Back to home

Last updated: April 5, 2026

Privacy Policy

Effective Date: April 5, 2026

Pinmoji (“we,” “our,” or “us”) operates the Pinmoji mobile application (the “App”). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the App.

Information We Collect

Information You Provide

  • Account Information: When you create an account, we collect your display name and emoji avatar. If you sign in with Apple, we receive your Apple ID identifier and, optionally, your email address (which you may choose to hide). If you sign in with email, we collect your email address and a hashed password.
  • Status Content: Emoji statuses and optional short text (up to 100 characters) that you choose to post.
  • Reports: If you report content or users, we collect the report details.

Information Collected Automatically

  • Location Data: When you create a status or view the map, we access your device’s location with your permission (“When In Use” only). We never access your location in the background. Your exact coordinates are never stored. All location data is rounded to 4 decimal places (~11 meter precision) before storage, providing location fuzzing by design. You may also enable Approximate Location mode in iOS Settings for an additional privacy layer (~500m).
  • Device Information: We collect basic device identifiers necessary for push notifications (APNs token) and purchase verification.
  • Usage Data: We collect anonymized usage analytics such as feature usage frequency. We do not use third-party tracking or advertising SDKs.

Information from Third Parties

  • Sign in with Apple: Authentication identifiers only. We do not access your contacts, photos, or other Apple account data.
  • Apple App Store: Purchase receipts for subscription tier verification via StoreKit 2 on-device verification.

How We Use Your Information

We use the information we collect to:

  • Provide and maintain the App’s core functionality (map display, status posting, leaderboards, badges)
  • Process your in-app purchases and manage your subscription tier
  • Moderate content and enforce our Terms of Service
  • Send push notifications for social events (likes, leaderboard milestones) with your permission
  • Improve and optimize the App

We do not use your information to:

  • Serve advertisements
  • Build advertising profiles
  • Track you across other apps or websites
  • Sell your data to third parties

Data Retention

  • Statuses are automatically deleted from our servers when they expire (1–7 days after creation). A background job permanently removes expired data within minutes of expiration.
  • Status History is retained based on your subscription tier (40-day to unlimited retention) for your personal viewing. Expired statuses are no longer visible to other users.
  • Account Data is retained while your account is active. Upon account deletion, we initiate a 30-day grace period. After this period, all personal data is permanently deleted.
  • Moderation Reports are retained for 90 days after resolution.
  • Server Logs containing IP addresses are purged after 30 days.
  • Location Data associated with expired statuses is deleted along with the status.

Data Sharing and Third-Party Services

We use the following third-party services to operate the App:

ServicePurposeData Shared
SupabaseDatabase, authentication, APIAccount data, statuses, fuzed locations
CloudflareAsset storage and CDNProfile avatar images
Apple (StoreKit / APNs)In-app purchases, push notificationsPurchase receipts, device push tokens

We do not share your data with advertisers, data brokers, or any other third parties.

Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access all personal data we hold about you
  • Correct inaccurate personal data
  • Delete your account and all associated data
  • Export your data in a portable format
  • Withdraw Consent for location access at any time via iOS Settings

To exercise any of these rights, contact us at support@pinmoji.app.

GDPR (European Economic Area)

If you are in the EEA, our legal bases for processing your data are: consent (location data), contract performance (providing the App’s services), and legitimate interest (security, moderation, and App improvement). You may lodge a complaint with your local Data Protection Authority.

CCPA (California)

We do not sell personal information. California residents may request disclosure of data collected and request deletion.

Children’s Privacy

Pinmoji is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If we discover that a child under 13 has provided us with personal data, we will delete it promptly. If you believe a child under 13 has used the App, please contact us at support@pinmoji.app.

Security

We implement industry-standard security measures including:

  • All data transmitted via TLS/HTTPS
  • Row-Level Security (RLS) on all database tables
  • Server-side location fuzzing before storage
  • On-device StoreKit 2 purchase verification (JWS-signed)
  • JWT-based session management

No method of electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the “Effective Date” above. You are advised to review this Privacy Policy periodically.

Contact Us

If you have questions about this Privacy Policy, please contact us: