LogoEcomPin
    How it works•The Visual Proof•ROI•Pricing
    LEGAL

    Privacy Policy

    Learn how EcomPin collects, uses, and protects your personal data.

    Effective Date: March 25, 2026

    At EcomPin, we are committed to protecting your privacy. This Privacy Policy explains what information we collect, how we use it, how we process user data, and your rights under applicable privacy laws, including the General Data Protection Regulation (GDPR). By using our services, you agree to the practices described in this Privacy Policy.

    1. Information We Collect

    We collect and process the following types of personal data:

    1.1 Personal Information (Provided by You)

    • Email Address (for account creation and communication).
    • Brand Information (company name, store URL, aesthetic guidelines for image generation).
    • Product Catalog Data (product images, descriptions, pricing synced securely via Shopify/Etsy API).
    • Pinterest Account Data (tokens securely stored via OAuth to facilitate your approved pin scheduling and analytics).
    • Payment Information (processed securely via third-party payment providers).

    1.2 Automatically Collected Data

    • Device Information (browser type, operating system, and device details).
    • IP Address & Location Data (to ensure service functionality and security).
    • Usage Data (features used, session duration, and interactions).
    • Cookies & Tracking Technologies (see Section 7).

    2. How We Use Your Information

    We process your data for the following purposes:

    • ✅ Pinterest Publishing: To generate product lifestyle images and facilitate user-approved scheduling and publishing to Pinterest.
    • ✅ Account Management: To enable login, profile settings, and service customization.
    • ✅ Payment Processing: To process subscription payments securely.
    • ✅ Customer Support: To address inquiries and technical issues.
    • ✅ Service Improvement: To improve our AI models and user experience.
    • ✅ Security & Fraud Prevention: To prevent misuse, unauthorized access, or data breaches.

    We do not sell or misuse your data.

    3. Data Storage & Retention

    • 📌 Account Data: Stored in Supabase until account deletion.
    • 📌 Brand Settings: Retained to improve generation consistency across your products.
    • 📌 Generated Pins: Retained on secure R2 buckets for publishing and historical records.
    • 📌 Payment Data: Not stored by us; processed by secure third-party payment providers.
    • 📌 Logs & Analytics: Retained for performance monitoring but anonymized after 30 days.

    If you request deletion of your account, we will permanently erase all stored personal data.

    4. Your Rights (GDPR & Global Compliance)

    If you are an EU/EEA resident, you have additional GDPR rights:

    • 🔹 Right to Access: Request a copy of your personal data.
    • 🔹 Right to Rectification: Correct inaccurate or incomplete data.
    • 🔹 Right to Erasure ("Right to be Forgotten"): Request deletion of your personal data.
    • 🔹 Right to Restrict Processing: Limit how we use your data.
    • 🔹 Right to Data Portability: Request your data in a structured format.
    • 🔹 Right to Object: Stop processing for marketing purposes.
    • 🔹 Right to Withdraw Consent: If data processing is based on consent, you can withdraw it at any time.

    5. Data Sharing & Third-Party Services

    We do not sell your personal data. However, we may share data with:

    • AI Content Generation: Google GenAI and fal.ai for content creation, Tavily for search and research.
    • Cloud Storage & Infrastructure: Cloudflare R2 and Supabase for secure data storage. Trigger.dev and Upstash for background processing and serverless queuing.
    • Payment Processors: DodoPayments (for secure subscription processing).
    • Integrations: Shopify & Etsy (for product ingestion) and Pinterest (for official API publishing).
    • Analytics & Performance Monitoring: Microsoft Clarity to capture and analyze user interactions.
    • Email Communications: Resend for sending transactional notifications and reports.
    • Legal & Compliance Reasons: If required by law or court order.

    Each provider follows industry-standard security measures and GDPR compliance policies.

    6. Google Services Integration

    EcomPin integrates with the following services to provide our core automated functionality:

    6.1 Google Authentication (OAuth 2.0)

    We use Google Sign-In to allow you to authenticate securely with your Google account. When you sign in with Google, we receive:

    • Your email address (for account creation and communication)
    • Your name (for personalization)
    • Your profile picture (optional, for display purposes)

    We do not receive or store your Google password. Google authentication is handled securely through Google's OAuth 2.0 protocol.

    6.2 Google API Services User Data Policy Compliance

    EcomPin's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

    7. Data Security Measures

    • 🔒 Encryption: Data is encrypted in transit and at rest.
    • 🔒 Access Control: Limited access to authorized personnel only.
    • 🔒 Regular Security Audits: To prevent unauthorized data access.

    However, no system is 100% secure, and we encourage users to take necessary precautions.

    8. Cookies & Tracking Technologies

    We use cookies and similar tracking technologies to improve your experience on EcomPin.

    8.1 What Cookies Do We Use?

    • 🔐 Authentication Cookies: Used by Supabase to keep you logged in after signing in via email or Google login.
    • 🍪 Necessary Cookies: Required for basic website functionality and security.
    • 📊 Analytics Cookies: Help us analyze site usage and improve performance.

    8.2 Managing Cookies

    You can control or disable cookies through your browser settings. However, disabling authentication cookies may log you out or limit certain features.

    9. Children's Privacy

    We do not knowingly collect or process data from users under 18 years old. If we discover such data, we will delete it immediately.

    10. International Data Transfers

    Since we operate globally, your data may be transferred to servers outside your country (including the US & EU). We ensure these transfers comply with GDPR, SCCs (Standard Contractual Clauses), and other international laws for secure handling.

    11. Changes to This Privacy Policy

    We may update this Privacy Policy to reflect legal, technical, or business changes. Any updates will be posted here with an effective date. Continued use of EcomPin signifies your acceptance of the changes.

    EcomPin

    EcomPin automatically turns your plain product photos into photorealistic lifestyle scenes, formats them for Pinterest’s visual algorithm, and optimizes for Outbound Clicks while you sleep

    Company

    About UsBlogContact

    Legal

    Privacy PolicyTerms of ServiceRefund Policy

    © 2026 EcomPin. All rights reserved.