and Data Controller
3117, 1 Apriliou,47 Demetriou Building 2, 1st floor, Flat Office 12,
USING THE APPLICATION, YOU HEREBY WARRANT AND REPRESENT THAT (I) YOU
OVER 13 YEARS OF AGE (OR ARE A PARENT OR GUARDIAN WITH SUCH AUTHORITY
UNDER 13 YEARS OF AGE), AND (III) IF YOU ARE ACTING ON BEHALF OF YOUR
EMPLOYER OR AN ENTITY, YOU HAVE THE AUTHORITY TO ACCEPT AND AGREE TO
means Pixelgram: pixel color number, a coloring mobile application,
that is also the mean by which the Personal Data of the User is
collected and processed.
Controller" (or "Owner") means the natural or legal
person, public authority, agency or other body which, alone or
jointly with others, determines the purposes and means of the
processing of Personal Data, including the security measures
concerning the operation and use of the Application. The Data
Controller, unless otherwise specified, is the Owner of the
Processor" means the natural or legal person, public
authority, agency or other body which processes Personal Data on
Subject" means the natural person to whom the Personal Data
Data" (or "Data") means any information that
directly, indirectly, or in connection with other information –
including a personal identification number – allows for the
identification or identifiability of a natural person.
Data" means information collected automatically through the
Application (or third-party services employed in the Application),
which can include: the IP addresses or domain names of the
computers utilized by the Users who use the Application, the URI
addresses (Uniform Resource Identifier), the time of the request,
the method utilized to submit the request to the server, the size
of the file received in response, the numerical code indicating the
status of the server's answer (successful outcome, error, etc.),
the country of origin, the features of the operating system
utilized by the User, the various time details per visit (e.g., the
time spent on each page within the Application) and the details
about the path followed within the Application with special
reference to the sequence of pages visited, and other parameters
about the device operating system and/or the User's IT environment.
means the individual using the Application who, unless otherwise
specified, coincides with the Data Subject.
means the service provided by the Application as described in it
and in the relative terms (if available).
otherwise specified, all references made within this document to
the European Union include all current member states to the
European Union and the European Economic Area.
of Data collected
Among the types of Personal
Data that this Application collects, by itself or through third
parties, there are: Usage Data, various types of Data and unique
device identifiers for advertising (IDFA, for example).
Personal Data may be freely
provided by the User, or, in case of Usage Data, collected
automatically when using the Application.
specified otherwise, all Data requested by the Application is
mandatory and failure to provide this Data may make it impossible
for the Application to provide the Service. In cases where the
Application specifically states that some Data is not mandatory,
Users are free not to communicate this Data without consequences to
the availability or the functioning of the Service.
Users who are uncertain about
which Personal Data is mandatory are welcome to contact the Owner.
Any use tracking tools by the
Application or by the owners of third-party services used by this
Application serves the purpose of providing the Service required by
responsible for any third-party Personal Data obtained, published
or shared through the Application and confirm that they have the
third party's consent to provide the Data to the Owner.
We do not
collect and we are not responsible for the collection or security
of payment details. Payment information is processed and stored
using third-party companies (such as Apple and Google). These
companies can be contacted though their websites:
. Before entering your personal details, we suggest that you read
processing the Data
Methods of processing
takes appropriate security measures to prevent unauthorized access,
disclosure, modification, or unauthorized destruction of the Data.
processing is carried out using computers and/or IT enabled tools,
following organizational procedures and modes strictly related to
the purposes indicated. In addition to the Owner, in some cases,
the Data may be accessible to certain types of persons in charge,
involved with the operation of this (administration, sales,
marketing, legal, system administration) or external parties (such
as third-party technical service providers, mail carriers, hosting
providers, IT companies, communications agencies) appointed, if
necessary, as Data Processors by the Owner. The updated list of
these parties may be requested from the Owner at any time.
basis of processing
may process Personal Data relating to Users if one of the following
of Data is necessary for the performance of an agreement with the
User and/or for any pre-contractual obligations thereof;
is necessary for compliance with a legal obligation to which the
Owner is subject;
is necessary for the purposes of the legitimate interests pursued
by the Owner or by a third party.
case, the Owner will gladly help to clarify the specific legal
basis that applies to the processing, and in particular whether the
provision of Personal Data is a statutory or contractual
requirement, or a requirement necessary to enter into a contract.
Data shall be processed and stored for as long as required by the
purpose they have been collected for. Therefore:
Data collected for purposes related to the performance of a
contract between the Owner and the User shall be retained until
such contract has been fully performed.
Data collected for the purposes of the Owner’s legitimate
interests and compliance with a legal obligation to which the
Owner is subject shall be retained as long as needed to fulfill
may be obliged to retain Personal Data for a longer period whenever
required to do so for the performance of a legal obligation or upon
order of an authority.
retention period expires, Personal Data shall be deleted.
Therefore, the right to access, the right to erasure, the right to
rectification and the right to data portability cannot be enforced
after expiration of the retention period.
The purposes of Personal Data
The purposes of Personal Data
processing are as follows:
To provide the Service.
For remarketing and behavioral
This type of service allows the Application and its partners to
inform, optimize and serve advertising based on past use of the
Application by the User. This activity is performed by tracking
Usage Data that
is transferred to the partners that manage the remarketing and
behavioral targeting activity. The User may opt out of these
by visiting the Network
Advertising Initiative opt-out page.
The User may
also opt out from remarketing
and behavioral targeting provided by Facebook, as
The Owner may also provide User
with information of commercial or promotional nature concerning
other Owner`s products.
