1. Information We Collect

Account information. When you create a buyer or creator account we collect your email address, display name, and encrypted password. Creators additionally provide legal name, address, tax identification number, and banking information through our Stripe Connect onboarding flow.

Order and transaction data. When you purchase a product we collect your shipping address (for physical print-on-demand orders), order details, and payment method metadata. We never store raw card numbers — all payment processing is handled by Stripe, Inc. as our payment processor and co-Merchant of Record. We receive a Stripe payment intent ID, last-four digits, card brand, and billing country.

Usage and device data. We collect browser type, operating system, referring URL, pages visited, and approximate location derived from your IP address. This helps us detect fraud, improve the platform, and diagnose technical problems.

Communications. If you email us, submit a support ticket, or chat with our AI concierge Coco, we retain those messages to resolve your request and improve service quality.

Cookies and local storage. We use a session cookie (ppm_token) for buyer authentication, and localStorage for creator (merchant) sessions. See our Cookie Policy for details.

2. How We Use Your Information

• Order fulfillment. Shipping addresses are passed to Printful to produce and ship physical print-on-demand orders. Digital files are served from private Cloudflare R2 storage via a signed, time-limited URL.
• Creator payouts. Tax ID and banking details are held by Stripe for KYC verification and ACH/wire payouts. Pinpinmo retains a platform fee (8–10% of GMV) and remits the balance to creators on a rolling 7-day schedule.
• Transactional email. We send order confirmations, download links, payout notifications, and receipts. You cannot opt out of transactional email while an account is active.
• Product marketing email. With your consent we send newsletters and promotional offers. You can unsubscribe at any time via the link in any marketing email.
• Fraud prevention and security. IP addresses, device fingerprints, and behavioral signals are analyzed to detect chargebacks, bot traffic, and account takeover attempts.
• Platform improvement. Aggregate, de-identified usage data informs product decisions. We do not sell identifiable behavioral data to advertisers.
• Legal compliance. We may process your data to comply with tax law, respond to valid legal process, or enforce our Terms of Service.

3. Third-Party Services We Share Data With

We share only the minimum data necessary with each sub-processor:

• Stripe, Inc. — Payment processing, creator KYC/identity verification, and fraud detection. Stripe acts as a limited Merchant of Record for card acceptance. Stripe's privacy policy: stripe.com/privacy.
• Printful Inc. — Receives buyer name, shipping address, and product specifications solely to produce and ship print-on-demand orders. Printful does not receive payment card data.
• Cloudflare, Inc. — CDN, DDoS protection, DNS, and R2 object storage for digital product files. Cloudflare processes IP addresses and HTTP request metadata for performance and security.
• Railway Corporation. — Application infrastructure hosting. Database rows (including order and user records) reside on Railway-managed PostgreSQL servers within the United States.
• Wavespeed / AI image generation providers. — Prompts submitted by creators to generate product images are sent to our AI generation partners. These prompts may include descriptive text about desired art styles. We do not send personal buyer data to image-generation services.
• Analytics and monitoring. — We use self-hosted or privacy-respecting analytics tools. We do not use Google Analytics in a mode that shares identifiable user data with Google for advertising.

4. AI-Generated Content

Pinpinmo is an AI-native platform. Product images, store names, and product descriptions in creator stores are generated by AI systems (including Wavespeed and Anthropic Claude) operating autonomously on behalf of creators. Buyers interact with AI-generated storefronts. No personal buyer data is used as input to AI image generation. Creator prompts and configuration preferences may be used to fine-tune generation parameters in aggregate.

5. Data Retention

• Order records are retained for 7 years from the order date to satisfy US federal and state tax and accounting obligations (IRC §6001).
• Account data is retained until you request deletion. After a deletion request we remove your personal data within 30 days, except records we must keep for legal compliance (e.g., transaction history).
• Server logs containing IP addresses are retained for 90 days for security purposes, then automatically purged.
• Digital files you purchased remain accessible for at least 3 years from your purchase date.

6. Your Privacy Rights

Depending on where you live, you may have the following rights under the CCPA (California), GDPR (EU/UK), or similar laws:

• Access. Request a copy of the personal data we hold about you.
• Correction. Ask us to correct inaccurate data.
• Deletion. Request erasure of your personal data, subject to our legal retention obligations.
• Portability. Receive your data in a machine-readable format (JSON or CSV).
• Opt-out of sale. We do not sell personal data. If this ever changes, we will provide a prominent opt-out mechanism.
• Withdraw consent. Where processing is based on consent (marketing email), you may withdraw at any time without affecting prior processing.

To exercise any right, email [email protected] from the address associated with your account. We will respond within 30 days. Identity verification may be required before processing sensitive requests.

7. International Data Transfers

Pinpinmo is a US-based company. If you access the platform from outside the United States, your data may be transferred to and processed in the US. Where required by law (e.g., GDPR), we rely on Standard Contractual Clauses or equivalent safeguards for international transfers.

8. Children's Privacy

Pinpinmo is not directed at children under 13. We do not knowingly collect personal data from children under 13. If you believe we have inadvertently collected such data, please contact us immediately and we will delete it.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be announced via email and a banner on the platform at least 14 days before taking effect. Continued use of the platform after the effective date constitutes acceptance of the revised policy.