Privacy Policy
PinFlow (available at pinflow.mirajpatterns.com) is a scheduling tool that helps you plan and queue Pinterest pins ahead of time. This page explains what information we collect, how we use it, and what we don't do with it. We've written this in plain language — if something still isn't clear, just email us.
What we collect
When you connect your Pinterest account, Pinterest shares some basic profile information with us through their official OAuth flow: your username and Pinterest user ID. That's all we receive — no email address, no follower list, nothing beyond what's needed to identify your account.
We also store the content you create inside PinFlow: images you upload, titles, descriptions, destination links, and the dates you schedule pins for. We need to hold onto this until your pins are published — that's the whole point of the service.
Our servers keep standard logs — things like IP addresses and request timestamps — for debugging purposes. These aren't tied to your identity and we don't retain them long-term.
How we use your data
We use the information we collect solely to operate PinFlow: authenticating your account, scheduling your pins, and publishing them to Pinterest on your behalf. That's it.
Data obtained through Pinterest's API is used exclusively for the purpose you authorized — publishing pins. We do not use Pinterest data for advertising, profiling, or any purpose beyond delivering the scheduling service you signed up for.
What we don't do with your data
We don't sell your data. We don't share it with third parties (other than Pinterest itself, when publishing your pins). We don't use it for ad targeting — ours or anyone else's. We don't track you across other websites. There are no analytics pixels or third-party scripts watching what you do in the app. Pinterest data obtained through the API is never used to target advertising or for any purpose prohibited by Pinterest's Developer Guidelines.
Your Pinterest connection
PinFlow connects to Pinterest using Pinterest's official OAuth 2.0 flow. We request three permissions: reading your boards (so you can choose which board to pin to), writing pins, and reading basic account info. We do not access your followers, messages, analytics, or anything beyond those three scopes.
You can revoke PinFlow's access to your Pinterest account at any time by going to Pinterest → Settings → Security → Connected Apps and removing PinFlow from the list. Once revoked, we can no longer publish pins on your behalf.
Your content
Everything you upload to PinFlow belongs to you. We store images and pin details on our server solely to publish them on the schedule you set. We don't claim ownership over your content and we don't use it for any other purpose.
If you delete a pin from PinFlow before it's been published, it's removed from our system. If a pin has already been published to Pinterest, deleting it from PinFlow won't remove it from Pinterest — you'd need to do that directly in your Pinterest account.
How long we keep your data
Your account data is retained until you request deletion. We do not keep Pinterest API data longer than necessary to deliver the service. Once a pin is published or deleted, the associated scheduling data is no longer actively used.
To delete your account and all associated data, email us at contact.pinflow@gmail.com with the subject line "Account Deletion Request." We will process your request and confirm deletion within 30 days, and typically within 48 hours.
Your rights (GDPR & CCPA)
Depending on where you live, you may have the right to access the personal data we hold about you, request a copy of it, ask us to correct inaccuracies, or ask us to delete it. You also have the right to object to or restrict certain types of processing, and to withdraw your consent at any time (which you can do by revoking Pinterest access and requesting account deletion).
If you're a California resident, you have the right to know what personal information we collect, the right to delete it, and the right to opt out of its sale — though we don't sell personal information, so the last right doesn't apply here.
To exercise any of these rights, email contact.pinflow@gmail.com. We'll respond within 30 days.
Security
All traffic to PinFlow is encrypted over HTTPS. We use server-side sessions — only your user ID is stored in a signed browser cookie, not your Pinterest token. Your Pinterest access token and refresh token are encrypted at rest in our database using AES-128 symmetric encryption (Fernet) before being stored. We take reasonable technical precautions to protect your data — but no system is perfectly immune, so please let us know immediately if you notice anything suspicious.
Questions or concerns
If you have questions about this policy, want to exercise your data rights, or need to report a privacy concern, reach out at contact.pinflow@gmail.com. We take these seriously and respond within 48 hours.
Changes to this policy
If we make significant changes to how we handle your data, we'll update the date at the top of this page. We won't bury changes in legalese — if something meaningful shifts, we'll say so plainly.