Privacy Policy – Rough Pixels

Updated: April 01, 2024

This privacy policy applies to roughpixels.com, roughpixels.ch and any subdomains under these domains.

Who we are

The main website address is http s://www.roughpixels.ch, where you can buy webdesign themes and other services which enable you to build and create your very own websites and webservices. Beside that we operate some subdomains as base for tutorial-, news- and testsites for above main website.

www.roughpixels.com is the former main website and has been taken over to the .ch domain.

Mentioned sites are owned and operated by „S.Popiel, Lernplaner für die persönlichen Ziele c/o Carta AG, Hornbachstrasse 50, CH-8008 Zürich (Switzlerland)“ (further referred in these terms as „Rough Pixels“, „our“, „us“, „we“ or „the owner“)

Serverlogs

When you access our website, information is temporarily stored in so-called log files on our server. This is information that the browser of your device automatically sends.

Namely: [IP address of the contacting device], [date and time], [URL of the page accessed], [referrer URL], [Browser and other device information]

The above data is processed by us for the following purposes:
Connection establishment and stable and secure use of our website.

The legal base under DSGVO for customers in the European Union is:
Art. 6 para. 1 sentence 1 lit. b DSGVO and
Art. 6 para. 1 sentence 1 lit. f DSGVO.
The data processing is carried out at your request for the aforementioned purposes and is necessary for the fulfillment of the contract and pre-contractual measures if you visit our website and wish to use the services located on it. Our legitimate interest follows from ensuring system security and stability when the server is used with our website by the audience.

Cookies

What are cookies? Cookies are small text files stored on your device (computer, tablet, mobile) by a website you visit. They are widely used to make websites work more efficiently, as well as to provide information to the site owners.

Rough Pixels uses cookies to enhance your experience on our website in the following ways:

Remembering Your Preferences: To remember your settings and preferences, like your login information and language preferences, making your subsequent visits more personalized and efficient.

Performance and Analytics: To analyze how our visitors use our website and to monitor website performance. This allows us to provide a high-quality experience by customizing our offering and quickly identifying and fixing any issues that arise.

Marketing: To measure the effectiveness of our marketing campaigns and tailor advertising to you based on your interests.

Third-Party Cookies: In addition to our cookies, we may also use various third-party cookies to report usage statistics of the service, deliver advertisements on and through the service, and so on.

Your choices regarding cookies: When you first visit our website, we will ask for your consent to use cookies, except for those strictly necessary for the operation of the site. You can choose to accept or decline non-essential cookies. Furthermore, most web browsers allow you some control over cookies through the browser settings, including the ability to delete them or to block cookies from being placed on your device. However, please note that if you choose to disable cookies, it may affect your ability to use certain parts of our site fully.

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help manage spam detection.

The legal base under DSGVO for customers in the European Union is:
Art. 6 para. 1 sentence 1 lit. b DSGVO and
Art. 6 para. 1 sentence 1 lit. f DSGVO.
The data processing is done on your own request for mentioned reasons and is required to fulfill our promised service with you and our legal interest, based on the process to prevent spam.

Gravatar and profile picture

Userids and mails are encrypted. So Gravatar is not able to link any identity to you.
In addition we disabled the Gravatar Service on our system to limit transmission of user information to third parties.

After approval of your comment, your local profile picture in the system (if allowed by us to give in your profile) is visible to the public in the context of your comment.

Media

In some cases, we allow you to upload images and other documents, such as profile pictures, payment proof or screen prints when you are reporting payment problems, system errors and bugs, for better understanding or when you are using testsites for demonstration.

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

The legal base under DSGVO for customers in the European Union is:
Art. 6 para. 1 sentence 1 lit. b DSGVO and
The data processing is done on your own request for mentioned reasons and is required to fulfill our promised services with you.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Even though, we believe it is sometimes good to have direct sources embed for your convenience, we use a plugin to temporarily block automated load of such content and ask for your consent. As we have no control, you agree on your own risk and under the privacy policy of the remote content provider, if you give consent to load the content with its related data collection.

