1. Overview
Vox Umbrae Pinterest Integration ("the application") is a personal content management tool that connects to Pinterest via the Pinterest API v5 to allow the account owner to create and schedule pins on their own Pinterest boards. This policy describes what data is accessed, how it is used, and how it is protected.
By connecting your Pinterest account to this application, you agree to the practices described in this policy.
2. Data We Access
This application requests the following OAuth scopes from Pinterest:
| Scope | Purpose |
|---|---|
| user_accounts:read | Display your username and profile information in the app interface. Not stored. |
| boards:read | List your Pinterest boards so you can select a target board when creating a pin. Not stored. |
| pins:read | Verify pin creation results. Not stored. |
| pins:write | Create and publish pins to your boards on your behalf. |
This application does not access your followers, your feed, your messages, or any data beyond the scopes listed above.
3. How We Use Your Data
Data retrieved from the Pinterest API is used exclusively to display your boards and profile within the app interface, and to create pins on your behalf when you explicitly initiate a publish action. No data is used for advertising, analytics, profiling, or any purpose beyond direct app functionality.
4. Token Storage
Your Pinterest access token is stored in your browser's sessionStorage only — it exists for the duration of your browser session and is automatically deleted when you close the tab or click "Disconnect". It is never written to a database, server log, or external service.
Refresh tokens, if issued, are stored in sessionStorage under the same conditions and are used solely to renew your access token without requiring you to re-authorize.
5. Data Retention
This application does not maintain a backend database of user data. Any information retrieved from the Pinterest API exists only in memory during your active browser session and is discarded when the session ends.
Pin content (title, description, image URL, schedule time) entered manually or pasted as JSON is stored only in browser memory for the duration of the session and is not transmitted to any server other than the Pinterest API at the moment of publication.
6. Third-Party Services
This application uses the Pinterest API v5, governed by Pinterest's Privacy Policy and Pinterest Developer Terms.
Hosting is provided by Cloudflare Pages, which may collect standard server access logs (IP address, browser type, request timestamps) as described in Cloudflare's Privacy Policy.
The OAuth token exchange is handled by a Cloudflare Worker running on the same infrastructure. The Worker receives the authorization code, exchanges it for a token using the app secret (which is stored as a Worker environment variable, never exposed to the browser), and returns only the access token to the client. No data is logged or persisted in the Worker.
7. Your Rights
You may revoke this application's access to your Pinterest account at any time by visiting Pinterest Settings → Security → Connected apps and removing Vox Umbrae from the list of authorized applications.
You may also disconnect from within the application at any time using the "Disconnect" button, which immediately clears your token from browser storage.
8. Children's Privacy
This application is not directed at children under the age of 13. We do not knowingly collect data from minors.
9. Changes to This Policy
We may update this policy from time to time. The date at the top of this page reflects the most recent revision. Continued use of the application after changes constitutes acceptance of the updated policy.
10. Contact
For questions about this privacy policy or data handling, contact: contact@voxumbrae.icu<