Privacy Policy

At Piktostory, we believe privacy matters.

Please note that our privacy policy was last updated on July 26th 2021. All the links referring to account settings as well as resources were updated then.

At Piktostory, we are committed to being transparent about the data we collect about you, why we collect it, how we process it, and who we share it with. We take the utmost care in handling your data and ensuring that your privacy is safeguarded.

By using our services, you consent to our use of your data, as stated herein this privacy policy. The policy applies to any registered user, or a visitor to the Piktostory platform including the web application, website, and any other service we provide.

1. Introduction

We aim to provide you with better ways to access your data, understand how it’s used, and choose whether or not to subscribe to certain communication materials we send your way. We are also compliant with EU data laws regarding the General Data Protection Regulation (GDPR).

2. Information We Collect

2.1 Information You Provide Us

Information We Collect

When creating an account with Piktostory, you provide the following details:

  1. Email Address – This is required to create a unique account in Piktostory for you to access the application.
  2. Name – This is used during communications to address you.
  3. Password – Along with your email, a password is required to authenticate and provide access to your Piktostory account. However, we do not store any passwords when you sign up or sign in using social media logins.
  4. Registering via Social Accounts – You can create an account with Piktostory using your social media accounts. We currently only support social media login with Google. When you choose to sign up using your social media account, we collect and store your email address and name from the social media platform, as well as aUID (Unique ID, received from the social media platform).
Billing

Any and all payments for Piktostory’s subscription plan is conducted by our online reseller Paddle.com Market Limited (hereafter referred to as “Paddle”). Paddle is the Merchant of Record for all our orders. If you subscribe to any of Piktostory’s paid subscription plans, your credit card and other payment information are securely encrypted and safely stored by Paddle, in a fully PCI compliant storage solution, in order to process the transactions. Please review Paddle’s Privacy Policy and Terms of Use for more information on how your information is securely handled.

Visitor

We place cookies on all of Piktostory’s pages to perform web analytics with the intention of improving site experience. Refer to the Cookies section on what we track and collect.

Children Under 16

As a family-friendly site, Piktostory has a zero tolerance to obscenity and nudity featured in any created videos hosted on Piktostory. In efforts to comply with the Children’s Online Privacy Protection Act (COPPA) and the European Union’s General Data Protection Regulation (GDPR), Piktostory’s products and services are directed only to people who are at least 13 years of age or older. However, children under 16 years of age from the EU region are not allowed to create a Piktostory account and to use the application for the time being. We ensure that we keep up to date on compliance regulations, and for now, this means we need to exclude individuals from the EU who are under age of 16.

2.2 Video Creation and Sharing Information

You can use the Piktostory platform to create videos under our Terms of Use. All content that you create within Piktostory remains private to your account. We access your content only when you give us explicit permission to resolve any issues you have within the application. Ultimately, you alone get to choose who will see your videos and uploaded content.

2.3 Service Usage Data

For improvement purposes, we keep anonymous records of your Piktostory usage, including our website. The records include data such as the number of visits, and time spent on pages, interactions like clicks on buttons or links. Device information, and data on your operating system or web browser are also anonymously collected and aggregated to ensure the best performance of our site and app on various platforms. Part of the above information is also temporarily stored in cookies. Whenever you visit any of our pages, we receive the URL of the pages that you came from and the destination (Piktostory) page that you landed on. As part of the page request, we collect your IP address, proxy server, operating system, web browser and add-ons, device identifier and/or ISP and mobile data provider. This data is collected anonymously and aggregated without any personal information to attribute against.

2.4 Cookies

2.4.1 What Are Cookies?

A cookie is a small file that the website saves to your device (a computer or a mobile device) for an extended period of time. Cookies help in remembering your preferences and actions over a period of time so you don’t have to keep entering them again when you revisit the page.

2.4.2 How We Use Cookies?

We use cookies to save your preferences and to perform basic web analytics to improve user experience.

2.4.3 Disabling Cookies

You can disable cookies by changing the settings on your web browser (Chrome and Firefox). However, disabling cookies will result in disabling certain functionalities in Piktostory, since some of the functionalities require the use of cookies to work.

2.4.4 The Cookies We Set

We set and manage some cookies that are required for Piktostory to work correctly. When you create an account with Piktostory, or visit any of Piktostory pages, we set a cookie. These cookies are used to remember your preferences once you have logged out.

For more detailed information on the cookies we set and what they may be used for, please visit our Cookie Policy page.

