Privacy Policy

We collect only the data necessary to provide and improve the PixelsID service. Here’s exactly what we collect and why:

All data collected is used for the specific purpose of providing the PixelsID service to you. We do not use your data for any unrelated purpose. Specifically, we use your data to:

• Operate the Service — store and serve your photos, process AI identifications, manage galleries and rosters
• Manage Your Account — authenticate logins, process billing, enforce subscription limits
• Communicate With You — send service notifications (gallery processing complete, subscription updates), respond to support requests
• Improve the Service — understand usage patterns to fix bugs, improve performance, and develop new features
• Maintain Security — detect and prevent unauthorized access, abuse, or fraud

We use Google Analytics to understand how visitors interact with our website. Google Analytics collects information such as:

• Pages visited and time spent on each page
• Referring websites and search terms
• Device type, browser, and operating system
• General geographic location (city/region level, not precise location)

This data is used solely to improve the PixelsID website and user experience. Google Analytics uses cookies to collect this information. You can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.

For more information, see Google’s Privacy Policy.

We use a limited number of third-party services to operate PixelsID. These providers process your data only as necessary to provide their services to us:

• Cloud infrastructure providers — Database hosting, authentication, CDN, and photo storage
• Payment processor (Stripe) — Stripe handles all payment card data directly; we never see or store your card numbers
• AI processing services — Facial recognition and image analysis (photos are sent for processing and results are returned; images are not retained by the provider)
• Google Analytics — Website usage analytics (as described above)
• Public sports data APIs — Roster data for professional and college sports (no personal data from you is shared with these providers)

We do not share your data with any third parties beyond what is described here.

When you upload a headshot for roster indexing, our system generates a mathematical representation (a “face embedding”) of the facial features. This is a numerical vector, not an image. These embeddings are used solely to match faces in your uploaded photos against your roster.

Face embeddings are stored securely and are associated with your organization’s account. They are not shared across organizations, not used for surveillance, and not accessible to other users.

Collection and purpose. We collect facial recognition data — specifically, face embedding vectors derived from headshot photos you upload — for the sole purpose of identifying athletes in sports photographs within your organization’s account. We do not collect facial recognition data from any other source, and we do not use it for any purpose other than providing the identification features of the Service.

Retention and destruction schedule. Face embeddings are retained for as long as your organization’s account is active and the associated person record exists. Face embeddings are permanently destroyed in the following circumstances:

• When you delete an individual person from your roster (embedding deleted immediately)
• When you delete your account (all embeddings deleted within 30 days)
• When a subscription lapses and the account is deactivated (embeddings deleted within 90 days)
• Upon written request to privacy@pixelsid.ai (completed within 30 days)

We do not sell, lease, trade, or profit from facial recognition data.

Your consent responsibilities. By enabling facial recognition features and uploading headshots, you confirm that you have obtained any consent required by applicable law from the individuals whose biometric data you are submitting for processing. Several U.S. states — including Illinois (BIPA), Texas, and Washington — require written consent prior to collecting biometric identifiers. PixelsID does not provide legal advice; you are solely responsible for your compliance obligations in your jurisdiction.

You may delete any person’s facial data at any time by removing them from your roster, which also permanently deletes the associated face embedding.

We take the security of your data seriously and implement industry-standard measures including:

• All data transmitted over HTTPS/TLS encryption
• Account passwords are managed by our authentication provider and are not accessible to PixelsID staff
• Row-level security policies restrict data access to authorized users and organizations
• Authentication tokens are short-lived and automatically refreshed
• Photos are stored in cloud object storage with access controls
• Third-party credentials such as FTP passwords are hashed at rest

While we implement reasonable security measures, no system is 100% secure. We cannot guarantee absolute security of your data.

We retain your data for as long as your account is active. When you delete your account:

• Your data is retained for 30 days to allow for reactivation
• After 30 days, your photos, galleries, roster data, and face embeddings are permanently deleted
• Billing records may be retained longer as required by law
• Anonymized, aggregated analytics data (not linked to you) may be retained indefinitely

For plans with ephemeral storage, photos are automatically deleted after the specified retention period (e.g., 14 days).

You have the right to:

• Access your data — View and export your photos, galleries, and account information at any time
• Correct your data — Update your account information, roster data, and gallery details
• Delete your data — Delete individual photos, galleries, roster entries, or your entire account
• Download your data — Export your photos with embedded metadata at any time
• Opt out of analytics — Disable Google Analytics using browser settings or add-ons

To exercise any of these rights, use the relevant features in your account settings or contact us at privacy@pixelsid.ai.

PixelsID is operated from the United States and is primarily intended for users in the United States. If you access the Service from outside the United States, your data will be transferred to and processed in the United States.

If you are located in the European Economic Area (EEA), United Kingdom, or another jurisdiction with data protection laws (such as the GDPR or UK GDPR), you may have additional rights including:

• Right of access — Request a copy of the personal data we hold about you
• Right to rectification — Request correction of inaccurate personal data
• Right to erasure — Request deletion of your personal data
• Right to data portability — Receive your data in a structured, machine-readable format
• Right to object — Object to certain types of data processing
• Right to restrict processing — Request limits on how we process your data

To exercise any of these rights, contact us at privacy@pixelsid.ai. We will respond to requests within 30 days.

By using the Service from outside the United States, you consent to the transfer of your personal data to the United States for processing as described in this policy.

PixelsID processes facial recognition data, which may be classified as biometric data under certain laws. Several U.S. states — including Illinois, Texas, and Washington — have enacted biometric privacy laws with specific requirements regarding notice, consent, and data handling.

You are responsible for ensuring your use of PixelsID’s facial recognition features complies with all applicable laws in your jurisdiction. This may include obtaining written consent from individuals whose photos you upload for facial recognition processing. PixelsID does not provide legal advice regarding your compliance obligations.

PixelsID is not directed at individuals under the age of 18. We do not knowingly collect personal information from children. Note that photos of minor athletes may be uploaded by authorized photographers and organizations — the responsibility for appropriate use and distribution of those photos rests with the uploading organization.

We use a minimal number of cookies:

• Authentication cookies — Essential for keeping you logged in (required for the Service to function)
• Google Analytics cookies — For website analytics (can be opted out of)

We do not use advertising cookies, tracking pixels from ad networks, or any third-party marketing cookies.

We may update this Privacy Policy from time to time. We will notify you of material changes via email or a notice within the Service. The “Last Updated” date at the top of this page reflects the most recent revision.

Questions about this Privacy Policy or your data? Contact us:

• Email: privacy@pixelsid.ai
• General support: support@pixelsid.ai