Privacy Policy

At Piktochart, privacy matters.

Please note that our privacy policy was last updated on February 17, 2022. All the links referring to account settings as well as resources were updated then.

Your Privacy Matters

At Piktochart, we are committed to being transparent about the data we collect about you, why we collect it, how we process it, and who we share it with. We take the utmost care in handling your data and ensuring that your privacy is safeguarded.

The policy applies to any registered user and visitor to the Piktochart platform, including the web applications Piktochart Visual and Piktochart Video, the website, the blog pages, and any other service we provide. In this document, the web applications, the website, the blog pages, and any other service we provide may be referred to as “Piktochart”, “we”, “us”, or “our”.

All the visuals (infographics, presentations, reports, posters, flyers, social media graphics, etc.) and videos created within Piktochart are referred to as “content”.

Table of Contents

1. A Visual Summary
2. Introduction

Through our updated privacy policy, which accounts for the new EU data laws regarding General Data Protection Regulation (GDPR), we aim to provide you with better ways to access your data, understand how it’s used, and choose whether or not to subscribe to certain communication materials we send your way. We hope the new policy is clear and easily digestible.

3. Information We Collect
3.1 Information You Provide Us
Registration

When creating an account with Piktochart, you provide the following details:

  1. Email Address – This is required to create a unique account in Piktochart for you to access the application or access one of the services provided by Piktochart (webinars, collateral, courses, etc.)
  2. Name – This is used in communications to address you and to name your workspace within Piktochart so that you can differentiate between your personal and team workspace (if you are subscribed to one). Your user name is also displayed in published visuals and is visible to people who can access them.
  3. Password – Along with your email, a password is required to authenticate and provide access to your Piktochart account. However, we do not store any passwords when you sign up or sign in using social media logins.
  4. Registering via Social Accounts – You can create an account with Piktochart using your social media accounts. We currently support social media login with Google or Facebook. When you choose to sign up using your social media account, we collect and store your email address and user name from the social media platform along with a UID (unique ID received from the social media platform).
  5. Extended Profile – We collect your role, organization size, and whether you belong to a non-profit organization. The role is used to help us design templates, provide tips, and design features that might be beneficial for that role. It is up to you whether you want to provide this information. Providing this information helps you get more relevant templates, tailored tips to get your job done better, and over the long run, shape the features in the product that serve your needs better.
Billing

If you subscribe to any of the paid plans in Piktochart, then we collect your credit card details along with other billing information (like company name and address). These are required to authorize the payment to the paid plans and also to generate invoices. The credit card and other payment information are not stored within Piktochart. We encrypt the information and share it with the payment gateway to process the transaction.Payments for Piktochart’s subscription plans are conducted by our online reseller Paddle.com Market Limited (hereafter referred to as “Paddle”). Paddle is the Merchant of Record for all our orders. If you subscribe to any of Piktochart’s paid subscription plans, your credit card and other payment information are securely encrypted and safely stored by Paddle, in a fully PCI-compliant storage solution, in order to process the transactions. Please review Paddle’s Privacy Policy and Terms of Use for more information on how your information is securely handled.

Visitor

We place cookies on all of Piktochart’s pages to perform web analytics with the intention of improving the site experience. Refer to the Cookie Policy section on what we track and collect. Visitors (who might be existing users of Piktochart) can subscribe to newsletters from our blog, download content, or unlock articles we create in collaboration with our partners by providing their contact information which includes email address and name. The collected data is used to send the requested content and/or newsletter, and we do not sell this data to any third parties. In the case of unlocking content, you will be given an option to opt into the communication coming from our partners.

Children Under 16

As a family-friendly site, Piktochart has a zero-tolerance to obscenity and nudity featured in any created visuals or videos hosted on Piktochart. In efforts to comply with the Children’s Online Privacy Protection Act (COPPA) and the European Union’s General Data Protection Regulation (GDPR), Piktochart is directed only to people who are at least 13 years of age or older. However, children under 16 years of age from the EU region are not allowed to create a Piktochart account and to use the application for the time being. We ensure that we keep up to date on compliance regulations, and for now, this means we need to exclude individuals from the EU under the age of 16.

