Privacy Policy
Moody is a web tool that helps interior designers turn their own Pinterest boards into client-ready mood boards. This policy explains what data Moody accesses, what it does with that data, and what it does not do.
1. Who we are
"Moody" refers to the web application operated by the project maintainer. For questions about this policy, contact via GitHub issues until a dedicated contact address is published.
2. Data we access
When you connect your Pinterest account, Moody uses Pinterest's OAuth 2.0 flow to request the following read-only permissions:
user_accounts:read — your Pinterest username and account metadata, used only to display who is signed in
boards:read and boards:read_secret — the list of boards you own, including secret boards
pins:read and pins:read_secret — the pins inside those boards, so you can select images for your mood board
Moody requests no write permissions. Moody cannot create, edit, or delete anything on your Pinterest account.
3. How your data is used
Boards and pins are fetched on demand and rendered in your authenticated browser session. Images are routed through Moody's server as a CORS-safe proxy so they can be placed on a canvas and exported.
The Pinterest access token issued to you is stored only in an encrypted, HTTP-only, server-side session cookie. It is never exposed to JavaScript running in your browser and is never shared with third parties.
Moody does not persist your boards, pins, images, or mood board files on a server after your session ends. Exported PDF and JPG files are generated in your browser and downloaded directly to your device.
4. What we don't do
We do not sell, rent, or share your data with third parties.
We do not use third-party advertising networks or cross-site tracking.
We do not use analytics services that identify individual users. Aggregate usage telemetry, if introduced in future, will be opt-out and documented here before it ships.
We do not redistribute pin images. Pinned images remain the property of their original creators; Moody treats them as private working material for the signed-in user.
5. Cookies
Moody sets a single strictly-necessary session cookie used to keep you signed in and to store the encrypted Pinterest access token server-side. No other cookies are set. The cookie is HttpOnly, Secure, and SameSite=Lax.
6. Your rights and controls
Sign out from the Moody editor at any time; this clears the session cookie and removes the encrypted access token from the server.
Revoke Moody's access to your Pinterest account at any time from Pinterest's connected apps page. Once revoked, Moody can no longer fetch any of your data.
Because Moody holds no persistent copy of your boards, pins, or mood boards, there is no long-term personal data for us to export or delete on your behalf; signing out and revoking Pinterest access is the complete removal path.
7. Children
Moody is intended for professional use and is not directed at children under 13. We do not knowingly collect data from children.
8. Changes to this policy
If this policy changes, the "Last updated" date above will be revised and a note describing the change will be kept in the repository's commit history.
This document is served from a public GitHub repository: hessiankiln/moody-privacy.