Transmission and processing Data by third parties

How we handle your data with third parties: At Rough Pixels, we are committed to protecting your privacy. Here’s how we handle data sharing with third parties:

Infrastructure

Your personal related information is shared with our assigned server and hosting providers who are responsible for the operational and backup infrastructure of the services of Rough Pixels.
The transmission is required for the service, administration and maintenance of our website in their servers and for the backup. Our service providers are obligated to secure the data and are prohibited from using it for their own purposes. In addition for users in the european union, these service providers are bound by contractual terms to operate with your data only on our behalf as outlined in the DSGVO.

The legal base under DSGVO for customers in the European Union is:
Art. 6 para. 1 sentence 1 lit. b DSGVO and
Art. 6 para. 1 sentence 1 lit. f DSGVO.
The data processing is done on your own request for mentioned reasons and is required to prepare and/or fulfill our contractual obligations with you and is required if you want to visit our website and want to use its services.

Transmission to fulfill your contract

To the extend allowed by Art. 6 Abs. 1 Satz 1 lit. b DSGVO and for the settlement of our contractual obligations as required with you, we share your data with third parties.

Legal Requirements: We may disclose your information if required to do so by law or in the good faith belief that such action is necessary to comply with a legal obligation, protect and defend our rights or property, ensure the personal safety of users of the service or the public, or protect against legal liability.
Payment Information: For purchases made on our site, we use Easy Digital Downloads for processing payments. Information collected during transactions is shared with payment processors (PayPal and Stripe and Apple pay) to process your payments securely. Each payment processor adheres to its own privacy policy regarding the handling of your payment information.
Private Communications: For users who opt into regular private newsletters and communication, we use Threema for direct communication. The communication is encrypted and not readable by threema.
Affiliates: If you access our site through an affiliate link, we may share limited data with our affiliates to honor our business agreements. This is usually limited to aggregated, anonymized data unless otherwise specified.

Your data is shared only when necessary for the services you’ve requested or when we have your explicit consent. We always strive for transparency and security in every data-sharing arrangement.

How long we retain your data

General Principles: At Rough Pixels, we only retain personal data for as long as necessary to fulfill the purposes for which it was collected, including to satisfy any legal, accounting, or reporting requirements. Here’s how we handle data retention for different types of data:

Comments: If you leave a comment, the comment and its metadata are retained indefinitely. This helps us recognize and approve any follow-up comments automatically, rather than holding them in a moderation queue.
Registered Users: For users that register on our website, we store the personal information they provide in their user profile. Users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information. This information is retained indefinitely to support login and account management functions.
Transaction Records: For transactions, such as theme or plugin purchases, we retain personal data for a period necessary to process the transactions and maintain records as required by law (e.g., for tax and accounting purposes). In compliance with other required Revenue agencies, depending on your country we may retain data related to payments and transactions as long as required by their respective law.
Account Deletion Requests: Upon request for account deletion, we will delete your data from our active databases. However, some data may be retained in our backups for a limited time for data recovery purposes.
Legal Obligations: In some cases, we are legally obligated to retain certain information for a specified period, such as for taxation purposes as mandated by the CRA. In these cases, your data will be securely stored until it is no longer legally required.

Your Rights Over Your Data: You have the right to request an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any of the personal data we hold. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Modifying or Deleting Your Personal Information: If you have an account on this site or have left comments, you can request to access, correct, or delete any personal information we hold about you. Please contact us directly to initiate this process.

Your Rights Regarding Your Data

At Rough Pixels, we not only respect your privacy but also empower you with control over your data. Below are the rights you have over the data we collect and process:

Right to Access: You have the right to request copies of the data that we hold. This allows you to be aware of and verify the lawfulness of the processing.
Right to Rectification: If you believe that any information we have on you is incorrect or incomplete, you have the right to request that we correct or complete this information.
Right to Erasure (‘Right to be Forgotten’): You have the right to request the deletion of your data when it is no longer necessary for the purposes for which it was collected or when you withdraw consent on which the processing is based.
Right to Restrict Processing: You have the right to request a restriction on the processing of your data under certain conditions, such as if you contest the accuracy of the data or have objected to processing.
Right to Data Portability: You have the right to receive the personal data that you have provided to us in a structured, commonly used, and machine-readable format, and you have the right to transmit that data to another controller without hindrance from us.
Right to Object: You have the right to object to the processing of your data at any time, particularly where your data is processed for direct marketing purposes or based on our legitimate interests.
Right to Withdraw Consent: Where the processing of your data is based on consent, you have the right to withdraw that consent at any time.
Right to Lodge a Complaint: If you believe that the processing of your data infringes on data protection laws, you have the right to complain to a supervisory authority responsible for data protection in your country or region.

