Privacy policy

What Is Personal Data?
We treat any data that relates to an identified or identifiable individual or that is linked or linkable to them as “personal data”. This means that data that directly identifies you — such as your name — is personal data, and also data that does not directly identify you, but that can reasonably be used to identify you — such as the serial number of your device — is personal data. Aggregated data is considered non-personal data for the purposes of this Privacy Policy. This Privacy Policy handles personal data whether you interact with us on our websites, through Pyxis apps, or in person. We may also link to third parties on our services or make third-party apps available for download. Our Privacy Policy does not apply to how third parties define personal data or how they use it. We encourage you to read their privacy policies and know your privacy rights before interacting with them.

1. Your Privacy Rights at Pyxis.
We respect your ability to know, access, correct, transfer, restrict the processing of, and delete your personal data. We have provided these rights to our global customer base and if you choose to exercise these privacy rights, you have the right not to be treated in a discriminatory way nor to receive a lesser degree of service from us. We do not sell your data including as “sale” is defined in Nevada and California.

To help protect the security of your personal data, you must sign in to your account and your identity will be verified.

There may be situations where we cannot grant your request — for example, if you ask us to delete your transaction data and Pyxis is legally obligated to keep a record of that transaction to comply with law. We may also decline to grant a request where doing so would undermine our legitimate use of data for antifraud and security purposes, such as when you request deletion of an account that is being investigated for security concerns. Other reasons your privacy request may be denied are if it jeopardizes the privacy of others, is frivolous or vexatious, or would be extremely impractical.

2. Personal Data Collects from You
We believe that you can have great products and great privacy. This means that we strive to collect only the personal data that we need. The personal data Pyxis collects depends on how you interact with it, we may collect a variety of information, including:

• Account Information. Your ID and related account details, including email address, devices registered, account status, and age

• Device Information. Data from which your device could be identified, such as device serial number (HWID), or about your device, such as browser type

• Contact Information. Data such as name, email address, physical address, phone number, or other contact information

• Payment Information. Data about your billing address and method of payment, such as bank details, credit, debit, or other payment card information

• Transaction Information. Data about purchases of Pyxis products and services or transactions facilitated by Pyxis

• Fraud Prevention Information. Data used to help identify and prevent fraud, including a device trust score

• Usage Data. Data about your activity on and use of our offerings, such as app launches within our services, including browsing history; search history; product interaction; crash data, performance and other diagnostic data; and other usage data

• Location Information. Precise location and coarse location

• Other Information You Provide to Us. Details such as the content of your communications with Us, including interactions with customer support and contacts through social media channels You are not required to provide the personal data that we have requested. However, if you choose not to do so, in many cases we will not be able to provide you with our products or services or respond to requests you may have.

3. Personal Data Receives from Other Sources
We may receive personal data about you from other individuals, from businesses or third parties acting at your direction, from our partners who work with us to provide our products and services and assist us in security and fraud prevention, and from other lawful sources.

• Individuals. We may collect data about you from other individuals — for example, if that individual has sent you a product or gift card, invited you to participate in a service or forum, or shared content with you.

• At Your Direction. You may direct other individuals or third parties to share data with Pyxis. For example, you may direct your mobile carrier to share data about your carrier account with Pyxis for account activation, or for your loyalty program to share information about your participation.

• Our Partners. We may also validate the information you provide — for example, when creating an ID, with a third party for security, and for fraud-prevention purposes.

For research and development purposes, we may use datasets such as those that contain images, voices, or other data that could be associated with an identifiable person. When acquiring such datasets, we do so in accordance with applicable law, including law in the jurisdiction in which the dataset is hosted. When using such datasets for research and development, we do not attempt to reidentify individuals who may appear therein.

4. Use of Personal Data
We use personal data to power our services, to process your transactions, to communicate with you, for security and fraud prevention, and to comply with law. We may also use personal data for other purposes with your consent.

We use your personal data only when we have a valid legal basis to do so. Depending on the circumstance, we may rely on your consent or the fact that the processing is necessary to fulfill a contract with you, protect your vital interests or those of other persons, or to comply with law. We may also process your personal data where we believe it is in our or others’ legitimate interests, taking into consideration your interests, rights, and expectations.

• Power Our Services. We collect personal data necessary to power our services, which may include personal data collected to improve our offerings, for internal purposes such as auditing or data analysis, or for troubleshooting.

• Process Your Transactions. To process transactions, we must collect data such as your name, purchase, and payment information.

• Communicate with You. To respond to communications, reach out to you about your transactions or account, market our products and services, provide other relevant information, or request information or feedback. From time to time, we may use your personal data to send important notices, such as communications about purchases and changes to our terms, conditions, and policies. Because this information is important to your interaction with us, you may not opt out of receiving these important notices.

• Security and Fraud Prevention. To protect individuals, employees, and for loss prevention and to prevent fraud, including to protect individuals, employees, for the benefit of all our users, and prescreening or scanning uploaded content for potentially illegal content, including child sexual exploitation material.

• Personal Data Used for Personalization. If you choose to personalize your services or communications where such options are available, we will use information that we collect so that we can offer you those personalized services or communications. You can learn more about how relevant services use information to personalize your experience by reviewing the privacy information presented when you first use a service that asks to use your personal data.

• Comply with Law. To comply with applicable law — for example, to satisfy tax or reporting obligations, or to comply with a lawful governmental request. Pyxis does not use algorithms or profiling to make any decision that would significantly affect you without the opportunity for human review. Pyxis retains personal data only for so long as necessary to fulfill the purposes for which it was collected, including as described in this Privacy Policy or in our service-specific privacy notices, or as required by law. We will retain your personal data for the period necessary to fulfill the purposes outlined in this Privacy Policy and our service-specific privacy summaries. When assessing retention periods, we first carefully examine whether it is necessary to retain the personal data collected and, if retention is required, work to retain the personal data for the shortest possible period permissible under law.

5. Sharing of Personal Data
Pyxis may share personal data with affiliated companies, service providers who act on our behalf, our partners, developers, and publishers, or others at your direction. Further, Pyxis does not share personal data with third parties for their own marketing purposes.

• Service Providers. Pyxis may engage third parties to act as our service providers and perform certain tasks on our behalf, such as processing or storing data, including personal data, in connection with your use of our services and delivering products to customers. Pyxis service providers are obligated to handle personal data consistent with this Privacy Policy and according to our instructions. They cannot use the 5 personal data we share for their own purposes and must delete or return the personal data once they've fulfilled our request.

• Partners. At times, Pyxis may partner with third parties to provide services or other offerings.

• Developers and Publishers from Whom You Get a Subscription. If you purchase a third-party subscription from the Pyxis store, we create a Subscriber ID that is unique to you and the developer or publisher. The Subscriber ID may be used to provide reports to the developer or publisher, which include information about the subscription you purchased and your country of residence. If you cancel all of your subscriptions from a particular developer or publisher, the Subscriber ID will reset after 180 days if you do not resubscribe. This information is provided to developers or publishers so that they can understand the performance of their subscriptions.

• Others. Pyxis may share personal data with others at your direction or with your consent, such as when we share information with your carrier to activate your account. We may also disclose information about you if we determine that for purposes of national security, law enforcement, or other issues of public importance, disclosure is necessary or appropriate. We may also disclose information about you where there is a lawful basis for doing so, if we determine that disclosure is reasonably necessary to enforce our terms and conditions or to protect our operations or users, or in the event of a reorganization, merger, or sale.

6. Protection of Personal Data
We believe that great privacy rests on great security. We use administrative, technical, and physical safeguards to protect your personal data, taking into account the nature of the personal data and the processing, and the threats posed. We are constantly working to improve on these safeguards to help keep your personal data secure.
Children and Personal Data
We understand the importance of safeguarding the personal data of children, which we consider to be an individual under the age of 13 or the equivalent age as specified by law in your jurisdiction. That is why Pyxis has implemented additional processes and protections to help keep children's personal data safe. To access certain services, a child must have a child ID. A child ID may be created by the parent.

