Privacy Policy

Effective date: 2026-07-15  ·  Last updated: 2026-07-15

This Privacy Policy explains how Ocone Lee handles data in connection with our internal product-research application (“hermes-research”, the “App”), which uses the Pinterest API. We built this policy to be transparent, truthful, and consistent with all applicable data-protection laws, including the EU/UK GDPR and the California Consumer Privacy Act (CCPA/CPRA).

Pinterest API & Non-Affiliation

The App uses the Pinterest API. Ocone Lee is an independent operation and is not officially affiliated with, endorsed by, sponsored by, or approved by Pinterest, Inc. We do not misrepresent our relationship with Pinterest or our level of access to the Pinterest Materials. “Pinterest” and all related names, logos, and marks are trademarks of Pinterest, Inc. and belong solely to Pinterest, Inc. Our use of the Pinterest name is strictly for factual identification of the data source.

1. Who We Are

This App and this Privacy Policy are operated and owned by Ocone Lee (“we,” “us,” or “our”), a private product-research operation run by its owner. We are the party responsible for the data practices described here, and we are the data controller for any personal data processed in connection with the App. You can reach the owner directly using the contact details in Section 12.

2. What the App Does

The App is a private, internal-use tool for market and product research. It queries the Pinterest API to retrieve aggregate, non-personal trend data only, such as:

This data describes market-level patterns, not individuals. It is used solely by us, internally, to inform our own product-research decisions. The App has no public user base and does not offer any advertising, audience-targeting, or data-brokerage service.

3. What Data We Access — and What We Do Not

We deliberately limit the App to the minimum data required for aggregate trend research.

Data we access

Data we do NOT collect

The App does not collect, request, store, or process any Pinterest user’s personal data, including:

Because the App consumes only aggregate, market-level signals, it does not build profiles of individuals and cannot identify any Pinterest user from the data it receives.

4. Pinterest Scopes and Permissions Requested

The App requests only the read-level Pinterest API scopes necessary to retrieve aggregate trend, keyword, and analytics data (for example, read-only trends/analytics access). We do not request scopes that would grant write access, posting ability, board or Pin management, social-graph access, or access to other users’ private content. If the specific scopes granted to the App change, we will update this policy accordingly.

5. How We Use the Data

We use the aggregate Pinterest data only to:

We do not use Pinterest data for advertising, ad targeting, audience building, or any service directed at third parties. We only use any given account’s information to operate the App for that account; we do not combine account information across different people or merge it with data obtained from other services in a way that would identify individuals.

No Resale or Redistribution

We do not sell, rent, license, resell, share, transfer, or redistribute Pinterest content or any Pinterest-derived data to any third party, including any other advertising service, data broker, or analytics provider. We do not monetize Pinterest data or Pinterest-derived insights as a product. The data is used exclusively for our own internal research and is never passed on to anyone outside Ocone Lee.

6. Data Storage, Retention, and API Handling

Consistent with Pinterest’s Developer Guidelines, our design principle is to call the Pinterest API each time we need the data rather than warehousing it. We do not build a persistent store of Pinterest Materials. Where our own tooling temporarily caches an aggregate result to complete a research task, that cached data:

The sole exception contemplated by Pinterest — storing campaign analytics for one’s own account — does not currently apply to this App, as we do not run Pinterest advertising campaigns through it.

Data typeRetention
Aggregate trend/keyword/region resultsTransient; re-fetched from the API as needed and not retained beyond the active research task
API access tokensHeld only while the App’s Pinterest connection is active; deleted on disconnect (see Section 7)
Pinterest-derived data on disconnectDeleted within 30 days of disconnection/revocation

7. Data Deletion on Disconnection

Deletion on Disconnect

When the App’s Pinterest access is disconnected or revoked — whether the account link is severed by us, by Pinterest, or through revocation of the access token — all Pinterest-derived data associated with that connection is deleted within 30 days. This includes any cached aggregate results and the associated access credentials.

You may also request deletion of any Pinterest-derived data at any time by emailing [email protected]. We will action verified deletion requests promptly and, in any case, within 30 days.

8. Security

We protect the data the App handles with reasonable technical and organizational measures, including:

No system is perfectly secure, but because the App processes no user PII, the residual privacy risk to individuals is minimal.

9. Consent, Notice, and Your Choices

The App does not collect personal data from individuals and does not run any advertising or audience-data service, so there is no personal-data collection from users of Pinterest for us to obtain consent for. Should our practices ever change to involve personal data, we will provide clear and prominent notice, obtain any necessary consents, offer plain opt-out instructions, and regularly update our records to remove anyone who opts out.

To the extent any applicable law (including the GDPR and CCPA/CPRA) grants you rights over data we may hold — such as the right to access, correct, delete, or object to processing, and the right not to be discriminated against for exercising those rights — you may exercise them by contacting us at the address in Section 12. We do not sell or share personal information as those terms are defined under the CCPA/CPRA.

10. Public Accessibility of This Policy

This Privacy Policy is intended to be publicly accessible: it renders as a standalone, self-contained web page that requires no login to view and returns no error. We host it at a stable, brand-associated location so that Pinterest, users, and reviewers can reach it directly and reliably.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, the Pinterest API, or applicable law. When we do, we will revise the “Last updated” date above and post the updated version at the same public location. Material changes will be reflected clearly in the effective date.

12. Contact Us

For any privacy question, data-deletion request, or matter relating to this policy, contact Ocone Lee:

Email: [email protected]