3.2 Visual Creation and Sharing Information

You can use Piktochart to create visuals and videos in accordance with our Terms of Use. All content that you create within Piktochart, including all the assets (images, icons, videos) that you upload, remain private to your account unless you share it publicly or with specific team members. We access your content only when you give us explicit permission to resolve any issues you have within the application. Ultimately, you alone get to choose who will see your visuals, videos, and uploaded content.

3.3 Service Usage Data

For improvement purposes, we keep anonymous records of your Piktochart usage, including our website and blog pages. The records include data such as the number of visits and time spent on pages, interactions like clicks on buttons or links, as well as search terms. Device information and data on your operating system and web browser are also anonymously collected and aggregated to ensure the best performance of our site and app on various platforms. Part of the above information is also temporarily stored in cookies. Whenever you visit any of our pages, we receive the URL of the pages that you came from and the destination (Piktochart) page that you landed on. As part of the page request, we collect your IP address, proxy server, operating system, web browser and add-ons, device identifier and/or ISP and mobile data provider. This data is collected anonymously and aggregated without any personal information to attribute against.

3.4.1 What Are Cookies?

A cookie is a small file that the website saves to your device (a computer or a mobile device) for an extended period. Cookies help in remembering your preferences and actions over a period of time, so you don’t have to keep entering them again when you revisit the page.

3.4.2 How We Use Cookies?

We use cookies to save your preferences and perform basic web analytics to improve user experience.

3.4.3 Disabling Cookies

You can disable cookies by changing the settings on your web browser (Chrome and Firefox). However, disabling cookies will result in disabling certain functionalities in Piktochart, since some of the functionalities require the use of cookies to work.

3.4.4 The Cookies We Set

We set and manage some cookies that are required for Piktochart to work properly. When you create an account with Piktochart, or visit any of Piktochart pages, we set a cookie. These cookies are used to remember your preferences once you have logged out. If you are visitor of Piktochart, we use the cookies to know if you are a blog subscriber or registered with us for any other service.

For more detailed information on the cookies we set and what they may be used for, please visit our Cookie Policy page.

3.4.5 Third Party Cookies

We also set cookies from trusted third parties (called third-party cookies) to provide some functionality. Refer to section 5.4 on the third parties that we work with. These cookies are used to monitor and measure site performance, page visits, and support live chat with our sales and support teams. We use social media buttons and/or plugins on our site to allow you to connect with us via your social accounts. Those plugins set their own cookies as outlined in their privacy policies. Information about your use of our website is shared with trusted social media, advertising and analytics partners to customize content and advertising, provide social media features, and analyze traffic to our website.

3.5 Support, Surveys & Service Cancellation Information

When you reach out to Piktochart support for assistance, we collect data about your application issue or feedback, as well as other information such as the title of your visual, or the last four digits of your credit card (to resolve billing and payment issues), to allow us to investigate any reported issues. We store this interaction information for quality assurance purposes and to improve our customer support. We also store your responses and interactions as part of any user surveys and feedback sessions. When you cancel your paid subscription, we collect data about cancellation reasons and any other feedback you provide us with.

3.6 Others

We update our practices from time to time and will update our privacy policy to make you aware of these changes.

4. How We Use Your Data

We use your personal data to let you access Piktochart, make payments, as well as create and share visuals or videos.

4.1 Application Use

We use your personal data to authenticate and authorize you to use the application and access your created work within Piktochart. We do not use your created content in any way. You alone have ownership over your created content and you can use them as per our Terms of Use. Any payment information that you provide (for paid services) is used for billing your account for the use of paid services.

