Privacy Policy
Last updated: May 28, 2026
1. Information We Collect
- Account info: name, email, hashed password, and an optional profile photo (avatar) you choose to upload.
- Subscription info: Stripe customer ID, subscription status, billing dates. We never see or store full card numbers; payment data is handled directly by Stripe.
- App data: the leads, notes, events, tasks, and related content you create or upload.
- Usage data: IP address, browser type, request logs. We use this for security, debugging, and rate-limiting only.
- Profile photos: if you upload an avatar, it is stored in a publicly-readable location so the app can display it. Anyone with the direct image URL can view it. You can replace or remove it at any time from Settings.
2. How We Use It
We use your information to operate the Service, process payments, provide support, and communicate about your account (e.g., billing receipts, product updates, lifecycle notifications). We do not sell your information to third parties.
3. Subprocessors
We use the following service providers to operate Pinvale:
- Supabase (US), database and authentication hosting.
- Cloudflare (US, global edge), application hosting and edge delivery.
- Cloudflare Web Analytics (US), cookieless, privacy-respecting page view + Core Web Vitals tracking. Does not set cookies, does not build cross-site profiles.
- Stripe (US), payment processing and subscription management.
- Resend (US), transactional email delivery (account confirmations, workspace invites, password resets, billing notices). Receives your email address and the message body of the email being sent.
- Sentry (US), server-side and client-side error monitoring. Receives an opaque account identifier (not your email) and the technical context of the error (stack trace, URL path, browser version).
- LocationIQ (US/EU), geocoding addresses for the map view. Receives the address strings you enter or import.
- CARTO and OpenStreetMap (US/EU), basemap tile delivery for the map view. Receives the visitor IP and tile coordinates while the map is panned or zoomed.
- Anthropic (US), AI-assisted CSV column mapping. We send column headers and a few sample rows when you import a CSV; we do not send your full CSV or any unrelated data.
3a. Third-party integrations you authorize
Workspace operators (typically the workspace owner or an admin) can mint API keys from Settings → API to authorize third-party applications of their choice (for example Zapier, custom scripts, or AI agents) to read, write, or delete lead records in their workspace on their behalf. When this happens the workspace operator, not Pinvale, is the controller responsible for the integration; Pinvale acts as the processor and logs every API request (method, path, status, duration, IP) in our internal api_key_events audit log. API keys can be revoked at any time from the same settings page.
Workspace members can also generate iCal subscription URLsfrom Settings → Calendar to subscribe a calendar application (Google Calendar, Apple Calendar, Microsoft Outlook, or any other RFC 5545 compatible client) to a live feed of workspace events and the tasks assigned to or created by that member. When the member subscribes, the calendar provider they choose receives copies of every event in the workspace plus the member's tasks. Subscription tokens are revoked automatically when a member is removed from the workspace, and can be revoked individually at any time from the same settings page.
3.5 Lead-capture forms (Pinvale as processor)
When you build a Pinvale lead-capture form and embed or share the link, the people who submit that form (your leads) are data subjects. You are the controller of their information; Pinvale is the processor, acting on your documented instructions (your form configuration plus our Terms of Service plus our Data Processing Agreement at /dpa). The public-facing notice we show to those submitters is at /lead-form-privacy. It is your responsibility to provide your own privacy notice to the leads you collect; ours covers only Pinvale's processor-role obligations.
4. Cookies and Tracking
We use a small number of strictly necessary cookies for authentication and session management, plus a functional cookie for your theme preference (light/dark/system) that only sets when you toggle it. We do not use advertising cookies, behavioral retargeting, session replay, heatmaps, or third-party tracking cookies.
For aggregate page-view and Core Web Vitals measurement we use Cloudflare Web Analytics, which is cookieless: it does not set tracking cookies, does not store personal identifiers, and does not build cross-site profiles.
5. Data Retention
While your subscription is active, we retain your data indefinitely. After cancellation or non-payment, your data is preserved for 90 days (during which you can reactivate and recover full access). After 90 days, your account and all associated data are permanently deleted from our active systems. Backups are rotated within 30 days of that deletion.
If you click "Delete my account" in Settings, your data is permanently deleted immediately, with no 90-day retention.
Workspace preferences (saved map views, quiet hours, default maps app, member colors), recurring-task children spawned by completed parent tasks, and calendar subscription tokens follow the same retention lifecycle as the parent workspace and are removed on workspace deletion. Calendar tokens can also be revoked individually at any time from Settings → Calendar.
6. Your Rights
Depending on where you live, you may have the right to:
- Access the personal data we hold about you.
- Correct inaccurate data.
- Delete your data (right to be forgotten).
- Export your data in a portable format.
- Object to or restrict certain processing.
You can exercise the access, correction, and export rights directly from the Settings page. To exercise other rights or for assistance, email privacy@pinvale.com; we will respond within 30 days.
7. Security
We use industry-standard security practices: TLS in transit, encrypted storage at rest (Supabase), row-level security policies that prevent cross-account access, and rate-limited APIs. No system is perfect; if we discover a security incident affecting you, we will notify you in accordance with applicable law.
8. Children
Pinvale is not directed at children under 18. We do not knowingly collect personal information from children. If you believe we have, contact us and we will delete it.
9. International Users and Cross-Border Transfers
Pinvale is operated from the United States. Customer data and other personal data may be stored and processed in the US, where data protection laws may differ from those in your country.
When personal data is transferred from the European Economic Area, the United Kingdom, or Switzerland to Pinvale in the United States, we rely on the European Commission's Standard Contractual Clauses (Implementing Decision (EU) 2021/914) and the UK International Data Transfer Addendum issued by the ICO, as set out in our Data Processing Agreement at /dpa. We are also pursuing certification under the EU-US Data Privacy Frameworkand its UK Extension; once certified, we will rely on the DPF in addition to the SCCs. Status: pursued, not yet certified as of the "Last updated" date at the top.
If you require a counter-signed DPA or SCCs for your records, email privacy@pinvale.com.
9a. EU and UK Representatives
Pinvale does not currently maintain an establishment in the EU or UK. We will appoint an Article 27 GDPR / UK GDPR representative on reasonable notice if and when our processing of EU or UK data subjects' personal data requires one. In the meantime, EU and UK users can contact us directly at privacy@pinvale.com for any privacy request.
9b. Global Privacy Control (GPC)
Pinvale honors the Global Privacy Control browser signal. Because Pinvale does not sell your personal information and does not share it for cross-context behavioral advertising, no opt-out is technically required, but the GPC signal is recorded as confirmation of your preference. See /gpc-status for the live signal-handling confirmation.
10. Changes
We may update this policy. If we make material changes, we will notify you by email or in-app notice. The "Last updated" date at the top reflects the current version.
11. Contact
Pinvale is operated by Mesquite Dev LLC, an Arizona limited liability company. Privacy questions: email privacy@pinvale.com.

