Privacy Policy

1. Introduction

PinCushion ("we," "us," "our," or "Company") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our browser extension and web services, including our website at pincushion.io and related services (collectively, the "Services").

Please read this privacy policy carefully. If you do not agree with our policies and practices, please do not use our Services. By accessing and using PinCushion, you signify that you have read, understood, and agree to be bound by all the terms of this Privacy Policy.

2. Information We Collect

We collect information in the following ways:

• Pin and Feedback Data: When you drop pins and add comments on web pages, we collect the text content, element selectors (CSS and XPath), coordinates, and associated metadata.
• User Account Information: If you create an account, we collect your email, username, password (hashed), and profile information.
• Team and Collaboration Data: For Pro and Team plans, we collect information about team members, their roles, and collaboration history.
• Usage Analytics: We collect non-identifying usage data such as feature usage, page views, and interaction patterns to improve our Services.
• Technical Information: We automatically collect IP addresses, browser type, operating system, referring URLs, and other technical data through server logs.
• Cookies: We use cookies and similar tracking technologies to remember your preferences and enhance your experience.

3. How We Use Your Information

We use the information we collect for:

• Providing, maintaining, and improving our Services
• Processing payments and managing your account
• Communicating with you about updates, security alerts, and support
• Analyzing usage patterns to optimize performance
• Detecting and preventing fraud or security issues
• Complying with legal obligations and protecting our rights
• Sending marketing communications (with your consent)

4. Data Storage and Security

We implement appropriate technical and organizational security measures to protect your data against unauthorized access, alteration, disclosure, or destruction. Your data is encrypted in transit using TLS/SSL and at rest using industry-standard encryption.

Pin and feedback data for Free tier users is stored locally in your browser. For Pro and Team tier users, data is securely stored on our servers with encrypted connections.

While we strive to use commercially acceptable means to protect your personal information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee its absolute security.

5. Data Sharing and Disclosure

We do not sell your personal data to third parties. We may share information:

• With Team Members: If you're on a paid plan, your feedback is visible to authorized team members.
• With Service Providers: We use third-party services for hosting, payments (Stripe), and analytics. These are bound by confidentiality agreements.
• For Legal Reasons: We may disclose information if required by law, court order, or to protect our rights and safety.
• Business Transfers: In the event of merger, acquisition, or bankruptcy, your information may be transferred as part of that transaction.

6. AI Agent Integration (MCP Server)

When you enable MCP integration with AI agents (Cursor, Claude, VS Code), your pin feedback is made available to those applications through our MCP server. You maintain full control over which pins and feedback are shared with agents. Agents cannot access data without your explicit authorization.

7. Your Rights and Choices

Depending on your location, you may have rights including:

• Access: Request a copy of the personal data we hold about you
• Correction: Request corrections to inaccurate information
• Deletion: Request deletion of your data (subject to legal obligations)
• Portability: Request your data in a portable format
• Opt-out: Opt out of marketing communications and non-essential cookies

To exercise these rights, contact us at privacy@pincushion.io. We will respond to requests within 30 days.

8. Children's Privacy

PinCushion is not intended for children under 13 years old. We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided us with personal information, we will delete such information immediately.

9. Third-Party Links

Our Services may contain links to third-party websites and services that are not operated by us. This Privacy Policy does not apply to third-party websites, and we are not responsible for their privacy practices. We encourage you to review their privacy policies before providing your information.

10. International Data Transfers

Your information may be transferred to, stored in, and processed in countries other than your country of residence. These countries may have data protection laws that differ from your home country. By using our Services, you consent to the transfer of your information to countries outside your country of residence, which may have different data protection rules.

11. Updates to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, and other factors. We will notify you of any material changes by posting the updated Privacy Policy and updating the "Last updated" date. Your continued use of our Services after such modifications constitutes your acceptance of the updated Privacy Policy.

12. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us:

PinCushion
Email: privacy@pincushion.io
Website: https://pincushion.io

We will respond to your inquiry as soon as reasonably practicable, and no later than 30 days from receipt of your request.

© 2026 PinCushion. Made with 💙 by Josh.