Pixit Fashion Privacy Policy

Privacy Policy: Website

1 Introduction

The following information explains how we process personal data when you use:

• our website: https://fashion.pixitai.io/
• our social media profiles.

Personal data refers to any information that can be associated with an identifiable natural person, such as their name or IP address.

1.1. Contact Information

The controller according to Art. 4 para. 7 GDPR is Pixit GmbH, Weyertal 109, 50931 Cologne, Germany, Email: hello@pixitai.io. We are legally represented by Nils Tschampel, Dr. Jannik Rößler, and Marco Thaler.

Our data protection officer can be contacted via heyData GmbH, Schützenstraße 5, 10117 Berlin, www.heydata.eu, Email: datenschutz@heydata.eu.

1.2. Scope, Purpose and Legal Basis of Data Processing

Details on data processing scope, purposes, and legal bases are explained further below. Legal bases include:

• Art. 6(1)(a) GDPR: processing based on consent.
• Art. 6(1)(b) GDPR: necessary for contract performance or pre-contractual steps.
• Art. 6(1)(c) GDPR: compliance with legal obligations.
• Art. 6(1)(f) GDPR: legitimate interests, such as cookies necessary for site operation.

1.3. Data Processing Outside the EEA

Where we transfer data to service providers or third parties outside the EEA, EU Commission adequacy decisions under Art. 45(3) GDPR (e.g., UK, Canada, Israel) may apply. For transfers to the USA, the legal basis may be an adequacy decision if the provider is certified under the EU-U.S. Data Privacy Framework. Otherwise, standard contractual clauses under Art. 46(2)(b) GDPR apply.

1.4. Storage Duration

Unless specified otherwise, data is deleted when no longer necessary and when no legal retention obligations apply. If retention is necessary, processing is restricted (data is blocked).

1.5. Data Subject Rights

Data subjects have the following rights:

• Right of access
• Right to rectification or deletion
• Right to restrict processing
• Right to object
• Right to data portability
• Right to withdraw consent at any time

They also have the right to lodge a complaint with a supervisory authority: https://www.bfdi.bund.de/DE/Service/Anschriften/Laender/Laender-node.html

1.6. Obligation to Provide Data

Customers and third parties must provide only the personal data necessary for establishing or performing a contract or as legally required. Without such data, contracts or services may not be possible.

1.7. No Automated Decision-Making

We do not use automated individual decision-making according to Art. 22 GDPR unless legally required, in which case affected persons will be informed.

1.8. Contacting Us

If you contact us via email or phone, we store the information provided to respond to your inquiry. Legal basis: Art. 6(1)(f) GDPR.

1.9. Customer Surveys

We occasionally conduct surveys to better understand our customers. Legal basis: Art. 6(1)(f) GDPR. Data is deleted after evaluation.

2. Newsletter

You may subscribe to our free newsletter. We process the data provided only for sending the newsletter, based on your consent (Art. 6(1)(a) GDPR). Consent can be withdrawn at any time.

We track open and click rates to improve content relevance. Newsletters are sent via HubSpot (HubSpot, Inc., USA, processing in the EU). Privacy policy: https://legal.hubspot.com/de/privacy-policy

3. Website Data Processing

3.1. Note for Visitors from Germany

Our site may store or access information (e.g., cookies, IP addresses). This is based on:

• § 25(2)(2) TDDDG for necessary storage/access
• § 25(1) TDDDG for consent-based storage/access

Subsequent processing follows GDPR.

3.2. Informational Use of Website

When using the site without providing information, we collect browser-transmitted data to ensure security (Art. 6(1)(f) GDPR):

• IP address
• Date and time
• Time zone
• Requested content
• HTTP status
• Transferred data volume
• Referring site
• Browser and OS details
• Language and version

Data is stored in log files and deleted after 14 days.

3.3. Web Hosting

Hosted by WebFlow. Legal basis: Art. 6(1)(f) GDPR. We use a CDN for availability.

3.4. Contact Form

We store data from contact forms to respond. Legal basis: Art. 6(1)(f) GDPR.

3.5. Appointment Booking

Appointment booking involves personal and communication data. Legal basis: Art. 6(1)(f) GDPR.

3.6. Technically Necessary Cookies

Used for functionality. Legal basis: Art. 6(1)(f) GDPR. Examples:

• Language settings
• Search terms
• Login data

3.7. Third Parties

• Webflow: Lead generation and analysis. Legal basis: Art. 6(1)(f) GDPR. Privacy: https://webflow.com/legal/eu-privacy-policy
• Google Webfonts: Fonts. Legal basis: Art. 6(1)(a) GDPR. Privacy: https://policies.google.com/privacy?hl=de
• Google Analytics: Usage analysis. Legal basis: Art. 6(1)(a) GDPR. Privacy: https://policies.google.com/privacy?hl=de
• heyData: Compliance seal. Legal basis: Art. 6(1)(f) GDPR. Privacy: https://heydata.eu/datenschutzerklaerung

4. Social Media Data Processing

We maintain profiles on social networks to present our organization. These platforms process user data for advertising (cookies, profiling). Servers may be outside the EU.

When contacted through these profiles, we process data to respond. Legal basis: Art. 6(1)(f) GDPR.

4.1. LinkedIn

Operator: LinkedIn Ireland Unlimited Company. Privacy: https://www.linkedin.com/legal/privacy-policy?_l=de_DE

Opt-out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out

5. Changes to This Privacy Policy

We may update this policy. The current version is always available here.

6. Questions and Comments

For inquiries, contact us at the above details.

‍