Pinhub
Torna alla home

Privacy Policy

Last updated 17 June 2026 · How Engineers Space LLC collects, uses, and protects your information when you use Pinhub.

In short: we collect only what we need to run Pinhub, we never sell your personal information, and we use no advertising trackers or third-party analytics. This summary is for convenience — the sections below are the full policy.

1. Overview & who we are

This Privacy Policy explains what information we collect, how we use and share it, and the choices and rights you have. It applies to the Pinhub website, the Pinhub application, and content shared through guest links (together, the "Service").

The Service is operated by Engineers Space LLC, 75 E 3rd St, Sheridan, WY 82801, USA ("Pinhub", "we", "us"). For most information we handle, Engineers Space LLC is the data controller. For personal data contained inside the screenshots and content you upload, a different arrangement applies — see Section 3. If you have any privacy question, contact us at privacy@usepinhub.com.

2. Information we collect

Information you provide

  • Account data — your email address (used for magic-link sign-in) and basic profile details such as your name.
  • Workspace & billing data — workspace name, members and their roles, and billing details associated with your subscription. Payments are processed by Stripe; we receive your subscription status and limited billing metadata (such as billing country and the last four digits/brand of a card), but we do not receive or store full payment-card numbers.
  • Your Content — the screenshots you upload and the comments, replies, and pins you create.
  • Guest data — when reviewing as a guest, the name and email you enter in order to comment.
  • Communications — information you provide when you contact support or otherwise correspond with us.

Information collected automatically

  • Usage & device data — log data such as IP address, browser and device type, and the actions you take, with timestamps, used to operate and secure the Service.
  • Session & device data — information about your active sessions and the devices you sign in from, shown to you in your profile.
  • Diagnostic data — when error monitoring is enabled, technical details about errors (such as stack traces and request context, which can include an IP address) used to diagnose and fix problems.
  • Cookies & local storage — a small number of strictly necessary and functional technologies described in Section 5.

Information from third parties

  • Payment data — our payment processor, Stripe, provides us with subscription and payment status so we can manage your plan.

3. Screenshots & other people’s data

The screenshots and content you upload may themselves contain personal data about other people — for example, names, email addresses, or other identifying details visible in an image. For that personal data within Your Content, when you use Pinhub for your own or your organization’s purposes, you (or your organization) act as the data controller and Engineers Space LLC acts as a processor handling it on your documented instructions to provide the Service. Business customers can request our Data Processing Addendum (DPA), which governs that relationship.

You are responsible for ensuring you have a valid legal basis to upload content containing other people’s personal data, and for honoring those individuals’ rights. For account, billing, website, security, and usage data, Engineers Space LLC is the controller and the rest of this policy describes how we handle it.

4. How we use information & legal bases

We use information for the purposes below. Where the EU or UK GDPR applies, the legal basis for each purpose is noted.

  • Provide the Service — host screenshots, render pins and threads, deliver real-time updates, and manage workspaces and sharing. Basis: performance of our contract with you.
  • Authenticate and secure — sign you in via magic link, maintain sessions, and protect accounts and the Service. Basis: contract; and our legitimate interest in keeping the Service secure.
  • Payments and subscriptions — process payments and manage plans through Stripe. Basis: contract; and legal obligation for tax and accounting records.
  • Service communications — send essential messages such as notification and billing emails. Basis: contract; and legitimate interest in operating the Service.
  • Safety, abuse prevention, and debugging — detect, investigate, and prevent fraud, abuse, security incidents, and technical problems. Basis: legitimate interest in protecting the Service and its users; and legal obligation where applicable.
  • Legal compliance — comply with applicable law and respond to lawful requests. Basis: legal obligation.
  • With your consent — for any purpose we ask you to agree to separately. Basis: consent, which you may withdraw at any time.

Where we rely on a legitimate interest, we balance it against your rights and freedoms. We do not use your information for third-party advertising and we do not sell it.

5. Cookies & local storage

We keep this deliberately minimal. We do not use advertising cookies, third-party analytics, or cross-site tracking, and we do not build advertising profiles.

  • Website — our marketing site sets a single functional cookie (pinhub_lang) to remember your chosen language. It sets no analytics or advertising cookies.
  • Application — the app uses your browser’s local storage to keep you signed in and to remember preferences such as your theme. This is not a tracking cookie and is not shared with third parties.

Because these technologies are strictly necessary or functional, they do not require a consent banner under applicable e-privacy rules; we describe them here for transparency.

6. Guests & shared content

When you share a screenshot via a link, anyone with the link (and the password, if you set one) can view it and comment as a guest. A guest’s email address is collected to attribute their comments and is never displayed publicly to other viewers. You control share links and can revoke them at any time, which disables access for all copies. Please share links only with people you trust, and avoid sharing screenshots that contain confidential or sensitive information with people who should not see them.

