Privacy Policy

Last updated: April 5, 2026

1. Controller

Sahler Digital Investments
[Street Address]
[City, Postal Code], Germany
Email: privacy@pinvault.app

2. Data We Collect

We collect the following categories of personal data:

• Account data: Email address and password (hashed) when you register
• Profile data: Display name, username, avatar, and collection preferences you choose to provide
• Collection data: Pins, boards, wishlists, and scan history you create within the App
• Subscription data: Subscription tier, status, and billing period (payment details are handled by Apple, Google, or Stripe)
• Usage data: Feature usage patterns and app interactions for improving the service

3. Legal Basis for Processing (GDPR Art. 6)

• Contract performance (Art. 6(1)(b)): Processing necessary to provide the App and manage your account and subscription
• Legitimate interest (Art. 6(1)(f)): Analytics and service improvement
• Consent (Art. 6(1)(a)): Optional features like push notifications

4. Data Recipients and Transfers

Your data may be shared with:

• Infrastructure provider: Cloud hosting services (US) for data storage and processing, secured by Standard Contractual Clauses (SCCs)
• Payment processors: Apple Inc., Google LLC, or Stripe Inc. process payment data as independent controllers when you make a purchase
• Subscription management: A third-party service processes subscription status data as a data processor under a Data Processing Agreement

Data is transferred to the United States under Standard Contractual Clauses (SCCs) as per GDPR Art. 46(2)(c).

5. Data Retention

We retain your personal data for as long as your account is active. After account deletion, data is permanently removed within 30 days, except where longer retention is required by law.

6. Your Rights

Under GDPR, you have the right to access, rectify, erase, restrict processing, data portability, and object to processing of your personal data. You also have the right to withdraw consent at any time.

To exercise your rights, contact us at privacy@pinvault.app. You can delete your account and all associated data directly in the App under Settings.

7. Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority. The competent authority is:

Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen (LDI NRW)
Kavalleriestr. 2-4, 40213 Düsseldorf
www.ldi.nrw.de

8. Cookies and Local Storage

The App uses essential cookies for authentication and session management. No third-party tracking cookies are used. Local storage is used to cache app data for performance.

9. Children's Privacy

The App is not directed at children under 13. We do not knowingly collect personal data from children under 13.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes through the App or by email.

11. Contact

For privacy-related inquiries, please contact: privacy@pinvault.app