Privacy Policy

Last updated: May 17, 2026. Your privacy matters — here’s how we protect your data.

Terms of ServiceGo back home

1. Introduction

Pixivite ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal data when you use our AI-powered invitation platform ("Service"). This policy is designed to comply with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable data protection laws.

2. Data Controller

Pixivite acts as the data controller for personal data processed through the Service. For questions about data processing, contact our Data Protection Officer at dpo@pixivite.com.

3. Data We Collect

We collect the following categories of personal data:

3.1 Information You Provide

  • Account Data: Name, email address, and password hash when you register. If you sign in with Apple and choose "Hide My Email", we receive an Apple private relay email address (e.g., xyz@privaterelay.appleid.com) instead of your real email. This relay address is used as your account email and is fully functional for receiving notifications.
  • Phone Number: Mobile phone number if you opt in to SMS notifications.
  • Event Data: Event details such as occasion type, dates, guest names, and personalized messages.
  • Guest Contact Data: Names, email addresses, and phone numbers of guests you add to your events for invitation delivery.
  • Media Content: Photos and images you upload for invitation creation.

3.2 Automatically Collected Data

  • Usage Data: Pages visited, features used, timestamps, and interaction patterns.
  • Device Data: Browser type, operating system, IP address, and device identifiers.
  • Cookies: Essential and optional cookies as described in our cookie consent preferences.

3.3 AI-Processing Data

  • Prompts & Inputs: Text and parameters you provide for AI generation.
  • Generated Content: AI-created images and videos produced by the Service.

5. How We Use Your Data

  • To create, manage, and authenticate your account.
  • To generate AI-powered invitation content based on your inputs.
  • To store and deliver your created invitations.
  • To improve our AI models using anonymized, aggregated data.
  • To send transactional emails (account verification, password reset).
  • To send SMS/text messages for event invitations, RSVP updates, reminders, and notifications when you or your guests have opted in.
  • To analyze usage patterns and improve the Service.
  • To comply with legal obligations and respond to lawful requests.

6. SMS, WhatsApp & Text Message Communications

If you opt in to receive SMS or WhatsApp messages from Pixivite, the following applies:

6.1 Data Collected for SMS & WhatsApp

  • Your mobile phone number.
  • SMS/WhatsApp opt-in status and timestamp of consent.
  • Message delivery status and opt-out requests.

6.2 How We Use SMS & WhatsApp Data

Phone numbers are used solely to deliver messages you have consented to receive, including event invitations (with images and video links), RSVP confirmations, reminders, nudge notifications, event updates, cancellations, and thank-you messages. For hosts, we also send RSVP alerts and pre-event summary notifications. We do not use phone numbers for marketing purposes unless you separately consent.

6.3 SMS & WhatsApp Data Sharing

Phone numbers are shared with our messaging providers (Azure Communication Services for SMS and WhatsApp) for the purpose of message transmission. We do not sell, rent, or share phone numbers with third parties for their marketing purposes.

6.4 Opt-Out & Data Deletion

You may opt out of SMS messages at any time by replying STOP to any message, or by updating your preferences in account settings. For WhatsApp, you can block the sender or reply STOP. Upon opt-out, we will cease sending messages and delete your phone number within 30 days unless required for legal or compliance purposes. You may also request immediate deletion by contacting dpo@pixivite.com.

6.5 Guest Phone Numbers

When you provide guest phone numbers for SMS or WhatsApp invitation delivery, you represent and warrant that you have obtained appropriate consent from each guest to receive messages. All guest SMS messages include a "Reply STOP to opt out" footer. Guest phone numbers are used solely for delivering the specific event communications you initiate and are subject to the same retention policies as other event data.

7. Data Sharing & Third Parties

We do not sell your personal data. We may share data with:

  • AI Service Providers: Azure OpenAI (Microsoft) and Google Cloud Vertex AI for image and video generation — only the inputs required for generation (event details, style preferences) are shared, processed under data processing agreements. No personal data (email, phone) is sent to AI providers.
  • Cloud Infrastructure: Microsoft Azure for hosting, storage, and compute — data processed under Microsoft's Data Processing Addendum (DPA).
  • Payment Processors: Stripe processes web payment transactions. Apple processes in-app purchase transactions made through the iOS app. Pixivite does not store credit card numbers — all payment data is handled by Stripe (PCI-DSS Level 1) or Apple respectively. See Stripe's Privacy Policy and Apple's Privacy Policy.
  • Authentication Provider: Microsoft Entra External ID handles user authentication, account creation, and social login (Google, Apple). Data shared includes email, display name, and profile attributes. See Microsoft's Privacy Statement.
  • Communications Providers: Azure Communication Services (ACS) for SMS, WhatsApp, and email delivery — phone numbers, email addresses, and message content are shared solely for transmission purposes.
  • Gift Card Provider: Tremendous for gift card fulfillment — recipient email and gift amount are shared when a guest sends a gift card.
  • Push Notifications: Apple Push Notification Service (APNs) and Firebase Cloud Messaging (FCM) for mobile push notifications — device tokens are stored to deliver notifications.
  • Legal Requirements: When required by law, court order, or governmental authority.

