Privacy Policy

1. Introduction

This Privacy Policy explains how BI Pixie, operated by DataChant Consulting LLC ("we," "us," or "our"), collects, uses, stores, and protects information in connection with the BI Pixie platform and related services.

BI Pixie is a telemetry and engagement intelligence platform for Microsoft Power BI. It helps organizations understand how their Power BI reports are used by adding invisible native Power BI elements (such as measures and table visuals) to reports. No custom code or scripts are injected into your reports.

This policy applies to:

• The BI Pixie website (bipixie.com)
• The BI Pixie customer portal (app.bipixie.com)
• The BI Pixie service across all deployment models
• All BI Pixie offers available through the Microsoft Marketplace, including the Managed App, Power Platform, Cloud, and Power BI template app offers

BI Pixie is available in three deployment models. The data we can access and our role in data processing differs significantly between them. Please read Section 2 to understand which model applies to you.

If you have questions about this policy, contact us at support@bipixie.com.

2. Deployment Models

Understanding your deployment model is essential to understanding how your data is handled.

2.1 Managed App (Azure)

Available on the Microsoft Marketplace.

You deploy BI Pixie within your own Azure subscription. All data remains in your Azure environment. We have zero access to your data. We do not act as a data controller or data processor for any data collected through your Managed App deployment.

Your organization is solely responsible for the data collected and for compliance with applicable data protection laws. Your own privacy policies govern the data. Our role is limited to providing the software and documentation.

Sections 3 through 9 of this policy do not apply to Managed App deployments. Please refer to Section 10 for details specific to the Managed App model.

2.2 Power Platform

Available on the Microsoft Marketplace.

You deploy BI Pixie within your Microsoft Power Platform environment. All data remains in your Power Platform environment. We have zero access to your data. We do not act as a data controller or data processor for any data collected through your Power Platform deployment.

This model is functionally identical to the Managed App from a privacy perspective. Your organization is solely responsible for the data collected and for compliance with applicable data protection laws.

Sections 3 through 9 of this policy do not apply to Power Platform deployments. Please refer to Section 10 for details specific to the Power Platform model.

2.3 Cloud

Available directly at bipixie.com and on the Microsoft Marketplace (coming soon).

We host the BI Pixie infrastructure on Microsoft Azure on your behalf. In this model:

• We are a data processor for end-user telemetry data. You (the customer) decide what data to collect. We process and store it on your behalf.
• We are a data controller for customer administrator account data, which we need to provide the service.

Each customer's data is stored in a dedicated, isolated storage container secured with Azure Active Directory role-based access control (RBAC). No other customer can access your data.

Sections 3 through 9 of this policy describe data handling for Cloud deployments.

2.4 Power BI Template Apps

BI Pixie also provides Power BI template apps (Enterprise, Starter) available on the Microsoft Marketplace. These apps are installed into your Power BI environment and connect to the telemetry data already stored in your deployment. The template apps themselves do not collect additional data. They provide dashboards and reports for analyzing data that was already captured by one of the deployment models above. The privacy provisions of your deployment model apply.

3. Information We Collect (Cloud)

We collect information in the following categories.

3.1 Customer Administrator Data

When you sign in to the BI Pixie portal, the following information is collected through Microsoft Azure Active Directory (Entra ID) authentication:

3.2 End-User Telemetry Data

When a Power BI report is instrumented with BI Pixie, interactions by report viewers (end users) generate telemetry events. You control what data is collected through your project configuration. The following tables describe all data fields.

Important: This section describes data collection for the Cloud deployment. In the Managed App and Power Platform deployments, the same telemetry data may be collected, but it is collected and stored entirely by your organization within your own environment, not by us. We have no access to that data. See Section 10 for details.

Always Collected

These fields are collected whenever a report is instrumented. They describe the interaction context without identifying the individual user.

Collected Only When You Enable Them (Off by Default)

These fields involve potentially sensitive or personal data. They are all disabled by default. Enabling them requires explicit action in the portal, and high-sensitivity features require an additional consent acknowledgment.