4.2 Communications

We will contact you to communicate about key account changes (including password reset, account deletion, etc.), billing reminders, invoices, to answer support queries, availability of services and outages, network updates or other service/application related issues, security updates, legal and policy updates, etc. You cannot opt out of receiving these critical services, security and legal updates from us. Apart from critical communication, we may reach out to notify you about the product updates and announcements (including new feature launches, changes to existing features or functionality, new template launches, etc.), send newsletters and other product and design tips via email. We have two ways to communicate with you:

  1. In-App Notification
  2. Email
In-App Notification:

We can push notifications and messages to the notification center within the application that will be displayed when you are signed in. This communication is supported by a third-party service. We store your contact information, name, industry, and some usage details (the subscription plan you are on, the number of visuals you have created, the purpose of creating visuals, visual formats, the date of last activity, etc.) to be able to provide the relevant information through notifications. You cannot opt-out of this notification within the app.

Email Communication:

We may contact you through email. We store your contact information, name, industry, and some usage details (the subscription plan you are on, the number of visuals you have created, the purpose of creating visuals, visual formats, the date of last activity, etc.) with a third-party service to be able to email you. As a registered user of Piktochart or an email communication subscriber, you can change your email communication preferences.

4.3 Marketing

We use data about our registered users and visitors to support communications and campaigns to promote membership, subscription, and engagement with our products and services. We follow Data Privacy Agreement compliance which means that we do not send marketing-related messages to students who indicated their role as a student in our sign-up poll. We do not sell your data to anyone.

4.4 Research & Development

We use data, including qualitative feedback from registered users and public, collected via user interviews, surveys, polls, or other means to conduct research and development to improve our products and services. You are not obligated to participate in these research processes, and you can choose to provide your feedback in any way that is convenient to you.

4.5 Customer Support

We use your data, including your usage, communications, and interactions with us, to investigate, resolve and respond to any issues or complaints you have with our products or services. This data is also used for quality assurance and to improve our customer support processes.

4.6 Aggregate Insights

We generate insights by aggregating data that helps us improve our products and services. These results do not include any personal information and will not be used to identify you. For example, we may aggregate information about template usage that shows which templates are used the most and which are used the least. This data is aggregated from the templates that users choose on an individual basis. The aggregated data does not include any personal information about users who have chosen that template. Few other examples of aggregated results include the most common browsers used by our users, which features are commonly used and at what instances, as well as the typical workflows and interactions taken by users at an aggregate level.

4.7 Security & Investigation

We use your data including your communication and interaction with us to investigate security issues, violation of our Terms of Use and Privacy Policy, any fraudulent or harmful activities that affect our users, visitors, and the general public. We also have an automated mechanism to detect publicly published visuals for spam and content that violate our Terms of Use.

5. How We Share Your Information
5.1 Account Information

Below is the information that is shared about your account profile:

  1. When you share content in password-protected or public mode, the people who can see your content will also be able to see your user name.
  2. Your account information, including email address, name, role, industry, organization size, the purpose of creating content, formats, and non-profit organization indicator, is shared with third-party services to provide the application services. Refer to the third-party services section for the list of third parties that we share data with.
5.2 Team Account

If you have invited additional collaborators to your Piktochart account, your email address and name will be visible to them.

5.3 Uploaded & Created Content
  1. The content that you create is by default private and accessible only by you. However, when you share your content in password-protected or public mode, it will be accessible by others. Content that is shared in public mode will be searchable and indexable by search engines as well.
  2. The files (images, SVGs) that you upload into Piktochart are private and are accessible only from within the visual in which they are used, provided the visual itself has been shared by you. If your content is created within the Team dashboard, however, the uploaded files will be accessible to all team members. The video files that you upload are private and are accessible only from within the app.
  3. We do not share your uploaded content, the visuals, or the videos you create with anyone.
  4. Piktochart has a public showcase where we display some of our users’ created content as an inspiration for others. Only publicly shared content that meets our design standards is showcased. We reserve the right to remove any content from our showcase without notifying you. If you make your showcased content private,  password-protected, or delete it, it will also be removed from our showcase.
  5. Your content may be accessible by others in your team based on their roles and the permissions set. Refer to this article on how team member roles and permissions work.
5.4 Third Parties We Share Your Information With

