Privacy & Data Transparency

In a studio that builds digital interfaces, data is the material we shape. Our privacy policy isn’t a defensive legal document—it’s a clear map of what we collect, why we need it, and how we protect it. For clients who entrust us with their brand’s digital home, understanding this boundary is the first step of collaboration.

We designed this policy to be human-readable. If you have questions about how your information is handled, we’ve provided direct channels at the bottom of this page. Our commitment is simple: we collect only what’s necessary, we store it securely, and we never sell it.

What We Collect: A Practical Inventory

Data collection at PixNexo falls into two distinct categories: operational data for our business and project data for our clients. Understanding the difference clarifies our responsibilities.

For Visitors & Inquiries

  • Contact Data: Name, email, and project details submitted via our contact form or email. We retain this for 24 months to track potential projects and maintain a relationship history.
  • Technical Data: IP address, browser type, and device information. Collected automatically for security and to diagnose technical issues with our site.
  • Cookies: Essential cookies for site functionality (e.g., keeping a contact form state). No marketing or tracking cookies by default.

For Active Clients

  • Project Assets: Logos, brand guidelines, content drafts, and image assets. These are stored securely in our client portal during the active project phase.
  • Communication Records: Emails, meeting notes, and feedback documents. We archive project communications for 7 years post-completion for reference and support.
  • Billing Information: Business address, tax ID, and payment history. Processed through encrypted third-party services (like Stripe); we do not store full payment card details.
Organized workspace representing structured data handling

Documentation

Every project asset is versioned and backed up daily. Client access logs are kept for security audits.

Usage & Protection: The Studio Protocol

Data is only as valuable as its application. We use collected information strictly for the purposes outlined below, never for undisclosed profiling or resale.

Service Delivery & Communication

Contact data is used solely to initiate and maintain project communication, send project deliverables, and provide post-project support.

Security & Improvement

Technical data helps us prevent fraud, ensure site stability, and analyze performance trends to improve the security of our digital environment.

Legal & Compliance

We may process data to comply with legal obligations, such as invoicing requirements or responding to lawful requests from Turkish authorities.

Protection Measures

Our technical infrastructure is designed for resilience. Data in transit is encrypted via HTTPS (TLS 1.3). Data at rest is stored on encrypted servers with strict access controls, limited to essential personnel.

Abstract representation of encrypted data security

Internal Access Audit Log: Last Review: 2026

Real-World Constraints & Trade-offs

Privacy is a balance between transparency, functionality, and security. Here are the concrete constraints that shape our approach.

Constraint

No Marketing Analytics by Default

We do not install third-party tracking pixels (e.g., Meta, Google) on our studio site unless a client specifically requests it for their own project dashboard. This minimizes our data footprint.

Trade-off

Form Convenience vs. Minimization

Our contact form asks for name, email, and project details. This simplifies the process for a startup founder on a mobile device, but it means we must diligently clean our inbox to avoid retaining data unnecessarily.

Decision Criteria

Third-Party Vendors

We only partner with service providers (hosting, payment processing) that comply with GDPR-like standards and transparently document their own data policies. We sign Data Processing Agreements where applicable.

What Would Change Our View

A Client's Specific Need

If a client requires a specific analytics tool for their project's performance tracking, we integrate it. The data collected is owned by the client, and we make this transparent in the project scope document.

Scenario

Onboarding a Restaurant Chain for a New Menu Website

When the Istanbul-based restaurant group “Köşe” approached PixNexo, their primary need was a new website with integrated reservations and a dynamic menu. Their main data concern was customer (patron) information, not their own corporate data.

  1. Day 1 (Discovery): Köşe’s founder shares brand assets via our secure client portal. We access the file, which is encrypted in transit and at rest. We use the data to mock up the brand system.
  2. Week 2 (Build): We build the reservation form. We clearly inform the client that all patron data (names, phone numbers, dates) will be processed by a third-party reservation system. Our role is purely technical integration.
  3. Launch & Handover: Before launch, we document the entire data flow in a project brief. This document helps the client understand their own privacy obligations to their patrons. The client’s corporate data remains in our portal for 2 years, as per our contract.

This scenario illustrates that our responsibility is two-fold: protecting client data entrusted to us, and advising on the data flows we build.

Data flow diagram for a restaurant client project

Your Rights

Whether you are a visitor, a potential client, or an active partner, you retain control over your data.

  • Access: You can request a copy of the data we hold about you. We'll provide it within 30 days.
  • Correction: If any data is inaccurate, we will update it upon request.
  • Deletion: You may request the deletion of non-essential data (e.g., initial contact inquiries not tied to a project).
  • Object: You can object to our processing for legitimate interests.

Data Controller & Contact

The Data Controller for this website is PixNexo, a design studio registered in Türkiye.

Contact Information

PixNexo
İkitelli OSB Mah. Triko Center San.
M3 Blok Başakşehir, İstanbul, Türkiye

Phone: +90 850 303 62 24
Email: [email protected]
Working Hours: Mon-Fri: 9:00-18:00 (TRT)

For data-related inquiries, please use the subject line "Privacy Inquiry" in your email. We respond to all requests within one business week.

Read Cookie Policy Terms of Service

This Privacy Policy was last updated on January 15, 2026. We may update this policy to reflect changes in our practices or the law. We will post a prominent notice on our site for material changes.