PinsightsPinsights
Privacy Policy

Last updated: January 2025

Overview

Pinsights is committed to protecting your privacy and handling your data transparently. This Privacy Policy explains how we collect, use, and protect your information when you use our Pinterest analytics service.

Data We Collect

Account Information

  • Email address (for authentication and account notifications)
  • Password (encrypted and never stored in plain text)
  • Account creation and last login timestamps

Pinterest Data

When you connect your Pinterest account via OAuth authorization, Pinsights accesses the following data from Pinterest's API:

  • Pinterest account username and profile information
  • Board names, descriptions, and metadata
  • Pin titles, descriptions, images, and URLs
  • Analytics data (impressions, saves, clicks, engagement metrics)
  • OAuth access tokens (encrypted and stored securely for API access)

Important: This data is accessed with your explicit consent through Pinterest's OAuth flow. You grant Pinsights permission to read your Pinterest data when you click "Allow" on Pinterest's authorization screen. This data is used solely to provide you with analytics insights within Pinsights.

Usage Data

  • Pages visited within Pinsights
  • Features used and actions taken
  • Browser type and device information
  • Login history and session data

How We Use Your Data

  • Provide Service: Display your Pinterest analytics and generate insights
  • Authentication: Verify your identity and manage your account
  • Data Synchronization: Automatically refresh your Pinterest data
  • Support: Troubleshoot issues and answer questions about your account
  • Improvements: Analyze usage patterns to enhance features (aggregated, non-identifiable data only)
  • Communications: Send service updates, security alerts, and account notifications

Data Security

Row Level Security (RLS)

All user data is protected by database-level Row Level Security policies. This ensures that:

  • You can only access your own Pinterest data
  • Other users cannot view or access your boards, pins, or analytics
  • Security is enforced at the database level, not just application code

Encryption

  • All data transmitted between your browser and our servers uses HTTPS/TLS encryption
  • Pinterest OAuth tokens are encrypted at rest in our database
  • Passwords are hashed using industry-standard bcrypt algorithm

Infrastructure

  • Database hosted on Supabase with SOC 2 Type II compliance
  • Application hosted on Vercel with automatic HTTPS
  • Regular security updates and monitoring

Who Has Access to Your Data

You

You have full access to all your data through the Pinsights dashboard. You can view, export, or delete your data at any time.

Pinsights Team

Our team may access your data only for the following purposes:

  • Providing customer support when you contact us
  • Troubleshooting technical issues you report
  • Investigating security incidents or Terms of Service violations
  • Improving the service (using aggregated, anonymized data)

We will never access your account without a legitimate business reason, and we maintain internal access logs.

Third Parties

We do NOT sell, rent, or share your personal data with third parties for marketing purposes. We only share data with:

  • Supabase: Database hosting and authentication (SOC 2 compliant)
  • Vercel: Application hosting and CDN
  • Pinterest: Only when you explicitly authorize API access via OAuth

Important Note on Data Sharing: Pinsights does not share your Pinterest data with any third parties, including advertising services or analytics platforms. Data obtained from Pinterest's API is used exclusively within Pinsights to provide you with analytics insights. We comply with Pinterest's Developer Guidelines and do not transfer, sell, or redistribute your Pinterest data to any external parties.

What We Don't Do

  • We never post, edit, or delete your Pinterest pins or boards
  • We never sell or rent your data to third parties
  • We never share your data with advertisers or marketers
  • We never use your data for purposes other than providing the Pinsights service

Your Rights

  • Access: View all data we have about you
  • Export: Download your data in a portable format
  • Delete: Request deletion of your account and all associated data
  • Disconnect: Revoke Pinterest access at any time through your account settings
  • Correct: Update inaccurate information in your account

To exercise any of these rights, contact us at privacy@pinsights.app

Revoking Pinterest Access

You can revoke Pinsights' access to your Pinterest data at any time through two methods:

  • Through Pinsights: Go to Account Settings → Connected Accounts → Disconnect Pinterest
  • Through Pinterest: Visit Pinterest Settings → Security → Apps and Websites → Remove Pinsights

When you revoke access, Pinsights will no longer be able to access your Pinterest data. Your existing analytics data in Pinsights will be retained according to our Data Retention policy unless you request deletion.

Data Retention

Active Accounts

  • Account data is retained while your account is active
  • Pinterest analytics data is refreshed automatically (typically every 24 hours) and kept up to date
  • Historical analytics data is retained for trend analysis and performance comparisons

Deleted Accounts

  • When you delete your account, all personal data and Pinterest data is permanently removed within 30 days
  • Backup copies may be retained for up to 90 days for disaster recovery purposes only
  • After 90 days, all data is permanently and irreversibly deleted
  • We cannot recover deleted data after the 90-day period

Revoked Pinterest Access

If you revoke Pinterest access but keep your Pinsights account:

  • Existing Pinterest data in Pinsights will be retained for up to 30 days to allow you to export your analytics
  • After 30 days of disconnection, Pinterest data will be automatically deleted
  • You can request immediate deletion by contacting support
  • Your Pinsights account and email will remain active unless you delete your entire account

Pinterest API Compliance

Pinsights uses Pinterest's official API and complies with all Pinterest Developer Guidelines and policies:

  • OAuth Authorization: All access to your Pinterest data requires your explicit consent through Pinterest's OAuth flow
  • Read-Only Access: Pinsights only reads your Pinterest data. We never create, modify, or delete your pins, boards, or account information
  • No Data Redistribution: Your Pinterest data is never sold, shared, or redistributed to third parties
  • Scope Limitations: We only request the minimum Pinterest API scopes necessary to provide analytics (boards:read, pins:read, user_accounts:read)
  • Token Security: Pinterest OAuth tokens are encrypted and stored securely, never exposed in client-side code or logs
  • API Rate Limits: We respect Pinterest's API rate limits and use efficient batching to minimize API calls

For more information about Pinterest's data policies, visit Pinterest's Privacy Policy.

Cookies and Tracking

We use cookies and similar technologies for:

  • Authentication (keeping you logged in)
  • Session management
  • Security (preventing fraud and unauthorized access)
  • Analytics (understanding how users interact with Pinsights)

You can control cookies through your browser settings, but some features may not work without them.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by:

  • Posting the updated policy on this page with a new "Last Updated" date
  • Sending an email notification to your registered email address
  • Displaying an in-app notification when you next log in

Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

This Privacy Policy is effective as of the date listed above and applies to all users of Pinsights.