Legal
Privacy
PixlKey is built with a simple philosophy: process what you need, store as little as possible, and keep a clear, auditable trail for the artefacts you generate. This notice explains what we collect today, what we avoid collecting, and how we handle privacy while the site and app continue to evolve.
Scope
This Privacy Notice applies to the PixlKey public site (the documentation and informational pages) and the PixlKey App (the authenticated workspace used to process files). Where the experience differs, we call it out below.
Core principles
- Minimise collection — keep only what supports security, operations, and user workflows.
- Creator control — you choose what to submit beyond what’s required for an account and processing.
- No data brokering — we do not sell your personal information.
- Security-first posture — access controls, logging, and hardening are part of the design.
Status
PixlKey is in active development. This notice will be refined as features mature (for example: licence transfers, revocation workflows, and more formal retention controls).
Information we collect
PixlKey aims to collect only what’s necessary to operate the service safely and deliver the outputs you request. Depending on how you use the site and app, this may include:
Account information
- Email address (used for account access, service notices, and workflow events).
- Basic account metadata required to manage authentication and security.
Security and operational data
- IP address and related server logs (for security monitoring, abuse prevention, and troubleshooting).
- Event logging for actions taken within the app (to support reliability and auditability).
Artwork-derived data
- Thumbnails / preview images generated as part of the workflow (to support the UI and records).
- Artefacts you explicitly generate (e.g., watermarked derivatives, verification outputs, certificates).
Information you choose to provide
PixlKey may allow you to enter optional details such as notes, edition context, licensing parameters, or other descriptive fields. Anything beyond core operational needs is submitted voluntarily and is used to generate the outputs you request.
How we use information
- To provide PixlKey functionality (processing, exporting, and generating provenance-ready artefacts).
- To secure the platform (authentication, abuse prevention, monitoring, and incident response).
- To maintain reliability (debugging, error handling, performance tuning).
- To communicate service updates relevant to your account or workflow.
How we share information
We do not sell personal information. We may share limited information only when necessary to:
- Operate the service (for example, infrastructure providers that host the platform).
- Comply with legal obligations or respond to lawful requests.
- Protect PixlKey, creators, and the public from fraud, abuse, or security threats.
Retention
PixlKey’s goal is predictable retention: keep what’s required for operations, security, and your records — and avoid indefinite storage by default. In practice today, retention may include IP logs for security, account email for access, and generated thumbnails/previews and artefacts associated with your processing workflow.
As PixlKey matures, retention controls will be tightened and documented more precisely (including retention periods, deletion workflows, and export options where applicable).
Security
PixlKey is designed to be private, consistent, and secure. We use reasonable administrative, technical, and organisational safeguards to protect information. No system is perfectly secure, but hardening, access controls, and monitoring are treated as core requirements — not add-ons.
Your choices
- You can choose what optional information to submit.
- Share derivatives, keep originals private — PixlKey outputs are intended to support that model.
- If you have questions about your data, reach out and we’ll respond in good faith.
Questions
If you have privacy questions, concerns, or a request related to your information, contact us here: /public/site/legal/contact.php