Skip to content
Legal

Privacy Policy

Draft · last updated June 10, 2026

This is a working draft pending legal review. It explains in plain language how Piczel works, not the final binding document.

This policy explains what data Piczel collects, why, how long we keep it, and the rights you and your clients have over it. It is written to be readable; if anything is unclear, write to [email protected].

1. Who this covers

This policy covers the Piczel website and the Piczel product. It applies to you as a photographer (or studio) with a Piczel account, and it explains how we handle the data of your clients and gallery visitors when we process it on your behalf.

If you are a client of a photographer who uses Piczel, the photographer decides what is collected in their galleries and studio records; we process that data on their instructions. Direct questions about your photos or data to your photographer first; we will help where the platform itself needs to act.

2. Information we collect

We collect only what we need to run the service:

  • Account details: your name, email, password (stored hashed), studio name, and billing information.
  • Your content: the photographs, videos, and documents you upload, and the pages you build.
  • Client and studio records: the names, contact details, bookings, contracts, invoices, and notes you add about your clients.
  • Transaction data: orders, payouts, and invoice status. Card numbers are handled by our payment providers and never stored on Piczel servers.
  • Technical data: request logs, IP addresses, device and browser type, and usage metrics we need to operate, secure, and improve the service.
  • Communications: messages you send to support, so we can help you and keep a record of what was agreed.

3. How we use information

We use your information to provide the service: delivering galleries, processing bookings and payments, sending service emails (such as receipts, gallery notifications, and security alerts), preventing fraud and abuse, providing support, and improving the product. We do not sell your personal data or your clients' personal data, and we do not use your photographs for advertising or to train AI models.

5. Your photos and your clients

Files you upload remain yours. We process, resize, watermark, and cache them only to deliver the galleries, sites, and stores you create. For your clients' personal data, you are the controller and Piczel is your processor, acting on your instructions under our Data Processing Addendum. You are responsible for collecting that data lawfully, including any consents or releases your local law requires.

6. Who we share data with

We share data only where running Piczel requires it:

  • Service providers: media storage and delivery, transactional email, and cloud hosting, each bound by data-protection terms.
  • Payment providers, such as Paystack, to process subscriptions, store sales, and payouts.
  • Print labs or other integrations, only when you connect them and only the data the integration needs.
  • Authorities, where a law or valid legal process requires it; we review every request and disclose no more than required.
  • A successor business, if Piczel is ever merged or acquired, under this same policy and with notice to you.

7. International transfers

Piczel serves photographers in Nigeria and worldwide, so data is stored and processed on infrastructure that may be outside your country. Where data moves across borders we rely on appropriate safeguards, such as standard contractual clauses and equivalent mechanisms under the NDPA, to keep it protected to the same standard.

8. How long we keep data

We keep your data while your account is active. When you delete content, it sits in trash for 30 days (so mistakes are recoverable) and is then permanently deleted, along with expiring caches and backups on their own short schedule.

When you close your account, we delete your content and personal data on the same basis, except records we must keep for legal reasons, such as invoices and tax records, which are retained for the period the law requires and then deleted.

9. Security

We protect data with encryption in transit and at rest, signed and access-controlled media delivery, role-based access, and least-privilege access for our own team. No system is perfectly secure, but security is a design constraint at Piczel, not an afterthought. Details are on our security page; report concerns to [email protected].

10. Your rights

Depending on where you live, including under the NDPA in Nigeria and the GDPR in the EU and UK, you have the right to:

  • Access the personal data we hold about you, and get a copy in a portable format.
  • Correct data that is inaccurate or incomplete.
  • Delete your data, subject to the retention rules above.
  • Object to or restrict certain processing, and withdraw consent where processing is based on it.
  • Complain to your data-protection authority, such as the Nigeria Data Protection Commission (NDPC), the UK ICO, or your EU supervisory authority.

Most of these you can do yourself from your dashboard. For the rest, email [email protected] and we will respond within the timelines your law sets, and never charge you for a reasonable request.

11. Cookies

We use a small number of cookies to keep you signed in, remember preferences like theme and currency, and understand usage in aggregate. The full list and your choices are in our Cookie Policy.

12. Children

Piczel accounts are for adults running a photography business. We do not knowingly collect personal data directly from children. Photographs of minors uploaded by photographers (school, family, or newborn work) are handled under the photographer's responsibility as controller, with the consents their law requires.

13. Marketing

We send product news and tips only if you opt in, and every marketing email has a working unsubscribe link. Service emails (receipts, security notices, gallery activity you have asked to be told about) are part of running your account and are not marketing.

14. Changes to this policy

We may update this policy as the product evolves. Material changes will be announced in-app or by email before they take effect, with the date at the top of this page updated so you can see what changed and when.

15. Contact

Questions, requests, or complaints about privacy? Email [email protected]. If you are not satisfied with our response, you can contact your data-protection authority.