Privacy Policy

How Pin Pal Studio collects, uses, and protects your data.

Last updated: 28 June 2026 · Operator: Julie Burns, trading as This Girl Shines (ABN active) · Contact: hello@pinpalstudio.au

1. Our Privacy Promise

Pin Pal Studio is a Pinterest-focused AI workspace operated by Julie Burns at This Girl Shines. We take your privacy seriously and handle your data with care. This policy covers data we collect when you register for and use the Pin Pal Studio service.

We are committed to complying with the Australian Privacy Act 1988, the Australian Privacy Principles, and recognised international standards for handling user data. We never sell your data, and we do not train AI models on your content.

This policy applies to use of the Pin Pal Studio web application (pinpalstudio.au, app.pinpalstudio.au) and any related services we provide.

2. What We Collect

Information you provide directly

Account information: name and email address provided when you register.
Brand profile data: your niche, brand voice, audience description, primary goal, keywords, custom interests, visual tone preferences, and any other content you save to your brand profile.
Content library data: articles, products, blog posts, YouTube content references, lead magnets, and other source material you upload or link to Pin Pal Studio. This may include URLs, titles, descriptions, and the parsed text of content you import.
Pin drafts and approved pins: the AI-generated and user-edited pin content you create within Pin Pal Studio, including titles, descriptions, alt text, link destinations, and associated images.
Subscription and billing data: if you subscribe to a paid plan, payment is processed by Stripe. We do not store your credit card details — only a Stripe customer/subscription reference and the status of your subscription.
Support communications: any messages you send us via email or in-app support channels.

Information you authorise us to collect from third parties

Pinterest data: when you connect your Pinterest Business account, we receive your Pinterest profile information, board list, board contents, published pin data, and pin analytics. See Section 6 for full Pinterest API disclosure, including how this data is governed by Pinterest's developer terms.
OpenAI API key: you provide your OpenAI API key (known as "BYOK" or Bring Your Own Key) so that AI features can run against your own OpenAI account. We store this key in encrypted form on our servers. We do not see, log, or share the key in plain text after you've entered it. OpenAI bills you directly for AI usage; we do not handle your OpenAI billing.
Google Drive content (optional): if you connect Google Drive to import media, we read the specific files you select via the Google Picker. We do not browse, list, or retain access to your other Drive files. See Section 5 for full Google API disclosure.

Information collected automatically

Technical data: IP address, browser type, device type, and basic usage logs to keep the service secure, diagnose issues, and improve performance.
In-app activity logs: records of workflows you run, pins you approve or reject, content you import, and other actions taken within Pin Pal Studio, used to provide the service and improve it.

3. How Your Data is Used

We use the data described above to:

Create and manage your Pin Pal Studio account.
Connect to Pinterest on your behalf to read your account data and publish pins only after you have explicitly approved each pin. Pin Pal Studio does not autonomously publish content.
Connect to OpenAI on your behalf using your own API key to generate pin drafts, image prompts, and improvement recommendations.
Generate pin drafts, image prompts, and content recommendations that match your brand profile.
Analyse your published pin performance to surface improvement suggestions.
Send transactional emails (account confirmation, billing receipts, support replies, important service notifications) from hello@pinpalstudio.au or noreply@pinpalstudio.au.
Process subscription payments via Stripe.
Respond to your support enquiries.
Improve Pin Pal Studio's features based on aggregate, anonymised usage patterns. We do not use your individual content or pin drafts to train AI models.

4. AI Processing — What Happens to Your Content

This section explains how AI processing works within Pin Pal Studio.

Your content goes to OpenAI via your own API key

When Pin Pal Studio generates pin drafts, recommendations, or images, it sends relevant context (brand profile snippets, content library items, Pinterest trend data) to OpenAI using your own OpenAI API key. This means:

The data is processed by OpenAI under your OpenAI account's terms of service.
OpenAI bills you directly for the API usage.
OpenAI's data retention and processing policies apply to that data — see OpenAI's privacy policy for details.
Pin Pal Studio never sees the raw API responses except as needed to display the pin drafts back to you.

