Home About Coaching Courses Resources Blog Contact
Privacy policy ยท HTML Copy Privacy Policy โ€” pinpal | Amanda Grace Design

pinpal Privacy Policy

Effective date: April 20, 2026  ยท  Last updated: April 20, 2026

pinpal ("we," "us," or "the Service") is a Pinterest automation tool operated by Amanda Grace Design. This Privacy Policy explains what information we collect, how we use it, and your rights regarding your data.

We take your privacy seriously. pinpal is designed to collect the minimum amount of data necessary to function and does not sell, rent, or share your personal data with third parties for marketing purposes.

1. Who we are

pinpal is operated by:

Amanda Grace Design
Operator: Mandy Corcoran
Contact: [email protected]
Website: https://amandagracedesign.com

2. Information we collect

When you authorize pinpal to access your Pinterest account, we collect and store the following information:

Pinterest OAuth credentials

  • Access token
  • Refresh token
  • Token expiration timestamp
  • Authorized scopes (permissions you granted)

Pinterest account metadata

  • Your Pinterest username
  • Your Pinterest user ID
  • Account type (personal or business)

Usage data

  • Pin and board metadata you create through pinpal (titles, descriptions, image URLs, destination links, scheduled publish times)
  • Timestamps of API calls you make through the service
  • Error logs for debugging purposes

What we do NOT collect

  • Your Pinterest password (OAuth means we never see it)
  • Payment information (pinpal does not process payments)
  • Data from other connected services unless you explicitly connect them
  • Information about other Pinterest users beyond what Pinterest's public API returns

3. How we use your information

We use your information solely to:

  • Authenticate you with Pinterest on your behalf
  • Create, update, schedule, and retrieve pins and boards at your direction
  • Retrieve analytics data about your pins when you request it
  • Maintain and improve the reliability of the service
  • Communicate with you about your account when necessary

We do not use your data for advertising, profiling, or any purpose unrelated to providing the service you requested.

4. How we store your information

Your data is stored using:

  • Vercel KV (powered by Upstash Redis) for OAuth tokens and session data, hosted in secure US-based data centers
  • Encrypted at rest and in transit โ€” all data transmission uses HTTPS/TLS
  • Geographic scope: data may be stored and processed in the United States

Access to stored data is restricted to the operator of pinpal and automated systems required to provide the service.

5. How we share your information

We share your information only in the following limited circumstances:

With Pinterest: When you use pinpal, API requests are sent to Pinterest (api.pinterest.com) on your behalf. This is the core function of the service and is governed by Pinterest's own privacy policy: https://policy.pinterest.com/privacy-policy

With our infrastructure providers: We use Vercel (hosting) and Upstash (storage) to operate the service. These providers have access to encrypted data only as needed to deliver their services. We have no financial or data-sharing arrangements with them beyond standard hosting agreements.

With legal authorities: We will disclose information if required by law, subpoena, or valid legal process, or if we believe in good faith that disclosure is necessary to protect rights, safety, or property.

We do NOT:
  • Sell your personal data to anyone, ever
  • Rent or trade your personal data
  • Share your data with advertisers
  • Use your data to train AI models or build derivative products

6. Your rights

You have the following rights regarding your data:

Access: You can request a copy of all data we have about you by emailing [email protected].

Deletion: You can request complete deletion of your data at any time by:

  1. Revoking pinpal's access to your Pinterest account at https://www.pinterest.com/settings/apps/ โ€” this invalidates your tokens immediately, AND
  2. Emailing [email protected] to request deletion of any remaining data in our storage. We will comply within 30 days.

Correction: You can request correction of inaccurate data by emailing us.

Portability: You can request your data in a machine-readable format.

Withdrawal of consent: You can revoke Pinterest access at any time using the link above, which effectively stops all data collection and processing.

7. Data retention

  • Active accounts: We retain your OAuth tokens and account metadata for as long as your pinpal authorization remains active
  • Inactive accounts: If pinpal has not been used for 180 consecutive days, we may delete your stored tokens and require you to re-authorize
  • After account deletion: Following a deletion request, all personal data is removed from active storage within 30 days. Some data may persist in automated backups for up to 90 days before being fully purged

8. Children's privacy

pinpal is not intended for use by individuals under the age of 18. We do not knowingly collect information from minors. If you believe a minor has provided us with personal data, please contact us and we will delete it promptly.

9. International users and data transfers

pinpal's servers are located in the United States. If you access pinpal from outside the US, your data will be transferred to, stored in, and processed in the US. By using pinpal, you consent to this transfer.

For EU/UK users (GDPR): Our legal basis for processing your data is your explicit consent (obtained when you authorize Pinterest OAuth) and legitimate interest in providing the service you requested. You have all rights granted under GDPR, including the right to lodge a complaint with your local data protection authority.

For California users (CCPA): You have the right to know what personal information we collect, to request deletion, to opt out of the sale of personal information (we do not sell any), and to not be discriminated against for exercising these rights.

10. Security

We implement reasonable technical and organizational measures to protect your data, including:

  • TLS/HTTPS encryption for all data in transit
  • Encryption at rest via our storage providers
  • OAuth-based authentication (we never handle your Pinterest password)
  • Shared-secret authentication for API access to the pinpal service
  • Regular security updates to underlying infrastructure

However, no system is completely secure. If we become aware of a data breach affecting your personal information, we will notify you within 72 hours as required by applicable law.

11. Third-party services

pinpal relies on the following third-party services to operate:

Your use of pinpal is also subject to these providers' privacy policies.

12. Changes to this policy

We may update this Privacy Policy from time to time. When we do, we will:

  • Update the "Last updated" date at the top of this page
  • For significant changes, notify active users via the email associated with their account
  • Post a notice on the pinpal service

Your continued use of pinpal after changes become effective constitutes acceptance of the updated policy.

13. Contact us

If you have questions, concerns, or requests related to this Privacy Policy or your data, please contact:

Email: [email protected]
Subject line: "pinpal privacy inquiry"

We will respond to all privacy inquiries within 7 business days.

pinpal is a personal automation tool operated independently. pinpal is not affiliated with, endorsed by, or sponsored by Pinterest, Inc. "Pinterest" is a trademark of Pinterest, Inc.