We use third-party services to help us provide some of our services (e.g., web hosting, data storage, communication, customer support, payment, maintenance, development and analysis, etc.). These third parties will only have access to data relevant to the service they provide. They are obligated not to share with others or use your data for any other purposes. Below is a list of the third parties that we use and the data that we share with them:

Category Party Name & Product Why do we share? What do we share?
Payment Processors PayPal To allow payment processing, settlement, and billing services. Name, email, address, details of user funding instruments, and payment transactions
Paddle
Adyen
Geolocation Information eXTReMe To obtain country information in order to process payment orders in accordance with local taxation laws. For more information, see eXTReMe’s Terms and Privacy Policy. IP address
Customer Support & Satisfaction Help Scout To provide custom support and live chat service to our users Name, email address, user interactions and communications
EnjoyHQ To collect user research notes and findings Name, email address, user interactions and communications
Userpilot To deliver personalized in-app messages No personal data
Marketing & Communication HubSpot To create, manage and execute marketing and sales campaigns. To communicate with our users via email messages. We use third-party analytics services to help understand your usage of our services. In particular, we provide a limited amount of your information (such as signup date and some personal information like your email address) to HubSpot, Inc. and its Affiliate (“HubSpot”). We also use HubSpot to collect data for analytics purposes when you visit our website or use our product. As a data processor acting on our behalf, HubSpot analyzes your use of our website and/or product and tracks our relationship by way of cookies and similar technologies so that we can improve our services. For more information on HubSpot’s use of cookies, please visit this page. We may also use HubSpot as a medium for communications through email. For more information on the privacy practices of HubSpot, please visit this page. HubSpot’s services are governed by HubSpot terms of use which can be found here. If you would like to opt out of having this information collected by or submitted to HubSpot, please contact us. Name, email, role, organization size, non-profit organization indicator, subscription plan, IP address, usage metrics (number of visuals created, number of uploads, number of transactions, etc.), usage and transaction events (templates accessed, date subscription canceled, total revenue generated, last transaction description, date of the last transaction, reason for cancellation/downgrading plans)
Google Google Forms to conduct user research, customer service, and marketing surveys. Name, email, user responses, and other information obtained from the survey
Postmark App To send emails from our backend Email ID
Facebook Ads & Pixel To personalize ads on Facebook to improve relevance. To measure conversions from Facebook Ads. Email ID
Typeform To conduct user research, customer service, and marketing surveys Name, email, subscription plan, role, user responses, and other information obtained from the survey
Thinkific To connect with users who participate in the Design Certification course and acknowledge the completion. Name, email, visual design (upon submission)
LinkedIn Insight Tag & Pixel To personalize ads on LinkedIn to improve relevance. To measure conversions from LinkedIn Ads. Read more here. Metadata such as IP address information, timestamp, and events (e.g., page views). All data is encrypted.
Hosting & Storage Amazon To host our application databases using Amazon RDS. We also use Amazon S3 for file storage and backups.
Google To host our application databases using Google Cloud SQL. Additionally, we store temporary data in Google Cloud Storage for our image processing services. Data in Cloud Storage is automatically removed within 48 hours. Firebase to support the commenting module for shared content.
Analytics Google To perform web analytics on the Piktochart domain and web applications. For more information on this, visit this page. Cookies are used to collect anonymous data on site usage.
Mixpanel To perform web analytics on the Piktochart domain and web applications. For more information on this, visit this page. Feature usage and user behavior tracking on the web applications
Holistics To perform web analytics on the Piktochart domain and web applications. For more information on this, visit this page. Feature usage and user behavior tracking on the web applications
Application monitoring AppSignal Backend application monitoring. It includes stack traces and request headers that might contain PII.
Sentry Frontend Application monitoring. Edit Email id of the user as an hashed value.
5.5 Disclosure For Law Enforcement

We do not share your information with law enforcement agencies unless there is a court order that directs us to do so. In the event of a court order, we will notify you.

