Your Privacy Matters
At Piktochart, we are committed to being transparent about the data we collect about you, why we collect it, how we process it, and who we share it with. We take the utmost care in handling your data and ensuring that your privacy is safeguarded.
1. A Visual Summary
3. Information We Collect
3.1 Information You Provide Us
When creating an account with Piktochart, you provide the following details:
- Email Address – This is required to create a unique account in Piktochart for you to access the application.
- Name – This is used during communications in order to address you, and also to name your workspace within Piktochart so that you can differentiate between your personal and team workspace (if you are subscribed for one). Your name is also displayed in published visuals and is visible to people who can access them.
- Password – Along with your email, a password is required to authenticate and provide access to your Piktochart account. However, we do not store any passwords when you sign up or sign in using social media logins.
- Registering via Social Accounts – You can create an account with Piktochart using your social media accounts. We currently support social media login with Google or Facebook. When you choose to sign up using your social media account, we collect and store your email address and name from the social media platform along with an UID (unique ID received from the social media platform).
- Extended Profile – We collect your role, organization size and whether you belong to a non-profit organization. The role is used to help us design templates, provide tips, and design features that might be beneficial for that role. For example, knowing that we have registered users in a marketing role helps us develop templates for say social media marketing or marketing metrics reporting. Information on organization size helps guide our marketing efforts and design features that might help in collaboration as a part of the Piktochart For Teams plan. The non-profit indicator helps us direct you to discounted pricing plans if you choose to upgrade to a premium plan. It is up to you whether you want to provide this information. Providing this information helps you get more relevant templates, tailored tips to get your job done better, and over the long run, shape the features in the product that serve your needs better.
If you subscribe to any of the premium plans in Piktochart, then we collect your credit card details along with other billing information (like company name and address). These are required to authorize the payment to the premium plans and also to generate invoices. The credit card and other payment information is not stored within Piktochart. We encrypt the information and share it with the payment gateway to process the transaction.
Children Under 16
As a family friendly site, Piktochart has a zero tolerance to obscenity and nudity featured in any created visuals hosted on Piktochart. In efforts to comply with the Children’s Online Privacy Protection Act (COPPA) and the European Union’s General Data Protection Regulation (GDPR), Piktochart’s products and services are directed only to people who are at least 13 years of age or older. However, children under 16 years of age from the EU region, are not allowed to create a Piktochart account and to use the application for the time being. We ensure that we keep up to date on compliance regulations, and for now, this means we need to exclude individuals from the EU who are under age of 16.
3.2 Visual Creation and Sharing Information
3.3 Service Usage Data
For improvement purposes, we keep anonymous records of your Piktochart usage, including our website and blog pages. The records include data such as the number of visits and time spent on pages, interactions like clicks on buttons or links, as well as search terms. Device information, and data on your operating system and web browser are also anonymously collected and aggregated to ensure the best performance of our site and app on various platforms. Part of the above information is also temporarily stored in cookies. Whenever you visit any of our pages, we receive the URL of the pages that you came from and the destination (Piktochart) page that you landed on. As part of the page request, we collect your IP address, proxy server, operating system, web browser and add-ons, device identifier and/or ISP and mobile data provider. This data is collected anonymously and aggregated without any personal information to attribute against.
3.4.1 What Are Cookies?
A cookie is a small file that the website saves to your device (a computer or a mobile device) for an extended period of time. Cookies help in remembering your preferences and actions over a period of time so you don’t have to keep entering them again when you visit the page again.
3.4.3 Disabling Cookies
3.4.4 The Cookies We Set
We set and manage some cookies that are required for Piktochart to work properly. When you create an account with Piktochart, or visit any of Piktochart pages, we set a cookie. These cookies are used to remember your preferences once you have logged out. If you are visitor of Piktochart, we use the cookies to know if you are a blog subscriber or registered with us for any other service.
3.4.5 Third Party Cookies
We also set cookies from trusted third parties (called third party cookies) to provide some functionality. Refer to the section 4.4 on the third parties that we work with. These cookies are used to monitor and measure site performance, page visits, and support live chat with our sales and support teams. We use social media buttons and/or plugins on our site to allow you to connect with us via your social accounts. Those plugins set their own cookies as outlined in their privacy policies. Information about your use of our website is shared with trusted social media, advertising and analytics partners in order to customize content and advertising, to provide social media features and to analyze traffic to our website.
3.5 Support, Surveys & Service Cancellation Information
When you reach out to Piktochart support for assistance, we collect data about your application issue or feedback, as well as other information such as the title of your visual, or the last four digits of your credit card (to resolve billing and payment issues), to allow us to investigate any reported issues. We store this interaction information for quality assurance purposes and to improve our customer support. We also store your responses and interactions as part of any user surveys, and feedback sessions. When you cancel your premium subscription, we collect data about cancellation reasons and any other feedback you provide us with.
We often introduce new features, some of which may require the collection of new information. If we collect personal data that is different than previously stated, or change the way we process and share them, then we’ll amend our policies and ask you to provide consent as required.
