Privacy Policy

Effective as of: November 9, 2025

Dear User,

We make every effort to ensure the security and confidentiality of your data. We care about your privacy when you visit our website, register an account, use our AI image generation services, and contact us. We act in compliance with the rule of law, including provisions of the Regulation (EU) 2016/679 (GDPR).

Who is the Controller of Your Personal Data?

The administrator of your personal data is Bilberry, operating the Pixel platform.

If you have any questions or concerns, you can contact us electronically at: contact@pixel.bilberry.pro

How Do We Access Your Personal Data?

When using Pixel, you may be asked to provide your personal data. The provision of data is voluntary, but in certain situations, it may be necessary. For instance:

  • If you do not provide your email address, we cannot register your account
  • Without authentication, you cannot access our AI image generation services
  • We cannot respond to your inquiries without contact information

Some data is collected automatically through cookies during your visit to the website (e.g., IP address, browser type, operating system). This data is used to administer the website and provide services. However, you can block cookies using your browser settings.

For What Purpose, on What Legal Basis, and for How Long Do We Process Your Data?

1. To Provide Our Services

Purpose: Account registration and maintenance, AI image generation, storing generated images, order processing

Legal basis: Performance of contract (Article 6(1)(b) of the GDPR)

Retention period: Until account deletion or service termination. Generated images are stored for 30 days.

2. To Comply with Legal Obligations

Purpose: Tax obligations, accounting records (if applicable in the future)

Legal basis: Legal obligation (Article 6(1)(c) of the GDPR)

Retention period: Until expiry of prescription periods for tax obligations

3. To Determine, Pursue, and Defend Claims

Purpose: Protection of our rights in legal proceedings

Legal basis: Legitimate interests (Article 6(1)(f) of the GDPR)

Retention period: Until expiry of prescription periods for claims

4. Website Functionality and Analytics

Purpose: Ensure proper website functioning, analyze user activity, improve services

Legal basis: Legitimate interests (Article 6(1)(f) of the GDPR)

Retention period: Until effective objection is raised or purpose is achieved

5. Communication and Customer Support

Purpose: Answer questions via email, contact forms, or support channels

Legal basis: Legitimate interests (Article 6(1)(f) of the GDPR)

Retention period: Until expiry of prescription periods for claims

6. Marketing Purposes

Purpose: Promotion of services, newsletters (if you subscribe)

Legal basis: Consent (Article 6(1)(a) of the GDPR) or legitimate interests

Retention period: Until consent is withdrawn or effective objection is raised

Remember: We process your personal data only as long as necessary to achieve the purposes stated above, unless you request deletion. The retention period may be subject to applicable legal provisions.

Who May Be a Recipient of Your Personal Data?

In certain situations, we may share your data with external entities. We require all recipients to guarantee adequate data protection and confidentiality.

The recipients of your personal data may be:

  • IT service providers: Hosting services, cloud storage providers, system maintenance
  • Payment processors: If paid services are introduced in the future
  • Analytics providers: Tools to analyze website activity (e.g., Google Analytics)
  • OAuth providers: Google and Facebook for authentication services
  • Communication tools: Email service providers, support systems
  • Authorized state authorities: When required by applicable law
  • Other entities: Where justified under applicable laws

Do We Transfer Personal Data to Third Countries?

We use services provided by entities such as Google and Facebook, which are based in the United States and may process personal data using servers located outside the European Economic Area (EEA).

We ensure that these entities apply compliance mechanisms provided by the GDPR (e.g., certificates) or standard contractual clauses adopted by the European Commission (Article 46(2)(c) of the GDPR).

For more information on data processing by these entities, please visit their respective privacy policies.

Do We Profile Your Personal Data?

We may profile your data to improve our services. This involves using data such as your activity on the website to assess potential interest in our AI image generation features.

Profiling allows us to personalize content and improve user experience. However, we do not make automated decisions that could have legal consequences for you.

The information processed is used to improve service quality and does not affect the terms and conditions of service provision.

What Personal Data Do We Process?

We may collect and process the following categories of personal data:

  • Account data: Email address, name (if provided), password (encrypted)
  • OAuth data: Profile information from Google or Facebook (name, email, avatar)
  • Usage data: Images uploaded, prompts/descriptions provided, generated images
  • Technical data: IP address, browser type, device information, cookies
  • Communication data: Messages sent through contact forms or support channels

Do We Use Cookies?

Yes, we use cookies – short text files stored on your device that can be read by our system and systems of third parties whose services we use (Google, Facebook).

Why we use cookies:

  • Collect anonymous data about visits to improve website functionality
  • Maintain your login session
  • Identify errors and improve user experience
  • Marketing and analytics purposes

Web browsers allow cookies by default. However, you can block or restrict cookies using your browser settings. Please note that disabling cookies may cause difficulties in using the website or restrict its functionality.

How Do We Protect Your Data?

To ensure a high level of protection, we use technical and organizational measures, including:

  • Encryption: HTTPS/TLS protocol for data transmission
  • Secure authentication: Password hashing, OAuth integration
  • Access control: Only authorized personnel can access personal data
  • Regular backups: To prevent data loss
  • Security monitoring: Regular security assessments and vulnerability tests
  • Data center security: Physical and digital protection mechanisms
  • Incident response: Procedures to mitigate risks and react to potential breaches
  • Staff training: Ensuring confidentiality commitments from authorized personnel

What Rights Do You Have?

As a data subject, you have the following rights:

  • Access: Right to access your personal data
  • Rectification: Right to correct inaccurate personal data
  • Erasure: Right to delete your personal data ("right to be forgotten")
  • Restriction: Right to restrict processing of your personal data
  • Objection: Right to object to processing of personal data
  • Data portability: Right to receive your data in a structured, commonly used format
  • Withdraw consent: Right to withdraw consent at any time (where processing is based on consent)
Important: Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

To exercise any of these rights, contact us at: contact@pixel.bilberry.pro

We will respond to your request without delay, but no later than within one month of receipt. If the request is complex, we may extend this period by two months and will inform you of such extension.

How Can You File a Complaint?

If you believe that your personal data is processed contrary to applicable law, you have the right to file a complaint with a supervisory authority.

In Poland, the supervisory authority is the President of the Office for Personal Data Protection (UODO).

Does Using the Website Involve Sending Logs to the Server?

Yes. Using the website involves sending queries to the server, which are recorded in server logs.

Server logs include: IP address, date and time, browser information, and operating system.

The data stored in server logs are not associated with specific users and are used solely to administer the website. Log content is not disclosed to anyone except persons authorized to administer the server.

Data Retention for Generated Images

Images you upload and images generated by our AI service are stored for 30 days from the date of creation.

After 30 days, images may be automatically deleted from our servers. We recommend downloading and backing up any images you wish to retain.

When you delete your account, all associated data, including uploaded and generated images, will be permanently deleted within 30 days.

Can We Amend This Privacy Policy?

Yes. Personal data protection is an ongoing process that we adapt to meet current needs and changing technology.

Our Privacy Policy may be supplemented or amended. We will inform you of changes by posting on the website, and in the event of material changes, we will send separate notices to registered users by email.

Continued use of the service after changes take effect constitutes acceptance of the updated Privacy Policy.

Contact Us

If you have any questions about this Privacy Policy or how we process your personal data, please contact us at:

Email: contact@pixel.bilberry.pro

We are committed to protecting your privacy and will respond to your inquiries promptly.

Last updated: November 9, 2025

This Privacy Policy is effective as of the date stated above and applies to all users of Pixel.