Last updated: May 6, 2026
Privacy policy
This policy describes how Pixlide ("we", "us") processes personal information when you use the Pixlide website and service at pixlide.app (the "Service"). It applies to visitors and registered users in the United Kingdom, European Economic Area, and Switzerland, and is intended to align with the UK GDPR, the EU GDPR, and related UK and EU data protection laws.
The Service is operated by Yeka Studio Ltd ("Yeka Studio"), who acts as the data controller for personal data described below. For privacy questions or requests, contact us at hello@pixlide.app.
1. What Pixlide does
Pixlide helps you turn photos (and optionally other media you provide, such as reference images, introductory clips, or background music) into slideshow videos that you can export as an MP4. The marketing site may let you assemble a preview locally in your browser; uploading your files to our systems happens after you sign in and use the workspace.
2. Personal data we process
- Account and profile: We process identifiers and contact details associated with your account, such as your email address and display name, and an internal user identifier linked to Firebase Authentication.
- Your content: When you create projects we store slideshow configuration (for example, pacing, cropping, sequencing, titles, duration, audio settings), file names, formats, sizing or duration metadata, object storage keys pointing to uploaded files (images, thumbnails, rendered outputs, optional audio), and timestamps. We host these files on object storage and keep related records in our application database so the Service can render, deliver downloads, and enforce plan limits.
- Billing and usage: If you purchase a subscription or credit pack, we process Stripe customer identifiers, subscribed price or product references, webhook event identifiers and payloads (for bookkeeping and fraud prevention), records of grants and deductions of rendering credits tied to your account, and timestamps.
- Technical and security data: Our servers and providers may automatically process information such as IP address, approximate location derived from networking data, HTTP headers, user agent strings, request timestamps, and similar diagnostic data needed to operate, secure, and troubleshoot the Service.
3. Why we use your data (legal bases)
We rely on the following bases under the UK GDPR / EU GDPR, as applicable:
- Contract (Article 6(1)(b)): Providing sign-in, project storage, uploads, rendering, downloads, plan features, and customer support.
- Legitimate interests (Article 6(1)(f)): Securing the Service, preventing abuse, improving reliability and performance, understanding aggregated usage, accounting, and enforcing our terms; where required, we balance these interests against your rights.
- Legal obligation (Article 6(1)(c)): Complying with applicable law, tax, and regulatory requests.
Where local law requires consent for specific technologies (for example certain non-essential cookies or similar technologies), we will obtain it separately and you may withdraw consent at any time without affecting the lawfulness of processing before withdrawal.
4. Recipients and processors
We use carefully selected service providers who process personal data on our instructions. They include, depending on your use:
- Google (Firebase Authentication; and, where configured, cloud tasks/worker-related Google Cloud services): identity verification tokens and operational infrastructure.
- Cloudflare R2-compatible object storage (S3 API): storing and serving uploaded and generated media.
- Stripe: payment processing, invoicing artefacts available through Stripe, and fraud signals Stripe provides.
- Hosting and database providers: servers and databases used to run the Pixlide API and store application records.
- Communications vendors: if we send transactional email through a provider (for example confirmations or security notices), they process recipients and delivery metadata solely to deliver messages.
5. International transfers
Some processors are established outside the UK and EEA (including in the United States). Where we transfer personal data from the UK or EEA, we use appropriate safeguards such as the UK International Data Transfer Agreement / Addendum and the EU Standard Contractual Clauses approved by the European Commission (and accompanying transfer impact assessments where required), or rely on adequacy regulations where applicable.
6. Retention
We keep personal data only as long as necessary for the purposes above. Projects, uploads, outputs, and related metadata are retained in line with the storage and retention rules of your subscription or plan tier (plans may impose a finite project retention window, for example a number of days after creation or expiry). Stripe event payloads and ledger entries may be retained longer where needed for statutory accounting and dispute handling. Backup copies may persist for a short period after deletion until overwritten. Aggregate or de-identified information may be retained beyond these periods where it does not identify individuals.
7. Security
We implement technical and organisational measures appropriate to the risk, including access controls, encryption in transit where supported by our stack, separation of environments, and logging of administrative access. No method of transmission or storage is completely secure; if you believe your account has been compromised, contact us promptly.
8. Automated decision-making and profiling
We do not use solely automated decision-making that produces legal or similarly significant effects about you. Credit balances and technical checks (for example verifying uploads) are operational rules of the Service, not profiling within the meaning of Article 22 GDPR.
9. Children
The Service is not directed at children under 16. We do not knowingly collect personal data from children. If you believe we have collected data from a child, contact us and we will take steps to delete it.
10. Your rights
Depending on your location, you may have rights to access, rectify, erase, restrict, object to certain processing, and data portability, and the right to withdraw consent where processing is consent-based. You may also lodge a complaint with a supervisory authority. In the UK, the Information Commissioner's Office (ico.org.uk); in the EEA or Switzerland, please contact your local authority.
To exercise your rights or ask questions about this policy, email hello@pixlide.app. We verify requests where appropriate and respond within applicable statutory time limits (normally one calendar month).
11. Stripe and payment pages
When you open Stripe Checkout or the billing portal, Stripe processes personal data under its own terms and privacy notice. We receive limited billing identifiers and transactional details needed to provide entitlements within Pixlide.
12. Cookies and similar technologies
We use strictly necessary mechanisms required for secure sign-in sessions and basic site reliability. Additional analytics or marketing cookies, if introduced later, would be disclosed and, where legally required, only activated based on your choices via a consent banner or equivalent control.
13. Changes
We may update this policy to reflect legal, technical, or product changes. Material updates will be signposted via the Service (for example a revised effective date shown at the top of this page or an in-product notice). Continued use after the effective date constitutes acceptance unless otherwise required by law.