for the website to function properly, including session management, authentication, and security.
• Analytics cookies — used by Google Analytics and PostHog to understand how visitors interact with our website, including page views, traffic sources, and user behavior.
• Functional cookies — used to remember your preferences and settings, such as login status and language preferences.

You can manage cookie preferences through your browser settings. Most browsers allow you to refuse cookies or alert you when cookies are being sent. Please note that disabling cookies may affect the functionality of certain features of our website.

To opt out of Google Analytics tracking, you can install the Google Analytics Opt-Out Browser Add-on available at https://tools.google.com/dlpage/gaoptout.

7. Data Collected on Client Websites

Websites created and hosted through Pixlel may collect basic analytics data from visitors, including:

• Page views and pages visited
• Referring traffic source
• Browser type and device information
• Approximate geographic location (derived from IP address)

This data is used to provide website analytics to our Clients (the website owners) and to maintain the performance and security of hosted websites. Session replay is not used on client-generated websites.

Additionally, if a client's website includes forms (such as contact forms or inquiry forms), any personal information submitted by visitors through those forms is collected and stored on Pixlel's servers on behalf of the Client. The Client is the data controller for this information, and Pixlel acts as a data processor. Please refer to the individual client's privacy policy for information on how they handle your data.

Pixlel does not sell visitor data collected from client websites to third parties.

8. Third-Party Service Providers

We share information with the following third-party service providers who assist us in operating our platform. These providers only have access to the information necessary to perform their specific functions and are obligated to protect your data:

• Amazon Web Services (AWS) — Cloud hosting and infrastructure. Website data, account data, and generated websites are stored on AWS servers in the United States.
• Stripe — Payment processing. Stripe handles all payment card transactions. Pixlel does not store, process, or have access to your full credit card numbers (see Section 10).
• Google Analytics — Website analytics. Collects anonymized usage data about how visitors interact with pixlel.com.
• PostHog — Product analytics and session replay. Used on pixlel.com to track user interactions, feature usage, and record session replays for product improvement (see Section 3).
• Quo (formerly OpenPhone) — Business phone and SMS communications. When you call or text us, Quo processes your phone number and the content of your communications.
• Third-party AI providers — AI infrastructure used to power our website generation engine. Only business information necessary for website creation is shared with these providers (see Section 4).

We may also use additional internal tools and services to operate our platform. These tools are used solely for internal operations and do not share your data with external third parties beyond what is described in this Privacy Policy.

9. Disclosure of Your Information

Beyond the third-party service providers listed in Section 8, we may disclose your information in the following circumstances:

• Legal requirements — if required by law, subpoena, court order, or other legal process, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
• Business transfers — in connection with a merger, acquisition, reorganization, sale of assets, or bankruptcy, your information may be transferred to the acquiring entity.
• Protection of rights — to enforce our Terms of Service, investigate potential violations, or protect against legal liability.
• With your consent — we may disclose your information for any other purpose with your explicit consent.

We do not sell, rent, or trade your personal information to third parties for marketing or advertising purposes.

10. Payment Information

All payment transactions are processed through Stripe. When you provide payment information (credit card number, expiration date, CVV), that data is transmitted directly to Stripe using their secure, PCI-DSS compliant infrastructure.

Pixlel does not store, process, or have access to your full credit card numbers. We may receive and store limited payment information from Stripe, such as the last four digits of your card, card brand (e.g., Visa, Mastercard), expiration date, and billing address, for the purposes of displaying payment history and managing your subscription.

For more information on how Stripe handles your payment data, please review Stripe's privacy policy at https://stripe.com/privacy.

11. Data Retention

We retain your personal information for as long as necessary to provide the Services and fulfill the purposes described in this Privacy Policy. Specifically:

• Account and website data — retained for the duration of your active subscription and for thirty (30) days after account termination, after which it may be deleted.
• Analytics and session replay data — retained in accordance with our analytics providers' default retention periods (typically 12-24 months).
• Payment records — retained as required for accounting, tax, and legal compliance purposes.
• Communications — contact form submissions and support communications may be retained for up to 36 months.

