Privacy Policy

At Piktochart, we believe privacy matters.

Your Privacy Matters

This new policy came into effect on May 25th, 2018.

At Piktochart, we are committed to being transparent about the data we collect about you, why we collect it, how we process it, and who we share it with. We take the utmost care in handling your data and ensuring that your privacy is safeguarded.

By using our services, you consent to our use of your data as stated here in this privacy policy. The policy applies to any registered user, visitor to the Piktochart platform including the web application, website, blog pages, and any other service we provide.

1. Introduction

Through our updated privacy policy, that accounts for the new EU data laws regarding General Data Protection Regulation (GDPR), we aim to provide you with better ways to access your data, understand how it’s used, and choose whether or not to subscribe to certain communication materials we send your way. We hope the new policy is clear and easily digestible.

2. Information We Collect
2.1 Information You Provide Us
Registration

When creating an account with Piktochart, you provide the following details:

  1. Email Address – This is required to create a unique account in Piktochart for you to access the application.
  2. Name – This is used during communications in order to address you, and also to name your workspace within Piktochart so that you can differentiate between your personal and team workspace (if you are subscribed for one). Your name is also displayed in published visuals and is visible to people who can access them.
  3. Password – Along with your email, a password is required to authenticate and provide access to your Piktochart account. However, we do not store any passwords when you sign up or sign in using social media logins.
  4. Registering via Social Accounts – You can create an account with Piktochart using your social media accounts. We currently support social media login with Google or Facebook. When you choose to sign up using your social media account, we collect and store your email address and name from the social media platform along with an UID (unique ID received from the social media platform).
  5. Extended Profile – We collect your role, organization size and whether you belong to a non-profit organization. The role is used to help us design templates, provide tips, and design features that might be beneficial for that role. For example, knowing that we have registered users in a marketing role helps us develop templates for say social media marketing or marketing metrics reporting. Information on organization size helps guide our marketing efforts and design features that might help in collaboration as a part of the Piktochart For Teams plan. The non-profit indicator helps us direct you to discounted pricing plans if you choose to upgrade to a premium plan. It is up to you whether you want to provide this information. Providing this information helps you get more relevant templates, tailored tips to get your job done better, and over the long run, shape the features in the product that serve your needs better.
Billing

If you subscribe to any of the premium plans in Piktochart, then we collect your credit card details along with other billing information (like company name and address). These are required to authorize the payment to the premium plans and also to generate invoices. The credit card and other payment information is not stored within Piktochart. We encrypt the information and share it with the payment gateway to process the transaction.

Visitor

We place cookies on all of Piktochart’s pages to perform web analytics with the intention of improving site experience. Refer to the Cookie Policy section on what we track and collect. Visitors (who might be existing users of Piktochart) can subscribe to newsletters from our blog, download content, or unlock articles we create in collaboration with our partners by providing their contact information which includes email address and name. The collected data is used to send the requested content and/or newsletter and we do not sell this data to any third parties. In the case of unlocking content, you will be given an option to opt in to the communication coming from our partners.

Children Under 16

As a family friendly site, Piktochart has a zero tolerance to obscenity and nudity featured in any created visuals hosted on Piktochart.

In efforts to comply with the Children’s Online Privacy Protection Act (COPPA) and the European Union’s General Data Protection Regulation (GDPR), Piktochart’s products and services are directed only to people who are at least 13 years of age or older.

However, children under 16 years of age from the EU region, are not allowed to create a Piktochart account and to use the application for the time being. We may allow them to do so at the later stage with a parental consent as a requirement. Reach out to our support team to any clarifications on that matter.

2.2 Visual Creation and Sharing Information

You can use the Piktochart platform to create visuals in accordance with our Terms of Use. All content that you create within Piktochart including all the assets (images, icons) that you upload remain private to your account unless you choose to share it publicly or to specific team members (if you are on the Piktochart For Teams plan).

We access your content only when you give us explicit permission in order to resolve any issues you have within the application. Ultimately, you alone get to choose who will see your visuals and uploaded content.

2.3 Service Usage Data

For improvement purposes, we keep anonymous records of your Piktochart usage, including our website and blog pages. The records include data such as the number of visits and time spent on pages, interactions like clicks on buttons or links, as well as search terms.

Device information, and data on your operating system and web browser are also anonymously collected and aggregated to ensure the best performance of our site and app on various platforms.

Part of the above information is also temporarily stored in cookies.

Whenever you visit any of our pages, we receive the URL of the pages that you came from and the destination (Piktochart) page that you landed on. As part of the page request, we collect your IP address, proxy server, operating system, web browser and add-ons, device identifier and/or ISP and mobile data provider. This data is collected anonymously and aggregated without any personal information to attribute against.

