Privacy Policy

Name, email address, authentication identifier, workspace membership, and account preferences.

Information you provide when you contact support, including message content and attachments you send.

Plan type, billing email, invoice history, subscription status, payment status, refund history, and limited payment metadata (such as last four digits of a card and brand) returned to us by our payment processor.

We do not store full payment card numbers, CVV codes, or full bank account numbers. Card and bank payments are processed directly by Monobank (JSC «Universal Bank», licensed by the National Bank of Ukraine) under its own privacy notice and the applicable NBU, Visa, and Mastercard standards. Payment processing takes place in Ukraine.

IP address, approximate geolocation derived from IP, browser type, device identifiers, operating system, pages and screens viewed, feature interactions, timestamps, error events, and diagnostic logs generated by your use of the Services.

Information made available to us when you connect a third-party service to FeedCheetah, such as Pinterest. Pinterest is described in detail in Section 3.

Files, images, product information, URLs, prompts, generated drafts, scheduling settings, board choices, approval decisions, and other material that you upload, create, or process through the Services.

We obtain personal data from two sources:

• Directly from you when you create an account, authenticate, contact support, fill in billing details, upload content, or otherwise interact with the Services.
• Indirectly from (a) Pinterest, when you authorize the integration described in Section 3; (b) your browser and device, including IP address and approximate geolocation derived from IP, user-agent metadata, and diagnostic events generated by your use of the Services; and (c) our payment processor (Monobank), which returns limited payment metadata after you complete a transaction.

Where personal data is obtained indirectly, this Policy serves as our notification under Article 14 of the GDPR and is provided no later than thirty (30) days after collection or at the time of first communication with you, whichever is earlier.

If you choose to connect a Pinterest account to FeedCheetah, we use Pinterest’s OAuth authorization flow. By completing the connection flow, you instruct us to receive, store, and process the Pinterest-related data made available through that authorization for the purposes described in this Policy and the features you choose to use within FeedCheetah.

FeedCheetah requests only the Pinterest OAuth scopes needed for the features you enable. At the time this Policy was last updated, the scopes we request during authorization are:

• user_accounts:read— read your Pinterest profile (handle, display name, avatar, account type, country, timezone, verification flag) so we can identify the connected account and surface it in your FeedCheetah workspace.
• boards:read— read the boards available on your Pinterest account, including board name, description, privacy, URL, pin count, follower count, monthly views, last pin date, and cover image, so you can pick boards to publish into.
• boards:write— create a new public Pinterest board on your behalf when, and only when, you confirm the board name and description in the FeedCheetah strategy review screen. We do not create boards from any other surface, and we never set boards to a non-public privacy on creation.
• pins:read— read Pins on your Pinterest account, including Pins created directly on Pinterest, in order to display them in your workspace, avoid duplicates, and surface account-level insights such as best-performing Pins.
• pins:write— publish or update a Pin only after you have approved it through the workflow described in Section 3.3.

If we add a new scope in the future, we will update this list and request your renewed consent through Pinterest’s OAuth flow before that scope takes effect for your account. You can revoke FeedCheetah’s access at any time from your Pinterest account settings, in addition to disconnecting through FeedCheetah.

FeedCheetah does not publish Pins on your behalf without your express, per-Pin approval. Even where Pinterest publishing scopes have been granted, no Pin is scheduled or posted unless you have specifically reviewed and approved that Pin in FeedCheetah. Once approved, FeedCheetah may schedule and publish that approved Pin in accordance with your selected board, timing, and other settings you configure. If we change this behaviour in the future, we will update this Policy and provide reasonable notice.

Subject to the scopes you grant, the data we receive from Pinterest and store in your FeedCheetah workspace is limited to the following categories:

• Account and profile data: Pinterest user ID, handle, display name, avatar URL, account type, country, timezone, verification flag.
• Board data (cached): board ID, name, description, privacy setting, URL, pin count, follower count, monthly views, last pin date, cover image URL, and a copy of the raw board record returned by the Pinterest API so we can detect schema changes and recover from sync errors.
• Pin data: identifiers of Pins you have published through FeedCheetah, publication status, target board, scheduling metadata, and timestamps.
• Aggregate engagement signals exposed on board and Pin objects:pin counts, follower counts, monthly views, and last-pin timestamps as Pinterest makes them available on the resources above. We do not currently call Pinterest’s dedicated analytics or audience-insights endpoints; if we add that capability in the future we will update this list and request a new scope as described in Section 3.2.
• Authorization metadata: access token, refresh token, granted scopes, token expiry, connection status, last successful sync time, last auth-error time, and last auth-error code, used solely to maintain the integration and to surface connection problems to you.

We use Pinterest-connected data to provide Pinterest-related features, including connection management, workspace display, draft preparation, approval workflows, scheduling, publishing, syncing, account-health diagnostics, customer support, security monitoring, and product improvement. We do not use Pinterest-connected data to schedule or publish content except through the approval workflow described in Section 3.3.

To maintain the connection, we store OAuth credentials and related authentication metadata. These credentials are used solely to maintain the integration, access Pinterest data within the granted permissions, and perform actions you authorize.

If you disconnect Pinterest, or close your FeedCheetah account, we will stop using the connected Pinterest credentials and will delete or de-identify those credentials within thirty (30) days, unless we need to retain limited information for security, fraud prevention, dispute handling, backup cycling, or legal compliance.

