PIXELON
HomeExploreFee Calculator
Contact

Privacy Policy

Last updated: February 9, 2026

1. Introduction

Pixelon.art ("Platform"), operated by CODECRAFTCLOUD CO., LTD. ("Company", "we", "us", or "our"), is committed to protecting the privacy and security of your personal information. This Privacy Policy ("Policy") describes how we collect, use, disclose, and safeguard your information when you access or use our Platform.

By accessing or using the Platform, you consent to the collection, use, and disclosure of your information as described in this Policy. If you do not agree with the terms of this Policy, please do not access or use the Platform.

This Policy applies to all Users of the Platform, including Artists, Buyers, and visitors. We encourage you to read this Policy carefully and to contact us if you have any questions.

2. Information We Collect

2.1 Account Information

When you create an account on the Platform, we collect the following information:

  • Username and display name
  • Email address
  • Password (stored as a bcrypt hash; we never store your plaintext password)
  • Google account information if you register or link via Google OAuth
  • Language and locale preferences

2.2 Profile Information

If you choose to provide additional profile information, we may collect:

  • Profile avatar image
  • Cover image
  • Biography or description
  • Social media links
  • Portfolio or website URLs

2.3 Transaction Data

When you engage in transactions on the Platform, we collect:

  • Purchase history, including products, commissions, and auction bids
  • Sales records and revenue data (for Artists)
  • Payment method information (processed and stored by Stripe; we do not store credit card numbers)
  • Invoice and receipt records
  • Payout and disbursement records

2.4 Usage Data

We automatically collect certain information about your use of the Platform:

  • Pages visited, features used, and browsing patterns
  • Search queries and filter preferences
  • Interactions with Content (likes, comments, follows)
  • Theme, language, and currency preferences
  • Timestamps of activities and session durations

2.5 Device and Technical Data

We collect technical information about the devices you use to access the Platform:

  • IP address
  • Browser type and version
  • Operating system
  • Device type and screen resolution
  • Referring website or source

2.6 Communication Data

When you use the Platform's messaging features, we collect:

  • Direct messages between Users (for commission coordination and support)
  • Notification delivery records
  • Customer support correspondence

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Service Provision: To operate, maintain, and improve the Platform and its features.
  • Account Management: To create, maintain, and secure your account.
  • Transaction Processing: To process payments, commissions, auctions, and payouts through Stripe.
  • Communication: To send you notifications, updates, and respond to your inquiries.
  • Security: To detect, prevent, and address fraud, abuse, and security threats.
  • Analytics: To analyze usage patterns and improve the Platform's performance and user experience.
  • Legal Compliance: To comply with applicable laws, regulations, and legal processes.
  • Terms Enforcement: To enforce our Terms of Service, including the prohibition on AI-generated content.

4. Payment Information

All payment processing on the Platform is handled by Stripe, Inc. When you make a purchase or receive a payout, your payment information (credit card numbers, bank account details) is transmitted directly to and stored by Stripe in accordance with the Payment Card Industry Data Security Standard (PCI DSS).

The Platform does not directly collect, store, or process credit card numbers or bank account details. We only receive and store transaction identifiers, amounts, statuses, and currency information necessary to display your transaction history and process refunds.

For Artists receiving payouts through Stripe Connect, Stripe may collect additional identity verification information (government ID, tax identification numbers) as required by applicable regulations. This information is handled directly by Stripe and is not stored by the Platform.

5. Cookies and Local Storage

The Platform uses cookies and browser local storage for the following purposes:

  • Authentication: We use httpOnly cookies for refresh tokens and local storage for access token management to maintain your authenticated session.
  • Preferences: We store your theme preference (dark/light mode), language selection (Thai/English), and currency preference in local storage.
  • Security: We use session cookies for CSRF protection and rate limiting.
  • Performance: We may use cookies to monitor Platform performance and improve loading times.

You can manage cookie settings through your browser preferences. However, disabling cookies may affect your ability to use certain features of the Platform, including authentication.

6. Information Sharing and Third Parties

We do not sell, rent, or trade your personal information to third parties. We may share your information with the following categories of service providers:

  • Stripe, Inc.: Payment processing, identity verification (for Stripe Connect), and financial transaction management. Stripe's privacy policy: https://stripe.com/privacy
  • Cloudflare, Inc.: Content delivery network (CDN), DDoS protection, Workers (serverless computing), and R2 object storage for artwork and media files. Cloudflare's privacy policy: https://www.cloudflare.com/privacypolicy/
  • Google LLC: OAuth authentication for account registration and login. Google's privacy policy: https://policies.google.com/privacy
  • MongoDB, Inc.: Cloud database hosting for Platform data. MongoDB's privacy policy: https://www.mongodb.com/legal/privacy-policy

We may also disclose your information: (a) to comply with applicable laws, regulations, or legal processes; (b) to enforce our Terms of Service; (c) to protect the rights, property, or safety of the Company, our Users, or others; or (d) in connection with a merger, acquisition, or sale of all or a portion of our assets.

7. Data Storage and Security

We implement appropriate technical and organizational measures to protect your personal information, including:

  • Passwords are hashed using the bcrypt algorithm and are never stored in plaintext.
  • Authentication uses JSON Web Tokens (JWT) with short-lived access tokens and secure httpOnly refresh token cookies.
  • Session data is stored in Redis with automatic expiration (7-day TTL).
  • Invalidated tokens are maintained in a Redis blacklist to prevent unauthorized reuse.
  • Artwork and media files are stored in Cloudflare R2 with access controls.
  • All data transmission between your browser and our servers uses HTTPS/TLS encryption.

While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security of your data.

8. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes described in this Policy:

  • Active Accounts: Your account information is retained for as long as your account remains active.
  • Deleted Accounts: Upon account deletion, your personal information is removed within 30 days, except as required by law or necessary for legitimate business purposes (e.g., fraud prevention, dispute resolution).
  • Transaction Records: Financial transaction records are retained for a minimum of 7 years to comply with applicable tax and financial regulations.
  • System Logs: Server logs and security-related data are retained for up to 90 days.
  • Communications: Messages between Users are retained for as long as the associated accounts remain active.

9. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

  • Right of Access: You may request a copy of the personal information we hold about you.
  • Right of Correction: You may request that we correct inaccurate or incomplete personal information.
  • Right of Deletion: You may request that we delete your personal information, subject to legal and contractual obligations.
  • Right of Data Portability: You may request a machine-readable copy of your personal information.
  • Right to Withdraw Consent: You may withdraw your consent to the processing of your personal information at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
  • Right to Restrict Processing: You may request that we restrict the processing of your personal information under certain circumstances.

To exercise any of these rights, please contact us at support@pixelon.art. We will respond to your request within 30 days or as required by applicable law.

10. Children's Privacy

The Platform is not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take steps to promptly delete such information.

If you are a parent or guardian and believe that your child has provided us with personal information, please contact us at support@pixelon.art so that we can take appropriate action.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. Our service providers, including Cloudflare and Stripe, operate globally, and your data may be stored in data centers located in various jurisdictions.

We take appropriate measures to ensure that international transfers of your personal information comply with applicable data protection laws. By using the Platform, you consent to the transfer of your information to countries that may have different data protection standards than your country of residence.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be communicated to Users through the Platform's notification system or via email. The updated Policy will indicate the date of the most recent revision.

Your continued use of the Platform after the posting of a revised Privacy Policy constitutes your acceptance of the changes. We encourage you to review this Policy periodically to stay informed about how we protect your information.

13. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or the handling of your personal information, please contact us at:

Email: support@pixelon.art

Platform: Pixelon.art

HomeExploreMessagesNotifications