Privacy Policy
Who we are
Pinterpost is a Chrome browser extension that turns an image you choose into a publish-ready pin, with an AI-written title and description, and then publishes or schedules it to your Pinterest boards. We are an independent developer team. Pinterpost is not affiliated with, endorsed by, or sponsored by Pinterest. Pinterest is a trademark of Pinterest, Inc.
Website: pinterpost.com
For questions about this policy, contact us at: support@pinterpost.com
Single purpose
Pinterpost has one purpose: to create publish-ready pins from images you select and publish or schedule them to your Pinterest account. Every permission we request and every data flow described below exists to serve that purpose.
What data we collect
Account information
When you create an account or sign in, we collect, through our authentication and database provider Supabase:
- Your email address (used for login and account identification)
- Your password, stored only as a secure hash (we never see or store your plain-text password)
- If you choose Sign in with Google, your Google account email and identifier, through Google's OAuth flow
Images you select
- When you pick an image to turn into a pin, that image is sent to our backend and on to our AI generation provider so it can produce your pin. Picking an on-page image may involve briefly capturing the visible area of the active tab so you can choose the exact image; that capture is used only to obtain the image you selected.
- Source images are processed to fulfill your request and are not retained after your pins are generated.
- The finished pins are stored locally on your device, in the browser's extension storage. We do not keep a copy of your generated pins on our servers.
Pinterest connection and publishing
- To publish or schedule, you connect your Pinterest account using Pinterest's official OAuth flow. We never receive your Pinterest password.
- The Pinterest access token from that flow is held by our backend so we can publish and schedule pins on your behalf, at your request. Scheduling is carried out through our publishing provider, PostPeer.
- When you publish or schedule a pin, the pin image together with its title, description, alt text, and target board are sent to Pinterest (and, for scheduled pins, to PostPeer) to complete the action.
Account and usage data
We store the following in our database (Supabase):
- Your plan, token or credit balance, and usage counts (to enforce your quota and prevent abuse)
- Your Pinterest connection identifiers (so pins reach the correct account)
- The outcome of payments (success or failure, and the credits added). Payments are processed by Stripe; we never receive or store your card number or billing address.
What we do NOT do
- We do not read, record, or transmit the content of the web pages you browse. Only the image you explicitly select ever leaves your browser.
- We do not collect your browsing history.
- We do not see your Pinterest or Google password.
- We do not sell or rent your personal data.
- We do not use your data or your images to train our own AI models.
Permissions and why we need them
| Permission | Why Pinterpost needs it |
|---|---|
storage, unlimitedStorage | Store your generated pins and their metadata locally on your device, so you can browse, re-publish, and manage them. Pins are large image data, so the default quota is not enough. |
downloads | Let you download a generated pin to your computer when you choose to. |
scripting | Inject the on-page image picker so you can select an image without leaving the site. |
tabs, activeTab | Identify the active tab to open the side panel in the right window, and capture the visible area of the current tab so you can pick the image you want. |
sidePanel | Pinterpost's main interface is a Chrome side panel; this opens it. |
contextMenus | Add a right-click "Recreate with Pinterpost" option on images. |
Host access is limited to two domains: our own backend API (a Cloudflare Worker) and our database (Supabase). The content script runs only on the four sites you may pick images from: Pinterest, Amazon, Etsy, and Canva. The extension does not request access to all sites.
Data storage and security
- All communication between the extension, our backend, and these providers uses HTTPS/TLS encryption.
- Account data is stored with row-level access controls. Only your own account can access your data.
- Your generated pins are stored locally on your device.
- We retain account data for as long as your account is active. You can request deletion at any time (see below).
Third-party services
Pinterpost relies on the following providers, each only for the purpose listed:
| Service | Purpose | Data involved | Their privacy policy |
|---|---|---|---|
| Supabase | Authentication and account database | Email, password hash, Google identity, usage, connection identifiers | supabase.com/privacy |
| AI image generation provider | Generate your pin from the image you select | The image you select | available on request |
| PostPeer | Schedule and publish pins to Pinterest | Pin content and your Pinterest connection | postpeer.dev |
| Publish pins to your boards via OAuth | Pin image, title, description, alt text, board | pinterest.com/privacy | |
| Stripe | Payment processing | Card and billing details (handled by Stripe) | stripe.com/privacy |
| Optional Google Sign-In | Google account identity | policies.google.com/privacy | |
| Cloudflare | Hosts our backend API | Requests in transit | cloudflare.com/privacypolicy |
| Google Analytics 4 | Website analytics only (not in the extension) | Aggregate, pseudonymous website usage | policies.google.com/privacy |
We do not share your personal data with any other third parties.
Analytics and consent
We use Google Analytics 4 on the Pinterpost website (pinterpost.com) to understand how visitors find and use our pages, so we can improve the product and the pages that describe it.
GA4 collects aggregate, pseudonymous data such as:
- Pages visited and how you arrived (referrer source)
- Approximate location (city-level, derived from IP, which Google does not retain)
- Device and browser type
- Interactions with key buttons (e.g., "Add to Chrome", pricing-period toggle, FAQ expansion)
We use Google Consent Mode v2. If you visit from a region that requires consent (EU/EEA, UK, Switzerland, and other applicable jurisdictions), analytics tracking is denied by default until you grant consent. You can withdraw consent at any time through your browser's privacy controls.
GA4 runs only on the website. The Chrome extension itself does not include analytics tracking.
See Google's privacy policy at policies.google.com/privacy.
Your rights
You have the right to:
- Access the data we hold about you
- Delete your account and all associated data
- Opt out of any marketing emails
To exercise any of these rights, email us at support@pinterpost.com with the subject line "Privacy Request".
We will respond within 30 days.
Children's privacy
Pinterpost is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.
Chrome Web Store data use
Pinterpost's use and transfer of information received from Google APIs, and all other user data, complies with the Chrome Web Store User Data Policy, including its Limited Use requirements. We collect and use data only to provide and improve Pinterpost's single purpose. We do not sell user data, do not use or transfer it for purposes unrelated to that single purpose, and do not use it to determine creditworthiness or for lending.
Changes to this policy
We may update this Privacy Policy from time to time. We will notify you of significant changes by updating the "Last updated" date at the top of this page. Continued use of Pinterpost after changes constitutes acceptance of the updated policy.
Contact
Pinterpost
Website: pinterpost.com
Email: support@pinterpost.com
Pinterpost is an independent product and is not affiliated with Pinterest, Inc.