Privacy Policy
This Privacy Policy describes how Meridian Bridge Inc. ("we," "us," or "our") collects, uses, and shares information when you use the Pinned Travel mobile application ("Pinned Travel" or the "App"). Pinned Travel is a travel planning app that helps you extract and organize geographic locations from social media content.
We are committed to protecting your privacy. This policy is written in plain language so you can understand exactly what data we collect, why we collect it, and what choices you have.
1. Information We Collect
1a. Information You Provide
| Data | When Collected | Purpose |
|---|---|---|
| Email address | When you create an account | Authentication and account recovery |
| Password | When you create an account | Authentication (securely hashed — we never store or see your plaintext password) |
| Trip and collection names | When you organize saved locations | Organizing your saved places |
| Social media post URLs | When you paste a link into the App | Extracting location data from the post |
1b. Information We Generate or Derive
| Data | How Generated | Purpose |
|---|---|---|
| User ID | Automatically assigned at signup | Associates your data with your account |
| Location coordinates and place names | Extracted from the social media posts you submit | Core app functionality — pinning locations to your map |
| Platform identifier | Auto-detected from the URL you paste (e.g., TikTok, Instagram) | Routing the extraction request correctly |
1c. Information Collected Automatically
| Data | How Collected | Purpose |
|---|---|---|
| App usage events | Analytics SDK (behavioral events such as "trip created" or "link extracted") | Understanding how the App is used so we can improve it |
Our analytics operates in "identified only" mode, meaning we do not create anonymous tracking profiles. Analytics events are only associated with your account after you sign in.
1d. Information Stored Locally on Your Device
If you use Pinned Travel before creating an account, your extraction results are stored locally on your device as temporary data. This data is migrated to your account when you sign up, or deleted when you uninstall the App. This local data never leaves your device until you create an account.
1e. Information We Do NOT Collect
We want to be explicit about what Pinned Travel does not access:
- Device GPS location — Pinned Travel does not track your location. The locations in the App come from social media posts, not from your device.
- Contacts or address book
- Camera or photo library
- Health, fitness, or biometric data
- Advertising identifier (IDFA) — We do not collect or use Apple's Identifier for Advertisers.
- Browsing history or cookies
- Financial or payment card information — All purchases are handled entirely by Apple through the App Store. We never see or store your payment details.
2. How We Use Your Information
We use the information we collect for the following purposes:
- Providing the App's core functionality — Extracting locations from social media posts, displaying them on maps, and letting you organize them into trips and collections.
- Authentication and account management — Creating and securing your account, enabling sign-in across devices, and processing account deletion requests.
- Product analytics and improvement — Understanding usage patterns so we can improve the App. Analytics events track actions (e.g., "a trip was created"), not personal content.
- Payment processing — Verifying in-app purchases through Apple's StoreKit framework. We store only transaction identifiers, not payment card details.
- Map display — When you search for a place name, we use Apple Maps to convert it into map coordinates.
- AI-powered location extraction — When you paste a social media link, the publicly available content of that post (captions, hashtags, tagged locations) is processed by an AI service to identify the locations mentioned. Only public post content is processed — never your private data.
We do not use your data for:
- Advertising or ad targeting
- Cross-app tracking
- Selling or renting to third parties
- Building profiles for purposes unrelated to the App
3. How We Share Your Information
We do not sell your personal information. We share data only with the categories of service providers necessary to operate the App:
| Service Category | What They Receive | Why |
|---|---|---|
| Cloud infrastructure & database | Account and app data | Hosting, authentication, and data storage |
| Analytics provider | User ID and app usage events | Product analytics and improvement |
| Apple | Transaction IDs and purchase amounts | In-app purchase processing |
| Apple Maps | Place name search queries | Converting place names to map coordinates |
| Social media data services | Social media post URLs | Retrieving publicly available metadata from posts |
| AI processing service | Public social media post text | Identifying locations mentioned in post content |
Important details about third-party processing:
- All third-party API calls are made from our servers, not directly from your device. Your authentication tokens are never exposed to third parties.