7. How we share & subprocessors

We do not sell your personal information, and we do not share it for cross-context behavioral advertising. We disclose information only as described here:

Service providers (subprocessors). We share information with vendors who process it on our behalf to run the Service, under contracts that require appropriate confidentiality and security (including data-processing agreements and, for international transfers, Standard Contractual Clauses). Our current key subprocessors are:

  • Cloudflare, Inc. (USA) — object storage (R2) for uploaded screenshots, plus website and application hosting, content delivery, and edge security.
  • Render Services, Inc. (USA) — application hosting and managed database and cache infrastructure (PostgreSQL and Redis) for accounts, workspaces, and content metadata.
  • Stripe, Inc. (USA) — payment processing and subscription management. Stripe is a PCI-DSS Level 1 certified provider; full card details are handled by Stripe, not by us.
  • Resend (USA) — delivery of transactional email such as magic-link sign-in, notifications, and billing messages.
  • Sentry / Functional Software, Inc. (USA) — error and performance monitoring (when enabled), used to diagnose and fix technical problems.

Legal and safety. We may disclose information if required by law or valid legal process, or where we believe in good faith it is necessary to protect the rights, property, safety, or security of Pinhub, our users, or the public, or to detect, prevent, or address fraud, abuse, or technical issues.

Business transfers. If we are involved in a merger, acquisition, financing, reorganization, or sale of assets, your information may be transferred as part of that transaction; we will notify you of any change in the controller of your personal data.

8. International transfers

We are based in the United States and our subprocessors are primarily located in the United States, so your information may be processed in the U.S. and other countries that may have different data-protection laws than your own. Where we transfer personal data from the European Economic Area, the United Kingdom, or Switzerland to a country without an adequacy decision, we rely on appropriate safeguards — principally the European Commission’s Standard Contractual Clauses and the UK International Data Transfer Addendum — together with additional measures where needed. You may contact us for more information about these safeguards.

9. Data retention

We retain your personal data for as long as your account and workspace are active, or as needed to provide the Service. When you delete a screenshot, workspace, or account, we remove the associated content from our active systems promptly (often immediately) in line with our deletion controls. Residual copies may persist in encrypted backups for a limited period (typically up to 90 days) before being overwritten on a rolling cycle.

We retain certain information longer where we must, for example to comply with legal, tax, or accounting obligations, to resolve disputes, or to enforce our agreements. Short-lived items such as magic-link tokens expire quickly, and operational logs are kept only for a limited period.

10. Security

We use technical and organizational measures designed to protect your information, including:

  • Encryption of data in transit (HTTPS/TLS).
  • Passwordless, magic-link authentication and short-lived access tokens, so there is no reusable password for an attacker to steal.
  • Time-limited, pre-signed URLs for uploading and viewing screenshots, and unguessable, revocable share links — with optional password protection on paid plans.
  • Access controls and rate limiting, and reliance on reputable infrastructure providers.

No method of transmission or storage is completely secure, so we cannot guarantee absolute security. We maintain processes to detect and respond to incidents and, in the event of a personal-data breach, will notify affected users and regulators where and as required by applicable law.

11. Your privacy rights

You can manage much of your information directly in the app — updating your profile, managing members, and deleting screenshots, workspaces, or your account. Depending on where you live, you also have additional rights described below. To exercise any right, use the in-app controls or contact privacy@usepinhub.com. We will verify your request and respond within the time required by law. We will not discriminate against you for exercising these rights.

EEA, UK & Switzerland (GDPR)

You have the right to access, rectify, erase, restrict, or object to our processing of your personal data, to data portability, and to withdraw consent where processing is based on consent. You also have the right to lodge a complaint with your local data-protection supervisory authority. We generally respond to requests within one month, and may extend this for complex requests as permitted by the GDPR.

If your request concerns personal data inside another customer’s screenshots or content, that customer is the controller (see Section 3); we will refer your request to them or act on their instructions.

California (CCPA/CPRA)

California residents have the right to know about and access the personal information we collect, to delete it, to correct it, and to opt out of its "sale" or "sharing" and limit the use of "sensitive personal information." We do not sell or share personal information for cross-context behavioral advertising, and we do not use sensitive personal information to infer characteristics. The categories we collect (identifiers, customer and commercial records, internet/network activity, and the content you provide) and the purposes for which we use them are described above. You may use an authorized agent to submit a request, subject to verification. We do not disclose personal information to third parties for their own direct marketing.

12. Children

Pinhub is not directed to children under 16, or the higher age of digital consent in their jurisdiction, and we do not knowingly collect their personal information. If you believe a child has provided us data, contact us at privacy@usepinhub.com and we will delete it.

13. Automated decisions

We do not make decisions that produce legal or similarly significant effects about you based solely on automated processing, and we do not engage in profiling for such purposes.

14. Changes to this policy

We may update this policy from time to time. If we make material changes, we will provide reasonable notice — for example, by email or an in-app or on-site notice — and update the "last updated" date above. Your continued use of the Service after the changes take effect constitutes acceptance of the updated policy.

15. Contact

Questions about your privacy or this policy, or want to exercise your rights? Contact us at privacy@usepinhub.com, or write to Engineers Space LLC, 75 E 3rd St, Sheridan, WY 82801, USA.

If you are in the EEA, UK, or Switzerland, you also have the right to lodge a complaint with your local data-protection supervisory authority.