3.3 Report and Semantic Model Definitions

To instrument your Power BI reports, BI Pixie accesses the structural definitions of your reports and semantic models through the Microsoft Fabric API. This includes the layout of pages and visuals, measure definitions, and metadata such as report names, page names, and workspace information.

How we use this data:

• We download report and semantic model definitions, add the tracking elements (measures and visuals), and upload the modified definitions back to your Power BI workspace.
• Temporary copies are deleted immediately after processing. We do not retain copies of your report or semantic model definitions.

Inventory metadata:

• After instrumentation, we store lightweight inventory metadata in your dedicated storage container. This includes report names, page names, visual counts, workspace names, and bookmark counts.
• This inventory data is used to power the analytics dashboards in the BI Pixie template app and portal.
• Inventory metadata does not include any of the actual data displayed in your reports.

What we do not access:

• We do not access the actual data displayed in your reports (e.g., sales figures, customer records, financial data).
• We do not read or extract data from your datasets, tables, or data sources.
• We access only the structural definition (the "blueprint" of how your report is built), not the data it displays.

3.4 Portal Browser Data

The BI Pixie portal stores minimal data in your browser:

• Session storage: Authentication tokens from Microsoft Entra ID. These are automatically cleared when you close the browser tab.
• Local storage: A small number of boolean preference flags (e.g., whether you have visited before, UI display preferences). These flags contain no personal information.

We do not use cookies for tracking. We do not use third-party analytics, advertising trackers, or social media pixels on our portal.

3.5 Data We Do Not Collect

• We do not access or read the actual data displayed in your Power BI reports (e.g., sales figures, customer records). We access only the structural definitions needed to add tracking elements (see Section 3.3).
• We do not query, extract, or store data from your underlying datasets or data sources.
• We do not collect payment card information directly. Payment processing is handled by Stripe, our payment provider, and card details are never sent to or stored on BI Pixie servers.
• We do not sell, rent, or trade any data to third parties.
• We do not use end-user telemetry data for advertising or marketing purposes.

4. Privacy by Default

Privacy is a core design principle of BI Pixie, not an afterthought.

• Sensitive features are off by default. User identity tracking, filter value collection, feedback collection, and survey features are all disabled unless you explicitly enable them.
• Anonymous by default. When user identity tracking is off, we use a one-way cryptographic hash to provide unique user counts without storing any personally identifiable information.
• IP anonymization available. You can configure IP address hashing so that IP addresses are cryptographically hashed before storage, making them non-reversible.
• Consent-gated. When you enable a high-sensitivity feature in the portal, a consent dialog requires you to acknowledge that the feature collects sensitive data and confirm it complies with your organization's data privacy policy.
• Fully reversible. You can remove all BI Pixie instrumentation from your reports at any time using "Remove Pixies," restoring them to their original, unmodified state.
• You are in control. We do not override, alter, or access your tracking configuration. You decide what data is collected.

5. How We Use Your Information

5.1 Customer Administrator Data

We use administrator data to:

• Authenticate and identify your account
• Deliver and maintain the BI Pixie service
• Process subscriptions and manage billing
• Provide customer support
• Send service-critical notifications (e.g., outages, security, billing changes)
• Maintain audit logs for security and compliance

We may use anonymized, aggregate account statistics (e.g., how many customers use a specific feature) for product improvement. These statistics cannot identify any individual or organization.

5.2 End-User Telemetry Data

We act as a data processor for end-user telemetry data:

• We route telemetry events to your dedicated storage container.
• We store the data for your analysis in Power BI.
• We do not analyze, mine, or use individual end-user telemetry data for any purpose of our own.
• We do not train artificial intelligence or machine learning models on customer telemetry data.
• We do not use telemetry data for advertising, profiling, or behavioral targeting.

5.3 After Account Closure

When your account is closed and your data is deleted, anonymized aggregate metrics (such as total event counts and feature adoption rates across all customers) may be retained for product improvement purposes. These metrics cannot be traced back to any individual customer, end user, or organization.

