PingBack logo PingBack

Privacy Policy

Last updated: May 21, 2026
What PingBack does
PingBack reads sticky notes on your Miro board or Mural canvas, sends each one to Claude (Anthropic's AI) to generate one critical-thinking question, and in Miro mode places the question beside the original sticky.

It runs in three modes: as a panel inside Miro, as a standalone web page connected via Miro OAuth, and as a standalone web page connected via Mural OAuth. No answers, summaries, or suggestions are generated. One question per sticky.
What PingBack does not do
  • Store sticky note content after the question is returned
  • Log board activity or usage patterns
  • Collect or store your email address
  • Share data with any third party not named in Partners
  • Use data for advertising, remarketing, or ad personalisation
  • Access Miro or Mural data beyond the authorised scopes
  • Write content back to your Mural canvas (Mural is read-only)
  • Process sensitive categories of data (health, financial, government IDs)
Security
All traffic is encrypted with TLS 1.2 or higher. Session cookies are HttpOnly and Secure. No sticky note content or personal data is written to disk or retained after a request completes. API keys and OAuth credentials are stored as environment secrets, not in source code.
Data collected
Miro permissions
boards:read Read sticky note text to generate questions.
boards:write Create question stickies beside originals and remove them on clear.
identity:read Fetch display name to show "Connected as [name]". Nothing else.
Mural permissions
murals:read Read sticky note text to generate questions. No write access requested.
identity:read Fetch display name to show "Connected as [name]". Nothing else.
What is processed
Sticky note text. Sent from your browser to PingBack's server and forwarded to Anthropic to generate the question. Never stored after the response is delivered.

Display name. Fetched from Miro or Mural after OAuth. Stored in a server-side session only to show who is connected. Cleared on disconnect or after 7 days.

OAuth tokens. Stored in the server-side session to make API calls on your behalf. Never logged or written to permanent storage. Cleared on disconnect.
Session cookie and analytics
One HttpOnly, Secure, SameSite:Lax cookie is set when you connect via OAuth. Valid for 7 days. The Miro panel mode uses no cookies at all.

Google Analytics 4 is loaded on marketing pages but gated by Consent Mode v2. No hits are sent until you click Accept all on the privacy banner. Sticky note text, board content, and AI questions are never sent to Google. Your consent choice is stored in localStorage under pb-consent and can be reversed by clearing site data.

No advertising cookies. No remarketing. No cross-site tracking.
Retention and deletion
Presentation sessions (questions and reactions) are stored in Postgres with a 2-hour TTL and swept automatically. The only personal data that persists is your session (display name + OAuth tokens), which expires after 7 days or is cleared immediately on disconnect.

Disconnecting or revoking access in your Miro or Mural account settings invalidates the session immediately. Nothing remains. To report a suspected retention error, email hello@marcosrezende.com.
Partners
Named processors
PingBack does not develop, train, or host the AI model and is not responsible for Claude's outputs. Up to four processors are involved depending on the platform you connect:
Miro Source of sticky-note text, board structure, and OAuth identity. PingBack reads and writes only with the scopes you authorise. Privacy policy
Mural Source of sticky-note text and OAuth identity. Read-only. PingBack does not write back to your mural canvas. Privacy policy
Anthropic Receives sticky note text (and candidate-question text for evaluations) to generate questions, follow-ups, translations, and rubric scores. PingBack does not control how Anthropic stores API requests. Privacy policy
Google Analytics 4 Receives anonymised page-view and engagement data only after you click Accept all. Never receives sticky note text, board content, AI questions, or OAuth tokens. Privacy policy
No other third parties receive data from PingBack. PingBack does not sell, rent, or share data with data brokers, advertisers, or affiliate networks.
Your rights
You can disconnect PingBack at any time by clicking Disconnect on the main page, or by revoking access in your Miro or Mural account settings. Either action immediately clears your session and OAuth tokens. No personal data remains after disconnection.

Depending on where you are located, you may have additional rights:
GDPR General Data Protection Regulation (EEA and United Kingdom)
  • Access. Request a copy of the personal data PingBack holds about you.
  • Rectification. Ask us to correct inaccurate data (in practice, only your display name).
  • Erasure. Request deletion. Because PingBack holds no permanent store beyond your session, disconnecting fulfils this immediately.
  • Restriction. Ask us to stop processing while a dispute is resolved.
  • Portability. Receive your data in a structured, machine-readable format.
  • Objection. Object to processing based on legitimate interests.
  • Withdraw consent. Withdraw at any time without affecting prior processing.
Legal basis: sticky-note text is processed under performance of a contract (Art. 6(1)(b)); OAuth identity under legitimate interest (Art. 6(1)(f)). No special-category data. No transfers outside the EEA without adequate safeguards (Replit + Anthropic covered under their respective DPAs).
CCPA / CPRA California Consumer Privacy Act / California Privacy Rights Act
  • Know. Request disclosure of what categories of personal information are collected, the sources, purpose, and which third parties receive it.
  • Delete. Request deletion. Disconnecting fulfils this immediately.
  • Correct. Request correction of inaccurate personal information.
  • Opt out of sale or sharing. PingBack does not sell or share personal information for cross-context behavioural advertising. There is nothing to opt out of.
  • Non-discrimination. You will not receive a different level of service for exercising these rights.
Categories collected: Identifiers (display name), Internet activity (anonymised page views if you accept analytics). No sensitive personal information as defined by CPRA.
LGPD Lei Geral de Proteção de Dados (Brasil)
  • Confirmation and access. Confirm whether your data is processed and request a copy of it.
  • Correction. Request correction of incomplete, inaccurate, or outdated data.
  • Anonymisation, blocking, or deletion. Request deletion of unnecessary data or data processed in non-compliance with the LGPD.
  • Portability. Request transfer of your data to another service provider.
  • Revocation of consent. Revoke consent at any time; disconnecting PingBack fulfils this immediately.
  • Information on sharing. Learn which public or private entities your data is shared with.
Legal basis: performance of a contract (Art. 7, V) for sticky note text; legitimate interest (Art. 7, IX) for OAuth identity. No sensitive data (Art. 5, II). International transfer to the US (Replit / Anthropic) under the conditions of Art. 33 of the LGPD.
To exercise any of the above rights, email hello@marcosrezende.com. Response time: 15 calendar days (LGPD / CCPA) or 30 days (GDPR), extendable by 30 days with notice where the law permits.
Contact
Data controller
Marcos Rezende, individual operator
Email
hello@marcosrezende.com
Miro Marketplace
miro.com/marketplace
Children
PingBack is not intended for anyone under 16. If you believe a minor has connected, email hello@marcosrezende.com and any associated session data will be removed.
Changes to this policy
If anything material changes about how PingBack handles data, this page will be updated and the date at the top will reflect the revision. Continued use after a change constitutes acceptance of the updated policy.