This Privacy Policy explains how PinsXP ("PinsXP", "we", "us", "our") collects, uses, discloses, and protects information when you use the PinsXP mobile application and related services (the App). It applies to both individual users and business accounts (e.g., merchants, venues, student clubs, creators, advertisers).
This Privacy Policy is available on our website at https://pinsxp.app/privacy and within the PinsXP app under Settings and Activity → Privacy.
If you do not agree with this Policy, please do not use the App. You can close your account at any time, and request for your data to be deleted by emailing compliance@PinsXP.com or within the app.
This Policy covers use of the App by individuals aged 18+ and by business accounts.
How PinsXP handles your data (our "role").
Controller (most activities): PinsXP decides how and why personal data is used to run the App (e.g., accounts, posts, maps, safety/enforcement, diagnostics, basic analytics, and service communications).
Service provider/processor (limited business features): When a business uses PinsXP features such as promotions/ads and we process personal data only to deliver that business's instructions (for example, showing a promo to an audience the business selects and providing aggregated, de‑identified performance reports), we act as that business's service provider/processor for that specific purpose.
No illegal use/harm: We do not use personal data for any unlawful, harmful, or exploitative purpose, and we prohibit such use by users.
Google Play Data Safety: PinsXP's disclosures in the Google Play Data Safety section accurately describe how we collect, share, and protect user data. If there is any difference between this Policy and our Google Play Data Safety summary, this Policy prevails.
Data we collect: PinsXP collects account details, content you create, device/technical data, diagnostics/crash data (required for Beta), and location if you grant permission. Business accounts may also provide business profile details, verification documents, authorised staff contacts, campaign settings, and payment details handled by third‑party processors.
Why: This information is gathered to ensure the operation of the App, keep users safe, improve performance, run promotions/ads (if enabled), communicate essential updates, and comply with law.
Ads & measurement: we do not sell personal information. If targeted ads are enabled, you'll have controls to filter the ads; we avoid sensitive categories. Businesses receive aggregated, de‑identified performance reports; we don't expose individual users' personal data to advertisers without explicit consent.
Your choices: Within the app you are able to manage personal data settings such as location precision/background use; set audience for posts; request a copy of your data; delete your account; manage ad preferences (if enabled).
Retention: diagnostics ≤ 18 months; backups ≤ 90 days; deleted content removed from active systems within a reasonable period (may persist briefly in backups). Business tax/transaction records may be retained longer where legally required.
Security & breaches: industry‑standard safeguards; we will notify you without unreasonable delay if a notifiable breach occurs.
Device permissions: Some features may request optional device permissions (such as location, camera, or media access) to function properly. Permissions are used only for the intended purpose and can be changed or revoked anytime in your device settings.
We collect information in several ways to help operate, secure, and improve PinsXP. The types of data we handle correspond to Apple's recognised categories of Contact Information, User Content, Identifiers, Usage Data, Location Data, Financial Information, and Diagnostics Data.
PinsXP uses your information to:
Where required by law (e.g., EU/UK), PinsXP relies on consent, performance of a contract, legitimate interests, and legal obligations as legal bases for processing personal data.
We do not sell personal information, and we do not expose individual user identities to advertisers without consent.
However, we do use third-party SDKs for analytics, crash reporting, and messaging. Each SDK provider declares its data practices through Apple's Privacy Manifest. PinsXP reviews and restricts SDK use to ensure they only collect data necessary for app functionality and improvement, not for unrelated advertising or profiling.
We share your information in the following ways:
We do not share user data with third parties for their independent advertising or profiling purposes. All data access by service providers or SDKs is limited to performing services under our instructions and consistent with our Privacy declarations on App Store and Google play.
You are in control of how your data is used. It may be for the following:
Location permissions: choose precise or approximate, or turn location off in device and in‑app settings. Background location is off unless you enable it.
Page visibility: page names and basic details are generally public in the Beta pilot. You control what you publish and can remove your posts.
Access/portability: request a copy of your personal data via compliance@pinsxp.com.
Deletion: You can permanently delete your PinsXP account from within the app under Settings and Activity → Delete Account, or by emailing compliance@pinsxp.com. Deleting your account removes personal data from our active systems and triggers removal from backups within 90 days, except where retention is required by law.
Comms: opt out of non‑essential emails via unsubscribe; manage push in device settings. Business contacts may still receive essential operational notices.
Ad preferences: if targeted ads are enabled, use in‑app settings and device‑level ad‑ID controls.
We will store the data you provide while your account is active, and for a reasonable time period after it has been deleted. The time of retention depends on data type, and is as follows:
If you downloaded PinsXP from the App Store, Apple and Google may collect limited analytics or device data in accordance with Apple's and Google's own privacy policy. PinsXP does not access or control this data.
We use industry‑standard technical and organisational measures (encryption in transit, access controls, monitoring). No method is 100% secure. Keep credentials confidential and report suspected vulnerabilities to compliance@pinsxp.com.
We may process your data outside your country of residence (including in the United States). Where data transfers occur, we rely on legally recognised safeguards such as standard contractual clauses or equivalent mechanisms under applicable data protection laws.
PinsXP is for 18+ only. We do not knowingly collect data from children. If we learn an under‑18 account exists, we will close it and delete associated personal data.
We use third-party SDKs for analytics, crash reporting, messaging, and maps. Each SDK provider declares its data practices through Apple's Privacy Manifest and Google Play's User Data Policy, which we review and restrict to ensure data collection is limited to essential app functions.
If in-app advertising is introduced in the future, we will use only certified ad SDKs and provide clear in-app controls for personalisation and ad preferences.
We may contact business accounts about verification, policy changes, compliance, or billing. Where SMS is tested, we provide opt‑out instructions; message/data rates may apply.
We list open‑source/licensed components and map/data attributions in‑app under Settings → Attributions.
Where we act as a service provider/processor for business promotions/ads, our standard DPA applies upon request or as incorporated by reference in the business terms.
We may update this Policy. For material changes, we will give reasonable notice in‑app or by email and show an effective date. Continued use after that date means you accept the changes.
Any questions on this policy should be sent to compliance@pinsxp.com.
For all other general support, please contact support@pinsxp.com.