2.4.1 What Are Cookies?

A cookie is a small file that the website saves to your device (a computer or a mobile device) for an extended period of time. Cookies help in remembering your preferences and actions over a period of time so you don’t have to keep entering them again when you visit the page again.

2.4.2 How We Use Cookies?

We use cookies to save your preferences and to perform basic web analytics to improve user experience.

2.4.3 Disabling Cookies

You can disable cookies by changing the settings on your web browser (Chrome and Firefox). However disabling cookies will result in disabling certain functionalities in Piktochart, since some of the functionalities require the use of cookies to work.

2.4.4 The Cookies We Set

We set and manage some cookies that are required for Piktochart to work properly. When you create an account with Piktochart, or visit any of Piktochart pages, we set a cookie. These cookies are used to remember your preferences once you have logged out.

If you are visitor of Piktochart, we use the cookies to know if you are a blog subscriber or registered with us for any other service.

2.4.5 Third Party Cookies

We also set cookies from trusted third parties (called third party cookies) to provide some functionality. Refer to the section 4.4 on the third parties that we work with.

These cookies are used to monitor and measure site performance, page visits, and support live chat with our sales and support teams.

We use social media buttons and/or plugins on our site to allow you to connect with us via your social accounts. Those plugins set their own cookies as outlined in their privacy policies.

Information about your use of our website is shared with trusted social media, advertising and analytics partners in order to customize content and advertising, to provide social media features and to analyze traffic to our website.

2.5 Support, Surveys & Service Cancellation Information

When you reach out to Piktochart support for assistance, we collect data about your application issue or feedback, as well as other information such as the title of your visual, or the last four digits of your credit card (to resolve billing and payment issues), to allow us to investigate any reported issues.

We store this interaction information for quality assurance purposes and to improve our customer support. We also store your responses and interactions as part of any user surveys, and feedback sessions. When you cancel your premium subscription, we collect data about cancellation reasons and any other feedback you provide us with.

2.6 Others

We often introduce new features, some of which may require the collection of new information. If we collect personal data that is different than previously stated, or change the way we process and share them, then we’ll amend our policies and ask you to provide consent as required.

3. How We Use Your Data

We use your personal data to let you to access the application, make payments, to create and share visuals.

3.1 Application Use

We use your personal data to authenticate and authorize you to use the application and access your created work within Piktochart. We do not use your created content in any way. You alone have ownership over your created content and you can use them as per our Terms of Use. Any payment information that you provide (for premium services) is used to bill your account for the use of premium services.

3.2 Communications

We will contact you to communicate about key account changes (including password reset, account deletion etc), billing reminders, invoices, to answer support queries, availability of services and outages, network updates or other service/application related issues, security updates, legal and policy updates. You cannot opt out of receiving these critical service, security and legal updates from us.

Apart from critical communication, we may reach out to notify you about the product updates and announcements (including new feature launches, changes to existing features or functionality, new template launches etc), send newsletters and other product and design tips via email, only if you have opted to receive them

We have two ways to communicate with you:

  1. In-App Notification
  2. Email
In-App Notification:

We can push notifications and messages to the notification center within the application that will be displayed when you are signed in. This communication is supported by a third party service called Intercom. We store your contact information, name, and some usage details (the subscription plan you are on, the number of visuals you have created, the date of last activity, etc.) with Intercom to be able to provide the relevant information through notifications. You cannot opt out of this notification within the app.

Email Communication:

We may contact you through email only if you have opted in to receive communication via this channel. Our email communication is also powered by Intercom. We store your contact information, name and some usage details (the subscription plan you are on, the number of visuals you have created, the date of last activity etc) with Intercom to be able to email you with the communication you have opted to receive.

As a registered user of Piktochart, you can change the email communication preferences and topics on which you want to receive communication about. As a visitor of Piktochart, you can change your communication preferences to the newsletters you might have subscribed to.

3.3 Marketing

We use data about our registered users and visitors to support communications and campaigns to promote membership, subscription, and engagement with our products and services. We do not sell your data to anyone.

3.4 Research & Development

We use data including qualitative feedback from registered users and public, collected via user interviews, surveys, polls or other means to conduct research and development to improve our products and services. You are not obligated to participate in these research processes and you can choose to provide your feedback in any way that is convenient to you.

3.5 Customer Support

We use your data including your usage, communications, and interactions with us to investigate, resolve and respond to any issues or complaints you have with our products or services. This data is also used for quality assurance and to improve our customer support processes.

