Privacy Policy

Last updated: April 28, 2025

1. Introduction

Welcome to Pingllo ("we", "us", or "our"). We operate the website pingllo.com and the Pingllo API testing tool. This Privacy Policy explains what information we collect, why we collect it, how we use it, and your rights regarding your data. By using Pingllo you agree to the practices described here.

2. Information We Collect

2.1 Account Information

When you create an account or sign in we may collect:

  • Email address — used to identify your account and send verification codes.
  • Google account ID — when you sign in with Google, we store a unique identifier from your Google profile (never your Google password).
  • Verification status — whether your email has been confirmed.

2.2 Usage Data

When you use the tool we store collections, saved requests, environment variables, and request history that you explicitly save. This data is tied to your account and is required to provide the core save-and-sync feature.

2.3 Automatically Collected Data

Our hosting provider may log standard server data such as your IP address, browser type, referring URL, and pages visited. We do not use this data to build personal profiles.

3. How We Use Your Information

  • To create and manage your account.
  • To sync your saved API collections and history across devices.
  • To send one-time verification codes to your email address.
  • To improve the reliability and performance of the service.
  • To respond to support requests you send us.

We do not sell your personal data to third parties, use it for advertising, or share it with unaffiliated companies.

4. Third-Party Services

We use the following third-party services to operate Pingllo:

Google Sign-In (Google Identity Services)

Used for optional social login. Google processes your credentials on their servers. See Google's Privacy Policy.

Resend (Email Delivery)

Used to send OTP verification emails. Your email address is transmitted to Resend to deliver these messages. See Resend's Privacy Policy.

EazeMyAPI (Backend Storage)

We use EazeMyAPI to store account and collection data. Data is stored securely and accessed only through signed API requests.

5. Data Retention

We retain your account data for as long as your account is active. If you delete your account or request deletion, we will remove your personal information within 30 days, except where retention is required by law.

6. Security

We use industry-standard measures to protect your data, including HTTPS encryption in transit, hashed passwords (never stored in plain text), HMAC-signed API tokens, and timing-safe comparisons for sensitive operations. No method of transmission over the internet is 100% secure; we cannot guarantee absolute security.

7. Cookies & Local Storage

Pingllo stores your authentication token, user ID, and session preferences in your browser's localStorage. We do not use tracking or advertising cookies. You can clear this data at any time by clearing your browser's site data.

8. Your Rights

Depending on your location you may have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate data.
  • Request deletion of your account and data.
  • Object to or restrict certain processing.
  • Data portability (export your collections).

To exercise any of these rights, contact us at privacy@pingllo.com.

9. Children's Privacy

Pingllo is not directed at children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us personal data, please contact us and we will delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we do we will update the "Last updated" date at the top of this page. Continued use of Pingllo after changes are posted constitutes acceptance of the new policy.

11. Contact Us

If you have questions about this Privacy Policy or how we handle your data, please reach out at privacy@pingllo.com.