Log in
Book a Call 

Pixelco Privacy Policy

Last updated: 2025-11-24

This Privacy Policy explains how Ai Viral Sweden AB, operating under the brand name Pixelco (“Pixelco”, “we”, “us”), processes personal data when users visit websites that use Pixelco technology (“Participating Websites”). Pixelco provides a cross-site visitor identification service that helps Participating Websites recognize returning visitors, understand engagement, and link voluntarily provided email addresses to user activity where consent is given.

Pixelco is the independent Data Controller for all cross-site identification and email-linking processing described in this Privacy Policy. Each Participating Website remains an independent Data Controller for any processing they perform using data received from Pixelco.

1. How Pixelco Works Across Participating Websites

Pixelco provides the core identification technology used by all Participating Websites.

1.1 What Pixelco Does Internally

Pixelco provides the cross-site identification service that operates across Participating Websites. After consent, Pixelco:

  • creates and maintains a pseudonymous identifier (cookie or fingerprint-based)

  • recognizes returning visitors on Pixelco-enabled websites

  • links emails voluntarily submitted on a Participating Website to that identifier only after global cross-site consent is given

  • stores and enforces a single consent state across Participating Websites

  • maintains suppression records after withdrawal to prevent re-profiling

Pixelco never reveals to any Participating Website which other websites a visitor has used or where the visitor’s email was originally collected.

1.2 What Pixelco Does Not Do

To avoid any uncertainty:

  • Pixelco does not show Participating Websites where else a visitor has been

  • Pixelco does not operate an advertising network

  • Pixelco does not sell personal data

  • Pixelco does not share emails with websites the user hasn’t visited

  • Pixelco does not enrich profiles with external or purchased data

  • Pixelco does not collect special-category data (health, religion, etc.)

  • Pixelco does not send marketing emails to user emails collected by Participating Websites

1.3 What Participating Websites Can Do

Each Participating Website can use Pixelco only for its own visitors and only when those visitors are on that website. Specifically, a Participating Website may:

  • recognize returning visitors on its own website only

  • measure engagement, conversions, and performance on its own website

  • personalize on-site experiences for visitors on its own website

  • identify a visitor by email only when the visitor actually visits that website

A Participating Website may identify the visitor by email if and only if:

  • the visitor has given Pixelco’s global cross-site consent, and

  • the visitor actually visits that specific Participating Website

Importantly:

Participating Websites do not receive any information about:

  • which other Pixelco-enabled websites a visitor has used

  • where the email was originally collected

  • visitor behavior, activity, or analytics from any other website

2. Personal Data We Process

When the user provides consent, Pixelco may process the following categories of personal data. These categories correspond only to the data necessary for Pixelco’s identification, analytics, and email-linkage functions.

2.1 Technical and Device Data

Pixelco may process technical information to create and maintain the Pixelco identifier and to understand how Pixelco-enabled websites are used. This may include:

  • IP address (stored briefly or masked)

  • browser and device type

  • operating system

  • screen resolution and language

  • timestamps of visits

  • URLs visited on Participating Websites

  • basic interaction events (e.g., clicks, page views)

  • the Pixelco identifier (cookie-based or fingerprint-based; fingerprinting only after explicit consent)

This information is used to maintain a privacy-preserving identifier and to provide performance analytics only to the specific Participating Website the visitor is currently using.

2.2 Email Linkage

If the user voluntarily provides an email address on a Participating Website (including but not limited to checkout, signup, registration, or a form submission), Pixelco may:

  • link the email to the Pixelco identifier

  • store the email-identifier linkage so the user can be recognized on future visits

  • make the email available only to Participating Websites when the user actually visits those specific websites

Pixelco does not make email addresses available to websites the user has not visited.

When a user accepts Pixelco’s global cross-site consent, that consent includes permission for Participating Websites the user visits to send marketing communications related to their own services.

Marketing Use of the Email

When a user has given Pixelco’s global cross-site consent and then visits a Participating Website:

  • that website may use the email for marketing or communication purposes

  • no second marketing opt-in is required by that website

  • the website is responsible for meeting GDPR transparency requirements: stating in its Privacy Policy that Pixelco may provide email information

2.3 No Special Category Data

Pixelco does not collect or infer special category data under GDPR Article 9, such as:

  • health information

  • religious or political beliefs

  • ethnicity

  • biometric identifiers

  • sexual orientation

Pixelco processes only the limited data described in Sections 2.1 and 2.2.

3. How Pixelco Uses the Data

Pixelco uses personal data only for the specific purposes described below. These purposes correspond directly to the technical functions already outlined in Sections 1 and 2.

3.1 Operating the Pixelco Identification System

Pixelco uses technical data to operate its identification service across Participating Websites. This includes creating and maintaining the Pixelco identifier, recognizing returning visitors, and managing a single cross-site consent state. Pixelco also uses this data to ensure that suppression and withdrawal requests are respected.

