This policy explains what personal data Pixie Builds collects, why, how long we keep it, and the choices you have. It covers both the visitors and prospects of this website and the way we handle data on behalf of the contractors we work for. We keep collection to the minimum the work actually requires.
1. Who we are
Pixie Builds operates pixiebuilds.com and is based in the European Union (Czech Republic). We build and manage websites and local marketing for home-service contractors in the United States. For any privacy question, or to exercise the rights described below, email [email protected].
2. Our two roles: controller and processor
It matters which hat we are wearing, because it changes who decides how data is used.
- For this website and our own prospects, we are the data controller. When you browse the site or send us an inquiry, we decide what we collect and why, and this policy governs it.
- For a client's own customer and lead data, we act as the client's processor. When a contractor engages us, any personal data belonging to their customers and leads that passes through the tools we run is processed only on that client's documented instructions. The client is the controller of that data; we are their processor and act on their behalf.
A Data Processing Agreement covering the processor relationship is available to clients on request.
3. Information we collect (as controller)
On this website we collect only what we need to answer inquiries and run the business:
- Inquiries. When you use the contact form we collect the name, email, trade, current website, service area, and message you submit.
- Onboarding and business details. If you go on to engage us, we collect the business information needed to deliver the work, such as your company details, service area, logo, photos, and access you choose to grant to your domain and Google Business Profile.
- Technical and security logs. Our host records standard request data such as IP address and browser type for security and reliability.
- Theme preference. Your light or dark choice is stored locally in your browser (
localStorage). It never leaves your device and we never see it.
4. Cookies and tracking
We do not run advertising or analytics cookies on this website. There is no Google Analytics, no ad pixels, and no cross-site tracking here. The only thing stored in your browser is the essential theme preference described above. Where analytics run on a client's own website, that is part of the service we deliver for that client and is covered by the processor section below, not by tracking on this site.
5. How we use information and our legal bases (GDPR Article 6)
We use the information you give us to respond to inquiries, prepare proposals, and deliver our services. Under the GDPR our legal bases are:
- Pre-contract steps (Art. 6(1)(b)). Responding to your inquiry and preparing a proposal at your request.
- Performance of a contract (Art. 6(1)(b)). Delivering the services once you become a client.
- Legitimate interests (Art. 6(1)(f)). Operating, securing, and improving our business, including keeping the security logs above.
- Legal obligation (Art. 6(1)(c)). Meeting tax, accounting, and other legal requirements.
6. Service providers and sub-processors
We use a small set of established providers to run the site and deliver the work. The infrastructure and payment providers below handle data on our behalf:
- Cloudflare hosts this site and keeps the security and reliability logs described above.
- Web3Forms delivers our contact-form submissions to us by email.
- Stripe processes recurring payments. We never see or store full card numbers.
- Google services (Business Profile, Search Console, Analytics, and performance tools) are used when delivering a client's local-marketing work, on that client's behalf.
Two further providers are named because the data they touch is legally material to the people involved:
- Our call-tracking provider supplies the tracking phone numbers on client sites and may record and store calls (see Call recording below).
- Our review provider sends review requests by SMS and email to a client's own past customers.
We also use additional back-office tools for reporting, customer-relationship management, directory listings, and workflow automation. These run inside our own operations and do not change what is described here.
7. Data we process for clients (as processor)
When a contractor engages us, we process personal data belonging to their customers and leads, such as call records and recordings, web-form leads, and review interactions, strictly on that client's documented instructions and only to deliver the service they hired us for. We do not use that data for our own purposes, and we do not sell it. The client remains the controller of their customers' data and is responsible for the lawfulness of the instructions they give us.
8. Call recording
Where a client uses call tracking, calls placed to the tracked numbers may be recorded and stored by our call-tracking provider so the client can review lead quality. The client is responsible for providing any legally required call-recording notice or obtaining any consent that applies in the jurisdictions where their customers call from. This is set out in our Terms.
9. We don't sell or share your data
This is the core promise the rest of our site points back to. We do not sell your data, and we do not share it for anyone else's marketing. The identity, data, and results of the contractors we work with are kept confidential. We don't publish client names, logos, or testimonials, because their competitors read our site too and discretion is part of what they pay for.
10. International transfers
We operate from the European Union and serve clients in the United States, so data may be transferred between the two. Where data leaves the EEA, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses and the transfer safeguards offered by our providers.
11. Data retention
We keep inquiry messages only as long as needed to follow up. Client records are kept for as long as we work together, plus the period required to meet tax and legal obligations. Data we process on a client's behalf is retained per that client's instructions and returned or deleted at the end of the engagement. When data is no longer needed, we delete it.
12. Security
We apply reasonable technical and organizational measures to protect personal data, including access on a least-privilege basis, reputable providers, and limiting how long data is kept. No system is perfectly secure, but we keep the surface small on purpose.
13. Your rights
Depending on where you live, you may have the right to access, correct, delete, restrict, or object to our use of your personal data, and to receive a copy in a portable format. To exercise any of these, email [email protected] and we will handle it. If you are in the EU and believe we have mishandled your data, you may also complain to your local data protection authority. For visitors in the United States, including California: we do not sell personal information and do not share it for cross-context behavioral advertising.
14. Children
Our site and services are aimed at businesses, not minors, and we do not knowingly collect data from anyone under 16.
15. Changes to this policy
We may update this policy as our operations change. The current version always lives at this URL with its last-updated date.
16. Contact
Questions about privacy? Email [email protected].