1 Pinterest Digital Services Act Risk Assessment and Mitigation Report 2025 2 Contents 2 1\. Executive Summary 3 2\. Introduction 4 2.1. Pinterest 4 2.2. The Digital Services Act 4 2.3. Updates since last year’s risk assessment 4 2.4. Updates on 2024 mitigation measures 6 3\. Risk assessment methodology 7 3.1. Understanding Pinterest’s systemic risk landscape 7 3.2. Risk assessment methodology 8 4\. Pinterest’s platform ecosystem 10 4.1. Influencing factor 1: Applicable Terms and Conditions and their enforcement 10 4.2. Influencing factor 2: Content moderation systems 11 4.3. Influencing factor 3: Design of recommender systems and any other relevant algorithmic systems 14 4.4. Influencing factor 4: Systems for selecting and presenting advertisements 14 4.5. Influencing factor 5: Data practices 15 4.6. Influencing factor 6: Intentional manipulation 16 5\. Systemic risk landscape 17 5.1. Systemic risk 1: Illegal content 17 5.2. Systemic risk 2: Negative effects on the exercise of fundamental rights 21 5.3. Systemic risk 3: Negative effects on civic discourse, electoral processes and public security 25 5.4. Systemic risk 4: Negative effects in relation to gender-based violence, the protection of public health and minors, and serious negative consequences to the person’s physical and mental wellbeing 28 6\. Conclusion 33 Appendix 34 Pinterest Digital Services Act Risk Assessment and Mitigation Report 2025 3 1\. Executive Summary Pinterest is a visual search and discovery platform where people find inspiration and curate ideas and shop products - all in a more positive place online. At Pinterest, our mission is to bring everyone the inspiration to create a life they love, and that’s our guiding light for everything we do. Pinterest does not prioritise endless engagement or virality. Our users come to Pinterest to find ideas for recipes, beauty, fashion, home decor and more. We believe that safety and protecting our users is central to creating an inspirational online platform. We have established Community Guidelines as our “rules of the road” for what content and behaviour is and isn’t allowed on Pinterest and we work hard to identify and deactivate harmful content and bad actors’ accounts from our platform. The Digital Services Act (“DSA”) came into force on November 16, 2022 with the aim of giving better protection to users and to fundamental rights online, establishing a transparency and accountability framework for online platforms, and providing a single, uniform framework across the European Union (“EU”). The DSA requires Pinterest as a Very Large Online Platform (“VLOP”) to identify, analyse, assess and mitigate certain systemic risks stemming from the functioning and use of Pinterest in the EU. This is Pinterest’s third risk assessment under the DSA. Following our risk assessment methodology, we have assessed Pinterest’s overall risk to EU users and society as Low. In carrying out this assessment, we have surveyed a broad range of internal Pinterest stakeholders, reviewed internal documentation and leveraged data - including from our global and DSA transparency reports - and gathered input from a range of external stakeholders, such as users, civil society and industry groups. Based on this review, we have identified potential risks associated with the design, functioning or use of Pinterest and assessed how these might impact EU users and society. We have grouped these risks into four main categories: 1. Illegal content; 2. Negative effects for the exercise of fundamental rights; 3. Negative effects on civic discourse, electoral processes and public security; and 4. Negative effects in relation to gender-based violence, the protection of public health and minors, and serious negative consequences to the person’s physical and mental wellbeing. We have also considered if and how Pinterest’s design, functionalities, and use influence these systemic risks. We have considered Pinterest’s overall ecosystem, including: applicable terms and conditions and their enforcement, content moderation systems, design of recommender systems, systems for selecting and presenting advertisements, related data practices, and intentional manipulation. This year, we have further strengthened our risk assessment methodology by analysing in more detail how our EU users interact with specific product features, including messaging, comments, and user following/followers. The evidence supports the conclusion that Pinterest is a low-risk service where users come for inspiration and ideas. This does not mean that the work stops here. Like our CEO Bill Ready said, our intention is to make Pinterest a safe place for everyone. Although our current overall assessment of the risk that Pinterest presents to EU users and society is Low, we’re continuously improving our control environment. We’re actively making enhancements to specifically address these four risk categories. In this report, we have both provided an update on the risk mitigation measures identified last year and outlined further mitigation efforts for this year. The latter include improvements to the accuracy of our Machine Learning (“ML”) models and expanding the scope of mental health advisories beyond search features to other platform surfaces. We continue to invest heavily in making Pinterest safer for all of our users, and we work closely with external organisations to inform our policies, product design and moderation practices. Our safety practices continue to evolve to adapt to new trends and to create a more positive place on the internet. We continue to improve our control environment, including through strengthened internal monitoring of controls, updating policies and enhancements to our user resources, including mental health support and user tools. These deliberate choices have been taken to set an example as a more positive place online. Pinterest Digital Services Act Risk Assessment and Mitigation Report 2025 4 2\. Introduction 2.1. Pinterest Product overview Pinterest is a visual search and discovery platform for finding ideas like recipes, home and style inspiration and more. People around the world, including in the EU, use Pinterest to bring ideas to life, shop products and discover inspiring content. Users come to Pinterest to discover content they love and save them to boards to keep their ideas organised and easy to find. There are billions of pieces of content (which we call “Pins”) on Pinterest, allowing our users to find ideas to spark inspiration. Pins can be images, videos or products. Pins can be saved and organised on boards. Users can name their boards, arrange them on their profile however they want and organise their Pins in a way that makes sense to them. They can also invite other people to collaborate on group boards to find even more ideas. Users have the option to set their profile to private, with all teen accounts under 16 set to private as the only option and 16-17 accounts to private by default. Private profiles won’t appear in search results on Pinterest or in search engines. More details on private profiles can be found in Systemic Risk 4. A user’s home feed is where we suggest Pins, creators, products and merchants we think they’ll love. The home feed will also show Pins from the creators and boards they’ve chosen to follow. Users can save, create, share and shop Pins, explore suggested topics and trends or search for topics of their own and collaborate with others. Pinterest’s mission and content approach At Pinterest, our mission is to bring everyone the inspiration to create a life they love. User safety is critical to our mission, especially when it comes to the safety of young people. Our content moderation practices and Community Guidelines continue to evolve to address new behaviours and trends and to create a more positive place on the internet. Pinterest continues to work towards making the internet a safer and healthier place for everyone. In partnership with the Digital Wellness Lab at Boston Children’s Hospital, Pinterest was a founding signatory of the Inspired Internet Pledge in 2023, which provides a framework for companies to take “meaningful, measurable actions to support positive mental and emotional wellbeing outcomes both on and offline.” The pledge is a call to action for technology companies to make the internet a safer and healthier place and Pinterest is proud to be a founding signatory. In its first full year, the pledge accrued 48 signatories, launched 10 youth councils, and reached over 100,000 individuals through collective educational efforts. 2.2. The Digital Services Act The goal of the DSA is to “create a safer online experience for citizens to freely express their ideas, communicate and shop online, by reducing their exposure to illegal activities and dangerous goods and ensuring the protection of fundamental rights.” Articles 34 and 35 of the DSA lay out the requirements for Pinterest as a VLOP to identify, analyse, assess and mitigate certain systemic risks stemming from the design, functioning and use of our service in the EU. This report describes the results of Pinterest’s third DSA systemic risk assessment and associated mitigation measures, including an overview of Pinterest’s risk landscape, ongoing mitigation efforts to address risks and updates to the further mitigation measures we have identified in previous DSA risk assessments. While most of the policies and controls we discuss are global in nature, the scope of this report and our risk assessment is limited to the EU. 2.3. Updates since last year’s risk assessment This year's DSA risk assessment builds upon our bedrock methodology, incorporating an analysis of emerging risks and insights from the initial years of DSA enforcement. As in 2024, this year we have continued to monitor risks related to generative artificial intelligence (“GenAI”). Teen safety has been an important focus area for 2025, and the European Commission’s recently published Guidelines on the Protection of Minors mirror Pinterest’s long-standing commitment to protecting teen users. Finally, this year we have taken additional steps to expand our support for our users’ mental health. Looking ahead, Pinterest expects to introduce further improvements to continuously strengthen the safety of all our users. Pinterest Digital Services Act Risk Assessment and Mitigation Report 2025 5 Artificial Intelligence Building on the further mitigations outlined in our previous risk assessment, we have advanced our efforts in transparency and user control. As planned, we launched a comprehensive Help Centre resource that details our approach to artificial intelligence (“AI”), differentiating between the traditional ML models used for recommendations and more targeted applications of GenAI. Our user-facing GenAI offer remains focused on advertiser-facing tools, such as enabling advertisers to create image backgrounds (“Pinterest Canvas”). We do not currently allow users to directly prompt any GenAI tools on-platform at this time. Additionally, in 2025 we have made multiple updates to further empower our users. Since April 2025, we label content when metadata indicates it was created or modified by AI. Users now have greater control over their experience on Pinterest through a feature to “see fewer” AI-generated Pins from certain categories of content in their feeds. We have also provided users with a clear mechanism to opt out of having their data used to train Pinterest Canvas and the data of all users under 18 years old is not used to train it. Our Community Guidelines continue to serve as our foundational safety policy for all content, regardless of its method of creation. While our Community Guidelines have always applied to synthetic content (including GenAI content), this year we have made further clarifications to reflect evolving trends. In April, we further highlighted their applicability to synthetically generated content and AI tools. We remain an active participant in the Digital Trust and Safety Partnership’s (“DTSP”) working groups to help shape industry best practices. In the coming year, we will continue to evaluate the GenAI landscape and adapt our approach to any changes. Teen safety We want to provide the tools and resources needed by more vulnerable users to protect their privacy. We have multiple teen safety settings and we guide teen users on what they can do if they experience an unsafe situation. We also provide support for parents. In 2025, Pinterest has continued to demonstrate its commitment to ensuring the safety of teen users. Over the past year, the mitigation measures announced in 2024 were successfully implemented to enhance minors’ privacy and provide greater control for minors, parents and guardians. These include enhanced verification for parents and caregivers making changes to key account settings and a user reporting feature for suspected underage users. We have provided updates on last year’s mitigation efforts below. Beyond last year’s DSA mitigations, we have also worked to better support teen users in understanding their choices on Pinterest as they grow up. For this, we have increased transparency around teens’ privacy settings and choices as they age, with enhanced in-product education and e-mail notifications sent to users on their 16th and 18th birthdays. More information on our safety settings for teen users can be found here. This year, Pinterest also welcomed the publication by the European Commission of the finalised Guidelines on the Protection of Minors (“the Guidelines”) on July 14, 2025. Pinterest’s existing teen safeguards and our risk assessment methodology align with several of the Guidelines’ key recommendations. Given that the finalised Guidelines were published following the conclusion of the primary information-gathering phase for this risk assessment, we intend for the Guidelines to more systematically inform our risk assessment process in the next cycle. Mental health and wellbeing Pinterest is committed to taking meaningful actions in the service of supporting more positive mental and emotional wellbeing for all people, especially teen users. This past year, we have strengthened our controls and support for our users’ mental health and wellbeing. As planned in 2024, we have partnered with a new external expert to improve our search advisory resources for people who may need expert mental health support. This partnership has enabled an improved, more proactive maintenance of Pinterest’s search advisories. Since its launch, we have worked to scale and expand the partnership, in order to provide our users with more high-quality resources and new contact formats. We now provide better, more tailored search advisories for users who may be dealing with complicated feelings around self-harm and disordered eating. These include direct links to contact helplines in search advisories in over 100 countries, including all 27 EU Member States. We also know that feeling represented can impact our users’ emotional wellbeing. This year, we have continued our efforts to make the content surfaced on Pinterest more diverse and inclusive. We have enhanced and expanded how our algorithms diversify results by body type and skin tone. As planned in last year’s Risk Assessment and Mitigation exercise, this includes improving the diversity of different men’s body types in men’s fashion search results. We have also geographically expanded the application of body type diversity measures, so users from more countries can feel better represented. Pinterest Digital Services Act Risk Assessment and Mitigation Report 2025 6 2.4. Updates on 2024 mitigation measures In our 2024 DSA Risk Assessment and Mitigation Report, we identified eight areas for additional mitigation measures. Updates on those areas are provided below: 1. GenAI transparency Last year, we shared our intention to improve transparency around GenAI through a comprehensive Help Centre resource. As previously mentioned, in 2025 we have released this and other resources to further empower users and mitigate risks. We will continue to evaluate the GenAI landscape and adapt our safety measures accordingly. 2. Additional investments in our Agent Training Team In last year’s risk assessment, we noted plans for additional investments in Trust \& Safety agent training. Since then, we have increased staffing for our Agent Training team and further enhanced our agent training programme; including through new trainings, standardised certification queues, a revamped knowledge base and enhanced onboarding. We plan to make further investments in the Agent Training team in 2026. 