Pinakin Legal
Legal Document
Last updated: May 2026 · Effective immediately
Introduction
Pinakin is operated by PCKB Ventures LLC, a company registered in Wyoming, United States. Pinakin is a private mandate matching platform for ultra-high-net-worth individuals and their agents.
We take your privacy seriously. This policy explains what information we collect, how we use it, and your rights under applicable law including the EU General Data Protection Regulation (GDPR) and UK GDPR.
Core principle: Pinakin is designed from the ground up to minimise data collection. Your identity, mandate details, and personal information never leave your device and are never stored on our servers.
01 — Data Collection
Pinakin collects the absolute minimum necessary to operate the matching service.
Cryptographic public key — A randomly generated identifier created on your device. This is not linked to your name, email, or any personal information.
Feature vectors — 15 numerical values derived from your mandate (asset category, price range, location, attributes). These numbers cannot be reverse-engineered to reveal your mandate details.
Bucket hash — A SHA-256 hash used for efficient matching. Contains no readable information.
Post type — Whether you are buying or selling. Nothing more.
Expiry timestamp — When your mandate expires.
Team subscription data — If you sign up for a team plan, we store your email address and agency name solely for account management and communication purposes.
We never collect: your name, phone number, address, mandate text, asset descriptions, financial details, or any personally identifiable information beyond what is listed above.
02 — Data Storage
Your mandate details, identity, and private keys are stored exclusively on your device using encrypted local storage. They are never transmitted to or stored on Pinakin servers.
Our servers (hosted on Fly.io) store only:
Feature vectors and bucket hashes (anonymous numerical data)
Your cryptographic public key
Match results (referenced by public key, not personal identity)
Encrypted chat messages (end-to-end encrypted, readable only by participants)
Team subscription records (email and agency name only, for paid plans)
All server-side data is automatically deleted after 30 days of inactivity. Mandate vectors expire after 17 days. Chat messages expire after 30 days.
03 — Data Use
We use the data we collect solely to provide the Pinakin matching service:
Matching opposing mandates using our neural network scoring algorithm
Notifying you when a potential match is found
Facilitating encrypted communication between matched parties
Managing team subscriptions and access codes
Preventing abuse and enforcing mandate limits
We do not sell your data. We do not use your data for advertising. We do not share your data with third parties except as required to operate the service (infrastructure providers operating under data processing agreements).
04 — Encryption
All communications between matched parties are end-to-end encrypted using NaCl (Networking and Cryptography library) box encryption. This means:
Chat messages are encrypted on your device before transmission
Only the intended recipient can decrypt messages
Pinakin servers cannot read your messages
No third party can intercept or read your communications
Your cryptographic identity is generated on your device from a 12-word recovery phrase and never transmitted to our servers.
05 — Your Rights
Under GDPR (EU) and UK GDPR, you have the following rights regarding your personal data:
Request a copy of all personal data we hold about you.
Request deletion of your personal data from our servers.
Request correction of inaccurate personal data.
Request your data in a portable format.
Object to processing of your personal data.
Withdraw consent at any time by deleting the app.
To exercise any of these rights, contact us at pinakinsupport@gmail.com. We will respond within 30 days.
You also have the right to lodge a complaint with your local data protection authority. In the EU, this is your national DPA. In the UK, this is the Information Commissioner's Office (ICO).
DELETE YOUR ACCOUNT AND DATA
To request deletion of your data:
1. Email pinakinsupport@gmail.com with subject line "Data Deletion Request"
2. Include your username and public key (visible in your Account screen)
3. We will delete your data within 7 days
Data deleted upon request:
→ FCM device token
→ Mandate vectors
→ Match history
→ Subscription record
Data that cannot be deleted:
→ Encrypted messages (stored on your device)
→ Your cryptographic keypair (stored on your device only, we never held it)
06 — Cookies & Tracking
The Pinakin mobile application does not use cookies, tracking pixels, or analytics SDKs. We do not track your behaviour within the app. We do not use Google Analytics, Firebase, or any third-party analytics service.
This website may use essential cookies only for basic functionality. No advertising or tracking cookies are used.
07 — Third Parties
Pinakin uses the following third-party infrastructure providers, each operating under appropriate data processing agreements:
Firebase Cloud Messaging (Google) — push notification delivery. Receives only anonymous device tokens and notification titles. No personal data or message content is transmitted.
Upstash — database infrastructure. Stores anonymous cryptographic identifiers and encrypted mandate vectors. No personal identifiers are stored.
Resend — email delivery. Used only when a user signs up for a Team plan and provides an email address. Receives only the email address and agency name provided by the user.
Fly.io — server infrastructure. Hosts the Pinakin coordination server. May temporarily log IP addresses for security purposes. No personal data is stored.
These providers process only the minimal data necessary to operate the service and are contractually bound to protect your data.
08 — Children
Pinakin is intended for professional use by adults (18+) operating in the ultra-high-net-worth asset market. We do not knowingly collect data from anyone under 18. If you believe a minor has used our service, contact us immediately at pinakinsupport@gmail.com.
09 — Changes
We may update this privacy policy from time to time. Material changes will be posted on this page and where possible communicated to registered users by email. The date at the top of this page indicates when the policy was last updated. Continued use of Pinakin after changes constitutes acceptance of the updated policy.
10 — Contact
For privacy enquiries, data requests, or any questions about this policy:
Product: Pinakin
Jurisdiction: Wyoming, United States
Email: pinakinsupport@gmail.com
Response time: Within 30 days
© 2026 PCKB Ventures LLC. All rights reserved.Pinakin — Private Mandate Matching