5.6 Change In Control or Sale

We will share your personal data in the event of a sale, merger, acquisition, or change in control. Any entity that buys our business will have the right to use your data but will still be governed by this Privacy Policy.

6. Your Rights & Obligations

Your Rights, Our Responsibility

Several rights are granted to you immediately upon providing us with your personal information; some of these are mentioned above. We would like you to know that at Piktochart, we take your rights seriously and will always conduct ourselves in a considerate way of our responsibility to serve your legal rights.

6.1 The Right of Access

This grants you the right to confirm whether or not your personal data is being processed and be provided with relevant details of what those processing operations are and what personal data of yours is being processed.

If you would like access to the personal data about you, we ask that you contact us using the details below.

6.2 The Right to Rectification

This one is relatively straightforward; if you notice that the data we have about you is inaccurate or incomplete, you may request we rectify the mistake. We will make every effort to respond to requests of this type immediately.

6.3 The Right to Erasure

Otherwise known as the ‘right to be forgotten, this gives you the right to request your personal data be deleted.

This is not an absolute right; if you were to request that we erase your personal data, we would erase as much of that data as possible but may have to retain some information if necessary.

Suppose we have received a request for personal data to be erased. In that case, if it is necessary for us to retain some of that information, we shall ensure that the remaining data is used only when and where it is essential.

6.4 The Right to Objection

The right to object is the fundamental freedom all democracies enjoy. If you wish to object to how we use or have used your personal data, you may do so freely.

6.5 The Right to Complain

We will always try to maintain the highest standards and encourage our customers’ confidence in us as an organization. To achieve this, we request that any complaints be first brought to our attention so we can adequately investigate matters. If you would like to complain about Piktochart to a regulatory body, you may contact your local data protection supervisory authority.

7. Other Important Information
7.1 Changes to this Policy

We may modify our policy from time to time. We will notify the users by indicating the date of the last update at the top of the policy. Any changes to our policy will become effective upon posting. We store each version of our policy, and therefore, can share the previous version upon request.

7.2 Lawful Processing

Our collection and processing of your personal data are based on lawful processing. Lawful basis for data processing includes explicit consent that you have provided us, and through a contract with you (for example, to carry out any contractual obligation that we may have entered with you), and for legitimate business interests that include providing you with our products and services. Any consent that you provide can be revoked by you at any time. However, where legitimate business interests are concerned, you have the right to object to data collection and processing in which case we reserve the right to delete your account to comply with your objection to having your data stored and processed.

7.3 Cross-Border Transfer of Data

As a part of our standard business practices, we may transfer your personal data to organizations based in countries that have not been granted an adequacy decision under the General Data Protection Regulation.

Where data is transferred to such countries, we shall ensure that specific safeguards or derogations have been established.

These might include where the data transfer is necessary in order to fulfil a contract between us and yourself, where we have received your specific consent after having made you aware of any risks involved, or where contracts are in place between us and the third-parties involved that ensure the recipient organisation has a suitable standard of data protection in place.

7.4 Contacting Us

If you have any questions, complaints, or need clarification on this Privacy Policy, you can reach out to our support team at [email protected] If your complaints are not addressed through these channels, you have other options if you are from the United Kingdom and European region (EU Data Protection Authorities and Swiss Federal Data Protection and Information Commissioner (FDPIC)) and through contacting our EU or UK representative below.

7.5 EU/UK Representative Information

If you have concerns about your personal data and we were not able to answer your query through our support email, and you live in either the EU or the UK, you can reach out to our representatives through the following channels:

EU Representative:

Ametros Ltd
Unit 3D
North Point Business Park
New Mallow Road
Cork
Ireland
[email protected]
http://www.ametrosgroup.com

UK Representative:

Ametros Group Ltd
Lakeside Offices, Thorn Business Park
Rotherwas Industrial Estate
Hereford
Herefordshire
England
HR2 6JT
[email protected]
http://www.ametrosgroup.com