1. Introduction
PinBoard Studio ("we", "our", "the Service") is a content planning and scheduling platform that integrates with Pinterest. This Privacy Policy explains how we collect, use, store, and protect your information when you use our Service.
By using PinBoard Studio, you agree to the collection and use of information in accordance with this policy.
2. Information We Collect
We collect different types of information to provide and improve our Service:
Account Information
- Email address and password when you create an account.
- Your password is hashed using bcrypt and is never stored in plain text.
Pinterest Account Data
- When you connect your Pinterest account via OAuth 2.0, we receive an access token and refresh token.
- We also receive basic profile information (username, account ID) necessary to identify your account.
- We access your board list and pin data solely to provide scheduling and analytics features.
Content Data
- Pin titles, descriptions, and images that you create or generate within the Service.
- Scheduling preferences, board selections, and niche configurations.
Usage Data
- Basic analytics about how you interact with the application (pages visited, features used).
- Error logs for debugging and service improvement.
3. How We Use Your Information
We use your information exclusively to:
- Provide the Service: Create, schedule, and publish Pins to Pinterest on your behalf.
- Display analytics: Show performance metrics (impressions, saves, clicks) for your published Pins.
- Manage boards: List your existing boards and create new ones as configured by you.
- Improve the Service: Fix bugs, improve performance, and develop new features.
We do not sell, rent, trade, or share your personal information with third parties for marketing or advertising purposes. Your data is used solely to provide the Service to you.
4. Pinterest API Usage
PinBoard Studio accesses the Pinterest API v5 with the following OAuth 2.0 scopes:
- boards:read — Read your board list to display available boards.
- boards:write — Create new boards when you configure a new niche.
- pins:read — Read pin information for analytics and status tracking.
- pins:write — Create and publish Pins on your behalf.
- user_accounts:read — Verify your connected Pinterest account identity.
Our use of the Pinterest API complies with the Pinterest Developer Terms. Specifically:
- We only access your account using your explicitly authorized access token.
- We do not store Pinterest API data beyond what is necessary for Service functionality.
- We do not share or distribute your Pinterest data to any third parties.
- We do not combine your Pinterest data with data from other users or external sources.
- All actions on your Pinterest account are initiated by you through the Service.
5. Data Storage and Security
We implement appropriate technical and organizational measures to protect your data:
- Encryption in transit: All communications between your browser and our servers use HTTPS/TLS encryption.
- Password hashing: Passwords are hashed using bcrypt with salt before storage.
- Token security: OAuth access tokens are stored securely in our database and never exposed to client-side code.
- Automatic token refresh: Expired tokens are refreshed automatically; we never ask you to re-enter Pinterest credentials.
- Infrastructure: Our servers are hosted in a secure data center with regular security updates.
6. Data Retention
- We retain your account data for as long as your account is active.
- Content data (pins, images, schedules) is retained while your account is active and may be deleted at your request.
- Server logs are retained for up to 30 days for debugging purposes.
- Upon account deletion, all associated data is permanently removed from our systems.
7. Data Deletion and Your Rights
You have the right to:
- Access the personal data we hold about you.
- Correct inaccurate or incomplete data.
- Delete your account and all associated data.
- Disconnect your Pinterest account at any time through the Settings page.
- Revoke our access to your Pinterest account directly through Pinterest's app settings.
- Export your data upon request.
To exercise any of these rights, contact us at pinboardstudio@proton.me.
8. Cookies
We use essential cookies only:
- Session cookie: An HTTP-only secure cookie to maintain your authenticated session.
- CSRF token: A security token to prevent cross-site request forgery attacks.
We do not use tracking cookies, advertising cookies, or third-party analytics services.
9. Third-Party Services
PinBoard Studio integrates with the following third-party services:
- Pinterest API — For board management and pin publishing. Pinterest's Privacy Policy applies to data stored on their platform.
We do not integrate with any advertising networks, social media trackers, or data brokers.
10. Children's Privacy
PinBoard Studio is not intended for users under the age of 13. We do not knowingly collect personal information from children under 13. If we discover such data has been collected, we will delete it promptly.
11. International Data Transfers
Your data may be processed on servers located outside your country of residence. We ensure that appropriate safeguards are in place to protect your data in accordance with this Privacy Policy.
12. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be indicated by updating the "Last updated" date at the top of this page. Continued use of the Service after changes constitutes acceptance of the updated policy.
13. Contact Us
If you have questions about this Privacy Policy, your data, or wish to exercise your rights, contact us at:
Email: pinboardstudio@proton.me