Data transfer to third
The Owner may share Personal
Data with service providers for analytical, advertising and other
purposes so that the Owner can better consider new features or
otherwise tailor or enhance the Service, particularly:
Amazon Web Services (AWS)
(Amazon Web Services, Inc.)
Amazon Web Services is a
hosting and backend service provided by Amazon.com Inc. Personal
Data collected: various types of Data as specified in the privacy
policy of the service. Place of processing: Ireland – Privacy
Appsflyer (AppsFlyer Ltd).
Appsflyer is an analytics service provided by AppsFlyer Ltd.
Personal Data collected: Cookies and Usage Data. Place of
processing: Israel – Privacy
Facebook Analytics for Apps
(Facebook, Inc.) Facebook Analytics for Apps is an analytics service
provided by Facebook, Inc. Personal Data collected: Usage Data and
service. Place of processing: United States – Privacy
Privacy Shield participant.
Firebase Performance Monitoring
(Google Inc.) Firebase Performance Monitoring is a monitoring
service provided by Google, Inc. Personal Data collected: various
Place of processing: United States – Privacy
Google Analytics for Firebase
(Google Inc.) Google Analytics for Firebase or Firebase Analytics is
an analytics service provided by Google Inc. In order to understand
Google's use of Data, consult Google's
This Application uses identifiers for mobile devices (including
Advertising Identifier for iOS) and technologies similar to cookies
to run the Firebase Analytics service. Users may opt-out of certain
Firebase features through applicable device settings, such as the
device advertising settings for mobile phones or by following the
instructions in other Firebase related sections of this privacy
policy, if available. Personal Data collected: Cookies, unique
device identifiers for advertising (IDFA, for example) and Usage
Data. Place of processing: United States – Privacy
Data transfer outside the EU
The Owner may transfer Personal
Data to Data Processors around the world in accordance with this
transferred to the United States, Israel and Ukraine for the
are necessary to provide the Service to the User.
The Owner is allowed to
transfer Personal Data collected within the EU to third countries
(i.e. any country not part of the EU) only pursuant to a specific
legal basis. Any such Data transfer is based on one of the legal
bases described below:
Data transfer abroad based on
standard contractual clauses. If this is the legal basis, the
transfer of Personal Data from the EU to third countries is
carried out by the Owner according to "standard contractual
clauses" provided by the European Commission. This means that
Data recipients have committed to process Personal Data in
compliance with the data protection standards set forth by EU data
protection legislation. For further information, Users are
requested to contact the Owner through the contact details
provided in the present document.
Data transfer abroad based on
consent. If this is the legal basis, Personal Data of Users shall
be transferred from the EU to third countries only if the User has
explicitly consented to such transfer, after having been informed
of the possible risks due to the absence of an adequacy decision
and appropriate safeguards. In such cases, the Owner shall inform
Users appropriately and collect their explicit consent via this
Data transfer from the EU to
the U.S based on Privacy Shield. If this is the legal basis, the
transfer of Personal Data from the EU or Switzerland to the US is
carried out according to the EU - U.S. Privacy Shield. In
particular, Personal Data is transferred to services that
self-certify under the Privacy Shield framework and therefore
guarantee an adequate level of protection of such transferred
information about Personal Data
declare themselves to be adult according to their applicable
legislation. Minors may use the Application only with the
assistance of a parent or guardian. Under no circumstance persons
under the age of 13 may use the Application.
Application may send push notifications to the User.
rights of EU Users
from the European Union ("EU Users") may exercise certain
rights regarding their Data processed by the Owner. In particular,
EU Users have the right to do the following:
to processing of their Data. EU Users have the right to object to
the processing of their Data.
their Data. EU Users have the right to learn if Data is being
processed by the Owner, obtain disclosure regarding certain
aspects of the processing and obtain a copy of the Data undergoing
and seek rectification. EU Users have the right to verify the
accuracy of their Data and ask for it to be updated or corrected.
the processing of their Data. Where Personal Data is processed for
legitimate interests, f. e. for direct marketing purposes pursued
by the Owner, EU Users may object to such processing by providing
a ground related to their particular situation to justify the
their Personal Data deleted or otherwise removed. EU Users have
the right, under certain circumstances, to obtain the erasure of
their Data from the Owner.
their Data and have it transferred to another controller. EU Users
have the right to receive their Data in a structured, commonly
used and machine readable format and, if technically feasible, to
have it transmitted to another controller without any hindrance.
This provision is applicable provided that the Data is processed
by automated means and that the processing is based on a contract
which the EU User is part of or on pre-contractual obligations
complaint. EU Users have the right to bring a claim before their
competent data protection authority.
requests to exercise EU User rights can be directed to the Owner
through the contact details provided in this document. These
requests will be addressed by the Owner as early as possible and
always within one month.
information about Data collection and processing
User's Personal Data may be used for legal purposes by the Owner in
court or in the stages leading to possible legal action arising
from improper use of the Application or the related Service.
declares to be aware that the Owner may be required to reveal
personal data upon request of public authorities.
System logs and maintenance
operation and maintenance purposes, the Application and any
third-party services may collect files that record interaction with
the Application (system logs) use other Personal Data (such as the
IP address) for this purpose.
"Do Not Track" requests are handled
Application does not support "Do Not Track" requests. To
determine whether any of the third-party services it uses honor the
“Do Not Track” requests, please read their privacy policies.
time by giving notice to its Users on this page and possibly within
the Application and/or – as far as technically and legally
feasible – sending a notice to Users via any contact information
available to the Owner. If a User objects to any of the changes to
the policy, the User must cease using the Application and can
request that the Owner remove the Personal Data. Unless stated
Data the Owner has about Users.
Last updated: August 22, 2018