Privacy policy

Pin Feed is operated by Workotick LLC, a United States company. We run the marketing site at pinfeed.io and the product at app.pinfeed.io. When this policy says "we", "us", or "Pin Feed", it means Workotick LLC.

Two roles matter here. For your account data, billing data, and anything we collect on the marketing site, we decide how the data is used, so we are the data controller. For the content inside projects, including the names and emails of guest reviewers, our customer (the account that owns the project) is the controller and we process that data on their instructions.

Account data. When you sign up we collect your name, email address, and a password. The password is hashed before it touches our database; we cannot read it and we will never ask you for it.

Guest reviewer data. People who open a share link enter a name and an email so their pins and comments have an author. That's the whole ask. We collect it on behalf of the customer who owns the project, and we use it for nothing except labeling that guest's activity and sending notifications the project has turned on. Guests never end up on a marketing list.

Project data. The URLs you point a project at, the pins, drawings, and comment threads on them, the screenshots captured automatically when a pin is placed, and any images, PDFs, or attachments you upload. This is your content; we store and display it to make the product work.

Billing data. Paid plans are billed through Stripe. Your card details go straight to Stripe; we only see what we need (plan, status, invoice history, last four digits).

Technical data. Standard server logs: IP addresses, browser type, timestamps, and the requests made. We use these for security, debugging, and rate limiting, not for profiling.

Someone sent you a Pin Feed link and you typed in a name and email. Here is exactly what that means:

• You did not create an account, and we did not create one for you behind the scenes.
• Your name and email exist to label your pins and comments inside that one project, and they belong to the project, not to us. The customer who invited you controls them.
• We will never email you marketing. The only emails you might get are notifications about activity on threads you took part in, if the project has them turned on.
• If the project is deleted, your contributions and your contact details go with it.
• Want out sooner? Ask the person who sent you the link to remove your comments, or email us at support@app.pinfeed.io and we will handle it with them.

Pin Feed shows you a live website with a feedback layer on top. To do that, our servers fetch the pages a project points at and pass them through to your browser. A few honest details about how that works:

• We only load pages that someone in a project explicitly navigates to. Pin Feed never crawls, spiders, or fetches websites on its own.
• Some websites sit behind firewalls that block data center traffic. To load those, requests may route through proxy infrastructure provided by Webshare. What passes through is the page request itself, never your account data.
• We identify ourselves honestly. Our requests carry a Pin Feed user agent and header, so site owners can see us, and block or allow us, whichever they prefer. There is a public allowlist guide for site admins.
• Proxied page content is processed in transit and cached briefly so review stays fast. The things we keep long term are the parts of your project: pins, comments, and the screenshots captured when a pin is placed.

We use the data above to:

• run the product: load pages, store pins and comments, render screenshots, sync your team
• send notifications you (or your project) have turned on: mentions, replies, resolves, invitations
• bill paid plans and send receipts
• answer support requests
• keep the service safe: detect abuse, enforce rate limits, investigate incidents
• measure our own advertising on the marketing site (the Meta pixel, covered below)

Under GDPR, our legal bases are performance of a contract (the product itself), legitimate interest (security, support, basic analytics), and consent (the marketing pixel where consent is required). We do not sell personal data, and we do not use your project content for anything other than running the service.

We don't run everything on hand-built servers in a basement. These companies process data for us, each for one specific job:

Each of these is bound by its own data processing terms, and we hold them to the same standard this policy holds us to. If we add a subprocessor that touches customer data, we will update this table before it goes live.

In the app (app.pinfeed.io): strictly necessary cookies only. They keep you signed in and keep sessions secure. There is no advertising or third-party tracking inside the product, and nothing follows your clients around the internet after they review your site.

On the marketing site (pinfeed.io): we use the Meta advertising pixel to measure whether our ads work. It records page views and signup events on this site and shares them with Meta, which may connect them to your Meta account if you have one.

Where the law requires consent (the EU, the UK, and similar jurisdictions), the pixel stays off until you opt in. You can also limit it yourself: block third-party cookies in your browser, use a content blocker, or adjust your ad preferences inside Meta's own settings. The site works exactly the same either way.

We keep your data for as long as you have an account, because that is the product: your projects and their history are supposed to stay put. A few specifics:

• Account deletion cascades. Delete your account from Settings and everything you own goes with it: workspaces, projects, pins, comments, screenshots, and uploaded files. This is immediate and not reversible, which is why the button lives in a section called Danger zone.
• Deleted data ages out of our rolling backups within 30 days of deletion.
• Projects frozen over the Free plan cap are retained, not deleted. They stay until you delete them or delete your account.
• Billing records are kept as long as tax and accounting law requires, even after account deletion.
• Server logs rotate on a short schedule and are kept only as long as security and debugging need them.

Notification emails are controlled per event type in your account settings: invitations, mentions, comments, thread replies, pin resolved, and new pins each have their own toggle. Turn off what you don't want; the in-app bell still catches everything.

Transactional emails (receipts, password resets, security notices) can't be turned off, because you need them for the account to function. Any marketing email we ever send will have a one-click unsubscribe link, as required by law and by basic decency.

Wherever you live, we extend the same baseline. You can ask us to:

• show you the personal data we hold about you (access)
• fix anything that is wrong (rectification)
• delete your data (erasure; account deletion in Settings does most of this instantly)
• hand your data over in a portable format (portability)
• stop or limit certain processing (objection and restriction)

For people in the EU and UK (GDPR): our infrastructure runs primarily in the United States, so your data is transferred there. We rely on standard contractual clauses with our subprocessors for those transfers. If we handle your request badly, you can complain to your local supervisory authority, but we would rather you give us the first shot.

For California residents (CCPA/CPRA): we do not sell personal information. The Meta pixel on the marketing site may count as "sharing" for targeted advertising under California law; you can opt out using the cookie controls described above, and we will not treat you any differently for exercising any right.

If your data lives inside a customer's project (you reviewed something as a guest), the project owner is the controller, so the fastest route is asking them. Contact us anyway if that fails, and we will work it out with them.

To exercise any of these, email support@app.pinfeed.io. We verify it's really you, then respond within 30 days. Customers who need a data processing agreement for their own compliance can request one at the same address.

• All traffic is encrypted in transit with TLS.
• Passwords are hashed with a modern algorithm, never stored in plain text.
• Sensitive integration credentials, like Slack webhooks, are encrypted at rest.
• Uploaded files and screenshots are served through authenticated, expiring links, not public URLs.
• Access to production systems is restricted to the people who operate them.
• Rate limiting and abuse detection run on every request.

No one can honestly promise perfect security, so we won't. What we promise instead: if a breach affects your personal data, we will tell you what happened, what was exposed, and what we are doing about it, promptly and without spin.

Pin Feed is a work tool for people reviewing websites. It is not directed at children, and you must be at least 16 to use it. If you believe a child has given us personal data, email us and we will delete it.

When we change this policy, we update the date at the top. If a change meaningfully affects how we handle your data (new subprocessor categories, new uses, anything you would actually care about), we will email account holders before it takes effect, not after.

Privacy questions, data requests, or anything this page didn't answer: support@app.pinfeed.io. Pin Feed is operated by Workotick LLC.

While you're in the fine print, the terms of service cover the other half: billing, acceptable use, and who owns what. (You do.)