What Pin Pal Studio stores after AI processing

We store the pin drafts, images, and recommendations produced by OpenAI processing, so you can review, edit, approve, or reject them. These stored outputs are subject to the rest of this Privacy Policy.

We do not train AI models on your data

Pin Pal Studio does not use your brand profile, content library, pin drafts, or approved pins to train any AI or machine learning model — ours or anyone else's. AI processing is on demand using your OpenAI API key; there is no separate training pipeline.

5. Google API Services — Limited Use Disclosure

Pin Pal Studio's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

How Google integration works in Pin Pal Studio

If you choose to connect Google Drive, Pin Pal Studio uses Google OAuth to access your Drive through the Google Picker — a Google-provided UI that lets you select specific files for import. Pin Pal Studio does not browse your Drive, list your Drive contents, or have access to files you have not explicitly selected via the Picker.

This is an optional integration. You can use Pin Pal Studio without connecting Google Drive.

Google scopes Pin Pal Studio requests

drive.file — allows Pin Pal Studio to read the specific files you select via the Google Picker. We do not access any other files in your Drive.
OAuth basic profile — your name and email, used to identify the connected Google account in the Pin Pal Studio interface.

How we use Google data

To read the contents of files you explicitly select via the Google Picker, so we can import them into your Pin Pal Studio Content Library as source material for pin generation.
The data is read once at import time and stored in your Pin Pal Studio Content Library. We do not maintain ongoing access to those files in your Drive.

What we do not do with Google data

We do not transfer your Google user data to third parties except as necessary to provide or improve user-facing features, comply with applicable law, or as part of a merger, acquisition, or sale of assets with notice to users.
We do not use Google user data for advertising purposes.
We do not use Google user data to develop, improve, or train generalised AI or machine-learning models.
We do not allow humans to read your Google user data, except (a) with your explicit consent for specific messages, (b) when necessary for security reasons such as investigating abuse, (c) to comply with applicable law, or (d) where the data is aggregated and used for internal operations in line with Google's policies.

Storage and retention

File contents you import via the Google Picker are read into your Pin Pal Studio Content Library. We retain the parsed text content, title, and metadata of imported items.
We do not maintain a persistent connection or sync with your Drive after the initial import.
You can revoke Pin Pal Studio's access to your Google account at any time via your Google Account permissions page. Revocation disables Drive import but does not delete files you have previously imported (those remain in your Pin Pal Studio Content Library; you can delete them from within Pin Pal Studio).

6. Pinterest API Access

Pin Pal Studio is approved by Pinterest as a developer application and operates under Pinterest's Developer and API Terms of Service and Developer Guidelines. Our use of Pinterest data is governed by that agreement in addition to this Privacy Policy.

How the Pinterest connection works

Pin Pal Studio connects to your Pinterest Business account via Pinterest's official OAuth flow. This connection is required for Pin Pal Studio to function. You authorise the connection during onboarding, and you can revoke it at any time from within Pin Pal Studio's Integrations page or directly from your Pinterest account.

What Pinterest data Pin Pal Studio accesses

Your Pinterest profile information (username, profile picture, basic account data)
Your boards (list, names, IDs, settings)
Your published pins (titles, descriptions, links, images, board associations)
Your account-level analytics (impressions, engagement metrics, audience insights — where Pinterest provides them)
Permission to publish new pins to your account, only when you explicitly approve them within Pin Pal Studio's review queue.

How we use Pinterest data (as required by Pinterest's developer terms)

Pinterest data is used only to provide Pin Pal Studio services to you, the account holder. It is not used for any other purpose.
We do not combine your Pinterest account data with information from other users' accounts or with information from other services.
We do not share or sell Pinterest data to third parties.
We do not publish pins, follow accounts, save pins, send messages, or take any other action on your Pinterest account without your specific approval of each individual action.
We do not use Pinterest data to train AI models.
We do not use Pinterest data to derive non-public information about other Pinterest users.

Data retention for Pinterest information

Pin Pal Studio retains the minimum Pinterest data needed to provide services to you. This includes your own pin analytics history (so the platform's improvement loop can compare performance over time), your brand profile signals derived from your Pinterest account, and references to pins you have published. We do not retain Pinterest data about accounts other than your own.