6. Data Storage, Security, and Residency

6.1 Infrastructure

All Cloud data is hosted on Microsoft Azure infrastructure with the following security measures:

• Network isolation: Internal services are protected by private endpoints and storage firewalls with default-deny rules.
• Encryption in transit: All communications use HTTPS with TLS 1.2 or higher.
• Encryption at rest: Azure Storage Service Encryption (AES-256) is enabled on all storage.
• Secret management: API keys and credentials are stored in Azure Key Vault with soft-delete protection.
• No stored credentials: We use Azure Managed Identity for service-to-service authentication, eliminating stored connection strings and passwords.

6.2 Data Isolation

Each customer receives a dedicated Azure Storage container. Access is controlled by Azure Active Directory role-based access control (RBAC) scoped to the individual container.

• No cross-customer access is possible. This is enforced by the Azure identity platform, not by application logic.
• Your Azure AD identity is granted read access to your container, allowing you to connect directly from Power BI using your own credentials.

6.3 Data Residency

• You select your preferred Azure region during onboarding.
• All telemetry data is stored exclusively in your selected Azure region.
• Data does not cross regional boundaries.
• Your region selection is permanent for the lifetime of your account.

7. Data Sharing and Third Parties

• We do not sell, rent, or share customer data or end-user telemetry data with third parties.
• We do not use third-party analytics or advertising services in our portal.

Sub-Processors

We may disclose information if required by law, regulation, or valid legal process (such as a subpoena or court order). We will notify you of such requests to the extent permitted by law.

In the event of a merger, acquisition, or sale of assets, your data would transfer under the same privacy commitments described in this policy. We will notify affected customers in advance of any such transfer.

8. Data Retention

8.1 End-User Telemetry Data

Telemetry data is retained while your subscription is active, subject to the retention limits below. When your subscription is cancelled or expires, data is retained for a short grace period (see our Terms of Service) and then permanently deleted, regardless of the retention tier.

Events that exceed your retention period are automatically and permanently deleted on a daily basis. You may also configure a shorter retention period or request earlier deletion at any time by contacting support@bipixie.com.

8.2 Customer Administrator Data

Account information is retained while your account is active. Upon account closure, customer records are deleted from the control plane.

8.3 Audit Logs

Audit logs that record administrative actions (such as account changes and data deletions) are retained for compliance purposes even after account closure.

9. Data Deletion

9.1 Account Closure

When your account is closed, we permanently delete your entire dedicated storage container and all telemetry data within it. This action is irreversible.

9.2 Individual User Data Removal

You may delete individual end users' telemetry data through the self-service data management tools in the BI Pixie portal. Each end user's data is stored in a dedicated subfolder within your container, enabling targeted deletion without affecting other users' data. You may also contact support@bipixie.com for assistance.

When you delete end-user or report data, the data is removed from your active storage. We may retain a temporary backup copy for up to 90 days to protect against accidental deletion and ensure data integrity, after which it is permanently destroyed. Backup copies are not accessible to you or any other customer.

9.3 What Remains After Deletion

After your data is deleted:

• Individual-level data is permanently destroyed. No end-user telemetry, customer records, or personal data is retained.
• Anonymized aggregate metrics may be retained for product improvement (e.g., total event counts across all customers, feature adoption rates). These metrics cannot be traced to any individual customer, end user, or organization.
• Audit log entries are retained for compliance and security purposes.

10. Managed App and Power Platform Provisions

This section applies to customers using the Managed App (Azure) or Power Platform deployment models.

10.1 Managed App (Azure)

• BI Pixie is deployed entirely within your Azure subscription.
• All data collected by your deployment remains in your Azure environment.
• We have zero access to your data. We cannot view, retrieve, or process any telemetry or configuration data in your environment.
• We do not act as a data controller or data processor for your deployment.
• Your organization is solely responsible for compliance with applicable data protection laws.
• Your own privacy policies govern the data collected by your deployment.
• Our role is limited to providing the software license, updates, and documentation.

