Privacy policy

This Privacy Policy explains how Pixelfox Group AB ("Rendera", "we", "us", or "our"), a company based in Sweden, collects, uses, and protects personal data when you use Rendera (the "Service"). We process personal data in accordance with the EU General Data Protection Regulation (GDPR) and applicable Swedish law.

1. Data controller

Pixelfox Group AB is the controller of the personal data described in this policy. For any privacy questions or to exercise your rights, contact us at info@rendera.io.

2. What data we collect

• Account data — your name, email address, and authentication details, managed through our authentication provider when you sign up or sign in.
• Billing data — subscription, plan, and payment status. Card payments are processed by Stripe; we do not store full card numbers.
• Content and inputs — product URLs, brand assets, text, images, and other materials you submit to generate ads, along with the resulting output.
• Usage data — log and device information such as IP address, browser type, pages viewed, and actions taken, used to operate and improve the Service.
• Communications — messages you send us and your email and marketing preferences.

3. How we use your data and legal bases

We process personal data to:

• provide, operate, and secure the Service and your account (performance of a contract);
• process payments and manage subscriptions (performance of a contract);
• generate ads from your inputs, including by sending those inputs to our AI sub-processors (performance of a contract);
• improve and develop the Service, prevent abuse, and keep it secure (our legitimate interests);
• send service and, where permitted, marketing communications (consent or legitimate interests, which you can object to at any time); and
• comply with legal obligations (legal obligation).

4. AI processing

To create ads, the inputs you provide are sent to third-party AI providers that generate text, images, audio, and video on our behalf. These providers act as our processors and are permitted to use the data only to provide their services to us, not to train their own models on your content except where you have separately agreed.

5. How we share data and sub-processors

We do not sell your personal data. We share it only with service providers (processors) that help us run Rendera, under appropriate data-processing agreements. These include providers for:

• authentication and account management;
• payment processing (Stripe);
• cloud database and file storage hosting;
• AI generation of images, video, audio, and text;
• transactional and marketing email; and
• background job processing and analytics.

We may also disclose data where required by law or to protect our rights, users, or the public.

6. International transfers

Some of our providers are located outside the European Economic Area, including in the United States. Where personal data is transferred outside the EEA, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses.

7. Data retention

We keep personal data for as long as your account is active and for as long as needed to provide the Service, comply with legal obligations, resolve disputes, and enforce our agreements. When data is no longer needed, we delete or anonymise it. You can request deletion of your account and associated data at any time.

8. Your rights

Subject to applicable law, you have the right to access, correct, delete, or restrict processing of your personal data; to data portability; to object to processing based on legitimate interests or direct marketing; and to withdraw consent at any time. To exercise these rights, email info@rendera.io. You also have the right to lodge a complaint with your local supervisory authority — in Sweden, the Swedish Authority for Privacy Protection (IMY).

9. Cookies

We use cookies and similar technologies that are necessary to operate the Service, such as keeping you signed in and maintaining your session. We may also use limited analytics to understand how the Service is used. You can control cookies through your browser settings; disabling essential cookies may affect how the Service works.

10. Security

We take reasonable technical and organisational measures to protect personal data, including encryption in transit, access controls, and use of reputable infrastructure providers. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.

11. Children

The Service is not directed to children and is intended for users aged 18 and over. We do not knowingly collect personal data from children.

12. Changes to this policy

We may update this Privacy Policy from time to time. If we make material changes, we will take reasonable steps to notify you. The "Last updated" date above indicates when the policy was last revised.

13. Contact

For any questions about this policy or how we handle your data, contact us at info@rendera.io.