We don't see where you go. We collect the minimum required to run a license server, answer support, and assign Discord roles for Lifetime members who opt in.
Last updated: May 26, 2026 · Effective: May 26, 2026
This Privacy Policy describes how PinDrift collects, uses, and protects information in connection with the PinDrift desktop application (Windows and macOS), PinDriftBox, the PinDrift website at pindrift.app, and the PinDrift Discord community server.
PinDrift is offered exclusively to users 18 years of age or older. Anyone under 18 is strictly prohibited from using the Service or providing any information to us through it. See Section 8 below for how we handle data submitted by anyone we discover to be under 18.
Our payment processor and merchant of record, Stripe, Inc. ("Stripe"), collects your name, email, billing address, country, and payment method. We receive from Stripe only your email, country, purchased SKU (Monthly, Yearly, Lifetime, or PinDriftBox), and a Stripe order reference. We never receive, store, or process your full payment card number; that data lives entirely on Stripe's PCI-DSS Level 1 environment. Stripe's privacy policy is at stripe.com/privacy.
Account access is email-based. We send a one-time sign-in link to the email you bought with — no password. When you sign in we store: your email, the single-use sign-in token (short-lived), the IP address of the request (purged within 30 days), and the user-agent string of the requesting browser (purged within 30 days).
The Software sends our license server:
Each day, the Software sends a heartbeat reporting:
To talk to your iPhone, the Software reads identifying details over the local USB or Wi-Fi connection. This data stays on your PC. It is never transmitted to PinDrift servers. The Software reads the device UDID, model identifier (for example, iPhone15,3), product type, and iOS version via Apple's developer-mode tunnel. These values are used locally to pick the right tunnel codepath and to label your device in the app's sidebar.
Android is on the roadmap and not in the shipping build. If and when Android support ships, this Policy will be updated before any Android device data is collected, processed, or transmitted.
Joining the PinDrift Discord server is optional. If you join, Discord, Inc. ("Discord") collects and processes whatever Discord normally collects from server members (Discord username, user ID, avatar, online status, any messages you post, and any account email you have configured Discord to display to others). Discord's privacy policy at discord.com/privacy governs that data. We do not control what Discord shows other members of our server.
Lifetime "Lifer" role linkage. If you bought a Lifetime license and want your "Lifer" role + access to the Direct-To-Devs ("DTD") channel, you may link your Discord account to your PinDrift account from your account portal. The linkage is opt-in and revocable at any time.
What we receive from Discord during the link flow (via Discord's standard OAuth, with your explicit consent): your Discord user ID (a numeric "snowflake"), your Discord username, and the email address associated with your Discord account. What we store after the link is granted: only your PinDrift email paired with your Discord user ID. The Discord email and username are read for verification but not retained in our database.
What our internal admin tools see. When responding to support requests or managing role assignments, our admins may view your PinDrift email together with your linked Discord username and user ID. We do this only to confirm role status, respond to questions, and revoke roles when required. We do not browse Discord direct messages between users (Discord does not expose those to bots or server admins).
If you revoke the link (from your account portal or by leaving the Discord server): your Lifer role is removed and the stored Discord user ID is deleted within 24 hours. Any messages you previously posted in Discord remain subject to Discord's own retention rules; deleting them is something you do inside Discord, not something we control.
Email to support@pindrift.app is delivered to our inbox via Proton Mail (Switzerland; see Section 4) and retained for up to 2 years for support-history purposes (Section 5).
Mobile "send me the download link" form (the prompt that appears on phones when you tap a Download button) transmits the email address you type to FormSubmit (FormSubmit.co), which forwards a one-off email containing the download link to our mailbox. FormSubmit retains the submission only long enough to deliver the email; we do not add submitted addresses to any list and we do not send marketing email.
| What | Why |
|---|---|
| One-time sign-in links, support replies, compatibility-break responses, billing receipts. | |
| Hardware fingerprint hash | Bind your seat to your host PC, detect seat sharing, enforce the one-host-PC rule. |
| Hostname, OS, app version | Help support diagnose issues you report and identify your devices in your account portal. |
| Heartbeat counters | Detect account-token tampering and fraud; enforce free-trial duration; calculate compatibility-break review eligibility. |
| Stripe order reference | Match your support request to your purchase. |
| Discord user ID (if linked) | Assign your Lifer role and DTD channel access; remove it if you revoke or refund. |
We do not sell, rent, lease, or barter your information to anyone, ever.
The PinDrift Service is offered to and intended for residents of the United States of America only. By purchasing or using the Service, you represent that you are physically located in and ordinarily reside in the United States. PinDrift does not market, sell, or knowingly provide the Service to residents of the European Union, the European Economic Area, the United Kingdom, or Switzerland, and we do not undertake compliance with the EU General Data Protection Regulation (GDPR), the UK GDPR, the Swiss FADP, or any other foreign data-protection regime. If you are located in those territories, do not purchase, install, or use the Software; any submission you make to us through this Site is at your own risk and we will not treat it as triggering GDPR or analogous obligations.
This Privacy Policy is governed by U.S. federal law and the law of the State of Georgia, together with the privacy and consumer-protection laws of the U.S. state in which you reside (including, where applicable, the California Consumer Privacy Act / California Privacy Rights Act, the Virginia Consumer Data Protection Act, the Colorado Privacy Act, the Connecticut Data Privacy Act, the Utah Consumer Privacy Act, and analogous statutes in other states).
| Vendor | Purpose | Location |
|---|---|---|
| Stripe, Inc. | Payment processing, merchant-of-record, tax compliance, refund / compatibility-break processing. | United States (with regional infrastructure) |
| Supabase, Inc. | License-server hosting (managed PostgreSQL + edge functions). Stores account email, hardware fingerprint hash, heartbeat counters, Stripe order references, and (if linked) Discord user IDs. | United States (us-east-1) |
| Resend (Resend, Inc.) | Outbound transactional email (one-time sign-in links, compatibility-break replies, support correspondence sent from us). | United States |
| Vercel, Inc. | Static marketing-site hosting for pindrift.app (no personal data processed beyond standard server-access logs, which we do not retain). | United States (global edge) |
| Proton AG | Inbound email delivery for support@pindrift.app. Email content sent to us lives on Proton's servers (Switzerland). | Switzerland |
| Discord, Inc. | Optional community server, Lifer-role assignment for Lifetime members who opt in. | United States |
| GitHub, Inc. (Microsoft) | Release artifact distribution. The Software's auto-updater downloads release files from github.com; GitHub may log standard request metadata. | United States |
| FormSubmit (FormSubmit.co) | Forwards the mobile "send-me-the-download-link" form to our inbox. Used only when a phone user submits an email address from a download prompt. | United States |
The list above is exhaustive as of the "last updated" date. We will update this Policy and notify Licensees by email at least fourteen (14) days before adding a new sub-processor that handles personal data.
All sub-processors above are based in the United States, with two exceptions: Proton AG (Switzerland; see below) and Vercel's global edge (terminates the TLS request at the nearest available point of presence and immediately forwards to U.S. infrastructure; only ephemeral request-routing data touches edge nodes outside the U.S.).
Proton AG / Proton Mail. We use Proton Mail to receive email sent to support@pindrift.app. Email content sent to that address is stored on Proton's servers in Switzerland (subject to the Swiss Federal Act on Data Protection). Outbound replies from us are sent via Resend (U.S.). If you do not wish to send your support email to a Swiss server, do not email support@pindrift.app; the alternative U.S.-only channel is the PinDrift Discord server, where you can DM an admin role-holder.
| Record | Retention |
|---|---|
| Active account & heartbeat data | For the life of the account, plus 90 days after last heartbeat. |
| Refunded / revoked accounts | 7 years (US tax record-keeping). |
| Email correspondence (support@pindrift.app) | 2 years after last interaction. |
| Sign-in IP / user-agent logs | 30 days. |
| Discord user-ID link (if linked) | While the link is active; deleted within 24 hours of revocation, refund, or account closure. |
| FormSubmit "send-link" submissions | Not retained by us. FormSubmit deletes after delivery per its own retention policy. |
| Encrypted database backups | Daily, retained for 30 days. |
If you ask us to delete your data, we will delete it within 30 days, except where legal retention (e.g., tax records under 26 U.S.C. § 6001) requires us to hold it longer.