10.2 Power Platform

• BI Pixie is deployed within your Microsoft Power Platform environment.
• All data collected by your deployment remains in your Power Platform environment.
• We have zero access to your data. We cannot view, retrieve, or process any telemetry or configuration data in your environment.
• We do not act as a data controller or data processor for your deployment.
• Your organization is solely responsible for compliance with applicable data protection laws.
• Your own privacy policies govern the data collected by your deployment.
• Our role is limited to providing the software license, updates, and documentation.

10.3 What Applies to All Deployment Models

Regardless of your deployment model, the following sections of this policy apply to all BI Pixie users:

• Section 11: Your Rights and Choices
• Section 12: Children's Privacy
• Section 13: International Data Transfers (for the bipixie.com website and portal only)
• Section 14: Changes to This Policy
• Section 15: Contact Us

11. Your Rights and Choices

11.1 Customer Administrators

• Access: View your account and profile data in the BI Pixie portal at any time.
• Correction: Update your profile information through your Azure AD (Entra ID) account.
• Deletion: Request account closure and full data deletion by contacting support@bipixie.com.
• Data portability: Your telemetry data is stored in standard formats (TSV and JSON) in Azure Storage and is directly accessible via Power BI or Azure Storage Explorer using your own credentials.

11.2 End Users (Report Viewers)

End users whose interactions are tracked may have rights under applicable data protection laws (such as GDPR or CCPA). The BI Pixie customer (the organization that deployed tracking in your Power BI reports) is the data controller for your telemetry data.

If you are an end user and wish to exercise your data rights:

1. Contact your organization: the company or team that manages the Power BI reports you use. They control what data is collected and can fulfill access, correction, and deletion requests.
2. Your organization can use BI Pixie's tools to delete your data, or contact us at support@bipixie.com for assistance.

11.3 GDPR Rights (EU/EEA Individuals)

If you are located in the European Union or European Economic Area, you have the following rights under the General Data Protection Regulation:

• Right to access your personal data
• Right to rectification of inaccurate data
• Right to erasure ("right to be forgotten")
• Right to restriction of processing
• Right to data portability
• Right to object to processing
• Right to lodge a complaint with a supervisory authority

To exercise these rights, contact support@bipixie.com.

11.4 CCPA Rights (California Residents)

If you are a California resident, you have the following rights under the California Consumer Privacy Act:

• Right to know what personal information is collected
• Right to delete personal information
• Right to opt out of the sale of personal information. We do not sell personal information.
• Right to non-discrimination for exercising your privacy rights

To exercise these rights, contact support@bipixie.com.

12. Children's Privacy

BI Pixie is a business-to-business service designed for enterprise Power BI environments. We do not knowingly collect personal information from children under 16. If we discover that we have inadvertently collected information from a child under 16, we will delete it promptly. If you believe a child has provided us with personal information, please contact us at support@bipixie.com.

13. International Data Transfers

DataChant Consulting LLC is based in the United States.

• Cloud telemetry data is stored in the Azure region you select during onboarding. If you select a European region, your telemetry data remains within the EU/EEA.
• Account management data (customer administrator information and audit logs) may be processed in the United States.
• For international data transfers, we rely on Microsoft's Data Processing Agreement and Standard Contractual Clauses where applicable.

For Managed App and Power Platform deployments, data does not leave your own infrastructure, and international transfer considerations are governed by your own policies.

14. Changes to This Policy

We may update this policy from time to time to reflect changes in our practices, technology, or legal requirements.

• Material changes will be communicated through the BI Pixie portal and/or by email to account administrators.
• The Last Updated date at the top of this page indicates when the policy was most recently revised.
• Continued use of the service after changes constitutes acceptance of the updated policy.

15. Contact Us

For questions, concerns, or requests related to this Privacy Policy or your data:

We aim to respond to all privacy-related inquiries within 30 days.