3. Additional investments in our Quality Assurance Team In 2024, we also cited plans to invest in our Trust \& Safety Quality Assurance (“QA”) Team. As of July 2025, we have increased the team’s headcount and QA tools, which now feature additional resources and centralised dashboards with daily updates and better data visualisation, available both to internal and external enforcement teams. 4. Increased monitoring by our Risk Intelligence Team Since last year, our Trust \& Safety Risk Intelligence Team has increased its monitoring of multiple data sources, including user reports and vendor intelligence. Through data-based monitoring, the team identifies trends and, where relevant, proactively reaches out to the relevant teams. The Risk Intelligence Team’s work has enhanced Pinterest’s data-based monitoring of risks, feeding into how Pinterest Trust \& Safety teams adapt their safety controls. The Risk Intelligence Team will continue and expand its work throughout 2025. 5. Body type diversity In line with our commitment to make Pinterest more inclusive, in 2024 we set out to improve the diversity of different men’s body types in men’s fashion search results. Since then, we have expanded our body type diversity technology in related Pins and search results, positively impacting diversity metrics. 6. User reporting As planned, we have fully rolled out a new reporting option for our community to report suspected underage users, helping us keep more vulnerable users safe. Pinterest doesn’t allow users under 13 years old and we have strong product and content safety measures to protect users under 18 by default. 7. Search advisory In 2024, we announced plans to strengthen our search advisory tools through a new partnership. Search advisories provide users who may be managing difficult emotions with direct access to helpful resources. Since its launch, the partnership has allowed us to support users in over 100 countries, including all 27 EU Member States. 8. Parental support As announced, we have made changes to strengthen our parental support measures, including taking steps to verify the details of parents and caregivers making changes to key account settings, such as account management, privacy or profile status. For instance, if a teen user has a parental passcode enabled and tries to reset their password, the passcode will need to be provided to make the change. Pinterest Digital Services Act Risk Assessment and Mitigation Report 2025 7 3\. Risk assessment methodology 3.1. Understanding Pinterest’s systemic risk landscape Pinterest considers a systemic risk to be a risk that a platform could be designed, functioning or used (or misused) in a way that could cause serious harm or have serious negative consequences for the platform’s users in the EU. Many of the controls we describe are similar to those described in previous DSA risk assessments but we have included additional information where we have made improvements and updates. Systemic risk categories Similar to last year, in order to identify the risks that Pinterest could present to users in the EU, we reviewed and updated our risk register. We started this process by reviewing the risk register from 2024 to make sure that those risks remained relevant. We made updates to these existing risks where required. In addition, we looked at internal and external factors that could have an impact on our risk register, such as changes to the Pinterest product or new functionalities, external events such as the prominence of GenAI, and how these factors impact how harm can manifest on the platform. We assessed each systemic risk individually and aggregated them into four risk categories: 1. Illegal content; 2. Negative effects on the exercise of fundamental rights; 3. Negative effects on civic discourse, electoral processes and public security; and 4. Negative effects in relation to gender-based violence, the protection of public health and minors, and serious negative consequences to the person’s physical and mental wellbeing. Given the volume of content on the Pinterest platform, detecting and taking appropriate action on harmful content cannot completely eliminate these four risk areas. There are inherent risks on any platform that deals with vast quantities of content and data. Pinterest takes a risk-based approach when it comes to content moderation, prioritising harms that pose the greatest potential risk and balancing fundamental rights with keeping users safe. Influencing factors We’ve also considered if and how Pinterest’s design, functionality or use influence these systemic risks. We’ve focused on the following influencing factors (the “influencing factors”) and have taken other potential influencing factors-such as manipulation and amplification-into account where deemed relevant: 1. Applicable terms and conditions and their enforcement; 2. Content moderation systems; 3. Design of recommender systems and any other relevant algorithmic systems; 4. Systems for selecting and presenting advertisements; 5. Related data practices; and 6. Intentional manipulation. These influencing factors encapsulate Pinterest’s full platform ecosystem and we’ve assessed each factor as part of this risk assessment. In line with our commitment to continuous improvement, this year’s risk assessment has deepened its focus on potential risks stemming from product design and use. This more mature approach involves assessing with more granularity the risks associated with core features of our platform - such as content posting, following and messaging. This evolution has allowed for a more nuanced understanding of potential systemic risks and directly aligns with the DSA’s emphasis on safety-by-design principles. Pinterest Digital Services Act Risk Assessment and Mitigation Report 2025 8 3.2. Risk assessment methodology Evidence Based on our understanding of Pinterest’s systemic risk landscape and our risk register, we evaluated our systemic risks by analysing a variety of sources, including: ● Consultations with internal experts: Through interviews and questionnaires, we captured expert knowledge on the systemic risks from Pinterest subject matter experts (“SMEs”); ● Metrics and other data: We leveraged data and other information included in our most recent Global Transparency Report, which reports on our global efforts to keep our platform safe and inspiring, and our most recent DSA Transparency Report, which contains information specific to the EU. Both reports covered the periods of July 1, 2024 to December 31, 2024. The metrics leveraged included actioned user reports and volume of items actioned. We also looked at appeals data as an indicator that enforcement is in line with our policies; ● Document reviews: We reviewed internal documentation, such as policies, procedures and other control documentation; ● Results of product testing: Such as prevalence and reach metrics where available; ● Input from external stakeholders and civil society: We collected information on the work of external experts and partners that help us identify harms and new trends. We leveraged input from our users, external partners, industry groups and independent civil society organisations. We engaged in multistakeholder roundtables organised by the European Commission, as well as the discussions held in DTSP and GNI’s 2025 European Rights and Risks: Stakeholder Engagement Forum, where we met with regulators, civil society and academics. We continue to increase our efforts to engage with external stakeholders; and ● Audit processes: We reviewed the results of our DSA independent audit to assist with the scoring of our control effectiveness in our DSA risk assessment. Risk scoring Our next step was to assess the probability and severity of each of the risks identified on Pinterest’s risk register. This included assessing the way in which Pinterest is used, both intended and unintended, and identifying the risk factors that might have an impact on risk. For each risk on our risk register, we assessed: ● Inherent risk rating: the level of risk that exists if left untreated. To determine this rating for each risk, we considered: ○ Severity: the impact that it would have on user groups and EU society in general. Each risk was assigned a severity rating of Marginal, Moderate, Significant or Critical; ○ Probability: the likelihood that the impact will occur. Each risk was assigned a probability rating of Unlikely, Possible, Likely or Almost Certain. Based on both the severity and probability ratings, each risk was assigned an inherent risk rating of Low, Medium, High or Very High. ● Control effectiveness: Using our control library, we identified the controls and safeguards in place to mitigate each risk and determined how effective the control environment is in mitigating the inherent systemic risk. In order to assess the effectiveness of controls, we used data and metrics where available, as well as preliminary audit observations identified by both our Internal Audit team and our independent external auditors. Each risk statement was assigned a control effectiveness rating of Ineffective, Somewhat Effective, Effective or Highly Effective. ● Residual risk: the level of risk remaining once the controls and mitigations have been considered. Based on the inherent risk rating and control effectiveness ratings, each risk statement was assigned a residual risk rating of Low, Medium, High or Very High. While we assessed each risk individually, we grouped the risks into four systemic risk categories (see above) and reported on the aggregate risk ratings and control effectiveness scores. See the Appendix for additional information on our risk assessment methodology and these ratings. Pinterest Digital Services Act Risk Assessment and Mitigation Report 2025 9 Governance and validation Finally, we reported on the results of our risk assessment through the appropriate governance channels. The risk scores were reviewed by Pinterest SMEs and the resulting report by over 30 cross-business stakeholders. Once reviewed, the results of the assessment and report were sent to the Board of Directors of Pinterest Europe Limited (“PEL Board”). The DSA risk assessment will be reviewed at least annually, with additional updates where appropriate, including before making any changes that may have a critical impact on systemic risks. Pinterest Digital Services Act Risk Assessment and Mitigation Report 2025 10 4\. Pinterest’s platform ecosystem At Pinterest, our mission is to bring everyone the inspiration to create a life they love. Our content moderation practices continue to evolve to keep up with new trends and we continue to invest heavily in machine-learning technology and partnerships with outside experts to inform our practices. We have safety measures in place to protect users of various age groups, detailed below. We are proud of our policies and practices because they help Pinterest to be a more positive and inspiring place online. As part of this risk assessment, we’ve analysed the potential impact these elements - or “influencing factors” - could have on each of the systemic risk categories. Before we dive into the results of the assessment, we’ll first provide an overview of each of these elements. 4.1. Influencing factor 1: Applicable Terms and Conditions and their enforcement Policies and guidelines We develop and enforce content policies to help us cultivate a positive community. This includes: ● Terms of Service: terms users agree to when using Pinterest; ● Business Terms of Service: governs business access to and use of Pinterest; ● Community Guidelines: what we do and don’t allow on Pinterest; ● Merchant Guidelines: requirements for merchants operating on Pinterest; ● Commercial and Branded Content Guidelines: guidelines for content designed to promote, directly or indirectly, goods or services; ● Advertising Guidelines: standards for creating and targeting ads; ● Advertising Services Agreement: the terms our advertisers agree to when advertising on Pinterest; ● Enforcement Guidelines: how we put our policies into practice, including any restrictions that we may apply to users’ content or use of Pinterest; ● Privacy Policy: information we collect, how we use it and users’ options to control the collection and use of that information; ● Copyright and Trademark policies: information on how we expect users to respect the intellectual property rights of third parties, and how rights holders can protect their rights on Pinterest; and ● Developer Guidelines: guidelines for building with Pinterest materials. These policies and guidelines are applicable globally, meaning that they apply to all users, and where relevant, businesses, merchants and advertisers who use our platform. For some policies, such as our advertising policies, we’ve built in nuances for local legislation and regulations. We want to make sure that our users understand our policies the first time they read them, so we use plain language along with short summaries to make our policies accessible. All of our policies and guidelines are easily available on our Policy Site and searchable through our Help Centre. Our Policy teams, alongside our Legal team, are responsible for drafting and maintaining Pinterest’s policies and guidelines. To make sure that new and updated policies do not disproportionately affect vulnerable user groups, we continue to engage with external parties for input and feedback on any new policies or major updates to existing ones. These third parties can include non-profit organisations, independent experts, civic groups and our users. When making any significant updates to our policies, we notify our users appropriately. We also have internal enforcement guidelines for our content review teams and automated content review models to identify and action violating content. These internal guidelines are designed to provide more nuance and details to our external policies, allowing our content review teams and systems to properly identify violating content and take appropriate action. We monitor these enforcement guidelines closely and aim to make sure that they are effective and result in the correct enforcement actions. We have an agile and streamlined approach to revising these policies so that we can quickly adapt to new and emerging harm types and make any necessary adjustments based on the results of monitoring and quality assurance. We explain how we enforce our policies below. Pinterest Digital Services Act Risk Assessment and Mitigation Report 2025 11 4.2. Influencing factor 2: Content moderation systems Pinterest has a robust content moderation enforcement framework to identify and take action on harmful content on our site. Our content policies – comprised of both external policies and internal enforcement guidelines – are the foundation of this framework. We use different methods to enforce these policies, including user reports, proactive identification, and enforcement through automated, manual and/or hybrid means. Further details on these are set out below. We take content-level action by deactivating, limiting the distribution, or restricting access within a territory (such as the EU or one or more of its Member States) of violating and/or illegal content. Account-level action is also possible: we deactivate the accounts of individuals and groups that spread harmful content and behaviour or limit the distribution of their content. The type of action is based on the degree of harm posed by the violating content or behaviour. We may deactivate an account after a single violation if it is deemed severe enough. We also take action against repeated misuse, including users who repeatedly post violating and/or illegal content, which can result in the deactivation of their account. We continuously evolve our policies and enforcement methods to keep up with new behaviours and trends. Additional information on enforcement actions can be found on our Enforcement page. Reporting harmful content and behaviour Pinterest offers its users various easily located, directly accessible reporting mechanisms, tailored to the type of violation they wish to report. Reporting Policy Violations Users can report content of any type (Pins, boards, accounts, comments or messages) that they believe violates Pinterest’s policies; across all surfaces (website, iOS, Android) and in all Pinterest-supported languages. Specifically, users can submit a report in two ways: through the Help Centre (using the “Report something on Pinterest” link) or in-product. Logged-in users can click on the three small dots located directly on the content. Logged in users will see several reporting options covering policy-violating content, intellectual property (“IP”) infringements, and illegal content under EU or national law. Logged out users and other interested parties can access the illegal content form through the three small dots or the Help Centre; and the IP form via the IP policy pages. The contents of the reporting forms are adapted to meet regulatory requirements and best practices (e.g., requiring confirmation of good faith before reporting illegal content as per Article 16 DSA). Once the user fills in the necessary details, their report is directed to the appropriate team and reviewed against our policies or for illegality, when applicable. Our enforcement guidelines assist review teams to properly identify violating or illegal content and take appropriate action. Our review teams receive specialised training both at onboarding and on a continual basis on any emerging trends in harmful content as well as any changes to Pinterest policies. For example, to report a violation of our Copyright or Trademark policies, users (logged in or out) and non-users affected by the violation are directed to dedicated reporting forms that request all the information needed by the specialised Intellectual Property Operations team to review and determine if the reporting party has submitted a complete and valid infringement report. If a violation is confirmed, the operations agent takes action on the content. Reports under local law EU users have available a dedicated channel for reporting content on Pinterest that they believe to be illegal under EU or Member State law. The channel is available in-product (through the “Report Pin for EU local law violation”) and through the Help Centre; for users (logged in or out) and non-users; in the languages of the Member States where Pinterest is available. Choosing the illegal content reporting option takes users to a dedicated form asking them to provide more information about their report and why they believe the content to be illegal. When the form is accessed via the in-product reporting flow, the form is automatically populated with the URL to the reported content. Reports submitted via this designated channel are reviewed by Trust \& Safety agents who have been specially trained to review specific policy violation reports and/or reports under local law. If the content is found to violate Pinterest’s policies, action is taken on the content globally. If it is found to violate local law but not Pinterest’s global policies, the content is blocked in the relevant jurisdiction where it is unlawful. Government authorities can request the removal of content they consider unlawful or violating through a designated email alias (abuse@pinterest.com), clearly available in the DSA section of our website. Specialists on the Law Enforcement \& Government Operations (“LEGO”) team review such reports. Upon review, the content is actioned globally if it violates Pinterest’s policies and, if not, blocked in the jurisdiction where it is deemed unlawful. The LEGO team is also trained to respond to legal and emergency requests for user information from law enforcement, aiming to balance our responsiveness with our legal obligations to user privacy. Pinterest Digital Services Act Risk Assessment and Mitigation Report 2025 12 To protect the integrity of our reporting channels, we have several controls to prevent people from abusing them. In accepting our Terms of Service, our users agree to submit reports and appeals in good faith. Furthermore, we take action against users who repeatedly abuse our reporting and appeal mechanisms and may limit the number of reports and appeals that one person can submit in a specific time period. Enforcement Systems We enforce our policies through various enforcement models, including automated tools, manual review and a hybrid approach that incorporates elements of both. These systems may use machine learning as well as logic-based rules. Where appropriate, we may take into account information provided by trusted third parties and industry tools. Automated Enforcement Tools We use our automated tools for various types of harmful and policy-violating content, including adult content, child safety (including sexualization of minors), graphic violence and threats, illegal drugs, self-harm and spam. Our automated tools use a combination of signals to identify and take action against content identified as potentially violating our policies. For example, our ML models assign scores to content, which are used by our automated tools to take appropriate enforcement actions. When our automated tools detect violating content, they deactivate it or limit its distribution. To balance our users’ fundamental rights, users can appeal restrictions when they believe that the decision was made in error. We are constantly working to improve our automated models. We use the latest modelling techniques and continuously iterate on these models. By adding new data and exploring new technical breakthroughs, we maintain or improve their performance over time. To control the quality of an ML model, we evaluate the model’s performance through offline analysis and online experiments pre-launch. Both before and after launching a model, we evaluate their effectiveness looking at various metrics and regularly review data to identify areas of improvement that our teams investigate and address as appropriate. Manual Enforcement Actions We manually act on some content (including Pins, boards, comments and accounts) through our human review process. Pins actioned through this process may include those proactively identified by us (including through automated tools), those reported by third parties, and those reported by users and non-users. Pinterest uses manual review teams to assess and take appropriate action on reports of harmful and illegal content and behaviour that are escalated for human review. We have in-house moderators and we work with global external partners to support scalability across languages and time zones. We provide our agents with robust training at onboarding, followed by regular ongoing and ad-hoc training - for instance, whenever there are updates to Pinterest’s policies or guidelines. We also provide our agents with access to PinU, our self-guided training program. Operations teams are made up of specialists trained in Pinterest’s policies. In the event of a complex report, team members are trained to escalate questions to Pinterest team leads. These leads may in turn consult specialists at Pinterest and designated partners with expertise in EU and Member State laws. While content on Pinterest is often visual, all review agents speak at least one EU Member State language. To ensure full EU language coverage, external resources are available to assist with any EU languages not spoken by agents. As indicated before, Pinterest has a QA programme to verify the accuracy and consistency of enforcement from both in- house moderators and external partners. The results of our QA programme inform our decision to implement additional controls, enhance our training programmes or change our enforcement guidelines. Hybrid Enforcement Actions Hybrid actions include those where a team member determines that a Pin violates Pinterest policies and automated systems enforce this decision against machine-identified matching Pins. Depending on the volume of matching Pins, a hybrid action may result in a number of Pins actioned or none at all. These hybrid actions enable us to scale enforcement efficiently by extending human-reviewed decisions to visually similar content, maximizing reach and consistency while optimizing moderation resources. Pinterest Digital Services Act Risk Assessment and Mitigation Report 2025 13 Other enforcement mechanisms Third-party experts Pinterest engages with external experts to provide additional content moderation support. These third parties specialise in specific harm types, keep us informed of industry trends and help us detect whether those trends are occurring on Pinterest. We review the trends we receive from these experts and, where appropriate, build these signals into our content moderation tools. We may also carry out targeted enforcement efforts based on signals provided by these third parties and update our moderation tools based on the results of those enforcement efforts. Managed list of sensitive terms We also maintain a list of sensitive terms and phrases (Sensitive Terms List or “STL”) used to block search results or prevent content from appearing in recommendations where it may violate our policies, like terms associated with child safety, self- harm, suicide, drug abuse and eating disorders. In response to searches containing certain terms, we display an advisory that connects users with resources if they or someone they know are in crisis or provides useful and authoritative information about an important topic. Our STL is continually expanding as we identify online trends, both internally and with the support of third-party experts. Last year, we shared our ongoing work to set up a partnership with a new external expert to improve our Search Advisory resources, so that our users have access to higher quality resources if they are in crisis. We have provided an update on this partnership above. In the coming year, we intend to further expand advisories beyond our search functionality to also reach users who create or report certain content. Notification and appeals Notification The Reports and Violations Center (“RVC”) is the central place for users to see updates on content that they have reported as well as restrictions on their account based on our policies or local law. Users receive a daily email alerting them to new violations or updates to their reports. The email directs the user to the RVC, which provides additional information and, where applicable, a detailed Statement of Reasons for any restrictions. Additional notifications may be sent via email rather than through the RVC. For example, people who report content they believe to be locally unlawful through our designated reporting channel first receive an acknowledgement of our receipt of their report via email, and then receive another email with a more detailed response outlining the results of our review of the report. Certain other content restriction decisions for which users receive Statements of Reasons are currently also sent via email, such as notifications of the outcome of intellectual property reports and notifications of content restrictions based on our Advertising Guidelines and Merchant Guidelines. Decision appeals process If a user believes that we’ve made the wrong enforcement decision, they can submit an appeal within six months of being notified of our decision. Appeals can be submitted via the Help Centre, by clicking the one-click appeal link in the notice email sent to the user, or, where applicable, directly through the RVC for content restriction decisions or decisions on reports they’ve submitted. We review appeals requests and update our enforcement decision if we determine that we made a mistake. In addition, some users may have additional appeal options or mechanisms under their local law. Like with reports, we have several controls to prevent users from abusing our appeals systems. We may limit the number of times that a particular decision can be appealed, or suspend the processing of appeals from people who frequently submit unfounded or abusive appeals. We may also use automation to handle appeals more efficiently, for example, by expanding the outcome of an appeal decision made on one Pin to other machine-identified Pins. If users in the EU are dissatisfied with the outcome of their appeal, we inform them of their right to seek further review by a certified out-of-court dispute settlement body. Content moderation system integrity Pinterest has processes in place to ensure that our content moderation systems cover existing, emerging and new types of harm on our platform. New functionalities or products on Pinterest are assessed prior to launch for any risks to user safety. Through the Trust Risk Management programme, our Trust \& Safety teams assess the potential impact of an upcoming release on user safety and Pinterest’s content moderation systems, recommending changes where appropriate. As required by the DSA, Compliance and Legal work with internal partners to conduct a risk assessment on the planned releases that are likely to have a critical impact on systemic risks in the EU. Pinterest Digital Services Act Risk Assessment and Mitigation Report 2025 14 The Trust \& Safety Risk Intelligence team proactively identifies Trust \& Safety risks on our platform. This team monitors internal and external sources and translates data anomalies into actionable insights that inform our policies, guidelines and ML models. Pinterest also regularly reviews and updates our Community Guidelines and company policies to ensure they’re comprehensive and up to date. When we update our policies and/or guidelines, our teams - Policy, Operations and Engineering - work in tandem to disseminate these changes throughout the content moderation ecosystem. This can include delivering new training, updating new enforcement guidelines and reviewing automated models. Transparency reporting Pinterest publishes biannual global transparency reports (latest report here) outlining our actions to uphold our Community Guidelines. These voluntary reports contain information on our content moderation efforts globally as well as insights into the volume of information and removal requests we receive from law enforcement and government entities. In addition, Pinterest also publishes DSA transparency reports (latest report here) at least every six months, providing information on our content moderation activities in the EU. In both reports, to protect our users’ privacy, all data is anonymous and no sensitive data is published. 4.3. Influencing factor 3: Design of recommender systems and any other relevant algorithmic systems People use Pinterest to visualise their future, from everyday decisions like what to make for dinner, to celebrating special moments like birthday parties, to planning for life milestones like a new baby. This is reflected in Pinterest’s most common use cases, which include Craft and DIY, Home Design and Decor and Food and Drink. To help users go from online inspiration to offline reality, Pinterest’s recommender systems are designed to prioritise high- quality content, rather than optimising for view time. We tune our systems to prioritise explicit user signals, like “saves” – not just views alone. When a user saves a Pin to a board, they are more likely to return to it later. Therefore, a saved Pin is more likely to be inspirational and useful. Because of the choices we make in designing our recommender systems, Pinterest’s subsequent recommendations to the user will be tuned to this type of content. Users have the ability to fine-tune the recommendations they receive. Users can limit topics when they no longer wish to see those recommendations in their home feed. They can also hide individual Pins from their home feed, and unfollow the board, topic or account that the Pin came from. Users in the EU can opt out of personalised organic recommendations that use inferred signals. To further reduce the risks stemming from our recommender systems, we tune our ML models to de- emphasise low quality content that does not contribute meaningfully to Pinterest's core mission of inspiration and positivity (e.g., content that prioritises shock value or clickbait). We also have a workflow that captures Pins, boards and users that have been deactivated due to content safety and excludes them from the data sourced by recommender systems. This way we prevent these systems from recommending similarly unsafe content. Another ML model identifies content that, while not policy-violating, may be harmful, such as depressive quotes or racy content. We then filter or downrank this content from recommendation surfaces. If a user does click on a Pin that has been identified by this model, related Pins are not displayed beneath the Pin. Pinterest utilises non-engagement signals in our recommender systems, such as in-app surveys (where users can tell us about their experience on the platform) or independent assessment of content quality, which are usually generated by manual labelling. These non-engagement signals provide a balance to engagement signals in our content ranking and also help us put our values into action. For example, our industry-leading inclusive products rely heavily on non-engagement signals, as they provide recommendations based on direct user feedback on the body type, hair pattern or skin tone they want to prioritise in their feed. We have further published a “field guide” for other services interested in adopting this technology. 