ShotBridge← Back

Privacy Policy

Effective date: March 2026

This policy describes what information ShotBridge collects, how it is used, and how it is protected. ShotBridge is a tool for syncing Dribbble shots to Pinterest and does not sell or share your data with third parties for advertising purposes.

1. Information we collect

When you create an account, we store your email address and a hashed version of your password — the original password is never stored. When you connect your Dribbble account, we store your Dribbble username and the OAuth access token needed to read your shots. When you connect your Pinterest account, we store your Pinterest username, access token, refresh token, and token expiry date in order to post and schedule pins on your behalf. We also store the IDs of shots you have already posted, so we can avoid duplicates. If you upgrade to a paid plan, we store a Stripe customer ID and subscription ID in order to manage your subscription status. We do not store your card number or any other payment details — those are handled exclusively by Stripe.

2. How we use your information

We use your data exclusively to provide the ShotBridge service: to authenticate you, to read your Dribbble shots via their API, and to create or schedule pins on your Pinterest board. We do not use your data for advertising, profiling, or any purpose beyond operating the service.

3. Third-party services

ShotBridge uses the following third-party infrastructure:

  • Cloudflare — application hosting and deployment. Your requests pass through Cloudflare's infrastructure.
  • Neon — PostgreSQL database hosting. Your account data is stored in a Neon database.
  • Dribbble — we call the Dribbble API using your token to fetch your shots.
  • Pinterest — we call the Pinterest API using your token to create and schedule pins.
  • Stripe — payment processing for paid plans. Stripe handles all payment data directly; we only store a customer ID and subscription ID returned by Stripe.

We do not use analytics services, advertising networks, or tracking scripts.

4. Data retention

Your data is retained as long as your account is active. If you delete your account, your email, hashed password, and OAuth tokens are removed from our database. Records of previously posted shots may be retained briefly in database backups before being purged in the normal backup rotation cycle.

5. Security

Passwords are hashed using bcrypt before storage. OAuth tokens are stored in a managed PostgreSQL database with encrypted connections. All traffic to ShotBridge is served over HTTPS. Payment processing is handled by Stripe — we never receive or store your card details.

6. Your rights

You can disconnect your Dribbble or Pinterest accounts at any time from your dashboard, which removes the stored tokens. You can request deletion of your account and all associated data by contacting us at contact@shotbridge.app. You can revoke ShotBridge's API access directly in your Dribbble or Pinterest settings without contacting us.

7. Changes to this policy

We may update this policy from time to time. We will update the effective date at the top of this page when we do. Material changes that affect how we handle your data will be communicated by email if we have one on file for you.