GDPR Information

Last Updated: January 2025

1. About GDPR

The General Data Protection Regulation (GDPR) is a European Union law. It gives people control over their personal data. Even though we are based in Canada, we follow GDPR rules for all users.

This page explains your rights under GDPR and how to use them.

2. Data Controller

The data controller for Pop Color is:

  • Company: pixorafox.com
  • Address: 21 Elm Street, Toronto, ON M5G 1H1, Canada
  • Email: support@pixorafox.com

As data controller, we decide how and why your data is processed. We are responsible for keeping your data safe.

3. Your GDPR Rights

Under GDPR, you have these rights:

3.1 Right of Access

You can ask for a copy of your personal data. We will tell you:

  • What data we have about you
  • Why we have it
  • Who we share it with
  • How long we keep it

We will provide this within 30 days of your request.

3.2 Right to Correction

You can ask us to fix wrong data. If we shared wrong data with others, we will tell them about the fix.

3.3 Right to Deletion (Right to be Forgotten)

You can ask us to delete your data when:

  • We no longer need it
  • You withdraw consent
  • You object to processing
  • We processed it wrongly
  • Law requires deletion

We may keep some data if required by law.

3.4 Right to Restrict Processing

You can ask us to limit how we use your data when:

  • You dispute the data's accuracy
  • Processing is unlawful but you don't want deletion
  • We don't need the data but you need it for legal claims
  • You objected to processing and we are checking our grounds

3.5 Right to Data Portability

You can ask for your data in a common format. This lets you move it to another service. This applies to data you gave us that we process by consent or contract.

3.6 Right to Object

You can object to processing based on our legitimate interests. You can also object to direct marketing at any time. We will stop unless we have strong grounds to continue.

3.7 Rights Related to Automated Decisions

You have the right not to be subject to decisions based only on automated processing. This includes profiling that has legal or similar effects on you.

4. How to Use Your Rights

To use any of these rights, contact us:

Please include:

  • Your name
  • Your email address
  • Which right you want to use
  • Any details that help us find your data

We may ask for ID to verify your request. This protects your data from unauthorized access.

5. Response Time

We will respond to your request within 30 days. If your request is complex, we may need up to 60 more days. We will tell you if we need more time.

Most requests are free. We may charge a fee for repeated or excessive requests.

6. Consent

Where we process data based on consent, you can withdraw consent at any time. This does not affect processing done before withdrawal.

6.1 How to Withdraw Consent

You can withdraw consent by:

  • Using the cookie settings on our website
  • Changing app permissions on your device
  • Clicking "unsubscribe" in our emails
  • Emailing us at support@pixorafox.com

7. Managing Cookies

Our website uses cookies. You can manage them through:

7.1 Our Cookie Banner

When you first visit, you'll see a cookie banner. You can:

  • Accept all cookies
  • Reject non-essential cookies
  • Choose which types to allow

7.2 Cookie Settings

Click "Settings" in the cookie banner to choose:

  • Essential cookies (always on - needed for the site to work)
  • Analytics cookies (help us improve the site)
  • Marketing cookies (show relevant ads)

7.3 Browser Settings

You can also manage cookies in your browser:

  • Chrome: Settings - Privacy and Security - Cookies
  • Firefox: Settings - Privacy - Cookies
  • Safari: Preferences - Privacy - Cookies
  • Edge: Settings - Privacy - Cookies

8. Data We Collect

We collect these types of data:

  • Contact data (email, name) - when you contact us
  • Device data (type, OS) - to make the app work well
  • Usage data (features used) - to improve the app
  • Location data (country only) - for analytics

See our Privacy Policy for full details.

9. Legal Basis for Processing

We process your data based on:

  • Consent - for marketing and some analytics
  • Contract - to provide our services
  • Legal duty - to follow laws
  • Legitimate interest - to improve our app and prevent fraud

10. Data Transfers

Your data may be sent outside the EU/EEA. When this happens, we ensure protection through:

  • Standard Contractual Clauses approved by the EU
  • Adequacy decisions by the European Commission
  • Other valid transfer mechanisms

11. Data Retention

We keep your data only as long as needed:

  • Account data: Until you delete your account
  • Contact messages: 2 years
  • Analytics data: 26 months
  • Legal records: As required by law

12. Data Security

We protect your data with:

  • Encryption (TLS/SSL)
  • Secure servers
  • Access controls
  • Regular security audits
  • Staff training

13. Data Breaches

If a data breach affects your rights, we will:

  • Tell the authorities within 72 hours
  • Notify you without undue delay
  • Explain what happened and what we're doing

14. Children's Data

We do not knowingly collect data from children under 16 without parent consent (or lower age where local law allows). If you believe we have such data, contact us right away.

15. Third Parties

We share data with trusted partners who help run our services. All partners must:

  • Follow GDPR rules
  • Only use data as we direct
  • Keep data secure
  • Delete data when no longer needed

16. Changes to This Page

We may update this page. Check back for changes. The date at the top shows the last update.

17. Complaints

If you're unhappy with how we handle your data, you can:

  1. Contact us first at support@pixorafox.com
  2. Complain to your local data protection authority

In the EU, find your authority at: EDPB Members

18. Contact the Data Controller

For any GDPR questions or requests:

We respond to all GDPR requests within 30 days.