Privacy Policy

1. What we collect

When you create a PinTool account we store: email, hashed password (bcrypt cost 12), name (optional), Pinterest username (optional), and your Stripe customer ID if you upgrade.

We log product events (searches, page views, keyword tracking) tied to your account so we can improve the product and detect abuse.

2. What we never collect

We never log into your Pinterest account. We never ask for your Pinterest password. We never read private boards. The Pinterest username we store is only used to query publicly visible profile data — the same data anyone can see by visiting your Pinterest profile URL.

3. Cookies & sessions

We use a single session cookie (pk_session, HTTP-only, SameSite=Lax, 30 days) to keep you logged in. We do not run third-party advertising or behavioral tracking.

4. Subprocessors

• Stripe — payment processing for paid plans (we never store full card numbers).
• Pinterest — official Pinterest Trends and Ads APIs for keyword volume data.
• SMTP provider — transactional emails (welcome, password reset).

5. Your rights (GDPR)

You can ask us at any time to: export your data, delete your account, correct any field. Email hello@astoul.pro and we'll act within 30 days.

6. Data retention

We keep your account and tracked-keyword data as long as your account is active. After deletion, backups are purged within 30 days.

7. Contact

Privacy questions: hello@astoul.pro.