Privacy Policy - Pippsie
Last updated: January 31, 2026
1. Introduction
Welcome to Pippsie ("we," "our," or "us"). We are committed to protecting your personal information and your right to privacy.
This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and services at pippsie.com (the "Service").
Please read this Privacy Policy carefully. By using Pippsie, you agree to the collection and use of information in accordance with this policy.
2. Who We Are
Pippsie is operated by:
Pippsie
Data Protection Contact: privacy@pippsie.com
Support: support@pippsie.com
General inquiries: hello@pippsie.com
For users in the European Economic Area (EEA), we are the data controller of your personal information.
3. Information We Collect
3.1 Information You Provide
- Account information (email address, password stored securely hashed, display name)
- Profile information (bio/about text, avatar selection, interests, custom theme settings, location, languages)
- User content (letters, guestbook entries, graffiti/drawings, diary entries, reactions, chat messages)
3.2 Information Collected Automatically
- Usage data (pages visited, features used, time spent, referring pages)
- Device information (IP address, browser type and version, operating system, device type)
- Cookies and similar technologies (session and preference cookies)
3.3 Information from Third Parties
If you sign in using Google or another social provider, we receive your email address, name (if provided), and profile picture URL (if provided). We do not receive or store your social media password.
4. How We Use Your Information
- Create and manage your account
- Enable you to create and share content
- Facilitate communication between users
- Improve the Service, fix bugs, and develop new features
- Detect and prevent fraud, abuse, and security issues
- Enforce our Terms of Service
- Respond to legal requests
- Send service-related notifications
5. Legal Basis for Processing (EEA Users)
| Purpose | Legal Basis |
|---|---|
| Providing the Service | Contract performance |
| Account security | Legitimate interest |
| Analytics and improvement | Legitimate interest |
| Legal compliance | Legal obligation |
| Marketing (if any) | Consent |
6. How We Share Your Information
6.1 Public Information
Some information is public by default, such as display name, avatar, profile info, and guestbook entries.
6.2 With Other Users
When you interact with other users, they may see your display name, avatar, profile, and content you send them.
6.3 Service Providers
| Provider | Purpose | Data Shared |
|---|---|---|
| Supabase | Database and auth | Account data, content |
| Vercel | Hosting | Usage data, IP addresses |
| Email provider | Transactional email | Not used yet |
6.4 Legal Requirements
We may disclose your information if required to comply with a legal obligation or protect the safety of users.
6.5 Business Transfers
If Pippsie is involved in a merger, acquisition, or sale of assets, your information may be transferred.
6.6 We Never Sell Your Data
We do not sell, rent, or trade your personal information to third parties for marketing purposes.
7. Data Retention
| Data Type | Retention Period |
|---|---|
| Account data | Until you delete your account |
| User content | Until you delete it or your account |
| Usage logs | 90 days |
| Deleted accounts | Removed within 30 days |
| Backups | Removed within 90 days |
After account deletion, some information may persist in backups for a limited time but will not be actively used.
8. Your Rights
- Access, correction, deletion, portability, restriction, and objection
- Withdraw consent where we rely on consent
- Lodge a complaint with a data protection authority
To exercise these rights, contact us at privacy@pippsie.com.
We will respond to your request within 30 days.
9. Cookies
We use essential cookies to keep you logged in and to protect against cross-site attacks.
Optional cookies (such as analytics) are not enabled at this time.
10. Data Security
We implement appropriate security measures to protect your information, including encryption in transit, secure password hashing, and access controls for our team. However, no method of transmission over the Internet is 100% secure.
11. International Data Transfers
Your information may be transferred to and processed in countries other than your own. When we transfer data outside the EEA, we ensure appropriate safeguards are in place.
12. Children's Privacy
Pippsie is not intended for children under 13. We do not knowingly collect information from children under this age.
If you believe we have collected data from a child, please contact us immediately.
13. Changes to This Policy
We may update this Privacy Policy from time to time. When we make changes, we will update the "Last updated" date and notify you for significant changes.
14. Contact Us
For questions about this Privacy Policy or our data practices, please contact us at:
Email: privacy@pippsie.com
Support: support@pippsie.com
General inquiries: hello@pippsie.com
15. Summary of Your Rights (GDPR)
| Right | How to Exercise |
|---|---|
| Access your data | Settings > Export Data, or contact us |
| Correct your data | Settings > Profile |
| Delete your data | Settings > Danger Zone |
| Export your data | Settings > Data |
| Withdraw consent | Contact us |
| Object to processing | Contact us |
| Lodge complaint | Contact your local data protection authority |