If you are a resident of California, Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, Iowa, Tennessee, Indiana, Delaware, New Jersey, New Hampshire, or another U.S. state with applicable consumer privacy law:
To exercise any right, email support@pindrift.app with the subject line "Privacy request" or send a written request to the postal address in Section 11. We verify identity proportionate to the sensitivity of the request and respond within 45 days (extendable by 45 days for complex requests with notice, per the CCPA / CPRA timeline).
In the prior 12 months, we collected the following categories of personal information as defined in California Civil Code § 1798.140:
| Category | Examples | Source | Business purpose |
|---|---|---|---|
| Identifiers | Email address, hostname, hardware fingerprint hash, account token, Stripe order reference, Discord user ID (if linked) | You; Stripe; Discord | Account enforcement, fraud detection, support, Discord role assignment |
| Commercial information | Purchased SKU, refund and compatibility-break records | You; Stripe | Fulfillment, accounting, eligibility review |
| Internet or other electronic activity (limited) | OS family / version, Software version, transient request IP (purged within 30 days), user-agent string (purged within 30 days) | Your device | Compatibility diagnostics, abuse prevention |
Sensitive personal information. The hardware fingerprint hash and account token may qualify as "unique personal identifiers" under CCPA / CPRA. We use them solely for the limited purposes listed in Section 2 (seat enforcement, fraud detection, support). We do not use sensitive personal information to infer characteristics about you. Right to limit use. California residents may direct us to limit use of sensitive personal information to those purposes via the channels above; absent such a request, our use is already limited as described.
"Do Not Sell or Share My Personal Information." We do not sell, rent, lease, or barter your personal information for monetary or other valuable consideration. We do not share personal information for cross-context behavioral advertising. There is no opt-out toggle to set because there is nothing to opt out of.
"Shine the Light" (Cal. Civ. Code § 1798.83). California residents may request, once per calendar year, a list of any personal information disclosed to third parties for direct-marketing purposes. We do not make such disclosures, so the answer would be "none."
Vulnerability reports: email support@pindrift.app with the subject line "Security report." We acknowledge good-faith reports within 5 business days.
PinDrift is offered exclusively to users 18 years of age or older. The Service is not directed to, marketed to, or made available to anyone under 18. Anyone under 18 is strictly prohibited from purchasing, installing, activating, accessing, or otherwise using the Software or the Site, joining the PinDrift Discord, or submitting any personal information to us through any channel. This restriction is absolute and has no minor-with-parental-consent exception.
If we discover that a user is under 18: we will immediately and permanently revoke any associated account without refund; we will remove any Discord role we assigned and request that the Discord account be removed from our server; we will delete the associated personal information as promptly as commercially feasible (subject to legal retention obligations such as tax records); and we will bar the underlying email and hardware fingerprint from future purchase.
COPPA. We additionally comply with the U.S. Children's Online Privacy Protection Act (COPPA, 15 U.S.C. §§ 6501 et seq.) with respect to children under 13. We do not knowingly collect personal information from children under 13. A parent or legal guardian who believes a child under 13 has provided personal information may email support@pindrift.app for immediate deletion at no charge.
The PinDrift website uses minimal cookies and browser-local storage. All are strictly necessary or functional:
We do not run Google Analytics, Meta pixel, TikTok pixel, LinkedIn Insight Tag, Plausible, Fathom, Cloudflare Analytics, or any other third-party advertising or analytics tracker. We do not use server-side fingerprinting or shadow profiles. Your browser's "Global Privacy Control" (GPC) signal is honored as an opt-out for any future tracking we might add.
Material changes will be announced in the Software at next launch and via the email associated with your account at least 14 days before they take effect. Any retroactive change to a Licensee's prior data already collected will only ever expand your rights, never reduce them.
Data controller: PinDrift.
Primary contact channel: support@pindrift.app. Please put the matter in the subject line: Privacy request, Security report, Law enforcement, Regulatory, or Support.
Postal address: PinDrift operates from a virtual mailing service. A postal address suitable for service of formal privacy / regulatory / legal correspondence will be provided on written request to support@pindrift.app. We will respond with the address within 5 business days of a request that reasonably identifies the requester and the matter.
Privacy / data-subject requests: email subject "Privacy request." Identity verification is proportional to the sensitivity of the request; we respond within 45 days as described in Section 6.
Security / vulnerability reports: email subject "Security report." We acknowledge within 5 business days.