Privacy Policy

Last updated: 27 February 2026

1. Who We Are

pin360 ("we", "us", "our") is a B2B SaaS platform that enables property professionals to overlay 360-degree images onto PDF floor plans. Our registered contact address for privacy matters is privacy@pin360.io.

2. Data We Collect

We collect the following categories of personal and business data:

  • Account data: Name, work email address, and hashed password when you create an account.
  • Organisation data: Organisation name and team member details added by account administrators.
  • Project content: 360-degree images and PDF floor plans you upload to the platform.
  • Billing data: Payment method details processed securely by Stripe. We do not store full card numbers on our servers.
  • Usage data: Feature interactions, page views, and analytics events to improve the product.
  • Technical data: IP address, browser type, and device information collected automatically when you use the service.

3. How We Use Your Data

We use your data to:

  • Provide, operate, and improve the pin360 platform.
  • Process payments and manage your subscription via Stripe.
  • Send transactional emails (e.g. password reset, invoices).
  • Respond to support requests and communicate service updates.
  • Analyse aggregate usage patterns to improve product features.
  • Comply with legal obligations and enforce our Terms of Service.

We do not sell your personal data to third parties and do not use your content for advertising purposes.

4. Data Storage — Cloudflare R2

All uploaded files (360-degree images and PDF floor plans) are stored in Cloudflare R2 object storage. Data is stored within Cloudflare's infrastructure with encryption at rest and in transit. Access to stored objects is restricted to authenticated users within your organisation.

5. Stripe Billing

Subscription billing is handled by Stripe, Inc. Stripe processes payment card data on our behalf and is certified to PCI DSS Level 1. When you enter payment details, they are transmitted directly to Stripe and are subject to Stripe's Privacy Policy. We store only a Stripe customer ID and subscription status on our servers.

6. Data Retention

We retain your account and project data for as long as your account is active. If you cancel your subscription:

  • Your account data is retained for 30 days to allow reactivation.
  • After 30 days, uploaded files and project data are permanently deleted from Cloudflare R2.
  • Billing records are retained for 7 years to meet UK financial record-keeping requirements.

You may request earlier deletion at any time (see Your Rights below).

7. Your Rights — GDPR & UK GDPR

If you are located in the European Economic Area or the United Kingdom, you have the following rights under GDPR / UK GDPR:

  • Right of access: Request a copy of the personal data we hold about you.
  • Right to rectification: Ask us to correct inaccurate or incomplete data.
  • Right to erasure: Request deletion of your personal data ("right to be forgotten").
  • Right to portability: Receive your data in a structured, machine-readable format.
  • Right to restrict processing: Ask us to limit how we use your data in certain circumstances.
  • Right to object: Object to processing based on legitimate interests.

To exercise any of these rights, email privacy@pin360.io. We will respond within 30 days. If you are unsatisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

8. Cookies

We use strictly necessary cookies to maintain your authenticated session. We also use first-party analytics (Vercel Analytics) that does not set persistent tracking cookies or use fingerprinting. No third-party advertising cookies are used.

9. Third-Party Services

We use the following sub-processors to deliver the service:

  • Vercel — hosting and edge infrastructure.
  • Neon — serverless PostgreSQL database.
  • Cloudflare R2 — object storage for uploaded files.
  • Stripe — payment processing and subscription management.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated by email or via an in-app notice at least 14 days before they take effect. Continued use of the service after the effective date constitutes acceptance of the updated policy.

11. Contact

For any privacy-related questions or requests, please contact us at privacy@pin360.io.