3.6 Aggregate Insights

We generate insights by aggregating data that helps us improve our products and services. These results do not include any personal information and will not be used to identify you. For example, we may aggregate information about template usage that shows which templates are used the most and which are used the least. This data is aggregated from the templates that users choose on an individual basis. The aggregated data does not include any personal information about users who have chosen that template. Few other examples of aggregated results include the most common browsers used by our users, which features are commonly used and at what instances, as well as the typical workflows and interactions taken by users at an aggregate level.

3.7 Security & Investigation

We use your data including your communication and interaction with us to investigate security issues, violation of our terms of use and privacy policy, any fraudulent or harmful activities that affect our users, visitors, and the general public.

We also have an automated mechanism to detect publicly published visuals for spam and content that violate our terms of use.

4. How We Share Your Information
4.1 Account Information

Below is the information that is shared about your account profile:

  1. When you share a visual in password protected or public mode, the people who can see your visual will also be able to see your name.
  2. Your account information, including email address, name, role, organization size and non-profit organization indicator is shared with third-party services to provide the application services. Refer to the third party services section for the list of third parties that we share data with.
4.2 Team Account

If you are part of the Piktochart For Teams plan, then your email address and name will be visible to others in your team account.

4.3 Uploaded & Created Content
  1. The visuals that you create are by default private and accessible only by you. However, when you share your visual in password protected or public mode, they will be accessible by others. A visual that is shared in public mode will be searchable and indexable by search engines as well.
  2. The files (images, SVGs) that you upload into Piktochart are private and are accessible only from within the visual in which they are used provided the visual itself has been shared by you.
  3. We do not share your uploaded content or the visuals you create with anyone.
  4. Piktochart has a public showcase where we display some of our users’ created visuals as an inspiration for others. Only publicly shared visuals that meet our design standards are showcased. We display your publicly shared visual only with your consent in our showcase section and can also remove any of the visuals from our showcase without notifying you. If you make your showcased visual private,  password protected or delete it, it will be also be removed from our showcase.
  5. If you belong to a team account, then your visuals may be accessible by others in your team based on their roles and the permissions set for the visual. Refer to this article on how team member roles and visual permissions work.

We use third party services to help us provide some of our services (eg: web hosting, data storage, communication, customer support, payment, maintenance, development and analysis etc). These third parties will only have access to data relevant for the service they provide. They are obligated to not share with others or use your data for any other purposes. Below is a list of the third parties that we use and the data that we share with them:

 

Category Party Name & Product Why do we share? What do we share?
 Payment Processors  Paypal To allow payment processing, settlement and billing services.     Name, email, address, details of user funding instruments and payment transactions.
 Adyen
 Braintree
 2Checkout
  Customer Support & Satisfaction  Zendesk  To provide custom support and live chat service to our users.  Name, email address, user interactions and communications.
 Wootric  To provide customer satisfaction survey using NPS (Net Promoter Score) method.  Name, email, subscription plan, number of visuals created, number of files uploaded.
  Marketing & Communication  Intercom  To create, manage and execute marketing campaigns. To create segments based on user attributes. To communicate with our users via in-app and email messages.We use third-party analytics services to help understand your usage of our services. In particular, we provide a limited amount of your information (such as sign up date and some personal information like your email address) to Intercom, Inc. (“Intercom”). We also use Intercom to collect data for analytics purposes when you visit our website or use our product. As a data processor acting on our behalf, Intercom analyses your use of our website and/or product and tracks our relationship by way of cookies and similar technologies so that we can improve our services. For more information on Intercom’s use of cookies, please visit this page. We may also use Intercom as a medium for communications, either through email, or through messages within our product(s). As part of our service agreements, Intercom collects publicly available contact and social information related to you, such as your email address, gender, company, job title, photos, website URLs, social network handles and physical addresses, to enhance your user experience. For more information on the privacy practices of Intercom, please visit this page. Intercom’s services are governed by Intercom’s terms of use which can be found here. If you would like to opt out of having this information collected by or submitted to Intercom, please contact us.  Name, email, role, organisation size, non-profit organisation indicator, subscription plan, IP address, usage metrics (number of visuals created, number of uploads, number of transactions etc), usage and transaction events (templates accessed, date subscription cancelled, total revenue generated, last transaction description, date of last transaction, reason for cancellation/downgrading plans).
 Google  Google Forms to conduct user research, customer service and marketing surveys  Name, email, user responses and other information obtained from the survey.
Postmark App To send emails from our backend Email ID.
Facebook Ads & Pixel To personalise ads on Facebook to improve relevance. To measure conversion from FB Ads. Email ID.
Mailchimp To manage blog subscribers and sync their data with Intercom. Email ID, name.
Typeform To conduct user research, customer service, and marketing surveys. Name, email, subscription plan, role, user  responses and other information obtained from the survey.
LinkedIn Insight Tag & Pixel To personalise ads on LinkedIn to improve relevance. To measure conversion from LinkedIn Ads. Read more here.  Metadata such as IP address information, timestamp, and events (e.g. page views). All data is encrypted.
Hosting & Storage Amazon To host our application databases using Amazon RDS.  We also use Amazon S3 for file storage and backups.
Google To host our application databases using Google Cloud SQL. Additionally, we store temporary data in Google Cloud Storage for our image processing services. Data in Cloud Storage is automatically removed within 48 hours. Firebase to support the commenting module for team visuals. This is applicable for the users on the Team plan.
Analytics Google To perform web analytics on the Piktochart website and web application. For more information on this, visit this page. Cookies are used to collect anonymous data on site usage.
Application monitoring AppSignal Backend application monitoring. It includes stack traces and request headers that might contain PII.
Sentry Frontend Application monitoring. Edit Email id of the user as an hashed value.

 

4.5 Disclosure For Law Enforcement

We do not share your information with law enforcement agencies unless there is a court order that directs us to do so. In the event of a court order, we’ll notify you.

4.6 Change In Control or Sale

We will share your personal data in the event of a sale, merger, acquisition or change in control. Any entity that buys our business will have the right to use your data but will still be governed by this privacy policy.

5. Your Rights & Obligations
5.1 Rights to Access & Rectify Your Information

You are the owner of your data. Any data you share with us or create using the application is accessible to you at all times. You can access and change your profile, payment information, communication preferences and consent to the terms of use and privacy policy from the account settings within Piktochart. You can access, edit, change sharing options, and delete your visuals from the dashboard in Piktochart.

If you are a member or owner of a team account, you can perform the same tasks from the team settings and team dashboard pages.

As a visitor (blog subscriber) of Piktochart, you can change your subscription options from the visitor settings.

5.2 Rights to Limit or Restrict Processing

You can choose to change your consent for data processing and limit the processing from your account settings. However if you revoke your consent for processing that is required for the application to function, then you’ll have the option to download all your data and delete your account as part of revoking consent.

5.3 Right to Download Your Data

You can place a request with us to download all your personal data, uploaded assets, and created visuals. The personal data will be shared in standard csv or json format. Your uploaded assets will be made available in the same format that you uploaded them and your created visuals will be provided in json format. The json format of the visual is not a standard format that would be supported by other applications. For example, you won’t be able to upload your visual into another design software to recreate your visual. However this json format can be uploaded back into the Piktochart application to recreate your visual. You can download all your created visuals in supported formats from within the application as well.

5.4 Data Retention & Inactive Accounts

We do not retain your data any longer than necessary to provide you the services. We retain your data until your account is active and/or if it is on a paid subscription plan. If you are not on a paid subscription plan and your account is inactive for more than 12 months, then we reserve the right to deactivate your account after providing due notifications. After 30 days of providing the last reminder to use your account, we can delete your account if we do not receive any written request to retain the data or if there is no activity detected. As part of the deletion, we will also email you a copy of your data including the visual json data.

However, even after deletion, we may retain some personal data as mentioned in the section below.

5.5 Account Deletion

You can choose to delete your account at any time from your account settings. Deletion of your account will delete all data that we have about you in our systems and any data we have shared with our third parties as described under the section on “How We Share Your Information”. When you choose to delete your account, we do not automatically send you a downloadable copy of all your data. However, you could place a request to get a copy of your data here before deleting your account, or after you have deleted your account before the 14 days grace period ends.

Upon account deletion and/or request for data erasure, we’ll still retain a bare minimum of your personal data that is reasonably necessary to resolve any disputes, and to comply with legal and regulatory obligations. For example, as part of the regulatory compliance, we are required to maintain records of user consent to use and process their data and/or to delete their data. Therefore, we continue to store consent information and some relevant details about when that consent or deletion request was made.

6. Other Important Information
6.1 Lawful Processing

Our collection and processing of your personal data is based on lawful processing. Lawful basis for data processing includes explicit consent that you have provided us, and through contract with you (for example to carry out any contractual obligation that we may have entered with you), and for legitimate business interests that include providing you with our products and services.

Any consent that you provide can be revoked by you at any time. However, where legitimate business interests are concerned, you have the right to object to data collection and processing in which case we reserve the right to delete your account to comply with your objection to  having your data stored and processed.

6.2 Cross-Border Transfer of Data

We store and process data in and out of the United States and comply with processes to legally transfer data across borders. Countries where we process data may have different laws that are potentially not as protective as the ones in your home country.

6.3 Contacting Us

If you have any questions, complaints, or need clarification on this privacy policy, you can reach out to us online. If your complaints are not addressed through these channels, you have other options if you are from the EU region (EU Data Protection Authorities and Swiss Federal Data Protection and Information Commissioner (FDPIC)).