Back to home

Legal

Privacy Policy

Last updated: January 7, 2026

This Privacy Policy explains how MerivoFlow ("we", "us", or "our") collects, uses, and safeguards information when you use the Blogs-to-Pins Chrome extension, landing pages, and related services.

Information We Collect

  • Account data: email and authentication details managed through Supabase.
  • Pinterest connection data: OAuth access tokens, refresh tokens, Pinterest user ID, and board metadata so we can create and schedule pins you approve.
  • Content you submit: images you upload or select, pin titles, descriptions, links, selected boards, and scheduled dates.
  • Usage and billing data: post counts, subscription status, plan, Stripe billing metadata (no full card numbers), and error logs for reliability.
  • Device and diagnostics: browser type, timestamps, basic event logs, and Netlify function logs used to secure and troubleshoot the service.

How We Use Information

  • Operate the Blogs-to-Pins extension and schedule pins to your Pinterest boards.
  • Authenticate users, enforce usage limits (300 pins/month on the current plan), and prevent abuse.
  • Provide billing, subscription management, and customer support.
  • Improve performance, reliability, and user experience. We do not sell personal data or use it for third-party advertising.

Sharing and Third Parties

  • Supabase for authentication, database, and storage.
  • Stripe for payments and subscription billing.
  • Pinterest to publish and schedule pins you authorize.
  • Netlify for hosting and serverless functions.
  • Operational vendors for logging, security, and analytics under confidentiality commitments.
  • Compliance with legal obligations, protecting rights, security, and preventing fraud.

Data Retention

  • Account and billing records are kept while your account is active and as required for accounting or legal purposes.
  • Pinterest tokens and related access data are retained until you disconnect Pinterest, revoke access, or request deletion.
  • Usage logs are kept to enforce limits and are periodically aggregated or deleted.

Security

  • Encryption in transit for all network traffic.
  • Role-based access and least-privilege practices for stored tokens and user data.
  • Secrets stored in environment variables; infrastructure security is provided by Supabase, Stripe, and Netlify.

Your Choices

  • Disconnect Pinterest at any time to revoke access tokens.
  • Request data export or deletion by contacting support.
  • Manage cookies or local storage through your browser; the extension uses local storage for auth state and preferences.
  • Opt out of marketing emails using unsubscribe links where provided.

Children's Privacy

The services are not directed to children under 13. We do not knowingly collect data from children. If you believe a child has provided personal data, contact us and we will remove it.

Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be highlighted on this page with an updated effective date. Continued use after changes become effective means you accept the revised policy.

Contact

For questions, data requests, or to disconnect Pinterest, email support@merivo.co.