Privacy Policy

Last updated: January 29, 2025

This Privacy Policy describes how MyPinSpot, operated by HYT Radoslav Tsvetkov, Ole Wisch, 21244 Buchholz, Germany, VAT ID: DE367045008 ("we", "us", or "our") collects, uses, and discloses your information when you use our service.

Data Controller: HYT Radoslav Tsvetkov, Ole Wisch, 21244 Buchholz, Germany

Contact: team@mypinspot.com

1. Information We Collect

1.1 Information You Provide

• Account Information: Email address, password (encrypted), and optional nickname
• Item Data: Item names, locations, descriptions, categories, and tags you create
• Voice Data: Voice recordings temporarily processed for transcription (not stored)
• Payment Information: Processed securely through Stripe (we don't store card details)

1.2 Automatically Collected Information

• Usage Data: Pages visited, features used, time spent on service
• Device Information: Browser type, operating system, IP address
• Cookies: Session cookies for authentication and preferences

2. How We Use Your Information

• Provide, maintain, and improve our service
• Process payments and manage subscriptions
• AI-powered categorization and search (using OpenAI API)
• Send transactional emails (OTP codes, subscription updates)
• Respond to support requests
• Detect and prevent fraud or abuse
• Comply with legal obligations

3. Data Sharing and Disclosure

3.1 Third-Party Service Providers

• Stripe: Payment processing (Privacy Policy)
• OpenAI: AI features for categorization (Privacy Policy)
• Hosting Provider: Secure data storage and infrastructure

3.2 We Do NOT

• Sell your personal information to third parties
• Share your data for advertising purposes
• Use your data to train AI models

3.3 Legal Requirements

We may disclose your information if required by law, court order, or to protect our rights or safety.

4. Data Security

• Encryption in transit (TLS/SSL) and at rest
• Password hashing using industry-standard algorithms (PBKDF2-SHA256)
• Regular security audits and updates
• Access controls and authentication requirements
• Secure hosting infrastructure with EU data centers

IMPORTANT: No method of transmission over the Internet is 100% secure. While we implement industry-standard security measures, we cannot guarantee absolute security. You acknowledge and accept the risks of data transmission over the Internet and agree that we are not liable for any unauthorized access, data breaches, or security incidents beyond our reasonable control.

5. Data Retention and Deletion

• Account Data: Retained while your account is active
• Backups: May be retained for up to 90 days for disaster recovery
• Payment Records: Retained for 10 years as required by German tax law (§147 AO)
• Deleted Accounts: Data permanently deleted within 30 days, except where retention is legally required
• You acknowledge that we cannot recover data once deleted, and we are not responsible for any data loss resulting from account deletion, whether initiated by you or us

6. Your Rights (GDPR & CCPA)

Depending on your location, you have the following rights:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate data
• Erasure: Request deletion of your data ("right to be forgotten")
• Portability: Export your data in JSON format
• Restriction: Limit how we process your data
• Objection: Object to data processing
• Withdraw Consent: Opt-out at any time

To exercise these rights, contact us at team@mypinspot.com

7. Children's Privacy

Our service is not intended for users under 13 years old. We do not knowingly collect data from children under 13. If we become aware of such collection, we will delete the data immediately.

8. International Data Transfers

Your data is primarily stored and processed in the European Union (EU). For users outside the EU:

• Data may be transferred to and processed in the EU for service provision
• We comply with GDPR requirements for international data transfers
• We use Standard Contractual Clauses (SCCs) approved by the European Commission where applicable
• Third-party services (OpenAI, Stripe) may process data in their respective jurisdictions under their privacy policies

9. Cookies and Tracking

We use essential cookies for:

• Authentication and session management
• Language preferences
• Security features

You can disable cookies in your browser settings, but this may affect functionality.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or prominent notice on our service. Continued use after changes constitutes acceptance.

11. Contact Us

For privacy-related questions or requests:

• Data Controller: HYT Radoslav Tsvetkov
• Address: Ole Wisch, 21244 Buchholz, Germany
• VAT ID: DE367045008
• Email: team@mypinspot.com