Privacy Policy

1. Introduction

PixGuard ("we", "our", or "us") respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, disclose, and safeguard your information when you use our copyright detection service.

2. Information We Collect

2.1 Personal Information

When you register via Google OAuth, we collect:

• Email address
• Full name
• Google profile picture URL
• Google user ID (OAuth identifier)

2.2 Image Data

When you analyze images, we collect:

• Image hashes (perceptual, average, difference, wavelet hashes) - NOT the full image
• EXIF metadata (if present)
• Image dimensions and file size
• Analysis results (copyright matches, risk scores)
• Timestamp of analysis

Important: We do NOT permanently store your uploaded images. We only store cryptographic hashes for caching purposes.

2.3 Usage Data

• Credit balance and transaction history
• Scan history (website URLs scanned, timestamps)
• Login timestamps
• Browser type and device information
• IP address (for security purposes)

2.4 Payment Information

Payment processing is handled by Paddle. We store:

• Paddle transaction IDs
• Purchase amounts and dates
• Credit package purchased

We do NOT store credit card numbers or payment details. These are handled securely by Paddle.

3. How We Use Your Information

We use your information to:

• Provide the service: Process image analyses, manage credits, maintain accounts
• Caching: Store image hashes to provide free re-scans of previously analyzed images
• Improve ML models: Use anonymized analysis data to train and improve our detection algorithms
• Customer support: Respond to inquiries and resolve issues
• Security: Detect fraud, abuse, and unauthorized access
• Legal compliance: Comply with laws and regulations
• Communications: Send service updates, security alerts (no marketing emails without consent)

4. Data Sharing and Disclosure

We do NOT sell your personal data. We may share information with:

4.1 Service Providers

• Google: For OAuth authentication
• Paddle: For payment processing
• Microsoft Clarity: For behavioral analytics (see below)
• Hosting providers: Render (backend), Vercel (frontend)
• Database providers: Neon (PostgreSQL), Redis Cloud

4.2 Microsoft Clarity

We partner with Microsoft Clarity to capture how you use and interact with our website through behavioral metrics, heatmaps, and session replay to improve and market our products/services. Website usage data is captured using first and third-party cookies and other tracking technologies to determine the popularity of products/services and online activity. Additionally, we use this information for site optimization and fraud/security purposes. For more information about how Microsoft collects and uses your data, visit the Microsoft Privacy Statement.

4.3 Legal Requirements

We may disclose information if required by law, court order, or to:

• Comply with legal obligations
• Protect our rights and property
• Prevent fraud or security threats
• Protect user safety

5. Data Retention

We retain your data for as long as:

• Your account is active
• Necessary to provide services
• Required by law (tax records: 7 years)

Image hashes: Retained indefinitely for caching efficiency, but not linked to specific users after account deletion.

6. Your Rights (GDPR/CCPA)

You have the right to:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate data
• Erasure: Request deletion of your data ("right to be forgotten")
• Portability: Receive your data in machine-readable format
• Opt-out: Unsubscribe from marketing emails (we don't send them unless you opt-in)
• Objection: Object to data processing for specific purposes

To exercise these rights, contact us at: [email protected]

7. Security

We implement industry-standard security measures:

• HTTPS encryption for all data transmission
• JWT tokens for authentication
• Encrypted database connections
• Regular security audits
• Access controls and monitoring

However, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

8. Cookies, Tracking, and Consent

We use:

• Essential cookies: Authentication tokens and session management (required)
• Analytics cookies: Microsoft Clarity for behavioral analytics (requires consent)

How we obtain consent:

• Authenticated users: By creating an account and accepting our Terms of Service, you consent to the use of analytics technologies including Microsoft Clarity.
• Anonymous visitors: A cookie consent banner is displayed on the site. Analytics cookies are only loaded after you accept. You may decline, and the site will function normally without analytics.

You can withdraw consent at any time by clearing your browser cookies and localStorage, or by contacting us. See our Cookie Policy for details.

9. Children's Privacy

PixGuard is not intended for users under 18. We do not knowingly collect data from children. If we discover we have collected data from a child, we will delete it immediately.

10. International Data Transfers

Your data may be transferred to and processed in countries outside your residence. We ensure appropriate safeguards are in place (e.g., Standard Contractual Clauses for GDPR compliance).

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or through the service. Continued use after changes constitutes acceptance.

12. Contact Us

For privacy-related questions or to exercise your rights:

Email: [email protected]