2.4.5 Third Party Cookies

We also set cookies from trusted third parties (called third-party cookies) to provide some functionality. Refer to section 4.3 on the third parties that we work with. These cookies are used to monitor and measure site performance, page visits, and support live chat with our sales and support teams. We use social media buttons and/or plugins on our site to allow you to connect with us via your social accounts. Those plugins set their own cookies as outlined in their privacy policies. Information about your website’s use is shared with trusted social media, advertising and analytics partners to customize content and advertising, provide social media features, and analyze traffic to our website.

2.5 Support, Surveys & Service Cancellation Information

When you reach out to Piktostory support for assistance, we collect data about your application issue or feedback, as well as other information such as the title of your video, or the last four digits of your credit card (to resolve billing and payment issues), to allow us to investigate any reported issues. We store this interaction information for quality assurance purposes and to improve our customer support. We also store your responses and interactions as part of any user surveys and feedback sessions. When you cancel your premium subscription, we collect data about cancellation reasons and any other feedback you provide us with.

2.6 Others

We often introduce new features, some of which may require the collection of new information. If we collect personal data that is different than previously stated, or change the way we process and share them, then we’ll amend our policies and ask you to provide consent as required.

3. How We Use Your Data

We use your personal data to let you access the application, make payments, to create and share visuals.

3.1 Application Use

We use your personal data to authenticate and authorize you to use the application and access your created work within Piktostory. We do not use your created videos in any way. You alone have ownership over your created content and you can use them as per our Terms of Use.

3.2 Communications

We will contact you to communicate about key account changes (including password reset, account deletion, etc), to answer support queries, availability of services and outages, network updates or other service/application related issues, security updates, legal and policy updates. You cannot opt-out of receiving these critical services, security and legal updates from us.

3.3 Marketing

We use data about our registered users to support communications and campaigns to promote membership, subscription, and engagement with our products and services. We do not sell your data to anyone.

3.4 Research & Development

We use data including qualitative feedback from registered users and public, collected via user interviews, surveys, polls or other means to conduct research and development to improve our products and services. You are not obligated to participate in these research processes and you can choose to provide your feedback in any way that is convenient to you.

3.5 Customer Support

We use your data, including your usage, communications, and interactions with us to investigate, resolve and respond to any issues or complaints you have with our products or services. This data is also used for quality assurance and to improve our customer support processes.

3.6 Aggregate Insights

We generate insights by aggregating data that helps us improve our products and services. These results do not include any personal information and will not be used to identify you. Some examples of aggregated results include the most common browsers used by our users, which features are commonly used and at what instances, as well as the typical workflows and interactions taken by users at an aggregate level.

3.7 Security & Investigation

We use your data including your communication and interaction with us to investigate security issues, violation of our terms of use and privacy policy, any fraudulent or harmful activities that affect our users, visitors, and the general public.

4. How We Share Your Information

4.1 Account Information

Below is the information that is shared about your account profile:

  1. Your account information, including email address and name is shared with third-party services to provide the application services. Refer to the third party services section for the list of third parties that we share data with.

4.2 Uploaded & Created Videos

  1. The videos that you create are private and accessible only by you.
  2. The video files that you upload into Piktostory are private and are accessible only from within the app.
  3. We do not share your uploaded content or the videos you create with anyone unless you’ve given us explicit consent to do so.

4.3 Third Parties We Share Your Information With

We use third-party services to provide some of our services (e.g.: web hosting, data storage, communication, customer support, payment, maintenance, development, and analysis, etc.). These third parties will only have access to data relevant to the service they provide. They are obligated not to use your data for any other purposes. Below is a list of the third parties that we use and the data that we share with them:

Category Party Name & Product Why do we share? What do we share?
Payment Paddle To allow payment processing, settlement, billing services and notifications. Paddle is our online reseller and Merchant of Record for all payment transactions. For more information, see Paddle’s Privacy Policy. Email, country information (via IP address)
Geolocation Information eXTReMe To obtain country information in order to process payment orders in accordance to local taxation laws. For more information, see eXTReMe’s Terms and Privacy Policy. IP address
Customer Support Helpscout To provide customer support and live chat services to our users. Name, email address, user interactions and communications.
  Marketing & Communication Google Google Forms to conduct user research, customer service and marketing surveys Name, email, user responses and other information obtained from the survey.
Postmark App To send emails from our backend Name, and email.
Typeform To conduct user research, customer service, and marketing surveys. Name, email, subscription plan, role, user responses and other information obtained from the survey.
Hosting & Storage Google To host our application databases using Google Cloud SQL. Additionally, we store temporary data in Google Cloud Storage for our image processing services. Data in Cloud Storage is automatically removed within 48 hours. Firebase to support the commenting module for team visuals. This is applicable for the users on the Team plan.
Application monitoring Sentry Frontend Application monitoring. Edit Email id of the user as an hashed value.
Analytics Google To perform web analytics on the Piktostory website and web application. For more information on this, visit this page. Cookies are used to collect anonymous data on site usage.
MixPanel To perform web analytics on the Piktostory web application. For more information on this, visit this page. Feature usage and user behaviour tracking on the web application.