4. How We Use Your Data
We use your personal data to let you to access the application, make payments, to create and share visuals.
4.1 Application Use
We will contact you to communicate about key account changes (including password reset, account deletion etc), billing reminders, invoices, to answer support queries, availability of services and outages, network updates or other service/application related issues, security updates, legal and policy updates. You cannot opt out of receiving these critical service, security and legal updates from us. Apart from critical communication, we may reach out to notify you about the product updates and announcements (including new feature launches, changes to existing features or functionality, new template launches etc), send newsletters and other product and design tips via email, only if you have opted to receive them We have two ways to communicate with you:
- In-App Notification
We can push notifications and messages to the notification center within the application that will be displayed when you are signed in. This communication is supported by a third party service called Intercom. We store your contact information, name, and some usage details (the subscription plan you are on, the number of visuals you have created, the date of last activity, etc.) with Intercom to be able to provide the relevant information through notifications. You cannot opt out of this notification within the app.
We may contact you through email only if you have opted in to receive communication via this channel. Our email communication is also powered by Intercom. We store your contact information, name and some usage details (the subscription plan you are on, the number of visuals you have created, the date of last activity etc) with Intercom to be able to email you with the communication you have opted to receive. As a registered user of Piktochart, you can change the email communication preferences and topics on which you want to receive communication about. As a visitor of Piktochart, you can change your communication preferences to the newsletters you might have subscribed to.
We use data about our registered users and visitors to support communications and campaigns to promote membership, subscription, and engagement with our products and services. We do not send marketing-related messages to students who indicated their role as a student on our sign-up poll. We do not sell your data to anyone.
4.4 Research & Development
We use data including qualitative feedback from registered users and public, collected via user interviews, surveys, polls or other means to conduct research and development to improve our products and services. You are not obligated to participate in these research processes and you can choose to provide your feedback in any way that is convenient to you.
4.5 Customer Support
We use your data including your usage, communications, and interactions with us to investigate, resolve and respond to any issues or complaints you have with our products or services. This data is also used for quality assurance and to improve our customer support processes.
4.6 Aggregate Insights
We generate insights by aggregating data that helps us improve our products and services. These results do not include any personal information and will not be used to identify you. For example, we may aggregate information about template usage that shows which templates are used the most and which are used the least. This data is aggregated from the templates that users choose on an individual basis. The aggregated data does not include any personal information about users who have chosen that template. Few other examples of aggregated results include the most common browsers used by our users, which features are commonly used and at what instances, as well as the typical workflows and interactions taken by users at an aggregate level.
4.7 Security & Investigation
5. How We Share Your Information
5.1 Account Information
Below is the information that is shared about your account profile:
- When you share a visual in password protected or public mode, the people who can see your visual will also be able to see your name.
- Your account information, including email address, name, role, organization size and non-profit organization indicator is shared with third-party services to provide the application services. Refer to the third party services section for the list of third parties that we share data with.
5.2 Team Account
If you are part of the Piktochart For Teams plan, then your email address and name will be visible to others in your team account.
5.3 Uploaded & Created Content
- The visuals that you create are by default private and accessible only by you. However, when you share your visual in password protected or public mode, they will be accessible by others. A visual that is shared in public mode will be searchable and indexable by search engines as well.
- The files (images, SVGs) that you upload into Piktochart are private and are accessible only from within the visual in which they are used provided the visual itself has been shared by you.
- We do not share your uploaded content or the visuals you create with anyone.
- Piktochart has a public showcase where we display some of our users’ created visuals as an inspiration for others. Only publicly shared visuals that meet our design standards are showcased. We display your publicly shared visual only with your consent in our showcase section and can also remove any of the visuals from our showcase without notifying you. If you make your showcased visual private, password protected or delete it, it will be also be removed from our showcase.
- If you belong to a team account, then your visuals may be accessible by others in your team based on their roles and the permissions set for the visual. Refer to this article on how team member roles and visual permissions work.
