LAST UPDATED – 30 MARCH 2021
We are committed to protecting your information and your right to privacy. If you have any questions or concerns about our Policy, or our practices with regards to your personal information, please contact us via firstname.lastname@example.org.
When you use the Pixie Services, you trust us with your information and we take your privacy very seriously. We seek to explain to you in the clearest way possible what information we collect, how we use it and what rights you have in relation to it. We hope you take some time to read through it carefully, as it is important. If there are any terms in this Policy that you do not agree with, please discontinue your use of the Pixie Services.
We review this Policy regularly and reserve our right to amend it at any time. It is your responsibility to check regularly and determine whether you still agree to comply with the Policy. If you do not agree to any changes to this Policy then you must immediately stop using the Pixie Services. In the event we make any significant changes to this Policy we will use our reasonable endeavours to inform you of such changes in advance in writing.
It is important that the personal information we hold about you is true, complete, accurate and current. Accordingly, you must notify us of any changes to your personal information (for example, if you change your email address).
The Pixie Services are owned and operated by UsePixie Software UK Ltd (trading as “Pixie”), a company registered in England and Wales with company number 13062857 and whose registered office is situated at 4th Floor, 86-90 Paul Street, London EC2A 4NE, United Kingdom (Pixie/we/us/our). Pixie is the controller (also known as a data controller) of, and is responsible for, your personal information. The term “you” refers to the user wishing to access and/or use the Pixie Services.
The Pixie Platform provides a platform that helps small accounting and bookkeeping firms to manage clients, deadlines, workflow, emails and team members.
In Short: We collect personal information that you provide to us including information such as your name, address, contact information, date of birth, job title, social media handles/URLs and payment card information (see paragraph (b) below for further details).
(a) Where and how we collect personal information
We collect personal information that you voluntarily provide to us when registering to use and actually using the Pixie Services, or otherwise contacting us.
If you apply or are put forward for a role with us, or work for us (either directly or indirectly) for any period of time, we also collect your personal information, which may include your contact details, financial and payment details, details of your education, qualifications and skills, your marital status, your nationality, your NI number, your job title and your CV.
If you give us personal information on behalf of a third party, for example an employee, contractor or client, in providing that information to us you are confirming that you have sought and obtained, from that individual, permission for you to:
and you shall indemnify us and hold us harmless against any claims, actions, proceedings, losses, damages, costs (including reasonable legal costs) and expenses (including taxation), in each case of any nature whatsoever, arising out of or in connection with your failure to obtain these permissions.
More particularly, the personal information that we collect depends on the context of your interactions with us, the choices you make and the products and features you use. For example:
Unless otherwise specified, all personal information requested by us is mandatory and failure to provide this information may make it impossible for us to provide our services. In cases where we specifically state that some personal information is not mandatory, you are free not to provide this personal information without consequences to the availability or the functioning of the Pixie Services.
(b) The types of personal information we may collect
When you use the Pixie Services and/or when you otherwise deal with us, we may collect the following information about you (the Information):
In Short: Occasionally we may need to ask you to provide sensitive personal data. If we do, we will explain why we are requesting it and how we will use it.
We will not usually ask you to provide sensitive personal information. We will only ask you to provide sensitive personal information if we need to for a specific reason, for example, if we believe you are having difficulty dealing with your account due to illness. If we request such information, we will explain why we are requesting it and how we will use it.
In Short: We may receive information about you from third parties, and we may use this information to provide, improve and personalise the Pixie Services.
Occasionally we may receive information about you from other sources, which we will add to the information we already hold about you in order to help us provide, improve and personalise the Pixie Services. If you apply for a job with us, we may also receive information from those who provide references relating to your prospective or actual engagement or employment.
In Short: Some Information – such as IP addresses and/or browser and device characteristics – is collected automatically when you use the Pixie Platform.
We automatically collect certain Information when you visit, use or navigate the Pixie Platform. This Information does not reveal your specific identity (unless your device name is the same as your name) but may include device and usage Information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, Information about how and when you use the Pixie Platform and other technical Information. This Information is primarily needed to maintain the security and operation of the Pixie Platform, and for our internal analytics and reporting purposes.
In Short: We process your Information for purposes based on legitimate business interests, the fulfilment of our contract with you, compliance with our legal obligations, and/or your consent.
We use your Information collected via the Pixie Services for a variety of business purposes, as described below. We process your Information for these purposes in reliance on our legitimate business interests (Business Purposes), in order to enter into or perform a contract with you (Contractual Reasons), with your consent (Consent), and/or for compliance with our legal obligations (Legal Reasons). We indicate the specific processing grounds we rely on next to each purpose listed below.
We may process your Information for the following purposes:
In Short: In general, we only share Information for Contractual Reasons, to fulfil our Business Purposes, or with your Consent.
We only share and disclose your Information in the following situations:
We may disclose aggregated, anonymous Information (i.e. Information from which you cannot be personally identified), or insights based on such anonymous Information, to selected third parties, including (without limitation) analytics and search engine providers to assist us in the improvement and optimisation of the Pixie Services. In such circumstances we will not disclose any Information which can identify you personally.
In Short: We may transfer, store, and process your Information in countries other than the UK, but will take all reasonable steps to ensure it is protected.
Whenever we transfer your Information outside of the UK, we will take all reasonably practicable measures to protect your Information in accordance with this Policy and applicable laws. To the extent that any transfer requires approved safeguards to be in place we will only transfer your Information to countries that have been deemed to provide an adequate level of protection for personal data. Where we use certain service providers, we may use specific contracts approved for use in the UK which give personal data the same protection it has in the UK, for example the EU Standard Contractual Clauses.
