// Legal
Privacy Policy
Last updated: June 10, 2026
1. Introduction
Pixacolour ("we," "our," or "us") is committed to protecting the privacy of our customers and their end users. This Privacy Policy explains how we collect, use, store, and share information when you use our email security gateway service available at pixacolour.com.
By using our services, you agree to the collection and use of information in accordance with this policy.
2. Information We Collect
We collect the following categories of information to provide and improve our email security services:
- Account Information — name, email address, company name, billing details, and credentials used to access the Pixacolour dashboard and API.
- Email Metadata — sender and recipient addresses, subject lines, timestamps, message headers, and routing information processed during email scanning.
- Threat Data — information about detected threats, including malicious URLs, attachment hashes, sender reputation scores, and classification results.
- Technical Data — IP addresses, browser type, device information, log data, and usage patterns when interacting with our platform.
3. How We Use Your Information
We use collected information for the following purposes:
- Scan, filter, and secure inbound and outbound email traffic on behalf of your organization.
- Detect, block, and report phishing, spam, malware, and business email compromise threats.
- Improve our detection algorithms and machine learning models to increase accuracy and reduce false positives.
- Manage quarantine and allow/block list functionality.
- Process billing, manage subscriptions, and provide customer support.
- Comply with applicable legal obligations and respond to lawful requests.
4. Email Content Processing
Email content processed through the Pixacolour gateway is analyzed exclusively for security purposes. We do not read, mine, or analyze email content for advertising, user profiling, market research, or any purpose unrelated to threat detection and email security.
Email bodies and attachments are scanned in real time and are not permanently stored unless quarantined as suspicious. Quarantined items are retained according to our data retention policy.
5. Data Sharing
We do not sell your personal information or email data. We may share information in the following limited circumstances:
- Threat Intelligence Partners — anonymized and aggregated threat data may be shared with trusted security partners to improve collective threat detection.
- Infrastructure Providers — we use third-party cloud and infrastructure providers who process data on our behalf under strict contractual obligations.
- Payment Processors — billing information is shared with PCI-compliant payment providers to process transactions.
- Law Enforcement — we may disclose information when required by law, court order, or to protect the rights and safety of Pixacolour and its users.
6. Data Retention
- Quarantined emails are retained for 30 days, after which they are permanently deleted.
- Threat logs and analytics are retained for 90 days for reporting and investigation purposes.
- Billing and transaction records are retained in accordance with applicable tax and accounting regulations.
- Account data is retained for the duration of your subscription and deleted within 60 days of account closure upon request.
7. GDPR Compliance
In compliance with the EU General Data Protection Regulation (GDPR), you have the right to:
- Access the personal data we hold about you.
- Request correction of inaccurate or incomplete data.
- Request deletion of your personal data, subject to legal retention requirements.
- Request portability of your data to another service provider.
- Revoke consent for data processing at any time.
To exercise any of these rights, contact us at contact@pixacolour.com.
8. Security
We implement industry-leading security measures to protect your data:
- TLS 1.3 encryption for all data in transit, including email processing and API communications.
- AES-256 encryption for all data at rest, including quarantined emails and stored metadata.
- SOC 2 Type II compliant infrastructure and operational practices.
- Regular penetration testing conducted by independent security firms.
- Role-based access controls, audit logging, and multi-factor authentication for all internal systems.
9. Cookies
Our website and dashboard use cookies in two categories:
- Essential Cookies — required for authentication, session management, and core platform functionality. These cannot be disabled.
- Analytics Cookies — used to understand usage patterns and improve the user experience. These are only set with your explicit consent and can be managed through our cookie preferences panel.
10. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. When we make material changes, we will notify you via email at the address associated with your account at least 14 days before the changes take effect.
11. Contact
If you have questions about this Privacy Policy or our data practices, please contact us:
Pixacolour
Email: contact@pixacolour.com
Milan, MI — Italy