3.2 Providing Email-Based Recognition

When the user voluntarily provides an email on a Participating Website and has given Pixelco’s global cross-site consent, Pixelco uses the email–identifier link to enable Participating Websites to recognize the user during future visits.

Pixelco only provides the email to the specific Participating Website the user actually visits.

3.3 Supporting Website-Specific Marketing

If a user has given Pixelco’s global cross-site consent and later visits a Participating Website, that website may use the provided email to send marketing or communication messages related to its own services.

3.4 Providing Website-Level Analytics

Pixelco uses technical and interaction data to generate aggregated performance analytics for the specific Participating Website the visitor is using.

Pixelco does not provide any cross-site analytics.

3.5 Legal Compliance, Security, and Fraud Prevention

Pixelco may process data to meet legal obligations (such as GDPR recordkeeping), maintain security, prevent misuse, and enforce withdrawal.

4. Sharing of Personal Data

Pixelco shares personal data only in the limited ways required for its identification and email-linkage functions. Pixelco never sells personal data and never shares it with unrelated third parties.

Pixelco only shares data with:

  • Participating Websites the user actually visits

    (These websites receive the Pixelco identifier, the user’s consent status, the user’s email if it has been previously provided, and site-specific analytics for their own website only)

 

  • Contracted subprocessors

    (e.g., hosting, security, analytics providers used solely to operate Pixelco’s service)

Pixelco does not provide any website with information about where the user has visited previously or where the email was originally collected.

4.1 Article 14 Requirement for Participating Websites

When a Participating Website receives an email linkage from Pixelco, GDPR Article 14 requires that the website inform the user that:

  • Pixelco was the source of the email

  • the reason the website received it

  • how the website will use it (e.g., marketing, account contact, service communication)

Participating Websites must provide this information in their Privacy Policy

No additional consent is required from the user once Pixelco’s global cross-site consent has been given, unless the website wishes to send communications beyond the scope permitted by Pixelco’s consent framework.

5. Legal Basis

Processing is performed under:

GDPR Article 6(1)(a) – Consent

and relevant ePrivacy rules.

No processing (including fingerprinting or cross-site identification) occurs without explicit user consent.

6. Cookies and Consent Storage

Pixelco uses a small number of cookies to remember consent choices and, after acceptance, to enable cross-site identification.

6.1 Consent Cookies

To remember a user’s choice:

  • Reject cookie — stored for 7 days, created when the user clicks “Reject,” prevents repeated prompts.

  • Accept cookie — stored for 12 months, created only when the user clicks “Accept All.”

Both cookies are set through a secure iframe hosted on pixelco.com, allowing consent to apply across all Participating Websites.

6.2 Cross-Site Identifier

A pseudonymous identifier is created only after the user clicks Accept, and may be stored via:

  • a first-party cookie inside a pixelco.com iframe, and

  • a fingerprint-based identifier (only with consent)

7. Data Retention

Pixelco stores data for limited periods:

  • identifier & analytics: 12 months after last activity

  • email linkage: up to 24 months after last activity or until withdrawal

  • consent & audit logs: up to 36 months

  • suppression records: as long as necessary to honor withdrawal

Pixelco does not store personal data indefinitely.

8. Withdrawal & Deletion

Users can change or remove their Pixelco consent at any time via:

  • the Pixelco banner (“Reject”)

  • the Pixelco.io website

  • clearing browser cookies

  • emailing info@pixelco.io

8.1 Withdraw Consent

When consent is withdrawn:

  • Pixelco stops tracking and email-linking

  • no new data is shared with Participating Websites

Previously shared data remains with the receiving website.

8.2 Request Deletion

Users may request full deletion of all Pixelco-linked data by emailing info@pixelco.io.

When deleted:

  • Pixelco removes identifiers, email linkages, and related records

  • Participating Websites are instructed to delete the email

8.3 Global Effect

Both withdrawal and deletion apply across all Participating Websites.

9. User Rights

Users have the right to:

  • access personal data

  • request correction or deletion

  • withdraw consent

  • restrict processing

  • object to processing

  • request data portability

  • lodge a complaint with their supervisory authority

Requests: info@pixelco.io

 10. International Transfers

If data is transferred outside the EEA, Pixelco uses:

  • Standard Contractual Clauses

  • supplementary technical and organizational safeguards

11. Security Measures

Pixelco uses:

  • encryption

  • access controls

  • logging and monitoring

  • secure hosting

  • network isolation

  • staff access restrictions

12. Children

Pixelco is not intended for users under the age required for valid consent in their jurisdiction (typically 16). We do not knowingly process children’s data.

13. Changes to This Policy

When this Privacy Policy changes, Pixelco will:

  • update the “Last Updated” date

  • re-obtain consent where required by law

 

14. Contact

Ai Viral Sweden AB

Email: info@pixelco.io