In Short: We are not responsible for the safety of any Information that you share with third party providers who feature or advertise, but are not affiliated with, the Pixie Services.
The Pixie Platform may feature links to third party websites or social media channels, or contain advertisements from third parties that are not affiliated with us and which may link to other websites, online services or mobile applications. We cannot guarantee the safety and privacy of data you provide to any third parties. Any data collected by third parties is not covered by this Policy.
We are not responsible for the content or privacy and security practices and policies of any third parties, including other websites, services or applications that may be linked to or from the Pixie Platform. You should review the policies of such third parties and contact them directly if you have any related questions.
In Short: We keep your Information for as long as necessary to fulfil the purposes outlined in this Policy, unless a longer retention period is permitted or required by law.
We will only keep your Information for as long as it is necessary for the purposes set out in this Policy, unless a longer retention period is required or permitted by law (such as tax law, accounting requirements or other legal or regulatory requirements).
When we have no ongoing Business Purpose to justify the processing of your Information, we will either delete or anonymise it, or, if this is not possible (for example, because your Information has been stored in backup archives), then we will securely store your Information and isolate it from any further processing until deletion is possible.
In Short: We aim to protect your Information through a system of organisational and technical security measures.
We have implemented appropriate technical and organisational security measures designed to protect the security of any Information we process. For example, we store your personal data on secure servers and company data is stored on separate secure encrypted disks when not in use.
We have procedures in place to deal with any suspected data security breach. We will notify you and any applicable supervisory body of a suspected data breach where we are legally required to do so.
However, please also remember that we cannot guarantee that the Internet itself is 100% secure. Although we will use our reasonable endeavours to protect your Information, we cannot guarantee the security or integrity of personal Information that is transferred from you or to you via the Internet. Transmission of personal Information to and from the Pixie Platform is therefore at your own risk. You should only access our services within a secure environment.
In Short: We take steps to ensure that the Pixie Services are only used by those over 16 years of age and we do not knowingly collect data from or market to children under 16 years of age.
We do not knowingly solicit data from or market to children under 16 years of age. By using the Pixie Services, you represent that you are at least 16 years of age. If we learn that Information from users less than 16 years of age has been collected, we will deactivate the relevant account and take reasonable measures to promptly delete such data from our records. If you become aware of any data we have collected from children under 16 years of age, please contact us immediately via email@example.com.
You will be required to give Consent to certain processing activities before we can process your Information. Where applicable, we will seek Consent from you when you first submit Information to or through the Pixie Services.
If you have previously given your Consent you may freely withdraw such Consent at any time. You can do this by emailing firstname.lastname@example.org or, where applicable, clicking the ‘Unsubscribe’ button that appears in mailing list communications.
If you withdraw your Consent, and if we do not have another legal basis for processing your Information, then we will stop processing your Information. If we do have another legal basis for processing your Information, then we may continue to do so subject to your legal rights.
Please note that if we need to process your Information in order for you to use the Pixie Services and you object or do not provide Consent to us processing your Information, you accept that the Pixie Services will no longer be available to you.
If you have given Consent to marketing we may contact you about our products, services, promotions and special offers. If you no longer wish to receive such Information, you can withdraw your Consent at any time by sending an email to email@example.com or unsubscribing from the communications.
If you have given Consent, we may share your Information with carefully selected third party organisations and business partners and they may contact you directly. If you would prefer to no longer receive direct marketing communications from third parties and partners after previously giving your Consent, please contact those third parties and partners directly to withdraw the Consent.
Where you opt out of receiving marketing messages, this will not apply to personal data provided to us in connection with your purchase of a subscription to the Pixie Platform or a service, or your involvement in other related transactions.
You may at any time review or change the Information in your account by logging into your Pixie account.
If you wish to terminate your Pixie account, please contact us via firstname.lastname@example.org and we can arrange this for you. Some Information may be retained in our files to prevent fraud, troubleshoot problems, assist with any investigations, enforce our Terms and/or comply with legal requirements.
In Short: You have certain rights in respect of your Information.
You have certain rights in relation to the Information that we hold about you. Details of these rights and how to exercise them are set out below. Please note that we will require evidence of your identity before we are able to respond to any requests. This is a security measure to ensure that your Information is not disclosed to a person who does not have the right to receive it. We may also contact you to ask you for further Information in relation to your request to speed up our response. To exercise or discuss any of your rights, please contact us via email@example.com.
If we are relying on Consent to process your Information, you have the right to withdraw your Consent at any time. Please note however that this will not affect the lawfulness of the processing that occurred before the withdrawal of such Consent.
Pixie's use of information received from Google APIs - specifically Google's Gmail email integration API - adheres to the Google API Services User Data Policy, including the “Limited Use” requirements as detailed in that policy. No information received via this API is processed for analytics, advertising, or any other marketing purposes by Pixie.
We strongly believe that keeping customer data safe is a big responsibility and protecting it is a key priority for us. Thank you for your interest in our vulnerability disclosure programme and any input you may share about our security.
If you have discovered a security flaw that impacts our product, please let us know.
Reporting security problems
Please send urgent or sensitive reports to firstname.lastname@example.org using our public key to keep the messages safe. Please include a secure way for us to respond. We will get back to you as soon as we can.
Tracking and disclosing security issues
Once you submit your report, this is how we will take action:
We welcome your feedback and questions on this Policy. If you wish to contact us about this Policy or have any other questions, please email us via email@example.com.
You have the right to make a complaint at any time to the Information Commissioner’s Office (the ICO), the UK supervisory authority for data protection issues (https://ico.org.uk/concerns). We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance.