Privacy Policy
Effective date: 3 May 2026
This Privacy Policy explains how PROMPTIX LTD (company number 17078610), trading as "pack-nix" ("we", "us", "our"), collects, uses and protects personal data when you visit or use https://pack-nix.com (the "Site"). We act as a data controller within the meaning of the UK GDPR and the Data Protection Act 2018.
If you have any questions about this policy, contact us at info@pack-nix.com.
1. Who we are
PROMPTIX LTD Studio No. 19, 138 Marylebone Road, London, England, NW1 5PH Company number: 17078610 Email: info@pack-nix.com Phone: +447700183114
2. What data we collect
We collect the minimum data needed to operate the Site and provide the icon files you request. Specifically:
- Account data — email address, display name, password (stored hashed), and account preferences when you register.
- Order and download data — the icon packs and individual icons you have purchased and downloaded, order numbers, amounts paid, billing name and address, timestamps, and any associated order metadata. We keep this so you can re-access your purchased library from your account and so we can meet our tax and accounting obligations.
- Communication data — content of any message you send us via the contact form or email, plus your reply address.
- Technical data — IP address, browser type and version, device identifiers, referring URL, language preference, and similar diagnostics gathered through server logs and cookies.
- Cookie and session data — see our Cookie Policy.
We do not intentionally collect special-category personal data (health, ethnicity, biometrics, etc.) and we do not ask you for it.
3. Why we process your data
We process personal data on the following lawful bases:
- Contract performance — to create your account, provide the icon files and customer support.
- Legitimate interests — to keep the Site secure, prevent abuse and bulk-scraping, debug errors, and improve the catalogue.
- Legal obligations — to comply with UK tax, accounting and anti-money-laundering rules where applicable.
- Consent — to send you optional product updates, only where you have explicitly opted in. You can withdraw consent at any time.
4. Payment information and PCI DSS
When you buy a product, your card payment is processed directly by our third-party payment service provider, which is certified to PCI DSS Level 1 — the highest level of certification under the Payment Card Industry Data Security Standard. Card details are entered over a secure, encrypted (TLS) connection, tokenised by the provider, and authenticated using 3-D Secure 2 (Strong Customer Authentication) where required by your bank.
We do not store, process or transmit your full payment-card details on our own servers. The only payment-related information we retain is:
- the transaction reference returned by the payment provider;
- the card type (for example Visa or Mastercard) and the last four digits of the card — for receipts, refunds and chargeback evidence;
- the billing name, address and email address you provide at checkout — for invoicing, customer support and fraud prevention.
We never receive or store your full card number (PAN), card expiry date, CVV/CVC security code or PIN. For details of how the payment provider itself handles your data, please consult the privacy notice shown at the moment of checkout.
5. Sharing your data
We share personal data only with parties who help us run the Site, and only to the extent necessary:
- Hosting and infrastructure providers (currently Hostinger).
- Email-sending providers for transactional messages (account confirmations, password resets, download links).
- Our payment service provider, to process your card payments and handle refunds and chargebacks. Card data is handled exclusively by them; we do not receive or store your full card details.
- Professional advisers (accountants, lawyers) under confidentiality.
- Public authorities, where required by law or to defend our legal rights.
We do not sell your personal data and we do not share it with advertising networks for cross-site profiling.
6. International transfers
Some of our service providers may be located outside the UK. Where data is transferred outside the UK or the EEA, we rely on UK Government adequacy decisions or Standard Contractual Clauses with appropriate safeguards.
7. How long we keep data
- Account data — for as long as your account is active, plus up to 24 months of inactivity, after which we delete or anonymise it.
- Order / download records — at least 6 years, as required by UK tax and accounting law.
- Server logs — typically 30–90 days, then aggregated or deleted.
- Marketing consent records — until you withdraw consent.
8. Your rights
Under UK GDPR you have the right to:
- access the personal data we hold about you;
- request correction or erasure of inaccurate or unnecessary data;
- restrict or object to certain processing;
- request data portability in a machine-readable format;
- withdraw consent at any time, where processing is based on consent;
- lodge a complaint with the UK Information Commissioner's Office (ico.org.uk).
To exercise any of these rights, email info@pack-nix.com. We will respond within one month.
9. Security
We use TLS encryption for all traffic to the Site, hash stored passwords, and apply standard hardening to our hosting environment. No system is completely secure, but we work to keep risk low and we will notify affected users and the ICO if a breach occurs that meets the legal threshold.
10. Children
The Site is not directed at children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact us and we will delete it.
11. Changes to this policy
We may update this Privacy Policy from time to time. The "Effective date" at the top will reflect the most recent version. Material changes will be highlighted on the Site or sent by email where appropriate.
12. Contact
For any privacy-related question, write to:
PROMPTIX LTD Studio No. 19, 138 Marylebone Road, London, England, NW1 5PH info@pack-nix.com · +447700183114



