Pinoon Privacy Policy

Version: 1.0.0
Last updated: 2026-07-10

1. Controller

Pinoon ("we", "us") acts as the data controller for personal data processed through the Pinoon app.

Contact email: eetumoilanen96@gmail.com

2. Scope

This policy applies to processing performed in the Pinoon mobile app and related cloud infrastructure used for receipt ingestion and accounting export workflows.

3. Data We Process

We do not collect user email passwords for provider connections.

4. Purpose and Legal Basis

Primary purpose: receipt automation for bookkeeping and accounting export.

5. Data Minimization

Pinoon is designed to store only data needed to detect and process receipt candidates, allow user review and correction, export approved receipts, and maintain security and auditability.

6. Storage and Security

7. Retention

Retention targets are defined in the internal governance document.

8. Data Sharing and Processors

Data may be processed by infrastructure and integration partners used by the app, including Google (Gmail OAuth and API), Firebase (Auth and Firestore), and accounting integration providers for approved exports.

9. User Rights

Users can request access, correction, deletion, data export, and restriction or objection where applicable.

10. Incident Handling

Security incidents are handled through a 72-hour assessment and notification workflow.

11. Policy Changes

We may update this policy. Material changes are versioned and dated.

Back to legal index