4.4. Influencing factor 4: Systems for selecting and presenting advertisements Our Advertising Guidelines help our advertisers promote inspiring content on Pinterest. All advertisers are subject to these guidelines, which include information on the categories of ads that are prohibited and restricted. They also contain country-specific guidelines that must be followed when targeting users in those countries. EU users under 18 cannot be served ads. We want Pinterest to be a positive and inspiring place for everyone, so our Advertising Guidelines go further than what is prohibited by law. For example, we don’t allow political campaign advertising or ads containing adult content. Pinterest Digital Services Act Risk Assessment and Mitigation Report 2025 15 Pinterest is transparent when it comes to advertising, with ads clearly labelled as ‘Sponsored’ or ‘Promoted By’ to distinguish them from organic content. Pinterest also allows users to see why they are being shown an ad via the Why Am I Seeing this Ad (“WAISTA”) feature. WAISTA provides users with information about who is presenting an ad and the main parameters used to determine why they were shown an ad. Pinterest’s Ads Repository makes all ads served in the EU in the last year publicly available and provides additional information about an ad, such as how it was targeted to audiences. This allows for additional transparency on the ads being served on the Pinterest platform. This year, we published the Commercial and Branded Content Guidelines as a more centralized place for users to be able to find our guidelines in this area. Pinterest uses a mixture of manual review and other controls to enforce our Advertising Guidelines. In addition to the manual review of ads, we use tooling to auto-review duplicate ads. Unlike standard ads that can be content that drives users to any type of landing page an advertiser wants to promote, shopping ads drive users directly to a shopping experience. Shopping ads are derived from a product catalogue that allows users to purchase a product through a merchant’s website or app. Due to the volume and relative risk level of these ads, they are not manually reviewed prior to being served. However, additional controls are in place to prevent these ads from containing illegal or otherwise harmful content. This includes user reports, which will trigger a manual review of an ad. Users repeatedly hiding an ad will also trigger a review. Pinterest also deploys machine learning models to detect certain categories of prohibited products that appear in ads. Once identified, these will be manually reviewed and taken down if they are confirmed to violate Pinterest’s Advertising Guidelines. At the account level, Pinterest also proactively reviews every business wishing to become a verified merchant on Pinterest. 4.5. Influencing factor 5: Data practices Pinterest’s Privacy Policy governs our data practices. We gather data from our users so that we can show them personalised content and ads we think they’ll be interested in. We will only use that information where we have a proper legal basis for doing so. When our users sign up for and use Pinterest, they choose to share information with us, such as their name, birthdate, email address, photos, Pins, comments and other information they choose to share. We collect technical information from our users when they use Pinterest including log data, cookie data, device information, and clickstream data and inferences. We also get information about our users and their activities outside of Pinterest from our affiliates, advertisers, partners and other third parties we work with. We use all of the data that we collect from our users to show them content that is relevant, interesting, inspirational and personal to them. Additionally, we use this information to keep Pinterest and our users safe. Our users have choices about how we use their information. Users can edit information in their profile at any time, link or unlink their Pinterest account from other services, choose whether Pinterest uses information from their engagement with advertisers to personalise the ads they see and close their account at any time. Users can adjust their cookie settings and choose how and whether their photos and other data is shared with Pinterest. Users have the choice to opt out of their data being used to train Pinterest’s GenAI model, Pinterest Canvas, and the data of under-18 users is not used to train it. Details of the data we collect and the way we use it are set out in our Privacy Policy, which is easily accessible. Logged-in users of Pinterest can also adjust their privacy settings according to their preferences in their privacy and data settings. This allows users to manage the data Pinterest shares with external parties, update their cookie preferences, adapt their personalisation settings, request a copy of the information Pinterest collects about them and delete their account or information, consistent with applicable laws. Pinterest has a number of different systems in place to both process and store user data. Some of these systems are proprietary to Pinterest and others are provided by third parties. Where third-party systems are in use, Pinterest has controls in place to prevent users’ personal data from being accessed by these third-party providers. Pinterest also has a number of controls in place to prevent external data breaches, including a bug bounty programme, penetration exercises and open source scanning. Internally, Pinterest has an Acceptable Use Policy that governs the ways in which employees and contractors can access user data, including limiting access as narrowly as possible to those with a legitimate business need. Pinterest Digital Services Act Risk Assessment and Mitigation Report 2025 16 4.6. Influencing factor 6: Intentional manipulation Our Community Guidelines govern our practices for dealing with intentional manipulation and outline that we do not permit spam or engaging in spammy behaviour, fake accounts or synthetically generated or manipulated visual or audio content intended to erode trust or cause harm. Unfortunately, bad actors may seek to manipulate the Pinterest platform, including using spam attacks, bad actors using fake accounts or by distributing harmful, false or misleading content. Account Takeovers (“ATOs”) can also occur on the Pinterest platform, which is where attackers gain access to existing accounts (for example, through stolen login credentials). Rather than creating fake accounts to spam users, attackers can take over existing accounts. Pinterest utilises machine learning technology and has built automated models that swiftly detect and act against spam. These models are iterated on a regular basis by adding new data and exploring new technical breakthroughs to either maintain or improve their performance over time to effectively address spam. Logic-based rules and machine learning models are used to detect potential manipulation by analysing patterns in real-time, daily and weekly intervals. When these accounts are identified, they are deactivated. Users have the ability to appeal these decisions. Users can also report content and profiles for suspicions of spam. Pinterest’s most recent DSA Transparency Report (reporting period July 1, 2024 - December 31, 2024) shows that we deactivated over 1 million accounts for violating our spam policies. We received 25,540 appeals as a result of these deactivations, and the possible error rate for automated account deactivations for spam is under 1%, demonstrating the effectiveness of our controls in identifying and actioning spam. If we think a user’s account has been taken over by a spammer, we take measures to protect the account. This means that we log the user out of the existing session, invalidate their password and send them an email asking them to reset their password. Once they reset their password and log back in, they will regain access to their account. For intentional manipulation in the form of fabricated or meaningfully manipulated content that is harmful, our content moderation tools are equipped to identify and action all types of harmful content regardless of how the harmful content is created. Full details on our content moderation systems can be found under influencing factor 2. Pinterest Digital Services Act Risk Assessment and Mitigation Report 2025 17 5\. Systemic risk landscape To understand the systemic risks that Pinterest might pose to EU users and society, we assessed a wide range of individual risks associated with each of the systemic risk categories. Here we have reported the results of this risk assessment exercise at an aggregated level, across four categories of systemic risks. This section provides a summary of each of these systemic risks, the controls we have in place to mitigate these risks and what we plan to do to further mitigate these risks. In assessing the inherent risk, control effectiveness and residual risk, we have also considered the impact of influencing factors in each risk and the evidence listed above. 5.1. Systemic risk 1: Illegal content Summary Risk Overview As in previous risk assessments, we use the DSA’s definition of illegal content: “any information that, in itself or in relation to an activity, including the sale of products or the provision of services, is not in compliance with Union law or the law of any Member State, irrespective of the precise subject matter or nature of that law.” Since this is a broad concept that could manifest in multiple ways, to assess this risk we have looked at violations of our Community Guidelines that most align with the concept of illegal content and are most likely to include potentially illegal content: adult content, child safety, dangerous goods and activities, graphic violence and threats, harassment and criticism, hateful activities, and violent actors.1 While these policies are not limited to illegal content (i.e., they often will be stricter than what may be permitted under local law), they may be seen as signals that indicate the potential risk of illegal content on Pinterest. For these categories of policy violations, we have considered these risks individually, assessing the probability that this content appears on the Pinterest platform and the differing severity levels that each type of content could cause users. In this assessment, we have reported on the overall risk of illegal content, while we acknowledge that within this broad category, risk levels differ. Inherent risk rating Probability We have assessed the probability of the risk of illegal content stemming from the design, functioning or use of Pinterest in the EU as Possible. We know from our detection mechanisms that it is possible for users to be exposed to policy-violating or illegal content on Pinterest, but the volume and reach of such content is relatively low. We also examined how the way this risk presents itself on the platform might have changed since our last risk assessment. For example, as described in our most recent DSA Transparency Report (reporting period July 1, 2024 to December 31, 2024), we deactivated the following number of Pins posted by EU users following a user-reported violation of a particular content policy: 1 While we have updated certain policy names in our Community Guidelines as of August 2025, this report uses the previous names to align with Pinterest’s most recent DSA Transparency Report (reporting period July 1, 2024 to December 31, 2024). Namely, we refer to the “adult content,” “dangerous goods and activities” and “graphic violence and threats” policies. They have been renamed “adult sexual content and nudity,” “prohibited and regulated goods, services and activities” and “violence and threats.” Pinterest Digital Services Act Risk Assessment and Mitigation Report 2025 18 Content Policy Number of Pins posted by EU users that were deactivated as a result of user reports Adult content 16,525 Child safety 2,512 Dangerous goods and activities 500 Graphic violence and threats 1,047 Harassment and criticism 355 Hateful activities 2,506 Violent actors 419 Although these policies and metrics do not necessarily reflect content determined to be illegal, when taken as signals of possibly illegal content, they indicate that the number of users exposed to illegal content is low. In addition to reports of policy violations, we also receive reports of illegal content through our European Union Illegal Content Reporting Form, which we review manually. Between July 1, 2024 and December 31, 2024, as a result of such reports, we deactivated 489 pieces of content for policy violations and blocked 28 within the relevant territory for being illegal content in that jurisdiction. All of these reports were reviewed manually. These metrics indicate a low volume of potentially illegal content in the EU. We also reviewed requests from government entities to remove content on Pinterest that is illegal in their country and/or a violation of our Community Guidelines. We take action on violating content, ranging from deactivating the content globally to blocking it within the relevant country if it appears to violate local law but was not deactivated for Pinterest policies. In our latest DSA Transparency Report we reported 219 removal orders from EU Member States. Severity Similar to last year, we have assessed the severity of the inherent risk of illegal content if left unchecked stemming from the design, functioning or use of Pinterest in the EU as Significant in the absence of controls primarily because even limited exposure to illegal content for a small number of users could lead to harm or consequences. However, the rapid and widespread dissemination of content or content “going viral” is not common on Pinterest. This is critical to understanding the severity of this risk for EU users and society. In order to understand how uncommon this is on Pinterest, we use the concept of “reach,” which is one of our key indicators of user experience. To calculate this metric, we start by looking at each policy-violating Pin deactivated in a reporting period. Then, we count the number of unique users that saw each of those Pins during the reporting period for at least one second before it was deactivated. For example, our most recent Global Transparency Report (covering the period of July 1, 2024 to December 31, 2024) reports that 98% of Pins deactivated for graphic violence and threats in Q4 2024 were seen by 0 users in this reporting period. Based on these metrics across our policies that aim to combat illegal content, rapid dissemination of this content is not common on Pinterest due to the nature of the platform. Overall inherent risk rating Based on the probability and severity ratings, we have assessed the inherent risk of illegal content stemming from the design, functioning or use of Pinterest posing harm to users and EU society as Medium. There has been no change to the inherent risk rating since the 2024 risk assessment. Controls and mitigation efforts Pinterest’s first line of defence for mitigating the dissemination of illegal content is our Terms of Service, which states that users will not post “User Content” - anything that a user posts or otherwise make available on Pinterest - that infringes the intellectual property rights of others (e.g., copyright infringement, trademark infringement or counterfeit), or that is otherwise unlawful. This includes any kind of child sexual exploitation (“CSE”) on our platform. We have a zero-tolerance policy for any content including imagery, video, text or accounts that might exploit minors. We prohibit not only illegal child sexual abuse material (“CSAM”) but also any content that might exploit, endanger or contributes to the sexualisation of minors. Consistent with those Terms, our Community Guidelines outline the types of content and behaviour prohibited on Pinterest. Similarly, our Advertising Guidelines outline the types of content prohibited in ads on Pinterest. Whilst these guidelines are global, they have been crafted to reflect certain types of content considered illegal for advertising in certain countries. Pinterest Digital Services Act Risk Assessment and Mitigation Report 2025 19 In addition to these external guidelines, Pinterest has detailed internal enforcement guidelines that delineate how to take action on violating content on Pinterest, including deactivating, limiting distribution of and identifying permitted content. These policies and guidelines drive our overall content moderation approach, including how automated models are used, the types of content that users can report, our manual review process and our enforcement approach. See Pinterest’s platform ecosystem for more detail on these mechanisms. Overall control effectiveness rating In assessing the effectiveness of these controls we have taken into consideration the controls’ design and implementation. In addition, we’ve taken into account various other factors, including the low number of reports for policy violations of categories of our Community Guidelines that most align to the concept of illegal content. For example, our most recent DSA Transparency Report (reporting period: July 1, 2024 to December 31, 2024) shows that we proactively deactivated over 24,000 Pins for violations of our dangerous goods and activities policy and deactivated 500 Pins as a result of user reports. Similar to last year, we have assessed our control effectiveness rating as Effective. How influencing factors could affect this risk In addition to considering the inherent risk rating and the controls we have in place, we considered how each of the influencing factors could affect the systemic risk of the dissemination of illegal content. Applicable terms and conditions and their enforcement In drafting our policies and guidelines, we have worked to strike the balance between ensuring that our policies are global, easy to understand and broad enough to cover a wide range of harmful content and behaviour. This allows our users to easily understand what is and isn’t permitted on Pinterest, and makes our policies adaptable as new harm trends emerge. While some policies, like our Advertising Guidelines, contain country-specific restrictions, we address country-specific definitions of illegal content on a case-by-case basis when authorities, users or other third parties report content that they believe may be illegal in their country. Content moderation systems Pinterest’s content moderation systems are driven by our policies and guidelines. We have multiple mechanisms in place to detect and enforce our policies against policy-violating and illegal content. We use the latest modelling techniques and continually iterate on these models to make sure that we are keeping up with new and emerging types of harm. Our automated models are used for specific types of policy violations and we continue to leverage this technology to further expand coverage. In addition to our standard user reporting process, users and non-users in the EU can report content for suspected illegality. Pinterest reviews these reports and deactivates globally or blocks access to content in the country or countries where it is illegal. A key element of our content moderation system is our human review process, which has an increasingly robust QA programme to ensure that the decisions made by review agents are consistent, accurate and in line with our content moderation policies. Since last year, we have enhanced our QA programme through increased staffing and additional QA tools. Design of recommender systems and any other relevant algorithmic systems Pinterest’s recommender systems are designed to show our users content we think will be relevant, interesting, inspirational and personal, based on explicit and implicit signals that we receive from users. If a user actively searches for illegal content, there is the possibility that our recommender systems will work to show more of this content to users. We have several controls in place to prevent this from occurring, and our recommender systems serve as a key tool in preventing the spread of this type of low quality content. Our overall content moderation system seeks to identify and enforce on policy-violating and potentially illegal content from the platform, both proactively and in response to user and third-party reports. Pinterest utilises a workflow which captures Pins, boards and users that have been deactivated due to content safety policy violations and excludes them from the data sourced by recommendation models, to help prevent these systems from recommending similarly unsafe content. In addition, our managed list of sensitive terms prevents a user’s search from returning any results for content including certain terms likely to be policy-violating. Even with these controls, there is still the possibility that illegal content could be recommended to users. This is particularly the case if users search for content that in and of itself is not illegal, but they seek to use this content for inappropriate or illegal means. Given the risk that illegal content can pose to users and EU society, we work hard to continuously improve our efforts to ensure that our recommender systems don’t contribute to the dissemination of illegal content. Pinterest Digital Services Act Risk Assessment and Mitigation Report 2025 20 Systems for selecting and presenting advertisements Pinterest uses its Advertising Guidelines to let advertisers know what they can and cannot advertise on our Platform. All advertisers must agree to adhere to these guidelines as a condition of advertising on Pinterest. These guidelines contain information on categories that may align to otherwise illegal content, including adult content, counterfeit goods, endangered species and live animals, illegal drugs, and illegal products and services. In addition to global rules, the guidelines list country-specific requirements that prohibit certain types of ads from being targeted to certain regions. Pinterest has multiple controls in place to enforce these guidelines, including automated models to detect prohibited content, users reporting policy-violating ads and proactive review at the account level in which every business wishing to become a verified merchant on Pinterest is evaluated. Data related practices After a careful review, we have not found our data practices to specifically impact the dissemination of illegal content. Intentional manipulation We don’t typically see spam attacks, fake accounts or ATOs specifically aimed at disseminating illegal content, however we have controls in place to swiftly detect and act against this kind of intentional manipulation. We do not consider the risk of intentional manipulation to specifically impact illegal content. We’ve also considered the intentional manipulation of content through the use of GenAI or other manipulation efforts. Our content policies and enforcement guidelines contain details on manipulated content and our content moderation tools are designed to identify and action harmful and policy-violating content regardless of how this content is created or manipulated. This year, we further clarified our Community Guidelines to state that these standards apply to synthetically generated content (“deepfakes”). These policy clarifications enhance clarity and transparency towards our users by explicitly addressing emerging GenAI and synthetic content trends, reinforcing our pre-existing policy of enforcing against harmful content regardless of its origin or how it was created. Residual risk rating Based on the inherent risk rating and the effectiveness of the controls we have in place, we have assessed the residual risk of the dissemination of illegal content posing harm to users and EU society as Low. There is no change to the residual risk rating since the 2024 risk assessment. Further mitigation efforts Though we have assessed this risk as Low, we are always working to enhance our controls because of the potential harm that illegal content could cause to our users. We’re working on the following enhancements: ● Risk Intelligence Team: As introduced in previous reports, Pinterest’s Trust \& Safety Risk Intelligence team is a recently established team focused on proactive identification of Trust \& Safety risks on our platform. Last year, we announced that the team would carry out enhanced monitoring of data sources, namely user reports to identify fluctuations. After successfully setting up a recurring monitoring workflow of user reports, the team intends to further expand anomaly detection on other data sources such as prevalence, enabling more comprehensive trend coverage; ● Content safety models retraining: We intend to onboard additional content safety models to our automated framework for continuous model improvements. This framework allows for frequent retraining to drive performance gains in our models, strengthening their detection capabilities of harmful content, including potentially illegal content; and ● Improving ML detection of violent actors: We intend to make additional investments into advanced machine learning tools for detecting violent actors, further mitigating any potential risks to public security posed by terrorist and other violent actors content. Pinterest Digital Services Act Risk Assessment and Mitigation Report 2025 21 5.2 Systemic risk 2: Negative effects on the exercise of fundamental rights Summary Risk Overview As in previous DSA risk assessments, we have used the EU Charter of Fundamental Rights as our guide in assessing the risk that Pinterest could have actual or foreseeable negative effects on the exercise of fundamental rights. We have focused on the fundamental rights that are most relevant to Pinterest, as a primarily visual platform. These include, but are not limited to, freedom of expression and information, the right to non-discrimination, media freedom and pluralism, respect for private and family life, protection of personal data, human dignity, the rights of the child, the right to protection of property including intellectual property, and consumer protection. While we have considered these fundamental rights individually, the scores below reflect our assessment of the risks to fundamental rights in aggregate. In assessing them, we observed the balance that must be struck between fundamental rights, other competing DSA requirements regarding content and user safety, and Pinterest’s mission to inspire and protect our users. Inherent risk rating Probability We have assessed the probability that the design, functioning or use of Pinterest negatively impacts the fundamental rights of users or EU society as Possible. We know from our detection mechanisms users may be exposed to policy-violating content or behaviour on Pinterest, however briefly, but the volume and reach of such content is relatively low. We also examined how the way this risk presents itself on the platform might have changed since our last risk assessment. Fundamental rights are threaded throughout our Community Guidelines, like in our hateful activities, privacy and child safety policies. Our content moderation approach seeks to balance the fundamental rights of users - for example, freedom of expression, data protection, non-discrimination and the rights of the child (more below) - with preventing harmful content and behaviour from appearing on the platform. Severity We have assessed the severity of the inherent risk that the design, functioning or use of Pinterest negatively impacts the fundamental rights of users or EU society as Significant in the absence of controls, as negative impacts to fundamental rights could lead to harm or consequences for users and EU society. Overall inherent risk rating Based on these scores, we have assessed the inherent risk that the design, functioning or use of Pinterest negatively impacts the fundamental rights of users or EU society as Medium. There has been no change to the inherent risk rating since last year’s risk assessment. Controls and mitigation efforts Our overall content moderation systems and controls work together to make Pinterest an inspirational and positive place on the internet that also protects the fundamental rights of users and other members of EU society. Pinterest Digital Services Act Risk Assessment and Mitigation Report 2025 22 Freedom of expression and information Pinterest users are free to express themselves within the bounds of our Community Guidelines. While some users may disagree with policy stances we have taken, for Pinterest, user safety is critical to our business. Nevertheless, we have built nuance into our moderation systems to ensure that content can be reviewed with context and understanding, and users have the ability to appeal decisions if they disagree with our enforcement decisions. We regularly monitor the quality and effectiveness of our automated, hybrid and human moderation systems to mitigate the risks of over and underenforcement, helping strike the right balance between freedom of expression and user safety. We have a number of metrics to review the accuracy and impartiality of our models, both prior to and subsequent to launch, to check whether they are performing as intended. In the coming year, we intend to work on further enhancing the accuracy of our machine learning models (see further mitigation efforts below). At times, we receive requests from EU government agencies to remove content on Pinterest that may be illegal locally. To preserve our users’ fundamental rights, we diligently review these requests and we only take action on content that we have confirmed is policy-violating or illegal. Non-discrimination Pinterest is a place for inspiration, not discrimination. We have a number of policies that address discriminatory content and behaviour on our platform. This includes our hateful activities policy, which prohibits hateful content and the people and groups that promote hateful activities on Pinterest. Hateful activities include slurs and negative stereotypes, caricatures and generalisations, as well as support for hate groups and people promoting hateful activities. In an effort to create belonging on Pinterest, we intentionally make the content surfaced on our platform more diverse and inclusive. Our Inclusive Product team oversees this effort and has put measures in place to make sure that fairness and bias are considered in our recommender systems. Our algorithms diversify our search results, related feeds and new user homefeeds by skin tone and body type, which directly increases representation. For users who want to see more specific refinements, we’ve developed unprecedented, industry leading inclusive features, such as hair pattern search, skin tone ranges and body type ranges. We want it to be easy for our users to find content that’s relevant to them. As planned, in 2025 we have worked to further diversify body type results for masculine fashion. We will continue our efforts to make Pinterest a diverse and inclusive space. As explained in our last risk assessment, we also want Pinterest to be inclusive for all types of sight ability and we have partnered with LightHouse for the Blind and Visually Impaired to better understand how we could make Pinterest more useful for people with different levels of vision. In 2018, we made updates across our apps and website to make it much easier for users with disabilities to browse, search and save ideas on Pinterest. Media freedom and pluralism We do not limit media or news organisations from joining, having accounts or creating Pins on Pinterest, except as required by law (for example, sanctioned state-controlled media organisations) and subject to our Terms of Service and Community Guidelines. Additionally, in accordance with the European Media Freedom Act (“EMFA”) - which puts in place a new set of rules designed to safeguard media freedom and pluralism across the European Union - media service providers that meet the requirements under EMFA will be entitled to additional safeguards on Pinterest in respect of the moderation of their content. In addition, we know from research that Pinterest isn’t typically a platform where users come to seek news or current affairs. The top three categories that monthly users say they come to Pinterest for are Craft and DIY, Home Design and Decor and Food and Drink. Protection of personal data Pinterest highly values the protection of our users’ personal data. Pinterest’s Privacy Policy explains to users the personal information we collect, how we use it and the choices that users have related to this, which includes how we use data to personalise a user’s experience on the platform and the information that we obtain on users from our partners and advertisers. We have Help Centre articles that elaborate on our Privacy Policy. We have multiple options for users to choose how their personal data is used. Detail on these options is provided in Pinterest’s platform ecosystem. At times we receive legal requests from law enforcement for Pinterest user information. We diligently review each request and only produce data for those that meet the requirements in our Law Enforcement guidelines and in accordance with our Privacy Policy and legal obligations. Pinterest Digital Services Act Risk Assessment and Mitigation Report 2025 23 Respect for private and family life We give users options when it comes to engaging on the platform privately. Boards and Pins can be private, shared with a limited number of other accounts or visible to the public. The profiles of users under the age of 16 are set to private only and to private by default for users aged 16-17\. Users can also report content for privacy violations, for example, if a Pin contains private contact information, personal or sensitive information, or is a private photo. Moreover, users can report and/or block other users if they believe they are being harassed. A user can close their account at any time. When a user closes their account, we’ll deactivate it, remove their Pins and boards from Pinterest, and delete the account data (subject to our standard data retention policies and legal requirements). Human dignity Our Community Guidelines outline the content and behaviour that is and isn’t allowed on Pinterest. We have specific policies, including our harassment and criticism policy, to help people engage on Pinterest in a positive, inspirational and respectful way. We also prohibit content that insults, hurts or antagonises individuals or groups of people, including manipulated images intended to degrade or shame, shaming people for their bodies or assumed sexual or romantic history, sexual remarks about people’s bodies, solicitations or offers of sexual acts, and mocking someone for experiencing sadness, grief, loss or outrage. Pinterest isn’t a place to insult, hurt or antagonise individuals or groups of people, and this type of behaviour is not tolerated. Respectful criticism is of course permitted, but we may limit the distribution of or deactivate insulting content that violates our policies to keep Pinterest a positive, inspiring place on the internet. Intellectual property Pinterest respects intellectual property rights, and we expect our users to do so as well. Our Copyright and Trademark policies set out the ways that Pinterest protects the intellectual property and fundamental rights of our users. We respond promptly to claims of copyright and trademark infringement on Pinterest. It’s our policy, in appropriate circumstances and at our discretion, to disable or terminate accounts that repeatedly or seriously infringe or are repeatedly charged with infringing copyrights or other intellectual property rights. Consumer protection Although Pinterest is not involved in facilitating the purchase, sale or delivery of goods, we want people to have good experiences shopping for products they find on Pinterest. Merchants are responsible for making sure they follow all relevant laws, regulations and industry codes when they use our service. Merchants are also responsible for handling and responding to all purchases, deliveries, customer service questions, complaints, problems and disputes. These requirements are set out in our Merchant Guidelines. Pinterest has a Verified Merchant programme to help shoppers discover and buy from verified brands. A verified merchant gets a badge on their profile and product Pins showing that their brand was verified by the Pinterest team. Verified merchants must adhere to specific requirements set out in our guidelines, and we also monitor shopping experience quality of verified merchants. If we detect excessive user reports, merchants may be suspended from the programme. In addition to our Merchant Guidelines, our Advertising Guidelines include information on unacceptable business practices. Overall control effectiveness rating Similar to last year, and based on their design and implementation, we have assessed these controls as Effective. This rating is based on a number of factors, including ongoing monitoring of the controls discussed in this section, the accuracy and coverage of our automated models, our controls designed to protect intellectual property, and ongoing monitoring of users’ reports associated with content of this nature. Our most recent DSA Transparency Report (reporting period from July 1, 2024 to December 31, 2024) shows that we proactively deactivated over 53,500 Pins for violation of our harassment and criticism policy and 355 following user reports; and proactively deactivated over 542,900 Pins that violated our hateful activities policy, with over 2,500 following user reports. We’ve also expanded the application of our body type diversity measures, demonstrating Pinterest’s commitment to creating belonging. However, given the potential harm that risks to fundamental rights can pose to users and EU society, we work hard to continuously improve our efforts. How influencing factors could affect this risk We considered how each of the influencing factors could broadly affect the exercise of fundamental rights. In the following analysis, we consider fundamental rights as a whole. Pinterest Digital Services Act Risk Assessment and Mitigation Report 2025 24 Applicable terms and conditions and their enforcement Our policies and guidelines provide transparency to users and allow them to decide whether Pinterest is a platform for them. By having clear policies and guidelines about the type of content and behaviour that is permitted on Pinterest, we are able to moderate content in an unbiased way. Our policies are designed to balance the fundamental rights of users with protecting the safety of our users. When we make updates to our policies and guidelines, we often engage external experts to ensure that we are not disproportionately impacting a specific group of users. Our policies and guidelines, and their enforcement, impact several of the fundamental rights discussed, including freedom of expression and information, non-discrimination and human dignity. Content moderation systems Our overall content moderation approach works to detect and take appropriate action on harmful content that could impact fundamental rights, such as human dignity or non-discrimination. We have controls in place to ensure that these processes are accurate and without bias, including continually improving our detection measures, a QA programme for our human review processes, training for our review agents and an appeals process. Freedom of expression is taken into account and our Community Guidelines seek to balance the fundamental rights of users with preventing harm to our users. Design of recommender systems and any other relevant algorithmic systems Pinterest’s recommender systems are designed to show our users content we think will be relevant, interesting, inspirational and personal. This impacts several of the fundamental rights discussed above including freedom of expression and information and protection of personal data. We are transparent with users about how we use this information and users are given the option to “opt out” of personalised recommendations based on inferred signals, which limits the type of personal data that we use. Moving forward, we intend to provide even more options for users to tailor the content they see in their home feeds, providing greater control over content recommendations. Systems for selecting and presenting advertisements Our Advertising Guidelines prohibit targeting audiences based on sensitive categories, such as race, religious beliefs or political affiliations, among other things. Pinterest’s systems for presenting advertisements are designed to respect the right to protect personal data, respect for private and family life, and non-discrimination. Data related practices Our Privacy Policy and internal data privacy and security policies work together to ensure that we collect, use and store personal data in an appropriate way and that we maintain the security of our users’ data. Details on these controls are provided in Pinterest’s platform ecosystem. These practices help to protect users’ fundamental rights, in particular regarding personal data and respect for private and family life. Intentional manipulation We don’t typically see spam attacks, fake accounts or ATOs specifically targeted towards the area of fundamental rights, however, we have controls in place to swiftly detect and act against intentional manipulation. We do not consider the risk of intentional manipulation to specifically impact the exercise of fundamental rights. As well as intentional manipulation through spam attacks or ATOs, we’ve also considered the intentional manipulation of content through the use of GenAI or other manipulation efforts. Our content policies and enforcement guidelines contain details on manipulated content and our content moderation tools are designed to identify and action harmful and policy violating content regardless of how this content is created or manipulated. Residual risk rating Based on the inherent risk rating and the effectiveness of the controls we have in place, we have assessed the residual risk that the design, functioning or use of Pinterest negatively impacts the fundamental rights of EU users or society as Low. Further mitigation efforts Though we have assessed this risk as Low, we are always working to enhance our controls. We’re working on the following enhancements to mitigate risks of negative effects to fundamental rights: ● Content safety models retraining: We intend to onboard additional content safety models to our automated framework for continuous model improvements. This framework allows for frequent retraining to drive performance gains, strengthening our models’ detection capabilities of harmful content. Improved model performance will help us mitigate any risks of over and underenforcement, helping strike the right balance between freedom of expression and information, the rights of the child, and user safety; and Pinterest Digital Services Act Risk Assessment and Mitigation Report 2025 25 ● Additional user control over content recommendations: To further mitigate possible risks to fundamental rights, we will expand our ‘See More/See Less’ option. This enhancement to our recommender systems, which already incorporate engagement and non-engagement signals, will provide users with more meaningful and transparent control over their content recommendations on Pinterest. 5.3 Systemic risk 3: Negative effects on civic discourse, electoral processes and public security Summary Risk Overview As in previous DSA risk assessments, when assessing the risk that Pinterest’s design, functioning or use could lead to negative effects on civic discourse, electoral processes and public security, we considered the various ways in which this risk could manifest; including misleading information about election dates, how to correctly fill out a ballot, who is allowed to participate in an election or census, and fabricated or manipulated content (e.g., GenAI content) creating the appearance of someone doing or saying something they didn’t with the clear intent of influencing public sentiment about a political figure and/or election. We also looked beyond elections to consider whether Pinterest’s could have a negative effect on civic discourse. The assessment below reflects our analysis of these individual risks in aggregate. Inherent risk rating Probability We have assessed the probability that the design, functioning or use of Pinterest negatively impacts the fundamental rights of users or EU society as Possible. We know from our detection mechanisms that it is possible for users to be exposed to this type of content or behaviour on Pinterest. However, users generally do not come to Pinterest for election content or to engage in broader civic discourse, and the number of users exposed to this type of content is low. We also examined how the way this risk presents itself on the platform might have changed since our last risk assessment. For example, as described in our most recent DSA Transparency Report (reporting period from July 1, 2024 to December 31, 2024), we deactivated a total of 65 Pins in the EU related to our civic misinformation policy. This decrease from the data reported in last year’s DSA risk assessment report (137 Pins deactivated between September 25 to December 31, 2023) further supports that users don’t come to Pinterest for civic discourse. Severity Similar to last year, we have assessed the severity of the inherent risk that the design, functioning or use of Pinterest negatively impacts the fundamental rights of users or EU society as Significant in the absence of controls. We note that people do not come to Pinterest for political content and, as an image-based visual inspiration platform, the possibility of rapid and widespread dissemination of content or “going viral” is low. This score has primarily been chosen because even limited exposure to content or behaviour of this nature for a small number of users could lead to harm or consequences. There has been no change to the severity rating since last year’s risk assessment. Pinterest Digital Services Act Risk Assessment and Mitigation Report 2025 26 Overall inherent risk rating Based on the probability and severity ratings, we have assessed the inherent risk that the design, functioning or use of Pinterest negatively impacts civic discourse, electoral processes and public security in the EU as Medium. There has been no change to the inherent risk rating since the 2024 risk assessment. Controls and mitigation efforts As with other types of harmful content and behaviour, Pinterest’s first line of defence for mitigating negative effects on civic discourse, electoral processes and public security are our Community Guidelines and other relevant policies. Our Community Guidelines apply to all content categories and provide guardrails for appropriate civic participation on the Pinterest platform. We also have enforcement guidelines for our content review teams. Our civic misinformation policy prohibits false or misleading content on Pinterest that impedes an election’s integrity or an individual’s or group’s civic participation, including registering to vote, voting and being counted in a census. Our violent actors policy also prohibits violent content, groups or individuals. We do not allow content or accounts that encourage, praise, promote or provide aid to dangerous actors or groups and their activities. This includes perpetrators of mass violence, violent extremists, terrorist organisations, gangs and other criminal organisations. We work with industry, government and security experts to help us identify these groups. For example, since 2019, Pinterest has been a member of the Global Internet Forum to Counter Terrorism (“GIFCT”), a non-governmental organisation designed to prevent terrorists and violent extremists from exploiting digital platforms. Our conspiracy theories policy prohibits conspiracy theories about civic participation and content that turns or encourages turning individuals, groups of people, places or organisations into targets of harassment or physical violence, such as hate- based conspiracy theories and misinformation about mass atrocities. Civic discourse is a broad concept and we have other policies that also work together to prevent negative effects. This includes our graphic violence and threats policy, which covers threats against voting locations, census or voting personnel or participants and our hateful activities policy, which covers intimidation of vulnerable or protected group voters or participants. These policies and guidelines drive our overall content moderation approach, including how automated models are used, the types of content that users can report, our manual review process and our enforcement approach. Pinterest does not allow political campaign ads and this is outlined in our Advertising Guidelines. People come to Pinterest for inspiration for home decor, crafting, fashion and do-it-yourself projects - people don’t come to Pinterest for political content. Although people don’t come to Pinterest for political content, we understand that we must be responsible when it comes to election integrity and civic engagement. We have elections-focused teams who proactively and reactively address major elections around the world and decide what level of action is required based on the risk presented by each election. Our proactive measures include having our external third-party experts provide additional support including by running targeted reports on election activity, using these experts to notify us of harmful trends and to search for these trends on our platform. We also have internal specialists monitoring election-related narratives based on the work of our external third-party experts. The experts’ findings may lead to terms being added to the STL to limit or block the dissemination of harmful content on the platform. Overall control effectiveness rating Similar to last year, and based on their design and implementation, we have assessed these controls as Effective. This rating is based on a number of factors, including the enhancements made to our machine learning models and the low number of users exposed to content that violates our civic misinformation policy. Our most recent DSA Transparency Report (reporting period from July 1, 2024 to December 31, 2024) shows that for violations of this policy, we proactively deactivated 46 Pins in the EU and deactivated 19 Pins as a result of user reporting. How influencing factors could affect this risk In addition to considering the inherent risk rating and the controls we have in place, we considered how each of the influencing factors could negatively affect civic discourse, electoral processes and public security. Pinterest Digital Services Act Risk Assessment and Mitigation Report 2025 27 Applicable terms and conditions and their enforcement Civic discourse, electoral integrity and public security are broad concepts, and our policies and guidelines reflect this. We have multiple policies that work together to help prevent this risk from occurring on Pinterest. These policies and guidelines are key to our enforcement of content that might negatively contribute to civic discourse, election integrity or public security, and they guide our overall content moderation approach. Content moderation systems Given the complexity of this risk area, Pinterest partners with external third-party experts to provide us with further support on risk areas like misinformation, election integrity and political issues specific to particular geographies. These experts help us better understand how these risks can manifest on Pinterest and they provide us with signals (like trending keywords) that we build into our overall content moderation system, including our managed list of sensitive terms. Our overall content moderation system also works to prevent the risk that Pinterest causes a negative effect on civic discourse, electoral integrity or public security. We have multiple mechanisms in place to detect and enforce violating content, such as user reports and manual reviews. See Pinterest’s platform ecosystem for more detail on these mechanisms. Design of recommender systems and any other relevant algorithmic systems Our systems recommend content primarily based on a user’s previous activity and we know that users do not primarily come to Pinterest to participate in civic discourse or find information about elections. As such, the design of our recommender systems and the nature of our platform’s purpose do not have a significant negative effect on political discourse or civic engagement. Systems for selecting and presenting advertisements Pinterest’s advertising system is designed to help decrease the risk that Pinterest could negatively impact civic discourse, electoral integrity or public security. Our Advertising Guidelines prohibit political campaign advertisements. We do not allow advertising for the election or defeat of political candidates running for public office, including fundraising for political candidates or parties, political parties or action committees, political issues with the intent to influence an election, legislation (including referenda or ballot initiatives), and merchandise related to political candidates, parties or elections. We also do not allow advertisers to target certain audiences, including based on political affiliation. Pinterest has multiple controls in place to enforce these guidelines, including manual review of ads, automated models to detect prohibited content and users reporting policy-violating ads. Data related practices We do not consider our data practices to specifically impact civic discourse, electoral integrity or public security. Intentional manipulation We’ve also looked at how intentional manipulation can affect the area of civic discourse, electoral processes and public security. Similar to the area of fundamental rights, we typically don’t see spam attacks, fake accounts or ATOs targeted towards this area of risk, however, our controls work to detect and act against intentional manipulation when it occurs. Generative AI We’ve also looked at the intentional manipulation of content itself through the use of GenAI or other manipulation efforts to produce synthetically generated or manipulated content, such as deepfakes and shallowfakes. Our Community Guidelines, including our civic misinformation policy, as well as our internal enforcement guidelines contain details on our approach and efforts to action any policy-violating content. Residual risk rating Based on the inherent risk rating and the effectiveness of the controls we have in place, we have assessed the residual risk that Pinterest’s design, functioning or use could lead to negative effects on civic discourse, electoral processes or public security in the EU as Low. There is no change to the residual risk rating since the 2024 risk assessment. Further mitigation efforts Though we have assessed this risk as Low, we are always working to enhance our controls because of the potential harm that illegal content could cause to our users. We’re working on the following enhancements: ● Improving ML detection of violent actors: In the coming year we intend to make additional investments into advanced machine learning tools for detecting graphic violence and violent actors, further mitigating any potential risks to public security posed by terrorist and other violent content. Pinterest Digital Services Act Risk Assessment and Mitigation Report 2025 28 5.4 Systemic risk 4: Negative effects in relation to gender-based violence, the protection of public health and minors, and serious negative consequences to the person’s physical and mental wellbeing As in previous DSA risk assessments, when looking at the ways that these risks could manifest on our platform, we have looked at the volume of harmful content related to these risks, such as health misinformation, content promoting physical or mental harm, hateful activities, harassment, or child sexual exploitation (“CSE”) content. We also considered Pinterest’s design and whether this contributes to these risks - for example, the adequacy of safeguards for minors, whether users spend excessive time on Pinterest and whether we provide them with options for how they engage on the platform. On July 14, 2025, the European Commission published the finalised Guidelines on the Protection of Minors. As mentioned above, Pinterest’s robust safeguards for minors and risk assessment methodology align with some key recommendations in the Guidelines. Here we have outlined some areas of alignment. While the Guidelines were published after the conclusion of our primary information-gathering phase for this year’s risk assessment, we intend to consider the Guidelines more systematically in the next risk assessment cycle. ● Pinterest safety ecosystem - Key areas of alignment include: ○ We set a high level of privacy and safety-by-default. Accounts for minors under 16 are set to private as the only option and cannot be changed to public, while accounts for users between 16-17 years old are private by default but the user can opt to change it to public. This impacts teen users’ interactions, profile visibility, and more; ○ Our recommender systems help prevent exposure to harmful content by prioritising high quality content and user signals, including non-engagement signals; and ○ We provide support for parents and guardians, including Help Centre resources, a parental passcode and a mechanism for parents to contact us if they believe their child is on Pinterest despite being under 13 (or their country’s minimum age). ● Risk assessment methodology - Key areas of alignment include: ○ When evaluating risks to minors, Pinterest’s risk assessment methodology considers risks to teen users’ safety comprehensively. Pinterest’s risk register includes statements on content and behaviour that the Guidelines mention as particularly harmful to minors, including content promoting unrealistic beauty standards, self-harm, or dangerous activities; ○ Pinterest’s risk assessment considered the time spent by teen users on the platform; and ○ The inputs harnessed to conduct the assessment involve multiple stakeholders, including cross-business SMEs, external experts and teen users themselves. In assessing risks to gender-based violence, we also harnessed this year’s engagements with external experts and civil society. Notably, this included Pinterest’s participation in DTSP and GNI’s 2025 Stakeholder Engagement Forum, where participants discussed risks of gender-based violence in relation to product design. The assessment below reflects our analysis of these individual risks in aggregate. Inherent risk rating Probability We have assessed the probability of the risk that Pinterest’s design, functioning or use negatively impacts the protection of public health and minors, a person’s physical and mental wellbeing, or gender-based violence in the EU as Possible. We know from our detection mechanisms such as user reports, that it is possible for users to be exposed to this type of content on Pinterest, however, data indicates that the number of users exposed to this type of content is low. We also examined how the way this risk presents itself on the platform might have changed since our last risk assessment. For example, as described in our most recent DSA Transparency Report (reporting period from July 1, 2024 to December 31, 2024), we received 71 user reports that resulted in Pins being deactivated for violating our health misinformation policy, 1,497 user reports that resulted in Pins being deactivated for violating our self-injury and harmful behaviour policy, and 2,512 user reports that resulted in Pins being deactivated for violating our child safety policy. Pinterest Digital Services Act Risk Assessment and Mitigation Report 2025 29 Severity Similar to last year, we have assessed the severity of this inherent risk if left unchecked as Significant in the absence of controls, primarily because even limited exposure to content or behaviour of this nature for a small number of users could lead to harm or consequences. However, rapid dissemination or content “going viral” is not common on Pinterest and this is critical to understanding the severity of this risk more broadly. We have looked at the concept of “reach” to understand this. If we take data from our most recent Global Transparency Report (reporting period from July 1, 2024 to December 31, 2024) report we can see that of the Pins deactivated for violating our health misinformation policy in Q3 of 2024, over 99% were seen by 0 users during the reporting period. Also, looking at our self-injury and harmful behaviour policy, of the Pins deactivated in Q4 of 2024 for violation of this policy, 98% were seen by fewer than 10 users during the reporting period. There has been no change to the severity rating since last year’s risk assessment. Overall inherent risk rating Based on the probability and severity ratings, we have assessed the inherent risk that the design, functioning or use of Pinterest negatively impacts the protection of public health and minors, a person’s physical and mental wellbeing, or gender-based violence in the EU as Medium. There has been no change to the inherent risk rating since the 2024 risk assessment. Controls and mitigation efforts Our content moderation system is one of the main ways that we mitigate this risk. Our systems are capable of quickly detecting and deactivating harmful content. The other main way that we mitigate this risk is through the design of our platform. Pinterest does not prioritise endless engagement or virality and therefore it is difficult for risks to public health, minors, physical and mental health, and gender-based violence to be amplified in a “viral” manner. Pinterest’s recommender systems are designed to prioritise high-quality and inspirational content - we have specific search features such as compassionate search, to guide users to wellbeing practices if they are trying to manage difficult emotions, and our search advisories give our users direct access to suicide prevention lifelines. We’ve continued our work in this area to help make Pinterest a safer place for our users, focusing on public health, safety and health of minors, and the physical and mental wellbeing of all of our users. Further details on the steps we’ve taken in this area can be found here. Our Community Guidelines are the foundation upon which our content moderation systems are built - they outline what we allow on Pinterest and the type of content that we prohibit on our platform. In addition to our Community Guidelines, we have several enforcement guidelines that provide additional guidance and clarification to our content review teams and systems. Specifically pertaining to this risk we have our child safety policy, dangerous goods and activities policy, graphic violence and threats policy, harassment and criticism policy, hateful activities policy, health misinformation policy, and self- injury and harmful behaviour policy. These policies and guidelines drive our overall content moderation approach, including how automated models are used, the types of content that users can report, our manual review process and our enforcement approach. Pinterest has a longstanding commitment to creating a safe and positive place online, particularly for more vulnerable users, such as minors. We are committed to continuously designing and implementing measures that allow us to keep our teen users safe and investing in our policies, products and partnerships to support the wellbeing of our community. We make changes in response to new behaviours and trends we’ve observed online, adopt technology available to combat harmful content, enhance brand safety for our advertising partners, and also simply because it’s the right thing to do for the people on our platform. Given the potential severity and harm associated with these risks, Pinterest has multiple product safety controls in place to protect teen users. These include: ● Minimum age: We do not allow users under 13 to use Pinterest. If a prospective user doesn’t meet the minimum age requirements for their location, we don’t allow them to open a Pinterest account or use the platform. Where and when we discover any accounts of an underage user, we deactivate them; ● Account privacy: The profiles of users under the age of 16 are set to private as the only option. Private profiles are undiscoverable on Pinterest search and external search engines; and profiles, boards and Pins for users with private profiles are only visible to followers approved by the user. Users with private profiles are able to connect with family and friends by sending a unique profile link, and all users have the ability to review and remove followers; Pinterest Digital Services Act Risk Assessment and Mitigation Report 2025 30 The personal accounts of users aged 16 and 17 are set to private by default with the option to switch to a public account. If a 16 or 17-year-old user switches to a public account and their parent or caregiver has set up a passcode for their teen’s account, the passcode will be required to action the change; ● Removal of existing followers: For teens under the age of 16, all existing followers were removed in August 2023, so that those users could start with a clean slate to decide who can follow them; ● No contact without consent: Teens under the age of 16 can only send and receive messages from mutual followers who have been accepted through a unique profile link that expires after three days or when they connect with five new followers using this unique link, whichever comes first. Teens who are 16 and 17 can only receive messages from mutual followers, and can only receive message requests from users they follow; ● User reporting: The reporting reasons in Pinterest’s in-product content reporting tool were updated to include not only sexually explicit content, but also any content that sexualises minors. We have also enabled more nuanced reasons to report users and boards. Though users could always report content or accounts, the community is now able to flag a more detailed and nuanced list of behaviours at both the user and board level. This includes: impersonation, saving normally appropriate content in a potentially sexualised manner, among many others; ● Help Centre resources: The Pinterest Help Centre provides information to parents or caregivers of teens on Pinterest. It explains our minimum age requirements, provides privacy resources and specifies ways for parents to notify us if they suspect their underage child has a Pinterest account so it can be deleted; ● Age change verification: If a user who previously entered their age as under 18 attempts to edit their date of birth on the Pinterest app, Pinterest requires them to submit a government ID and/or selfie to a third-party partner to confirm their age; and ● Parental support: Pinterest offers a parental passcode feature for users under the age of 18, which allows parents and caregivers to set up a 4-digit passcode to lock certain settings and have oversight of their teen’s Pinterest account. These settings include those related to account management, privacy and data, public/private profile status, and social permissions, such as messaging, mentions, comments and shopping recommendations. This past year, teen safety has been an important action area for Pinterest. Since our last DSA risk assessment, we have enhanced parental verification of key account changes and finalised the user reporting function mentioned. In an effort to support our users in understanding their choices, we have also increased transparency around teen’s privacy settings and choices as they age, with enhanced in-product education and e-mail notifications sent to users when they turn 16 and 18, informing them of newly available settings. We’re not just concerned with the safety of the teens that use our platform - we also want to support their mental health and emotional wellbeing and the mental health and emotional wellbeing of all our users. We’ve designed our product to help further this mission. For example, we have no filters on beauty. Beauty filters that alter a person’s appearance when posting online can change the way teens think about themselves. Our virtual Try On tool is a compelling way to play with eye makeup and lipstick colours, but it won’t alter the user’s face. To further our efforts supporting mental health and inspiring our users, we have created specific search features. Pinterest’s compassionate search feature includes a collection of evidence-based wellbeing practices that someone can do to improve their mood if they are feeling anxious, sad or trying to manage difficult emotions. For example, if someone searches for “stress relief,” they might choose the “redirect your energy” activity, which suggests practices like journaling for perspective, drawing a nature scene or making a playlist. If they select “accept your emotions,” they’ll be guided through steps to practise self-compassion. For people who may be experiencing thoughts of suicide or need someone to talk to immediately, we continue to provide search advisories with direct access to suicide prevention lifelines. Moving forward, we intend to expand our advisories to more platform surfaces and harm areas, helping us support even more users. Overall control effectiveness rating Similar to last year, and based on their design and implementation, we have assessed these controls as Effective. This rating is based on a number of factors, including the enhancements made to our machine learning models, the ongoing monitoring accuracy and the data in our most recent DSA Transparency Report (reporting period from July 1, 2024 to December 31, 2024). For example, we proactively deactivated over 92,500 Pins for violation of our health misinformation policy, and deactivated 71 Pins as a result of user reporting. For our self-injury and harmful behaviour policy, we proactively deactivated over 6,790,000 Pins while we deactivated just over 1,490 Pins due to user reports. Pinterest Digital Services Act Risk Assessment and Mitigation Report 2025 31 How influencing factors could affect this risk Similar to the other systemic risks, we’ve considered how each of the influencing factors affects risks to public health, minors, physical and mental health, and gender-based violence. Applicable terms and conditions and their enforcement Per our Terms of Service, if you’re based in the European Economic Area, you may only use Pinterest if you are over the age at which you can provide consent to data processing under the laws of your country, and we require a date of birth for new and existing accounts for all users regardless of age. If someone who previously entered their age as under 18 attempts to edit their date of birth on the Pinterest app, we will require them to send additional information to our third-party age verification partner to confirm its legitimacy. Users are also able to report other users if they suspect them to be underage. We have specific policies and guidelines that address public health and the mental and physical health of our users, including minors. These policies drive our content moderation and enforcement approach. Content moderation systems Our overall content moderation system works together to detect and enforce content which might negatively impact public health, minors, physical and mental health, and gender-based violence. Given the severity of this risk, we invested in research to understand how these risks could manifest on the platform and have built specialised controls and product features as a result. We continue to invest in our Minor Safety Operations team, a team of minor safety specialists who perform operational and investigatory review of content and behaviour that potentially violates Pinterest’s child safety policy, identified via reactive and proactive detection. We have also made additional investments with external third-party experts who monitor child safety trends on our platform. Design of recommender systems and any other relevant algorithmic systems We have made deliberate choices to engineer a more positive place online and prevent our platform from negatively impacting mental health. In order to make sure that the Pinterest platform itself is additive, not addictive, we tune our algorithmic systems to prioritise explicit signals - for example, “saves” - over just views alone. When people see something on Pinterest that they want to act on, they hit “save.” By prioritising what gets “saved” in the content, the images and videos that are top performing don’t distract users from their life (like car crash videos or conspiracy theories), but actually help users improve it (like step-by-step guides, self-care ideas, inspirational quotes and how-to videos). Building our algorithmic systems to prioritise high quality and inspirational content enables us to create a more positive environment that can support the mental health of our users. Systems for selecting and presenting advertisements We do not want ads on our platform that might create a negative impact for our users. To protect the physical and mental health of our users, including minors, our Advertising Guidelines place restrictions on certain categories of advertisements, including drugs and paraphernalia, sensitive content (such as excessively violent or profane content), tobacco, alcohol, gambling products and services, and body shaming language and imagery. In addition to these restrictions, we limit how ads can be targeted to certain audiences. Ads cannot be targeted based on sensitive health or medical conditions, among other things. In addition, ads cannot be targeted or served to minors based on profiling and currently are not being served to minors in the EU at all. Our guidelines are restrictive to ensure that user safety comes first and we have controls in place to enforce these guidelines, detailed in Pinterest’s platform ecosystem. Data related practices Users may only use Pinterest if they are over the age at which they can provide consent to data processing under the laws of their country. If a user is the appropriate age to create a Pinterest account, their data is collected and used per the practices set out in Pinterest’s platform ecosystem. Intentional Manipulation Similar to the other systemic risks, we’ve looked at how intentional manipulation can affect gender-based violence, the protection of public health and minors, and serious negative consequences to the person’s physical and mental wellbeing. We typically don’t see spam attacks, fake accounts or ATOs targeted towards this area of risk, however, our controls work to detect and act against this type of intentional manipulation when it does occur. We also looked at how intentional manipulation of content itself, either through the use of GenAI or other manipulation efforts to produce manipulated or edited content impacts on this area of risk. Our content moderation tools do not distinguish between harmful content that is manipulated or edited and harmful content that has not been manipulated. Pinterest Digital Services Act Risk Assessment and Mitigation Report 2025 32 Our content moderation tools work to identify and action all policy-violating and harmful content regardless of how it was created. Residual risk rating Based on the inherent risk rating and the effectiveness of the controls we have in place, we have assessed the residual risk that Pinterest’s design, functioning or use could lead to negative effects on civic discourse, electoral processes or public security in the EU as Low. There is no change to the residual risk rating since the 2024 risk assessment. Further mitigation efforts Though we have assessed this risk as Low, we are always working to enhance our controls because of the potential harm that illegal content could cause to our users. We’re working on the following enhancements: ● Expanded advisories: Building on the partnership we announced in 2024, we are expanding our mental health advisories beyond search results to user reporting flows, so if a user reports a piece of content, they would receive an advisory redirecting them to helpful resources. We are also working on expanding the topics covered by our advisories; ● Reduced prevalence of self harm content: We are strengthening our self harm ML models, further reducing potential risks to mental health and wellbeing; ● Content safety models retraining: We intend to onboard additional content safety models to our automated framework for continuous model improvements. This framework allows for frequent retraining to drive performance gains in our models, strengthening their detection capabilities of harmful content. This includes content potentially harmful to our users’ wellbeing. As a result, this measure will help us further mitigate any potential risks; and ● Prevalence of volume-sensitive content: We intend to develop models to help improve how we manage material that may be benign in isolation but could impact users’ wellbeing in large quantities, including content related to weight loss. Pinterest Digital Services Act Risk Assessment and Mitigation Report 2025 33 6\. Conclusion Our third annual DSA Risk Assessment and Mitigation Report builds on our previous analysis of the systemic risks that stem from the design, functioning or use of Pinterest and its systems, and highlights the areas where we can further mitigate those risks to protect our users. We want Pinterest to be a safer place online for all of our users. We will continue to invest in our content moderation systems and explore new ways and invest in technology to fight policy-violating content on our platform. We’ll continue to work hard to fulfil our mission to bring everyone the inspiration to create a life they love. Pinterest Digital Services Act Risk Assessment and Mitigation Report 2025 34 Appendix Appendix 1: Inherent risk rating rubrics Severity x Probability = Inherent Risk Probability Rubric Probability Definition Score Unlikely ● No or low record of this type of activity or content on Pinterest (supported by data); ● Pinterest does not have functionality to allow this type of activity to occur (e.g., live streaming of harmful content); ● Would require negligence on Pinterest’s behalf (e.g., failure to have legally compliant policies); ● Type of activity that would be the result of an internal bad actor; ● Type of content is not a common use case (supported by data) (e.g., political content). 1 Possible ● Some record of this type of activity or content on Pinterest (supported by data where available); ● Type of activity that could be carried out by a user/group of users; ● Pinterest has the functionality to allow this type of activity to occur; 2 Likely ● Type of activity or content has become a prominent trend across platforms; ● Record that this type of activity or content regularly occurs on Pinterest (supported by data where available). 3 Almost Certain ● Major incident that has caused serious harm has occurred within the last 12 months; ● Indication from external or internal expert that this type of activity is prominent on Pinterest; 4 Severity Rubric Severity Definition Score Marginal ● Type of activity/content would not lead to harm for a large number of users; ● Type of activity/content would not lead to offline consequences for users. 1 Moderate ● Type of activity/content could lead to inconvenience/frustration/discomfort for users; ● Type of activity/content could lead to lack of understanding of policy/policy violations for users; 2 Significant ● Type of activity/content could lead to an increase in exposure to harmful content for users; ● Type of activity/content could lead to financial harm for users; ● Type of activity/content could lead to compromise of personal data/privacy for users; ● Type of activity/content could lead to discrimination for users. 3 Critical ● Type of activity/content could lead to offline/online physical harm for users/others; ● Type of activity/content could lead to offline/online psychological harm for users/others; ● Type of activity/content could lead to offline/online emotional harm for users/others. 4 Pinterest Digital Services Act Risk Assessment and Mitigation Report 2025 35 Inherent Risk Rubric Here we have clarified the inherent risk rubric to provide more detail on the numerical point where risks shift levels. This was already the practice, we have simply clarified its presentation. Inherent Risk Score Very High 12.01 - 16 High 8.01 - 12 Medium 4.01 - 8 Low 1 - 4 Appendix 2: Control Effectiveness Rubric We identified the controls and safeguards in place to mitigate each risk and determined how effective the control environment is in mitigating the inherent systemic risk. We considered the design of the control and, where available, we looked at metrics and data to understand the effectiveness of the control. We did not perform control testing as part of the risk assessment. Each control and safeguard identified was assigned a control effectiveness score. Rating Definition Score Highly effective All of the following ● One or more controls in place to mitigate the risk; ● Control is subject to internal monitoring; ● Control is subject to internal or external audit/testing; No deficiencies with control identified in the last 12 months. 0.25 Effective All of the following ● One or more controls in place to mitigate the risk; ● Control is subject to internal or external audit/testing; ● No material deficiencies identified with control in the last 12 months; Remediation steps in place to rectify issues identified. 0.50 Somewhat effective All of the following ● One or more controls in place to mitigate the risk; ● No material deficiencies identified with control in the last 12 months; Remediation steps in place to rectify issues identified. 0.75 Ineffective One of the following ● No control in place to mitigate the risk; or At least one material deficiency identified with control in the last 12 months. 1.0 Pinterest Digital Services Act Risk Assessment and Mitigation Report 2025 36 Appendix 3: Residual risk rating rubrics Inherent risk x Control effectiveness score = Residual risk The resulting cumulative systemic risk exposure was determined by multiplying the inherent systemic risk score against the control effectiveness score to determine the residual risk rating. We used the formula to apply a residual risk rating score to each risk on the risk register. We then calculated the overall residual risk rating score for each Systemic Risk category at an aggregate level. Here we have clarified the residual risk rubric to provide more detail on the numerical point where residual risks shift levels. This was already the practice, we have simply clarified its presentation. Residual risk rubric Residual Risk Score Very High 12.01 - 16 High 8.01 - 12.0 Medium 4.01 - 8.0 Low 1 - 4.0