Privacy Policy

Last updated: June 11, 2026

This Privacy Policy describes how BlueDino ("we," "us," or "our") collects, uses, stores, shares, and protects your personal information when you use our application and services.

Information We Collect

We collect the following categories of information:

• Account information: Your username and password (hashed) when you create an account.
• Pinterest data: When you connect a Pinterest account, we receive your Pinterest username, display name, profile picture, list of boards, and basic Pin metadata for content you publish through our service.
• Google (YouTube) data: When you connect a YouTube account, we receive your YouTube channel ID, channel name, and the ability to upload videos and read analytics data on your behalf. Specifically, we request access to the following YouTube API scopes: video uploads, read-only channel information, and read-only analytics.
• Payment information: When you subscribe to a paid plan, payment information is collected and processed by Stripe. We do not store your credit card details directly.

How We Use Your Information

We use the information we collect solely to provide and improve our application's functionality:

• To authenticate you and maintain your session.
• To schedule, generate, and publish content to your connected Pinterest and YouTube accounts via their official APIs.
• To display your connected account information within the application dashboard.
• To process payments for paid features.

We do not use Google user data for serving advertisements, market research, or any purpose other than providing or improving the functionality of BlueDino.

Data Sharing & Transfers

We do not sell, rent, trade, or otherwise share your personal information or Google user data with third parties. Data is only transmitted to the following services as strictly necessary to deliver our service:

• Pinterest API: To publish content you choose to post to your connected Pinterest account.
• YouTube API (Google): To upload videos and retrieve analytics for your connected YouTube channel.
• Stripe: To process subscription payments.

We do not transfer Google user data to any third party for reasons other than providing or improving our application's functionality.

Data Protection

We implement security procedures to protect the confidentiality and integrity of your data:

• All OAuth access tokens and refresh tokens are encrypted using AES-256 encryption before being stored.
• All data transmitted between your browser and our servers is protected using HTTPS/TLS encryption.
• Session tokens are stored in HTTP-only, secure cookies that cannot be accessed by client-side scripts.
• Passwords are hashed using bcrypt and are never stored in plain text.

Data Retention & Deletion

We retain your personal information only for as long as necessary to provide our services:

• OAuth access tokens are retained for the duration of their validity period (up to 30 days for Pinterest, up to 1 hour for YouTube) and are refreshed automatically as needed. When you disconnect an account, the associated tokens are deleted immediately from our database.
• Account information (username, hashed password) is retained until you request deletion.
• Scheduled post data is retained until the post is published or you delete it, whichever comes first.

You may request deletion of your data at any time by disconnecting your accounts from the dashboard or by contacting us. When data is deleted, it is permanently removed from our systems.

Revoking Access

You may disconnect Pinterest or YouTube at any time from the Accounts page in your dashboard. You may also revoke BlueDino's access directly from your Google Account permissions or Pinterest app settings. Upon revocation, we will no longer have access to your platform data and any stored tokens will become invalid.

Google API Services

BlueDino's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Changes to This Policy

We may update this Privacy Policy from time to time. If we make changes to how we use Google user data, we will notify users by updating the date at the top of this page and, where appropriate, through an in-app notification.

Contact

If you have any questions about this Privacy Policy or wish to request deletion of your data, please contact us at aingram1@gm.slc.edu.