Pinterest content cache: within thirty (30) days of disconnection or account closure, we will also delete or de-identify the cached Pinterest-sourced content tied to the disconnected connection, including the cached board records, cached profile snapshots, account-stats snapshots, posting-rhythm records, capacity records, and the Pinterest portions of connection activity logs. If you delete or unpublish a Pin on Pinterest, the cached Pinterest-sourced content for that Pin (image URL, title, description) is erased within thirty (30) days of detection; the local Pin record is retained with status pinterest_deleted for audit purposes. Deleted data persists in encrypted backups until the backup-rotation cycle described in Section 8 completes.

FeedCheetah’s use of Pinterest-connected data is subject to the Pinterest Developer Guidelines, the Pinterest API Terms of Service, and applicable Pinterest platform policies, in addition to applicable law and this Policy. In particular:

• We do not sell Pinterest-connected data, and we do not share it for monetary or other valuable consideration.
• We do not use Pinterest-connected data to target advertising to you on Pinterest or on any other platform, and we do not transfer Pinterest data to advertising networks, data brokers, or ad-targeting partners.
• We do not use Pinterest-connected data to train general-purpose machine-learning or large language models. Where AI features operate on your content inside FeedCheetah, those features run in a controlled processing context for the specific user-facing task you initiate.
• We do not use Pinterest-connected data to build profiles for any purpose other than providing the FeedCheetah Services you have enabled.
• We honor your revocation of permissions. If you revoke FeedCheetah’s access from your Pinterest account settings, we will treat the connection as disconnected and apply the retention rules described in Section 3.5.
• We access Pinterest data only through the official Pinterest API under your authorization. We do not scrape pinterest.com or any Pinterest property, and we do not attempt to access Pinterest data outside the authorized API.
• We respect Pinterest API rate limits and back off when instructed by the API. We do not attempt to bypass platform throttling, quotas, or other technical controls.

Pinterest’s own privacy notice and terms continue to apply to your relationship with Pinterest.

Pinterest is not a party to this Policy or to your agreement with FeedCheetah. Your use of Pinterest is governed by Pinterest’s own terms and privacy policy, available at policy.pinterest.com/privacy-policy. FeedCheetah is an independent developer that uses the Pinterest API.

FeedCheetah’s use of the Pinterest API is governed by the Pinterest Developer Guidelines and Platform Policy, available at policy.pinterest.com/developer-guidelines. In the event of a security incident affecting Pinterest-sourced data, we will notify Pinterest without undue delay and, in any case, within seventy-two (72) hours of becoming aware of the incident, in accordance with those guidelines and applicable law, and in addition to any user notifications required by Section 7 of this Policy. You may report a suspected incident involving Pinterest-connected data to security@feedcheetah.com.

You can request deletion of Pinterest-sourced personal data associated with your FeedCheetah account at any time by disconnecting the Pinterest integration from FeedCheetah, by revoking access from your Pinterest account settings, or by contacting privacy@feedcheetah.com. The retention and deletion rules in Section 3.5 apply.

Some personal data is required to use the Services; other data is optional.

• Required by contract: account email, authentication identifier, and (for paid plans) billing email and payment details. Without these we cannot create your account, authenticate you, or process payments, and the Services cannot be provided to you.
• Required by law: records we must retain for tax, accounting, and anti-fraud purposes once a transaction has taken place.
• Optional: connecting Pinterest, uploading product content, contacting support, providing feedback, and other actions you choose to take inside the Services. If you decline, the corresponding features will be unavailable but your account remains usable.

We do not subject you to decisions based solely on automated processing, including profiling, that produce legal effects concerning you or similarly significantly affect you within the meaning of Article 22 of the GDPR. AI-assisted features inside the Services generate drafts and suggestions that you review, edit, and approve before any publishing or external action occurs. Scheduling and publishing of approved Pins follow your explicit instructions as described in Section 3.3.

Depending on your location, you have some or all of the following rights: access, correction, deletion, restriction, objection (including to direct marketing), withdrawal of consent, data portability, and the right to lodge a complaint with a competent supervisory authority. These rights are provided under the GDPR (EEA), the Law of Ukraine “On Personal Data Protection” (No. 2297-VI), and other applicable laws.

Contact privacy@feedcheetah.com. We may need to verify your identity before completing the request. We will respond within the timeframes required by applicable law (typically within one month for EEA requests), extendable in limited circumstances. Some rights are subject to legal exceptions.

You may close your account at any time from the FeedCheetah settings page or by emailing privacy@feedcheetah.com. Closure starts the ninety (90) day retention window described in Section 8.

If you are located in the EEA, you may complain to the data-protection authority of the EU member state where you live, work, or where the alleged infringement took place. If you are located in Ukraine, you may complain to the Ukrainian Parliament Commissioner for Human Rights (the Ombudsman) at ombudsman.gov.ua. We would appreciate the opportunity to address your concerns first.

For users located in Ukraine, this Policy serves as the notification required under Article 12 of the Law of Ukraine “On Personal Data Protection” (No. 2297-VI). By creating a FeedCheetah account you are informed that your personal data described in Section 2 is included in the FeedCheetah personal data file maintained by the controller named in Section 1, for the purposes described in Section 4, and that your rights are described in this Section 9. This Policy is made available to you at signup and at all times via the FeedCheetah website, satisfying the ten (10) working-day notification window.