• Parents. To create a child account, parents must review the Family Privacy Disclosure for Children, which describes how Pyxis handles children's personal data. If they agree, the parent must provide Pyxis with a verifiable parental consent.

If we learn that a child's personal data was collected without appropriate authorization, it will be deleted as soon as possible.

7. Cookies and Other Technologies
Our websites, online services, interactive applications, and advertisements may use “cookies” and other technologies such as web beacons. These technologies help us to better understand user behavior including for security and fraud prevention purposes, tell us which parts of our websites people have visited, and facilitate and measure the effectiveness of advertisements and web searches.
• Communications Cookies. These cookies are used to enable network traffic to and from systems, including by helping us detect any errors.
• Strictly Necessary Cookies. These cookies are set as required to provide a specific feature or service that you have accessed or requested. For example, they allow us to display our websites in the proper format and language, to authenticate and verify your transactions, and to preserve the contents of your Bag when shopping online.
• Other Cookies. These cookies are used to understand how visitors interact with our websites and online services, including by helping us to assess the effectiveness of advertisements and web searches. Pyxis also uses these cookies to remember choices you make while browsing, so we can provide you with a customized experience.
If you prefer that we do not use cookies, we provide you with the means to disable their use. If you want to disable cookies and you’re using the web browser, choose “Block all cookies” in browser settings.
In addition to cookies, Pyxis uses other technologies that help us achieve similar objectives.
In some email messages Pyxis sends to you, we provide a “click-through URL” that links you to content on the website. When you click one of these URLs, they pass through a separate server before arriving at the destination page on our website. We track this click-through to help us determine interest in particular topics and measure whether we are communicating with you effectively. If you prefer not to be tracked in this way, you should not click graphic or text links in email messages.
Pyxis generally treats data we collect using these cookies and similar technologies as nonpersonal data. However, to the extent that Internet Protocol (IP) addresses or similar identifiers are considered personal data by local law, we also treat these identifiers as personal data in those regions. In addition, Pyxis sometimes combines nonpersonal data collected from these technologies with other personal data we holds. When we combine data in this way, we treat the combined data as personal data for purposes of this Privacy Policy.

8. Transfer of Personal Data Between Countries
Pyxis products and offerings connect you to the world. To make that possible, your personal data may be transferred to or accessed by entities around the world, including affiliated companies, to perform processing activities such as those described in this Privacy Policy in connection with your use of our products and services. We comply with laws on the transfer of personal data between countries to help ensure your data is protected, wherever it may be.
The Pyxis entity that controls your personal data may differ depending on where you live. For example, retail store information is controlled by individual retail entities in each country and Media Services-related personal data may be controlled by various entities as reflected in the terms of service. If you do not reside in the U.S., your personal data may be processed by us and other affiliated companies on behalf of the Pyxis entity controlling personal data for your jurisdiction.
Personal data relating to individuals in China mainland may be processed by Pyxis in countries outside of China mainland. Where this occurs, it will be done in compliance with local laws, including the Personal Information Protection Law. As outlined in this Privacy Policy, we may also transfer such personal data to third parties, who may in turn store or transfer the data outside of China mainland.

Our Companywide Commitment to Your Privacy
To make sure your personal data is secure, we communicate our privacy and security guidelines to Apple employees and strictly enforce privacy safeguards within the company.

Privacy Questions
Pyxis takes your privacy questions seriously. A dedicated team reviews your inquiry to determine how best to respond to your question or concern, including those inquiries received in response to an access or download request. In most cases, all substantive contacts receive a response within seven days. In other cases, we may require additional information or let you know that we need more time to respond. Where your complaint indicates an improvement could be made in our handling of privacy issues, we will take steps to make such an update at the next reasonable opportunity. In the event that a privacy issue has 8 resulted in a negative impact on you or another person, we will take steps to address that with you or that other person. If you are not satisfied with our response, you may refer your complaint to the applicable regulator. If you ask us, we will endeavor to provide you with information about relevant complaint avenues which may be applicable to your circumstances. When there is a material change to this Privacy Policy, we’ll post a notice on this website at least a week in advance of doing so and contact you directly about the change if we have your data on file.