GDPR Statement & Privacy Policy

Painting Pixels GDPR Statement and Privacy Policy 

Painting Pixels Website 

  • Our newsletter only gather the data that you input. We only add you to our newsletter system if you physically tick the box on our contacts for and or fill out the specific newsletter sign up form. Our general contact forms do not sign you up to our newsletter. 
  • Our website is full encrypted via an SSL certificate so any data exchange via the website and user is encrypted.  
  • Our contact forms are a supplied via (contact form 7) and we follow there guidelines to ensure we are compliant. We only capture the limited information that you physically input including your name, email, telephone number and your enquiry message to us. We use the info you have provided is to contact you back and fulfil your enquiry. If the enquire leads to nowhere (no projects) we simply delete your data. If you become our customer then we protect your details as explained in the customer section. 
  • Cookies and Google Analytics tracking – We track you across our site using tracking code from Google to analyse the number of visitors to our website and to each page. You are never personally identifiable. We have rejigged our settings on Google analytics to comply with GDPR and Googles own GDPR statement. We have set the retention rate for the minimum amount of time available via the Google controls.
  • Our website is a bespoke system built on the WordPress platform and we use plugins that are GDPR compliant or simply gather, store or track any form of data. 

Painting Pixels Interent Server 

  • Our dedicated server is supplied and managed by Storm Internet. The server is protected via a fire wall and is continually being upgraded to the latest and most secure firmware and software. Our controlling domain for there server is and is protected via an SSL certificate which encrypts the data. Additionally we have ‘Lets Encrypt’ enabled on the system. Please see Storm Internets GDPR Statement for more detailed information. 
  • Websites that we create that are hosted on our server that utilise payment systems are protected and governed by their respective payment gateways and no data is processed on our server. 

Painting Pixels In-house Data Servers 

  • We store all of our working files on our in-house servers and also have a remote backup of our working data files. These data servers all are firewall protected, are encrypted via SSL and we also have them physically strapped down using physical Locks. The system is password protected and partitioned with password protected access to certain areas and to certain members of staff based in the level. The system is continually updated with the latest firmware supplied via Qnap (Qnap Privacy Notice). We have enabled all Malware and Virus detection and removal software on the systems. 

Painting Pixels In-house Computer System 

  • All of our in-house computer system are password protected. We have enabled (find my Mac) we have set the computers to auto erase should they be stolen. We make a point of locking our computers when we leave our desk and we have enabled them to auto lock should we forget. However the office environment is safe and secure. We have additional layers of security which safe guards particular folders and files that hold client sensitive data. This folders and files are restricted to only management and are password protected beyond the computer level password protection. 

Painting Pixels Client Information 

  • We stored our client information as provided by our clients. These include contact details for communication and invoicing. All the details are governed by our strict security measures. We hold the data for the duration of the project. Any login details and are sent to use are held for the duration of the project and we always advise our clients to reset these after the project is complete. 
  • Our clients that use our PPSystem for websites are added to our support list newsletter. This newsletter is exclusive to our PPSystem subscribers and will notify them of the security updates and newly added features to their system.
  • Our general customers will be added to our ‘general customer’ newsletter to advise them of the days our studio is closed and what to do if they need to contact us. 

Public Personal Data 

  • We do not hold public personal data on our in-house computers or systems (See statement above about use of our website and anonymous tracking. If you send us an email enquiry, we use it as stated above. If you become a client we protect your data also as stated otherwise we delete it.

Email Processing by Google

  • We use the G Suit system provided by Google, who are committed to GDPR compliant. We have auctioned all their steps to be in line and compliant. Furthermore we have remote access to all of email accounts and can change any password or remote wipe all data if required.