PixandFlow - AI Banner Ad Generation Platform Logo

PixandFlow

← Back to Home

Privacy Policy

Effective as of 21 October 2025

Overview

Your privacy is important to us.

This Privacy Policy describes the privacy practices of CANVERSI SRL ("PixandFlow", "we", "us") in connection with the use of our Services, as defined in our Terms and Conditions. It explains how we collect, use, process and share personal data of current or potential customers, service providers, or partners, in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

This Policy applies to customers, prospects, service providers, and partners who visit or use our websites, applications, social media accounts or other online services (together, the "Sites").

Please read this Policy carefully to understand our practices. If you do not wish your personal information to be processed in accordance with this Privacy Policy, you should not use our Services.

1. Data Controller

The data controller is CANVERSI SRL, with registered office at Str. Zimbrului nr. 4, bl. PRIMA, et. 2, ap. 26, Mun. Oradea, Jud. Bihor, Romania. Company Registration Number (CUI): 49265566.

2. What Personal Data We Collect

Depending on your relationship with PixandFlow, we may collect the following categories of information:

(a) Information you provide directly, such as name, email address, phone number, profession, company details or payment information, for the purpose of account creation, authentication, subscription management, and communication.

(b) Information collected automatically, such as IP address, device information, browser type, usage patterns, and site interaction data. We use third-party analytics tools (including Google Analytics) to understand browsing behaviour and improve Services.

(c) Information collected through cookies and similar technologies, which may store user preferences or authentication data. You can disable cookies in your browser settings, though some Services may not function properly without them.

(d) Information obtained from third parties, such as integration partners, publicly available sources, or social media profiles, where lawful.

3. Legal Basis for Processing

We process personal data on the following grounds:

(a) Performance of a contract, including provision of Services, subscription billing, account management and support. (b) Legitimate interest, such as service improvement, security monitoring, and fraud prevention. (c) Consent, where required, for example in marketing communications. (d) Compliance with legal obligations under EU and national law.

4. Who Has Access to Your Data

We do not sell or rent your personal data. Access is restricted to: (a) PixandFlow employees who require the information for service delivery; (b) third-party service providers acting on our behalf (such as hosting, payment processing, CRM, analytics, and support providers), bound by contractual confidentiality and data protection obligations; (c) public authorities where disclosure is legally required; (d) parties involved in a merger, acquisition or sale of assets, subject to adequate safeguards.

5. International Data Transfers

We primarily process data within the European Union. If data is transferred outside the EU/EEA, PixandFlow ensures adequate safeguards under GDPR, such as Standard Contractual Clauses (SCCs) or equivalent protections.

6. Data Retention

We retain personal data only as long as necessary for the purposes described in this Policy. Unless otherwise required by law or justified by legitimate business needs, personal data is generally retained for up to three (3) years from the end of the contractual or commercial relationship, after which it is deleted or anonymized.

7. Your Rights

As a data subject under GDPR, you have the following rights:

(a) Right of access, to know whether your personal data is being processed. (b) Right to rectification of inaccurate or incomplete personal data. (c) Right to erasure ("right to be forgotten"), subject to legal limitations. (d) Right to restriction of processing in certain cases. (e) Right to data portability, to receive your data in a structured, commonly used format. (f) Right to object to processing, including direct marketing. (g) Right to withdraw consent at any time, where processing is based on consent.

Requests may be submitted to hello@pixandflow.com or by post to our company address. We will respond within 30 days in accordance with GDPR and may request proof of identity before fulfilling certain requests.

8. Data Security and Breach Notification

We apply appropriate technical and organisational measures to ensure the confidentiality, integrity, and availability of your personal data, following international best practices and principles inspired by ISO 27001.

In case of a personal data breach likely to result in a risk to your rights and freedoms, PixandFlow will notify the competent supervisory authority within 72 hours and, where applicable, inform the affected individuals without undue delay.

9. Children's Data

The Services are not intended for individuals under the age of eighteen (18). We do not knowingly collect personal data from minors. If we become aware that we have processed personal data from anyone under 18, we will delete such data without delay.

10. Automated Decision-Making

We do not make decisions based solely on automated processing, including profiling, which produce legal effects concerning you or significantly affect you.

11. Links to Other Websites

Our Sites may contain links to third-party websites. This Privacy Policy applies only to PixandFlow's Services, and we are not responsible for the privacy practices of other websites.

12. Supervisory Authority

You may lodge a complaint with the National Supervisory Authority for Personal Data Processing (Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal), headquartered at B-dul G-ral. Gheorghe Magheru 28-30, Sector 1, 010336 Bucharest, Romania, or by email at anspdcp@dataprotection.ro.

13. Compliance with the GDPR

For users in the European Economic Area (EEA), our processing of personal data complies with the General Data Protection Regulation (GDPR). This means we collect and process data on lawful bases, apply principles of transparency, purpose limitation and data minimisation, and uphold your data subject rights. Where transfers occur outside the EEA, we rely on SCCs or other appropriate safeguards. Our staff are trained in GDPR compliance and we provide timely, secure support for data subject requests.

14. California Consumer Privacy Rights

If you are a resident of California, you are entitled to certain rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA). These include the right to know what personal information we collect, use, disclose, or sell; the right to request deletion of your personal data; the right to opt out of any sale of personal information; and the right not to be discriminated against for exercising these rights. While PixandFlow does not sell personal information for monetary gain, some sharing or tracking may qualify as a "sale" under California law. To exercise these rights, please contact hello@pixandflow.com. We may verify your identity before processing requests.

15. Amendments

This Privacy Policy may be updated from time to time. We will notify you of material changes through our Sites or by email, ensuring that notice reaches you in due time.

16. Contact

For any questions about this Privacy Policy or your personal data, you may contact us at:

CANVERSI SRL
CUI: 49265566
Str. Zimbrului nr. 4, bl. PRIMA, et. 2, ap. 26, Mun. Oradea, Jud. Bihor, Romania.
Email: hello@pixandflow.com