5.4 Third Parties We Share Your Information With
We use third party services to help us provide some of our services (eg: web hosting, data storage, communication, customer support, payment, maintenance, development and analysis etc). These third parties will only have access to data relevant for the service they provide. They are obligated to not share with others or use your data for any other purposes. Below is a list of the third parties that we use and the data that we share with them:
|Category||Party Name & Product||Why do we share?||What do we share?|
|Payment Processors||Paypal||To allow payment processing, settlement and billing services.||Name, email, address, details of user funding instruments and payment transactions.|
|Customer Support & Satisfaction||Helpscout||To provide custom support and live chat service to our users.||Name, email address, user interactions and communications.|
|Google Forms to conduct user research, customer service and marketing surveys||Name, email, user responses and other information obtained from the survey.|
|Postmark App||To send emails from our backend||Email ID.|
|Facebook Ads & Pixel||To personalise ads on Facebook to improve relevance. To measure conversion from FB Ads.||Email ID.|
|Typeform||To conduct user research, customer service, and marketing surveys.||Name, email, subscription plan, role, user responses and other information obtained from the survey.|
|Thinkific||To connect with users who participate in the Design Certification course and acknowledge the completion.||Name, email, visual design (upon submission).|
|LinkedIn Insight Tag & Pixel||To personalise ads on LinkedIn to improve relevance. To measure conversion from LinkedIn Ads. Read more here.||Metadata such as IP address information, timestamp, and events (e.g. page views). All data is encrypted.|
|Hosting & Storage||Amazon||To host our application databases using Amazon RDS. We also use Amazon S3 for file storage and backups.|
|To host our application databases using Google Cloud SQL. Additionally, we store temporary data in Google Cloud Storage for our image processing services. Data in Cloud Storage is automatically removed within 48 hours. Firebase to support the commenting module for team visuals. This is applicable for the users on the Team plan.|
|Analytics||To perform web analytics on the Piktochart website and web application. For more information on this, visit this page.||Cookies are used to collect anonymous data on site usage.|
|Mixpanel||To perform web analytics on the Piktostory web application. For more information on this, visit this page.||Feature usage and user behavior tracking on the web application.|
|Application monitoring||AppSignal||Backend application monitoring.||It includes stack traces and request headers that might contain PII.|
|Sentry||Frontend Application monitoring.||Edit Email id of the user as an hashed value.|
5.5 Disclosure For Law Enforcement
We do not share your information with law enforcement agencies unless there is a court order that directs us to do so. In the event of a court order, we’ll notify you.
5.6 Change In Control or Sale
6. Your Rights & Obligations
6.1 Rights to Access & Rectify Your Information
6.2 Rights to Limit or Restrict Processing
You can choose to change your consent for data processing and limit the processing from your account settings. However if you revoke your consent for processing that is required for the application to function, then you’ll have the option to download all your data and delete your account as part of revoking consent.
6.3 Right to Download Your Data
You can place a request with us to download all your personal data, uploaded assets, and created visuals. The personal data will be shared in standard csv or json format. Your uploaded assets will be made available in the same format that you uploaded them and your created visuals will be provided in json format. The json format of the visual is not a standard format that would be supported by other applications. For example, you won’t be able to upload your visual into another design software to recreate your visual. However this json format can be uploaded back into the Piktochart application to recreate your visual. You can download all your created visuals in supported formats from within the application as well.
6.4 Data Retention & Inactive Accounts
We do not retain your data any longer than necessary to provide you the services. We retain your data until your account is active and/or if it is on a paid subscription plan. If you are not on a paid subscription plan and your account is inactive for more than 12 months, then we reserve the right to deactivate your account after providing due notifications. After 30 days of providing the last reminder to use your account, we can delete your account if we do not receive any written request to retain the data or if there is no activity detected. As part of the deletion, we will also email you a copy of your data including the visual json data. However, even after deletion, we may retain some personal data as mentioned in the section below.
6.5 Account Deletion
You can choose to delete your account at any time from your account settings. Deletion of your account will delete all data that we have about you in our systems and any data we have shared with our third parties as described under the section on “How We Share Your Information”. When you choose to delete your account, we do not automatically send you a downloadable copy of all your data. However, you could place a request to get a copy of your data here before deleting your account, or after you have deleted your account before the 14 days grace period ends. Upon account deletion and/or request for data erasure, we’ll still retain a bare minimum of your personal data that is reasonably necessary to resolve any disputes, and to comply with legal and regulatory obligations. For example, as part of the regulatory compliance, we are required to maintain records of user consent to use and process their data and/or to delete their data. Therefore, we continue to store consent information and some relevant details about when that consent or deletion request was made.
7. Other Important Information
7.1 Changes to this Policy
We may modify our policy from time to time. We will notify the users by indicating the date of the last update at the top of the policy. Any changes to our policy will become effective upon posting. Use of the site, any of our products and services, and/or providing consent to the updated policy following such changes constitutes your acceptance of the revised policy then in effect. We store each version of our policy, and therefore, can share the previous version upon request.
7.2 Lawful Processing
Our collection and processing of your personal data is based on lawful processing. Lawful basis for data processing includes explicit consent that you have provided us, and through contract with you (for example to carry out any contractual obligation that we may have entered with you), and for legitimate business interests that include providing you with our products and services. Any consent that you provide can be revoked by you at any time. However, where legitimate business interests are concerned, you have the right to object to data collection and processing in which case we reserve the right to delete your account to comply with your objection to having your data stored and processed.
7.3 Cross-Border Transfer of Data
We store and process data in and out of the United States and comply with processes to legally transfer data across borders. Countries where we process data may have different laws that are potentially not as protective as the ones in your home country.
7.4 Contacting Us
7.5 EU/UK Representative Information
If you have concerns about your personal data and we were not able to answer your query through our support email, and you live in either the EU or the UK, you can reach out to our representatives through the following channels: