All apps

Is Pinecone safe with your data?

D
Pinecone icon

Pinecone

Pinecone Systems, Inc.

54/100

Weak disclosure · medium confidence

Pinecone earns a D (54/100) because it leaves much about its data practices unstated.

Dealbreaker flag

  • D4.3: shares personal information with third-party advertisers for interest-based advertising via tracking technologies with no named opt-out mechanism disclosed

#129

of 177 apps ranked

54

score · Data platform avg 64

-10

vs category average

Grade scaleA · 85–100B · 70–84C · 55–69D · 40–54F · 0–39

Pinecone's website privacy policy grants strong GDPR data-subject rights and includes a full legal-basis table. It says nothing about model training or concrete retention timelines, and it affirmatively shares data with third-party advertisers for interest-based advertising without naming an opt-out. The policy explicitly excludes enterprise Services data handled under a data processing agreement, so it describes no AI-assistant data ingestion, and all training indicators read as silent.

What Pinecone's privacy policy says about your data

Full data-subject rights

The policy grants access, correction, deletion, portability ("Transfer a machine-readable copy of your personal information to you or a third party"), restriction, and objection rights via privacy@pinecone.io for European users.

Shares with advertisers, no opt-out

The policy states that "Our third party advertisers may use Tracking Technologies to gather information about your activities on our Services and other websites and apps in order to provide you advertising based upon your browsing activities." The only opt-out it names covers marketing emails, and it provides none for the ad-related data sharing.

Vague retention only

Retention runs "as long as necessary to fulfill the purposes for which we collected it" with no day-count or deletion timeline, and anonymized data "may be used indefinitely."

International transfers covered by SCCs

The policy says that whenever it shares personal information originating in the EEA, the UK, or Switzerland it does so "in accordance with the EU standard contractual clauses or other applicable frameworks," and it names an Article 27 EU and UK representative (EDPO).

What the policy is silent or vague on

  • Not stated: keeping user inputs out of model training
  • Not stated: a way to opt out of training
  • Not stated: whether training use differs by plan
  • Not stated: your ownership of generated outputs

Pinecone privacy rating

Training-data use0 of 4 disclosed
Keeps user inputs out of model training, or makes training opt-inSilent
Names a way to opt out of or into trainingSilent
Says whether training use differs by plan or tierSilent
Lets the user keep ownership of generated outputsSilent
Data-subject rights5 of 5 disclosed
Grants a right to access your dataDisclosed
Grants a right to delete your dataDisclosed
Offers data portability in a usable formatDisclosed
Grants a right to correct your dataDisclosed
Grants a way to object to or opt out of processingDisclosed
Retention and deletion0 of 4 disclosed
States a retention period for your dataPartial
States a deletion timeline after closure or requestPartial
Sets a shorter retention for AI conversation logsSilent
Commits to collecting only the data it needsPartial
Third-party sharing2 of 5 disclosed
Lists the categories of third parties it shares withDisclosed
References a sub-processor list or data processing agreementPartial
Does not sell or share data for advertising, or offers opt-outAdverse
Names a safeguard for international data transfersDisclosed
States a standard for government and law-enforcement accessPartial
Transparency3 of 4 disclosed
Discloses that you are interacting with AISilent
Marks AI-generated or synthetic outputNot applicable
Enumerates the categories of data it collectsDisclosed
Maps processing purposes to legal basesDisclosed
Is versioned and dated, with change noticeDisclosed
Sensitive data and children2 of 2 disclosed
Discloses automated decisions and a human-review pathNot applicable
Limits the use of special-category dataDisclosed
Governs biometric data specificallyNot applicable
States protections for children's dataDisclosed
Security and accountability0 of 3 disclosed
Describes its security safeguardsPartial
Commits to breach notificationSilent
Names a certification or a privacy contactSilent
DisclosedPartialSilentAdverseNot applicable

Details

Category
Data platform
Modalities
text
Processes biometrics
No
Policy last updated
2024-05-08
Region scored
Global / US-default
Assessed
2026-06-20
Read Pinecone's privacy policy

Other data platform apps

dbt Labs icondbt LabsBLabelbox iconLabelboxBFivetran iconFivetranBWeaviate iconWeaviateC

Each grade reflects our analysis of what an app states in its public privacy policy and terms as of the assessment date. It measures the transparency of those documents, not the company's actual data practices, security, or compliance. Grades are our opinion, offered for general information. Full disclaimer.

Is Pinecone safe with your data? Grade D | AI App Trust & Transparency Index