Exercising Your Rights: To exercise any of these rights, please contact us directly. We will respond to your request under applicable data protection laws.

Please note that these rights are not absolute and may be subject to conditions and exemptions under the applicable data protection law. We are committed to ensuring that you can exercise your rights effectively and free of charge.

Data Security Measures

At Rough Pixels, safeguarding your personal information is of utmost importance to us. We employ a comprehensive set of security measures designed to protect your data against unauthorized access, alteration, disclosure, or destruction. Here’s how we keep your data secure:

Secure Technologies: We use industry-standard encryption technologies when transferring and receiving consumer data exchanged with our site. Secure Sockets Layer (SSL) encryption ensures that your data is protected during transmission.
Strict Access Controls: Access to your personal data is restricted to employees, contractors, and agents who need to know that information in order to process it on our behalf. They are subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet these obligations.
Regular Security Assessments: Our website undergoes regular security assessments and audits to ensure that it remains safe and secure against the latest threats. This includes regular updates to our security practices and technology updates.
Data Minimization: We practice data minimization by collecting only the data necessary for the purposes for which it is processed. This reduces the risk of data exposure.
Incident Response Plan: In the unlikely event of a data breach, we have an incident response plan in place to quickly address and mitigate the risks. This includes notifying affected users and relevant authorities in accordance with legal requirements and our commitment to transparency.
Training and Awareness: We regularly train our staff on best practices for data security and privacy protection to ensure that they understand the importance of protecting personal data and the specific measures they should take to maintain its security.

Enhanced Security Measures: In addition to the comprehensive security measures previously outlined, we further bolster the protection of your data through the use of advanced firewall security plugins and the robust security protocols of our web hosting provider, Rochen Hosting. These layers of security are designed to detect, prevent, and respond to potential threats in real-time, ensuring the highest levels of protection are maintained:

Firewall Security Plugin: We employ a leading firewall security plugin that monitors and protects our site against malicious attacks, unauthorized access attempts, and other potential security threats. This plugin is regularly updated to address new vulnerabilities and enhance our site’s security posture.
Hosting Provider Security: Our partnership with Rochen Hosting ensures that our website is hosted on servers with state-of-the-art security measures. Rochen Hosting provides continuous monitoring, advanced firewalls, and intrusion detection systems to safeguard the data stored on our servers against threats.

These additional security measures are part of our commitment to maintaining a secure online environment for all our users, reflecting our ongoing investment in technology and partnerships that prioritize the integrity and confidentiality of your personal data.

Continuous Improvement: Our commitment to data security is ongoing. We continuously review and update our security practices in response to evolving threats and advancements in technology.

We want you to feel confident using our services, knowing that we are taking all necessary steps to protect your personal data. If you have any questions about our data security practices, please feel free to contact us.

What Data Breach Procedures We Have In Place

Should any event occur where customer data has been lost, stolen, or potentially compromised, our policy is to alert our customers via email no later than 48 hours of our team becoming aware of the event. We will also report such incidents to any required data protection authority. We will work closely with any customers affected to determine the next steps such as any end-user notifications, needed patches, and how to avoid any similar event in the future.

Updates to Our Privacy Policy

Commitment to Transparency: At Rough Pixels, we are committed to maintaining transparency about our privacy practices. As our services evolve and as privacy laws and regulations change, it may become necessary to update our Privacy Policy.

Notification of Changes: Whenever we make changes to our Privacy Policy that could affect your rights or the way we process your personal data, we will provide clear and prominent notice on our website before the changes take effect. We may also send you a direct notification through email, especially for significant changes.

Reviewing Updates: We encourage you to review our Privacy Policy periodically to stay informed about our data protection practices and your rights. The date of the last update will always be posted at the top of this document.

Your Continued Use Implies Consent: Your continued use of our services after any changes to our Privacy Policy will be regarded as acceptance of our updated practices. If you do not agree with the changes, you should discontinue use of our services and contact us to close any accounts you may have opened.

Questions and Feedback: We welcome your questions, comments, and feedback about our privacy practices. If you have any concerns or suggestions regarding our Privacy Policy or its updates, please feel free to contact us.