DeskPine← Back to site

Privacy Policy

Last updated: June 4, 2026

This policy explains how DeskPine (“we”, “us”) handles personal data when you use our website and customer-support application (the “Service”). We act as a data controller for our own customers’ account data, and as a data processor for the support messages our customers manage through the Service on behalf of their own end-users.

Data we collect

  • Account data — name, email, hashed password, workspace and team details.
  • Support content — the emails, attachments, customer profiles and notes that flow through your shared inbox. This may contain personal data of your customers; you are the controller of that data and we process it on your instructions.
  • Billing data — handled by our payment processor, Stripe. We store only subscription metadata (plan, seat count), never full card numbers.
  • Email engagement — when open/click tracking is enabled on a mailbox, replies include a tracking pixel and wrapped links so agents can see whether a message was opened or a link clicked. This can be turned off per mailbox.
  • Usage & analytics — anonymous, aggregated analytics (Google Analytics) and basic server logs to operate and improve the Service.

How we use it

  • To provide, secure and support the Service.
  • To process payments and manage subscriptions.
  • To send transactional email (replies, notifications, password resets).
  • To detect abuse and keep the Service reliable.

We do not sell personal data, and we do not use the content of your support inbox for advertising.

Cookies & tracking

We use a strictly-necessary session cookie to keep you signed in, and analytics cookies to measure site usage. Email open/click tracking is a feature you control per mailbox and can disable at any time.

Sub-processors

  • Stripe — payment processing.
  • DigitalOcean — hosting (servers and database).
  • Google Analytics — aggregate website analytics.
  • Email delivery providers — to send and receive your support email.

Data retention

We keep account and support data for as long as your workspace is active. On account closure we delete or anonymize personal data within a reasonable period, except where we must retain it to meet legal or accounting obligations. We keep encrypted database backups for a limited rolling window.

Your rights

Depending on your location (e.g. GDPR/CCPA), you may have the right to access, correct, export or delete your personal data, or object to certain processing. To exercise these rights, contact us. If you are an end-user of one of our customers, please contact that business (the data controller) first.

Security

Connections are encrypted in transit (TLS/HSTS). Passwords are hashed, secrets are encrypted at rest, and each workspace’s data is isolated. No system is perfectly secure, but we work to protect your data and to notify you of material incidents.

Contact

Questions or requests: privacy@deskpine.app or via our contact page.