PRIVACY POLICY OF LOTPIXEL

Last Updated: 6 March, 2026

This Privacy Policy has been prepared to help you understand which personal data we collect, how we use this data, and which rights you have. For the purposes of applicable data protection legislation, the relevant LotPixel legal entity specified for your region in the "Contact" section of this Policy is the data controller of the personal data you provide, and determines how and for what purposes your personal data will be processed.

This Privacy Policy applies to the following website and services:

the domain name www.lotpixel.com and all subpages linked to it, as well as software provided by LotPixel (for example, the LotPixel Hub desktop application, plugins and integrations developed for Blender, Autodesk 3ds Max and other Digital Content Creation (DCC) software), copyright-protected digital assets (such as PBR textures, 3D models, HDRIs and similar digital content) and all other services we license to our customers (collectively referred to as the "Services").

In this Policy, the term "Personal Data" refers to any information you provide to us when using our Services or when contacting us in any other way, through which your identity is identifiable. Data that has been anonymized and can no longer be associated with an individual does not fall within the scope of Personal Data. In this Policy, when we say "Affiliated Parties", we refer to business partners, affiliates and third-party service providers with whom we work while carrying out our business.

PLEASE READ THIS PRIVACY POLICY CAREFULLY BEFORE USING OUR SERVICES.

IF YOU DO NOT ACCEPT THIS PRIVACY POLICY, PLEASE DO NOT USE THE SERVICES.


Policy Summary

Below is a summary of the main types of services used by LotPixel and the categories of personal data that may be processed in this context. Detailed explanations are provided in the relevant sections of the Policy.

Analytics Tools
  • Google Analytics 4
    Personal Data: browser information; city; device information; latitude and longitude of the city (approximate location); number of users; session statistics; tracking technologies ("Tracker"); usage data.
  • Meta Pixel
    Personal Data: browser information; city; device information; latitude and longitude of the city (approximate location); number of users; session statistics; tracking technologies; usage data.
User Communication
  • E-mail list / newsletter
    Personal Data: e-mail address; first name; usage data.

Cross-border data transfer based on standard contractual clauses
Personal Data: various data types (to the extent necessary within the scope of the relevant processing activity).

Displaying Content from External Platforms
  • YouTube video component
    Personal Data: tracking technologies (Tracker); usage data.
Payment Processing
  • Iyzico
    Personal Data: various data types as specified in the respective service's own privacy policy.
Hosting and Backend Infrastructure
  • Amazon Web Services (AWS)
    Personal Data: various data types as specified in the respective service's privacy policy.
  • OVHcloud
    Personal Data: various data types as specified in the respective service's privacy policy.
App Distribution Platforms
  • Microsoft Store
    Personal Data: various data types as specified in Microsoft's own privacy statement and Microsoft Store terms. Microsoft acts as an independent data controller when you obtain the LotPixel Hub via the Microsoft Store.
Marketing
  • LotPixel Affiliate Program
  • Meta Pixel
Registration and Authentication Provided Directly by LotPixel
  • Direct Registration
    Personal Data: billing address; company name; e-mail address; first name; language; last name; password; tracking technologies; usage data; user ID; various data types; tax number (if applicable / VAT).
Remarketing and Behavioral Targeting
  • Google Signals
    Personal Data: tracking technologies; usage data.
SPAM Protection
  • Google reCAPTCHA
    Personal Data: tracking technologies; usage data.
Tag Management
  • Google Tag Manager
    Personal Data: usage data.
  • Meta Pixel
    Personal Data: usage data.
  • Yandex Metrica
    Personal Data: usage data.
Traffic Optimization and Distribution
  • Cloudflare
    Personal Data: tracking technologies; various data types as specified in the respective service's privacy policy.
Data Controller and Contact Details

LotPixel
Zeytinlik Mahallesi, Yakamoz Sokak
Cumhuriyet Apartmanı No: 64/4
Merkez / Sinop
Türkiye
E-mail: [email protected]


1. What Personal Data Do We Collect?

We may collect and process the following types of personal data about you:

Financial Data: Financial data such as your payment card information is accessed only indirectly via Iyzico, which provides our payment infrastructure; your card information is processed and stored by Iyzico. As LotPixel, we do not store sensitive financial information such as card numbers in our own systems.

Identity Data: Your first name, last name, postal address, postal code, city, country, e-mail address and (if applicable) project name.

Contact Data: Your billing address, e-mail address and other contact information you provide when communicating with us.

Transaction Data: Details of payments made between you and us, information regarding the products and Services you purchase, your subscription plans and credit usage.

Technical Data: IP addresses you use to access our Services, your login information, device type, operating system, browser type and version, timestamps and similar technical data.

Profile Data: Your username, password, purchases, orders, areas of interest, preferences and settings, feedback and survey responses.

Usage Data: Information on how you use our website, Hub application, plugins and other Services; interaction data such as pages you view, content you download, and your search and filtering behavior.

Marketing and Communication Preferences: Data relating to whether or not you wish to receive marketing content from us; your newsletter subscription status and communication preferences.

We do not collect any "Special Categories of Personal Data" about you. Special category data includes sensitive categories such as race or ethnic origin, political opinions, religious or philosophical beliefs, sex life or sexual orientation, trade union membership, health information and genetic/biometric data. We also do not collect information relating to criminal records or offences.

We only collect Personal Data to the extent that we believe it is necessary to fulfill your online requests and for our legitimate business purposes.


2. How Do We Collect Your Personal Data?

Direct interactions

We obtain your data directly from you in the following situations:

  • When you place an order for a product or Service via our website or Hub,
  • When you create an account on any of our sites,
  • When you subscribe to our Services or publications,
  • When you request that we send you resources or marketing content,
  • When you participate in a contest, sweepstake, campaign or survey,
  • When you send feedback or create a support request,
  • When you authenticate and sign in via the Hub or plugins.
Automated technologies or interactions

As you use our Services, we may collect Technical Data about your device, browsing behavior and usage patterns. We collect this data through:

  • Cookies,
  • Server logs,
  • Analytics tools such as Google Analytics, Meta Pixel and Yandex Metrica,
  • Local and remote log files generated by the Hub and plugins.

For detailed information about cookies, please refer to our Cookie Policy.

Usage and Diagnostics Data (LotPixel Hub and Add-ons)

In addition to the data categories described above, the LotPixel Hub desktop application and our official DCC plugins (the "Hub and Add-ons") may collect the following types of data:

(a) Essential technical and diagnostic data (always collected)

In order to operate, secure and maintain the Hub and Add-ons, we may always collect a limited set of technical and diagnostic data, which may include:

  • Download logs and API request logs generated by the Hub and Add-ons,
  • Hard crashes and fatal exceptions, including information about the operating system name and version,
  • Critical error logs that are necessary to diagnose and resolve stability or security issues,
  • Information about your device and application environment (such as Hub version, plugin version and, where permitted by applicable law, approximate location).

This technical and diagnostic data is processed on the legal basis of our legitimate interests (service operation, security, fraud and abuse prevention) and, where applicable, for the performance of our contract with you (for example, to deliver downloads and maintain your account).

(b) Optional usage and analytics data (opt-in where required)

Depending on your settings and applicable law, we may also collect optional usage and analytics data from the Hub and Add-ons. This may include, for example:

  • Actions performed within the application, such as adding a folder to the asset library or importing a texture, 3D model or decal,
  • Contextual information about those actions, such as which type of asset was imported and which file extensions were involved (for example EXR, JPG), but not the full filenames,
  • Aggregate information about the size and number of synchronized or downloaded assets,
  • Non-fatal error reports and performance metrics that help us understand how the Hub and Add-ons behave over time.

Where required by applicable data protection law (for example, for users located in the EU/EEA), this optional usage and analytics data is collected only if you actively opt in to such data sharing when you log in or in the application settings. You may withdraw your consent at any time, as described in Sections 3 and 6 of this Privacy Policy.

(c) Data that is never transmitted off your machine

When you use the Hub and Add-ons, we do not access or transmit the following categories of information from your local projects or storage:

  • Full filenames, folder names or drive names of your local files,
  • The actual contents of your project files, scenes, textures, 3D models or any other creative assets stored on your machine,
  • The contents of drives or directories that you browse locally inside your DCC application.

Such information may be used locally by your operating system or DCC software in order to display your files, but it is not sent to LotPixel's servers through the Hub or official Add-ons.

The processing activities described in this subsection should be read together with the general explanations in Sections 1, 3, 6 and 10 of this Privacy Policy regarding the legal bases for processing, your rights and our security measures.


3. How and Why Do We Use Your Personal Data?

Below is a summary of the purposes for which we plan to use your personal data and the legal bases we will rely on when processing this data. Where necessary, we also explain our legitimate interests. The data types referred to here correspond to the categories defined in Section 1 above.

The most common legal bases for processing your personal data are as follows:

  • Performance of the contract between us: For example, to create your account, manage your subscription, deliver a product you have purchased, or enable you to download assets via the Hub.
  • Our legitimate interests: Such as developing our Services, ensuring security, preventing fraud, providing customer support and improving our products; provided that these interests are not overridden by your fundamental rights and freedoms.
  • Compliance with a legal or regulatory obligation: Such as maintaining financial records, complying with tax legislation and providing information to competent authorities.
  • Your explicit consent: Especially in cases where we need to send direct marketing communications via e-mail, or for certain processing activities such as the use of specific types of cookies.
Marketing communications

We may send you marketing communications in the following situations:

  • If you have requested information from us or purchased a product/Service,
  • If, when entering your details, you have given your consent by ticking the relevant box to receive marketing communications (for example when purchasing a product/Service or creating a subscription),
  • And in all such cases, provided you have not opted out of receiving marketing communications.

We will always obtain your explicit consent before sharing your personal data with any third party for their own marketing purposes. In general, we do not rely solely on consent except in circumstances such as sending marketing e-mails; for most processing activities we rely on the legal bases of performance of contract, legitimate interests or legal obligations.

You may withdraw your consent to marketing communications at any time by using the unsubscribe (opt-out) links in the marketing e-mails we send, or by sending an e-mail to [email protected]. Opting out of marketing may not apply to e-mails that may be sent to you in connection with product/Service purchases or mandatory service notifications.

Change of purpose

We will only use your personal data for a different purpose where it is compatible with the purpose for which it was originally collected. If you would like more information on how a new purpose is compatible with the original purpose, you can contact us at [email protected]. If we need to use your personal data for a purpose that is entirely different from the original purpose, we will notify you separately and explain the legal basis for this new processing activity.

Where legally required or permitted, we may process your personal data without your knowledge or consent.


4. Cookies and Logs

A cookie is a small data file that a website places on your computer's or device's hard drive in order to remember your preferences and the pages you visit, making your experience more efficient and enjoyable.

Within the scope of our Services, we may use cookies for the following purposes:

  • Measuring the number of unique visitors who visit our Service within a certain period,
  • Remembering user account information or session status to reduce the need for repeated logins,
  • Personalizing your visits to the Service and presenting content that is more suitable for you.

We may combine information collected via cookies with other information you provide online while using the Service in order to help personalize your access to and use of the Service. You can disable cookies in your browser settings; however, in this case, certain parts of our Services may not function properly.

We may also collect data in the form of server logs. Log data kept on web servers provides aggregate information about the number of visits to various pages of the Service and other browsing data. These logs may include the following technical information:

  • IP address,
  • Device information (device name and IDs, hardware model, operating system and version, mobile network information),
  • Browser information,
  • Cookie information,
  • Access date/time information,
  • Page(s) viewed,
  • Referring page(s).

For details, please refer to our Cookie Policy.


5. Contractual Relationship with Our Registered Users

When you register as a user (whether free or "premium"), we request the personal data we need to manage and fulfil the contractual relationship between us. These generally consist of your identity, contact, payment and profile data.

We do not request, collect or process special categories of personal data (such as race or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health, sexual orientation and sex life, genetic and biometric data).

In some cases, you can also create your LotPixel registered user account by linking it with your accounts on other platforms (for example, Facebook, Google, etc.). By using these "federated login / social login" options at the top of our website, you can authenticate your identity through these platforms without having to create a separate username and password for LotPixel. In this case, authentication takes place within the framework of a joint controllership relationship between the relevant platforms and LotPixel: You log in on these platforms, they verify who you are, and we sign you in to your LotPixel account based on this information.

With regard to the personal data obtained through these platforms (and other data you provide to us in the context of your relationship with LotPixel), you may exercise your rights of access, rectification, erasure, restriction of processing, data portability and withdrawal of consent by contacting LotPixel via the e-mail address specified in this Policy.

Please note: Correcting or deleting data in your LotPixel account does not automatically mean that your data held by the platforms that authenticate your identity is also corrected or deleted. To exercise your rights regarding your data on these platforms, you must also contact the relevant platforms separately.

For all other data processing activities arising from your relationship with these platforms, the respective platform's privacy policy applies.

Further information can be found at the following links:

Facebook:
Joint controller addendum : https://www.facebook.com/legal/controller_addendum
https://www.facebook.com/privacy/policy/?entry_point=data_policy_redirect&entry=0

Google:
Google Privacy & Terms : https://policies.google.com/privacy


6. Marketing Preferences and Your Rights

6.1 Opt-In / Opt-Out

We strive to give you control over how we use the personal information we collect. The marketing content we may send you (for example newsletters, campaign announcements, product updates) includes mechanisms (such as an "unsubscribe" link) that allow you to easily opt out of the relevant subscription if you no longer wish to receive such communications in the future.

6.2 Access, Rectification, Erasure, Objection and Other Rights

With respect to the personal data we collect about you, you have the following rights:

  • The right to request access to the personal data we hold about you,
  • The right to request rectification of data that is inaccurate or incomplete,
  • The right, under certain conditions, to request the erasure of your personal data,
  • The right, on legitimate grounds, to object to or restrict the processing of some or all of your personal data,
  • The right to request that your data be transferred (data portability) to you or to a third party you designate, in a structured, commonly used and machine-readable format,
  • The right to withdraw your consent to marketing communications at any time.

Users who wish to deactivate (close) their account may do so in accordance with the procedure set out in the End-User License Agreement (EULA). Deleted information may continue to remain in backups for a reasonable period; however, this information will not be accessible to other users or third parties. Data retained in backups is stored for our internal accounting records and to respond to potential future invoice requests.

You do not need to pay any fee to exercise your rights; however, if your request is clearly unfounded, repetitive or excessive, we reserve the right to charge a reasonable fee or to refuse your request.

Upon your request, we may ask you for additional information in order to verify your identity and ensure that the relevant right is actually being exercised by you. This is a security measure to prevent your personal data from being disclosed to the wrong persons. If your request is complex or if you have submitted multiple requests at the same time, our response time may occasionally exceed one month; in such a case, we will inform you and keep you updated on the status of the process.

If you wish to exercise any of the rights set out in this section, you can send an e-mail to [email protected]. In addition, if you reside or work in an EU member state, or if the place where you believe a potential violation has occurred is located there, you also have the right to lodge a complaint with the relevant data protection authority of that country.


7. Data Retention Period

We retain your personal data for as long as necessary to fulfil the purposes for which we collected it. This period also includes the time required to meet our legal, accounting or reporting obligations.

When determining an appropriate retention period, we take into account:

  • The amount, nature and sensitivity of the personal data we process,
  • The potential risk of harm arising from unauthorized use or disclosure of the data,
  • The purposes for which we process the data and whether those purposes can be achieved by other means,
  • Applicable legal requirements.

As required by law, we may be obliged to retain basic information about our customers (including contact, identity, financial and transaction data) for seven years after the customer relationship has ended, for tax and accounting purposes.

In some cases, we may anonymize your personal data so that it can no longer be associated with you, and use it for research or statistical purposes for a longer period. In such cases, we may retain and use anonymous data, which can no longer be associated with an individual, indefinitely.


8. Sharing and Disclosure of Personal Data

We do not sell your personal data to third parties for marketing purposes. As a general rule, we do not share your personal data with third parties unless it is necessary to provide our Services and there is a legal basis to do so. However, where our business partners, affiliates and third-party service providers are involved in the provision of our Services, we may need to share your personal data in the following situations:

  • With service providers that offer information technology and system management services,
  • With our affiliates or group companies,
  • With our business partners that we refer to as Affiliated Parties,
  • With lawyers, banks, auditors and insurance companies that provide consultancy, banking, legal, insurance and accounting services.

All such third parties are obliged to process your personal data only in accordance with our instructions, for the specified purposes and in compliance with applicable data protection legislation.

Disclosures Due to Legal Obligations

We may also be required to disclose your personal data in the following situations:

  • To comply with law, court orders or similar legal processes,
  • To protect our rights, property and the security of our Services,
  • In situations where we deem it necessary to ensure the safety of Service users, ourselves or third parties.
Use of Microsoft Store and other app distribution platforms

Where you choose to obtain the LotPixel Hub or other LotPixel Software through the Microsoft Store or similar app distribution platforms, certain personal data may be processed directly by the relevant platform provider as an independent data controller. This may include data relating to your store account, licensing, device identifiers, crash reports, usage statistics and other information processed in accordance with that provider's own terms and privacy policy.

LotPixel does not control and is not responsible for the processing of personal data carried out independently by such platform providers. We only receive limited information from these platforms where necessary to distribute, update or secure our applications (for example, aggregated install statistics or crash data that has been shared with us). For more details on how Microsoft processes personal data, please refer to Microsoft's own privacy statement and Microsoft Store terms.

Updates via Microsoft Store

When you install the LotPixel Hub or other LotPixel Software via the Microsoft Store, the application may be updated automatically through the Microsoft Store's built-in update mechanism. These updates are managed by Microsoft as part of your operating system and Store settings.

We do not receive your full update history or a list of all applications installed on your device. We only receive limited, aggregated information (for example, total number of installs and updates) where this is made available by Microsoft to publishers. You can manage how updates are delivered (including whether automatic updates are enabled) in your Microsoft Store or Windows settings.

No additional data collection in the Microsoft Store version

The Microsoft Store version of the LotPixel Hub does not collect any additional categories of personal data beyond those described in this Privacy Policy. All data processing (including technical logs, usage data and optional analytics) is performed under the same conditions and legal bases, regardless of whether you obtained the application from our website or from the Microsoft Store.


9. International Data Transfers

In the course of its operations, LotPixel may work with service providers located in different countries. Your personal data may be transferred to, stored in or processed in countries outside the European Union / European Economic Area ("EU/EEA").

Where such a transfer occurs, we implement appropriate safeguards to ensure that the level of protection of your personal data is equivalent to that in the EU/EEA. Examples of such safeguards include:

  • Standard Contractual Clauses approved by the European Commission,
  • Binding corporate rules,
  • Or an adequacy decision relating to the respective country.

If you would like more information about these measures, you can contact us.


10. Security

We take comprehensive technical and administrative measures to ensure the security of the Personal Data we collect. Our aim is to reduce to a reasonable minimum the risks of unauthorized access, loss, accidental alteration or unauthorized disclosure of your data.

Your personal data is stored in secure server environments that are not publicly accessible and can only be accessed by authorized employees, consultants and/or service providers. Access to these environments is restricted through methods such as username/password combinations, role-based access permissions, two-factor authentication where necessary, and recorded access logs.

Your data is protected during transmission by encrypted communication protocols (for example HTTPS/TLS) so that it cannot be read by third parties. Where appropriate, certain data categories (for example access tokens) are additionally encrypted or masked at rest. To reduce the risk of unauthorized access, we define access permissions only to the extent necessary for the job and in accordance with the "need to know" principle.

In terms of physical security, the data centers where the data is stored are protected by security cameras, access cards, visitor registration systems and infrastructure measures against disasters such as fire and flooding. Our systems are regularly updated, patches are applied against known security vulnerabilities and, where necessary, security tests (such as vulnerability scans) are carried out.

We also implement regular backup processes to reduce the risk of data loss. These backups are stored so that they can only be accessed under similar security measures, by authorized persons and only when genuinely necessary.

Despite all these measures, it is not possible to guarantee that any data transmission over the internet or any electronic storage method is 100% secure. In the event of a suspected personal data breach, in accordance with applicable data protection legislation we will:

  • Assess the nature of the breach,
  • Analyze the potential risks the breach may pose for you,
  • Implement the technical and administrative measures we deem necessary,
  • Notify the relevant supervisory authorities and, where necessary, you, within a reasonable timeframe, in line with our legal obligations.

11. Children's Privacy

Our Services are not designed for persons under the age of 13. We do not knowingly collect Personal Data (such as name and e-mail address) from children under 13 without the explicit consent of a parent or legal guardian.

We consider the protection of children's privacy important and encourage parents to be involved in their children's online activities. If you are a parent or guardian and believe that your child under the age of 13 is using our Services and has provided us with Personal Data, please contact us at [email protected]. In such a case, we will take the necessary steps to delete the child's account and all personal data belonging to them within a reasonable period.


12. Changes to Our Privacy Policy

This Privacy Policy may be updated from time to time. When we make significant changes to the Policy, we will:

  • Publish the updated text on our website and/or within the Hub,
  • Where appropriate, send a notice to your registered e-mail address,
  • Or inform you via other means, where possible.

Reviewing the Policy periodically will ensure that you are always informed about which information is collected, how it is used and with whom it is shared. Your continued use of our Services subject to this Privacy Policy will constitute your acceptance of any changes.


13. Contact

If you have any questions, comments or requests regarding this Privacy Policy, please contact us via the contact page on our website or through the address below:

Address (for users residing in Türkiye):
Zeytinlik Mahallesi, Yakamoz Sokak
Cumhuriyet Apartmanı No: 64/4
Merkez / Sinop – Türkiye
E-mail: [email protected]