4.4 Disclosure For Law Enforcement

We do not share your information with law enforcement agencies unless there is a court order that directs us to do so. In the event of a court order, we’ll notify you.

4.5 Change In Control or Sale

We will share your personal data in the event of a sale, merger, acquisition or change in control. Any entity that buys our business will have the right to use your data but will still be governed by this privacy policy.

5. Your Rights & Obligations

5.1 Rights to Access & Rectify Your Information

You are the owner of your data. Any data you share with us or create using the application is accessible to you at all times. You can access and change your profile, and payment information from the account settings within Piktostory. You can access, edit, and delete your videos from the Piktostory application.

5.2 Rights to Limit or Restrict Processing

You can choose to change your consent for data processing and limit the processing from your account settings. However, if you revoke your consent for processing that is required for the application to function, then you’ll have the option to download all your data and delete your account as part of revoking consent.

5.3 Right to Download Your Data

You can place a request with us to download all your personal data, uploaded assets, and created videos. All these data will be shared with you in a portable and readable format.

5.4 Data Retention & Inactive Accounts

We do not retain your data any longer than necessary to provide you the services. We retain your data as long as your account is active (that you have logged in to the Editor). If your account is inactive for more than 12 months, then we reserve the right to deactivate your account after providing due notifications. Under the circumstances highlighted in the Terms of Use, we reserve the right to deactivate your account after providing due notifications. After 30 days of providing the last reminder to use your account, we can delete your account if we do not receive any written request to retain the data or if there is no activity detected. As part of the deletion, we will also email you a copy of your data. However, even after deletion, we may retain some personal data as mentioned in the section below.

5.5 Account Deletion

You can choose to delete your account at any time from your account settings. Deletion of your account will delete all data that we have about you in our systems and any data we have shared with our third parties as described under the section on “How We Share Your Information”. When you choose to delete your account, we do not automatically send you a downloadable copy of all your data. However, you could place a request to get a copy of your data via email before deleting your account, or after you have deleted your account before the 14 days grace period ends. Upon account deletion and/or request for data erasure, we’ll still retain a bare minimum of your personal data that is reasonably necessary to resolve any disputes, and to comply with legal and regulatory obligations. For example, as part of the regulatory compliance, we are required to maintain records of user consent to use and process their data and/or to delete their data. Therefore, we continue to store consent information and some relevant details about when that consent or deletion request was made.

6. Other Important Information

6.1 Changes to this Policy

We may modify our policy from time to time. We will notify the users by indicating the date of the last update at the top of the policy. Any changes to our policy will become effective upon posting. Use of the site, any of our products and services, and/or providing consent to the updated policy following such changes constitutes your acceptance of the revised policy then in effect. We store each version of our policy, and therefore, can share the previous version upon request.

6.2 Lawful Processing

Our collection and processing of your personal data is based on lawful processing. Lawful basis for data processing includes explicit consent that you have provided us. Through contract with you (for example to carry out any contractual obligation that we may have entered with you), and for legitimate business interests that include providing you with our products and services. Any consent that you provide can be revoked by you at any time. However, where legitimate business interests are concerned, you have the right to object to data collection and processing in which case we reserve the right to delete your account to comply with your objection to  having your data stored and processed.

6.3 Cross-Border Transfer of Data

We store and process data in and out of the United States and comply with processes to legally transfer data across borders. Countries where we process data may have different laws that are potentially not as protective as the ones in your home country.

6.4 Contacting Us

If you have any questions, complaints, or need clarification on this privacy policy, you can reach out to our support team at [email protected]. If your complaints are not addressed through these channels, you have other options if you are from the EU region (EU Data Protection Authorities and Swiss Federal Data Protection and Information Commissioner (FDPIC)) and through contacting our EU or UK representative below.

6.5 EU/UK Representative Information

If you have concerns about your personal data and we were not able to answer your query through our support email, and you live in either the EU or the UK, you can reach out to our representatives through the following channels.

EU Representative:

Ametros Ltd
Unit 3D
North Point Business Park
New Mallow Road
Cork
Ireland
[email protected]
http://www.ametrosgroup.com

UK Representative:

Ametros Group Ltd
Lakeside Offices, Thorn Business Park
Rotherwas Industrial Estate
Hereford
Herefordshire
England
HR2 6JT
[email protected]
http://www.ametrosgroup.com