8. Pixi Wall & Community Data

The Pixi Wall is a community feature where you can share AI-generated greetings with other Pixivite users. Here's how we handle your data in this context:

Data Collected

  • Wish Content: Messages, @mentions, and #hashtags you include when posting to the Pixi Wall.
  • Reactions & Comments: Emoji reactions and text comments you leave on other users' wishes.
  • Display Information: Your display name and avatar are shown alongside your wishes, reactions, and comments.

Visibility

  • Pixi Wall wishes are visible to all logged-in Pixivite users.
  • Wishes are not visible to unauthenticated visitors, search engines, or third parties outside the Pixivite platform.
  • Your display name and avatar are shown with your wishes — your email address is never displayed.

Retention & Deletion

  • You can delete your own wishes at any time — this also removes associated reactions and comments.
  • When you delete your account, all your Pixi Wall content (wishes, comments, reactions) is permanently removed after the 30-day grace period.
  • Content flagged or removed by moderation is retained for 90 days for review purposes.

9. Data Retention

  • Account Data: Retained while your account is active. Upon deletion request, your account enters a 30-day grace period during which you can reactivate by logging in. After 30 days, all account data is permanently erased.
  • Media & Generated Content: Retained for 90 days after the associated event date, then automatically deleted. Upon account deletion, all media is permanently erased after the 30-day grace period.
  • Address Book Contacts: Retained while your account is active — deleted when you remove contacts or after account deletion grace period expires.
  • Payment & Billing Records: Transaction records retained for 7 years for tax and legal compliance. Stripe and Apple retain payment data per their respective retention policies. Active Stripe subscriptions are cancelled immediately upon deletion request. App Store subscriptions must be cancelled separately by the user in iPhone Settings → Subscriptions.
  • Referral Data: Referral records retained for 12 months after credit expiry for audit purposes.
  • Gift Card Transactions: Gift card purchase and redemption records retained for 24 months.
  • Usage Logs: Retained for 12 months, then anonymized or deleted.
  • Device Tokens (Push): Retained while your account is active — automatically removed on logout or account deletion.
  • SMS Consent Records: Opt-in and opt-out records are retained for 5 years for TCPA compliance purposes.
  • Sign-In Credentials: Upon permanent account deletion (after 30-day grace period), your sign-in identity is removed from our authentication provider (Microsoft Entra). You may re-register with the same email address to create a new account.

10. Your Rights Under GDPR

If you are in the European Economic Area (EEA), you have the following rights:

  • Right of Access: Request a copy of your personal data.
  • Right to Rectification: Correct inaccurate or incomplete data.
  • Right to Erasure: Request deletion of your data ("right to be forgotten").
  • Right to Restrict Processing: Limit how we use your data.
  • Right to Data Portability: Receive your data in a machine-readable format.
  • Right to Object: Object to processing based on legitimate interest.
  • Right to Withdraw Consent: Withdraw consent at any time.
  • Right to Lodge a Complaint: File a complaint with your local supervisory authority.

To exercise any of these rights, use the data management options in your account settings or contact us at dpo@pixivite.com. We will respond within 30 days.

11. Your Rights Under CCPA

If you are a California resident, you have the following additional rights:

  • Right to Know: Request disclosure of the categories and specific pieces of personal information we have collected about you.
  • Right to Delete: Request deletion of your personal information, subject to certain exceptions.
  • Right to Opt-Out of Sale: We do not sell personal information. If this changes, we will provide an opt-out mechanism.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.

To exercise any of these rights, contact us at dpo@pixivite.com. We will verify your identity before processing your request and respond within 45 days.

12. Cookies & Tracking

We use cookies and similar technologies:

  • Essential: Authentication, security, preferences — always required.
  • Analytics: Usage statistics, performance monitoring — requires consent.
  • Marketing: Personalized recommendations — requires consent.

You can manage your cookie preferences at any time through the cookie consent banner or your browser settings.

13. Data Security

We implement industry-standard security measures including: encryption in transit (TLS 1.3) and at rest (AES-256), secure password hashing (bcrypt), JWT-based authentication, Azure Key Vault for secrets management, and regular security audits. Despite these measures, no method of transmission over the Internet is 100% secure.

14. International Data Transfers

Your data may be transferred to and processed in countries outside the EEA. We ensure appropriate safeguards through Standard Contractual Clauses (SCCs), adequacy decisions, or other approved mechanisms. Our primary cloud infrastructure is hosted on Microsoft Azure within EU-certified data centers.

15. Children's Privacy

The Service is not intended for users under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child under 16, we will take steps to delete it promptly.

16. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or a prominent notice on the Service. Your continued use of the Service after such changes constitutes acceptance of the updated policy.

17. Contact Us

For privacy-related inquiries or to exercise your data rights:

We value your privacy

We use cookies to enhance your experience, analyze site usage, and assist in our marketing efforts. Essential cookies are always active. You can choose which optional cookies to allow. Read our Privacy Policy for more details.