When we no longer need your information, we will securely delete or anonymize it. If deletion is not possible (for example, because the data is stored in backup archives), we will securely store it and isolate it from further processing until deletion is possible.

12. Data Security

We implement commercially reasonable administrative, technical, and physical security measures to protect your personal information, including:

• Encryption of data in transit using TLS/SSL
• Secure cloud infrastructure hosted on AWS
• Access controls limiting employee access to personal data on a need-to-know basis
• Secure payment processing through PCI-DSS compliant Stripe infrastructure

While we take reasonable steps to protect your information, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security. You are responsible for keeping your account credentials confidential and for notifying us immediately if you suspect any unauthorized access to your account.

13. Your Privacy Rights

Depending on your location, you may have certain rights regarding your personal information. These may include:

• Right to access — request a copy of the personal information we hold about you.
• Right to correction — request that we correct inaccurate or incomplete personal information.
• Right to deletion — request that we delete your personal information, subject to certain legal exceptions.
• Right to opt out of tracking — opt out of non-essential cookies, analytics tracking, and session replay through your browser settings or by contacting us.
• Right to data portability — request a copy of your data in a structured, commonly used format.
• Right to withdraw consent — withdraw consent for data processing at any time where processing is based on consent.

To exercise any of these rights, please contact us through our website at pixlel.com/hello. We will respond to your request within thirty (30) days. We will not discriminate against you for exercising any of your privacy rights.

14. California Privacy Rights (CCPA)

If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with additional rights regarding your personal information:

• Right to know — you may request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources, the business purpose for collecting the information, and the categories of third parties with whom we share it.
• Right to delete — you may request the deletion of your personal information, subject to certain legal exceptions.
• Right to non-discrimination — we will not deny you services, charge different prices, or provide a different quality of service because you exercised your CCPA rights.
• No sale of personal information — Pixlel does not sell your personal information as defined by the CCPA. We do not sell personal information to third parties for monetary or other valuable consideration.

To submit a CCPA request, contact us at pixlel.com/hello. We may need to verify your identity before processing your request.

15. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR):

Legal Bases for Processing

We process your personal data based on the following legal grounds:

• Contract performance — processing necessary to provide you with our Services and fulfill our contractual obligations.
• Legitimate interests — processing necessary for our legitimate business interests, such as improving our platform, ensuring security, and preventing fraud, provided these interests are not overridden by your rights.
• Consent — where you have given consent for specific processing activities, such as non-essential analytics and session replay.
• Legal obligations — processing necessary to comply with applicable laws and regulations.

Your GDPR Rights

In addition to the general rights listed in Section 13, you have the right to:

• Restrict processing — request that we limit the processing of your personal data under certain circumstances.
• Object to processing — object to the processing of your personal data based on legitimate interests.
• Lodge a complaint — file a complaint with your local data protection supervisory authority.

International Data Transfers

Pixlel is based in the United States. If you are accessing our Services from outside the United States, your personal data will be transferred to and processed in the United States. By using our Services, you consent to this transfer. We rely on standard contractual clauses and other appropriate safeguards where required by applicable law to ensure adequate protection for international data transfers.

16. Children's Privacy

Our Services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at pixlel.com/hello and we will promptly delete such information from our systems.

17. Third-Party Websites

Our website and client websites may contain links to third-party websites, services, or resources. Pixlel is not responsible for the privacy practices, content, or security of any third-party websites. We encourage you to review the privacy policies of any external sites you visit. A link from our website does not imply endorsement of the linked site.

18. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. When we make changes, we will update the "Effective Date" at the top of this page and post the revised policy on our website. Your continued use of our Services after any changes constitutes your acceptance of the updated Privacy Policy. We encourage you to review this page periodically.

19. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

• Online: pixlel.com/hello
• Phone: (717) 895-9090

We will respond to all privacy-related inquiries within thirty (30) days.