- The content sent for AI-powered location extraction is the publicly available text of the social media post — not your personal data or private content.
- Our data is processed and stored in the United States.
- We may disclose your information if required by law, regulation, legal process, or governmental request.
4. Data Storage and Security
Where Your Data Is Stored
Your account data is stored on secure cloud infrastructure hosted in the United States. Local device data (such as preferences and pre-signup extraction results) is stored on your device.
How We Protect Your Data
- Encryption in transit — All communication between the App and our servers uses HTTPS/TLS encryption.
- Password security — Passwords are securely hashed before storage. We never store or have access to your plaintext password.
- Data isolation — Database security policies ensure you can only access your own data. No user can read, modify, or delete another user's data.
- Server-side secret management — All sensitive credentials for third-party services are stored securely on our servers and are never included in the App.
- Secure token storage — Your session tokens are stored in the iOS Keychain, which provides hardware-backed encryption.
- Cascade deletion — When you delete a trip, collection, or your account, all associated data is automatically and permanently removed.
Data Retention
- Account data is retained for the lifetime of your account. When you delete your account, all associated data is permanently removed.
- Individual trips, collections, and locations are deleted immediately when you remove them.
- Analytics data is retained according to our analytics provider's data retention policies.
- Local device data persists until you uninstall the App or delete it through the account deletion flow.
5. Your Rights and Choices
Account Deletion
You can delete your account and all associated data at any time:
- Open Pinned Travel
- Go to Settings
- Tap Delete Account
- Confirm the deletion
This permanently deletes your account and all data associated with it, including your profile, trips, collections, saved locations, links, and purchase records. This action is irreversible.
Data Access
You have the right to know what data we hold about you. To request a copy of your data, contact us at privacy@pinnedtravel.com. We will respond within 30 days.
Analytics Opt-Out
You can contact us at privacy@pinnedtravel.com to request that we stop collecting analytics data for your account.
Rights Under GDPR (European Economic Area Residents)
If you are located in the European Economic Area (EEA), you have the following rights under the General Data Protection Regulation (GDPR):
- Right of access — Request a copy of your personal data.
- Right to rectification — Request correction of inaccurate data. You can edit your trips, collections, and locations directly in the App.
- Right to erasure — Request deletion of your data. Use the in-app account deletion feature or contact us.
- Right to data portability — Request your data in a structured, machine-readable format.
- Right to restrict processing — Request that we limit how we use your data.
- Right to object — Object to processing of your data for certain purposes.
To exercise any of these rights, contact us at privacy@pinnedtravel.com. We will respond within 30 days. If you believe your rights have not been adequately addressed, you have the right to lodge a complaint with your local data protection authority.
Rights Under CCPA (California Residents)
If you are a California resident, you have the right to:
- Know what personal information we collect and how it is used.
- Request deletion of your personal information.
- Be free from discrimination for exercising your privacy rights.
We do not sell your personal information. To exercise your rights, contact us at privacy@pinnedtravel.com.
6. Children's Privacy
Pinned Travel is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@pinnedtravel.com and we will promptly delete that information.
7. International Data Transfers
Your data is processed and stored in the United States. If you are accessing the App from outside the United States, your information will be transferred to and processed in the United States, where data protection laws may differ from those in your jurisdiction. By using the App, you acknowledge this transfer.
For users in the EEA, transfers are conducted in accordance with applicable data protection laws.
8. Changes to This Policy
We may update this Privacy Policy from time to time. When we make changes, we will update the "Effective Date" at the top of this page. If we make material changes, we will notify you through the App or by other appropriate means.
We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your data.
9. Contact Us
If you have any questions about this Privacy Policy, your data, or your privacy rights, contact us at:
Meridian Bridge Inc.
Email: privacy@pinnedtravel.com
Website: pinnedtravel.com
This Privacy Policy is effective as of March 5, 2026.
Meridian Bridge Inc. — Pinned Travel for iOS