If you disconnect Pinterest from Pin Pal Studio, we stop pulling new data immediately. Existing pin records and analytics remain in your Pin Pal Studio account for your reference unless you delete your account.

Disconnecting Pinterest

You can disconnect Pinterest at any time from the Integrations page within Pin Pal Studio. Disconnection also revokes Pin Pal Studio's OAuth token on Pinterest's side. You can independently revoke Pin Pal Studio's access from your Pinterest account settings at any time.

We never sell your data. The third parties involved in operating Pin Pal Studio are:

Stripe — payment processing for paid subscriptions. Stripe operates in the United States and processes payment data subject to its own privacy policy.
Pinterest — Pin Pal Studio connects to Pinterest via official OAuth to read your account data and publish pins you have approved.
OpenAI — AI processing runs through your own OpenAI API key. Your data is processed under your OpenAI account's terms.
Google (optional) — if you connect Google Drive for media import, data flows through Google APIs as described in Section 5.
Hosting and infrastructure providers — used to run the Pin Pal Studio application servers and database.

Some providers (Stripe, OpenAI, Google) operate in the United States. By using Pin Pal Studio, you consent to international data transfer for these specific purposes.

8. Your Choices & Control

You can:

Update or correct your account data at any time from your account settings.
Update your brand profile at any time. Earlier brand profile versions are kept as snapshots for the platform's learning loop; you can request these be deleted.
Disconnect any integration (Pinterest, OpenAI, Google Drive) at any time from the Integrations page.
Cancel your subscription at any time from your account settings. Cancellation takes effect at the end of your current billing period.
Request a copy of the personal data we hold about you by emailing hello@pinpalstudio.au. We will respond within a reasonable time, typically 14 days.
Request corrections to incorrect data.
Request account deletion. Deletion removes your account, brand profile, content library, pin drafts, and personal data. Note: records of pins you have published to Pinterest remain on Pinterest even after your Pin Pal Studio account is deleted — you must delete those from Pinterest separately. We may retain anonymised aggregated data for service-integrity purposes (e.g. understanding usage patterns).

To exercise any of these rights, email hello@pinpalstudio.au.

9. Data Retention

Active account data: retained while your account is active.
Pin drafts (unpublished): retained while your account is active. You can delete individual drafts at any time.
Published pin records: retained while your account is active for analytics purposes.
Improvement-loop snapshots: retained for the lifetime of your account to power the learning loop. You can request earlier snapshots be deleted.
Billing records: retained for the period required by Australian tax and accounting law (typically 7 years).
Account closure: within 90 days of you closing your Pin Pal Studio account, all personal data is deleted, except billing records (held for legal compliance) and anonymised aggregated data.

10. Security

We take reasonable steps to protect your data:

API keys (your OpenAI key) are stored encrypted at rest.
Data is transmitted between your browser and Pin Pal Studio via HTTPS.
Server infrastructure is operated with access controls and security best practices.
We use tenant isolation at the database layer — your data is logically separated from other users' data.

No system is perfectly secure. If we become aware of a security incident that affects your personal data, we will notify you in accordance with the Notifiable Data Breaches scheme under the Australian Privacy Act.

11. Children's Privacy

Pin Pal Studio is intended for use by adults running their own businesses or creative endeavours, and is not directed at children under the age of 16. We do not knowingly collect personal data from children under 16. If you believe we have inadvertently collected such data, please contact us at hello@pinpalstudio.au and we will delete it.

12. Changes to This Policy

We may update this policy as Pin Pal Studio evolves. Material changes will be communicated by email to your registered address and/or by an in-app notice. The "Last updated" date at the top of this policy will be revised. Continued use of Pin Pal Studio after a material change indicates acceptance of the updated policy.

13. Contact

Questions, complaints, or requests about this policy or your data:

Operator: Julie Burns, trading as This Girl Shines
Email: hello@pinpalstudio.au
Location: Brisbane, QLD, Australia

If you are unsatisfied with our response to a privacy complaint, you may also contact the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.