Privacy Policy for pixpal.chat

1. What We Collect

  • No Personal Data: We do not collect or store names, emails, IP addresses, or personally identifiable information.
  • Optional Google Sign-In: If you choose to sign in with Google, we use basic Google authentication to verify your account. We do not store your name, email, profile picture, or Google data on our servers.
  • IP Processing by Google: Google may temporarily process IP addresses as part of security and authentication. This data is handled by Google and not used by PixPal.
  • Minimal Usage Data: GA4 tracks anonymous page views and actions without personal identifiers.
  • We do NOT collect generated text or images: Your chats and images stay on your device via browser local storage when you choose to save a chat.

2. Google Analytics 4

  • Anonymization: GA4 anonymizes IPs and blocks PII.
  • Redaction: GA4 masks accidental personal data in forms or URLs.
  • Retention: Up to 14 months.
  • No Sharing: No remarketing, no Google Signals, no cross-site tracking.
  • Legal Basis: Legitimate interest + consent where required.

3. Cookies & Consent

  • Cookies in Use: GA4 uses lightweight session cookies. Google AdSense uses cookies for ads based on your consent choices.
  • Consent Banner: A Google CMP popup on your first visit lets you choose personalized, non-personalized, or no ad cookies.
  • Control: You may update preferences in your browser or via Google Ad Settings.

4. Google AdSense Advertising

  • Ads are served by Google and its advertising partners.
  • Personalized ads require your consent.
  • If declined, you get non-personalized (contextual) ads.
  • More info: How Google uses data in ads.

5. Google Auth Usage (Auth + Features)

  • PixPal uses Google Auth only for authorization and to enable features such as extra free image edits and video generation.
  • No Google Auth (Firebase) analytics or extra tracking is used.
  • We do not store your email, name, profile picture, or Google account info.
  • Google may process technical data (such as IPs) strictly for authentication security.

6. Third-Party Data Handling

  • We follow GDPR standards and have signed Google’s DPA.
  • No additional trackers, CDNs, or scripts beyond GA4, AdSense, and Google Auth.

7. Use of OpenAI API

  • API Usage: OpenAI powers image generation, chat, and media features.
  • No Model Training: Your data is not used for training OpenAI models.
  • Retention: OpenAI may store requests up to 30 days for abuse prevention.

8. Your Rights

  • Request access to any data we hold (which is typically none).
  • Request deletion of Google authentication data.
  • Change or withdraw cookie/ads consent at any time.

Contact Us

Email: me@andr3as.dev