Shev.io Privacy Policy

Last Updated: February 24, 2026 Effective Date: February 24, 2026

Executive Summary

This Privacy Policy explains what personal data Shev.io collects, why we collect it, how we use it, how we share it with service providers (such as payment processors and analytics partners), and the choices and rights available to you. It applies globally and is designed to align with widely recognized privacy principles (including GDPR-style transparency and user rights) without being limited to any single jurisdiction. Where local law provides additional rights or imposes additional obligations, those local requirements may apply in addition to this Policy.

1. Introduction

Shev.io ("Shev.io", "we", "us", "our") is a software-as-a-service platform that provides access to trade data, dashboards, analytics outputs, and downloadable reports (the "Service"). This Privacy Policy applies to personal data we process in connection with your access to, and use of, the Service, including any demo environment, subscriptions, credits-based usage, and one-time purchases.

If you do not agree with this Privacy Policy, do not use the Service.

2. Scope and Roles

2.1 Data Controller / Operator

Shev.io acts as the data controller for the personal data described in this Privacy Policy. For legal and operational purposes, the "Operator" is Shev.io as identified on our website, checkout pages, and invoices.

Contact: support@shev.io Website: https://shev.io

2.2 When We Act as a Processor

In most typical Shev.io usage, we act as a controller for account, billing, analytics, and platform telemetry data. If a specific enterprise arrangement is introduced that requires Shev.io to process data strictly on behalf of a business customer (e.g., under a data processing addendum), Shev.io will describe that arrangement in the relevant order form or addendum.

3. Personal Data We Collect

We collect data in the categories below. Specific fields vary depending on how you use the Service and what you choose to provide.

3.1 Account and Registration Data

  • Full name
  • Email address
  • Password (stored in securely hashed form)
  • Organization/company name (if provided)
  • Role/title (if provided)
  • Account settings and preferences
  • Profile photo/avatar (if uploaded or imported from social login)

3.2 Billing and Transaction Data

  • Billing contact information (billing name, email)
  • Billing address (if provided)
  • Tax/VAT information (if provided)
  • Subscription plan and renewal dates
  • Credits purchases and balances
  • One-time purchase history
  • Payment status and transaction metadata
  • Transaction IDs and payment references

Note: We do not store full payment card numbers on Shev.io systems. Payment details are handled by our payment processor, Stripe.

3.3 Technical and Device Data

  • IP address
  • Device identifiers (where available)
  • Browser type, version, and user agent
  • Operating system and version
  • Language and time zone settings
  • Approximate location derived from IP address (country/region level)
  • Authentication logs (login times, logout times, failed login attempts)
  • Session identifiers and device fingerprints
  • Security logs and audit trails

3.4 Usage and Analytics Data

  • Page views and navigation paths
  • Feature usage events (dashboards viewed, reports generated)
  • Clicks, scroll events, and user interactions
  • Report generation and download events
  • Credit consumption history
  • Search queries and filter parameters
  • Performance metrics and error logs
  • A/B testing participation (where enabled)

3.5 Report and Output Data

  • Search queries and parameters you submit
  • Filter criteria and report configurations
  • Generated reports and their metadata (timestamps, format, size)
  • Download history

3.6 Marketing and Tracking Data

  • Cookie identifiers and similar tracking identifiers
  • Referral source and attribution data
  • Interaction with marketing emails (opens, clicks)
  • Conversion events
  • Advertising interaction data (where applicable)

See our Cookie Policy for additional details.

3.7 Support and Communication Data

  • Support ticket content and attachments
  • Email communications
  • Feedback and survey responses
  • Contact form submissions

4. Sources of Personal Data

We collect personal data from the following sources:

  • Directly from you: Account registration, purchases, profile updates, support requests, and communications
  • Automatically via your device/browser: When you access or use the Service
  • From third parties:
    • Stripe: Payment verification and transaction data
    • Social login providers (Google, LinkedIn): Profile information when you choose to authenticate via social login
    • Analytics providers: Aggregated usage data
    • Fraud prevention services: Risk scoring and verification data

5. Why We Use Personal Data

We use personal data for the following purposes:

5.1 Service Provision

  • Creating and managing your account
  • Authenticating your identity and controlling access
  • Processing subscriptions, credits, and purchases
  • Generating and delivering reports and analytics
  • Providing demo access and enforcing demo limitations
  • Managing Team invitations and member access

5.2 Security and Fraud Prevention

  • Detecting, preventing, and investigating fraud, abuse, and policy violations
  • Implementing scraping/parsing detection and prevention
  • Enforcing single-device session policies
  • Maintaining security logs and audit trails

5.3 Service Improvement

  • Measuring Service performance and reliability
  • Understanding usage patterns and feature adoption
  • Improving user experience and product features
  • Debugging errors and technical issues

5.4 Communications

  • Sending service updates, security notices, and billing information
  • Responding to support requests
  • Sending marketing communications (where permitted and/or with consent)

5.5 Legal and Compliance

  • Complying with legal obligations and lawful requests
  • Enforcing our Terms of Use and other agreements
  • Protecting our rights and the rights of users

6. Legal Bases for Processing

Depending on your location and applicable law, Shev.io relies on one or more of the following legal bases:

Legal Basis Purpose Examples
Contract Necessity Account management, service delivery, billing, support
Legitimate Interests Security, fraud prevention, service improvement, analytics, enforcing policies
Consent Marketing communications, non-essential cookies and trackers
Legal Obligation Tax records, regulatory compliance, lawful data requests

Where consent is used as the legal basis, you may withdraw consent at any time. Withdrawal will not affect the lawfulness of processing before withdrawal.

7. Cookies and Similar Technologies

Shev.io uses cookies, pixels, SDKs, local storage, and similar technologies for essential operation, analytics, security, and marketing purposes.

For detailed information on:

  • Types of cookies we use
  • Third-party cookies
  • How to manage your cookie preferences

Please see our Shev.io Cookie Policy.

8. Sharing and Disclosure

We share personal data only as necessary for the purposes described in this Policy.

8.1 Service Providers and Subprocessors

We may share personal data with vendors that help us operate the Service:

Category Provider Purpose
Payment Processing Stripe, Inc. Payment processing, subscription management, fraud prevention
Cloud Infrastructure Cloud hosting providers Data storage and processing
Email Delivery Transactional email service Account notifications, support communications, marketing (where consented)
Analytics Google Analytics Website and product analytics
Error Monitoring Application monitoring tools Error tracking and debugging
Customer Support Support platform Ticket management and communication

We require service providers to:

  • Process personal data only on our instructions
  • Implement appropriate technical and organizational safeguards
  • Comply with applicable data protection laws

8.2 Social Authentication Providers

When you use social login (Google or LinkedIn), we receive profile information from these providers according to their privacy policies and your privacy settings with them.

8.3 Business Transfers

If Shev.io undergoes a merger, acquisition, reorganization, financing, or sale of assets, personal data may be transferred as part of that transaction, subject to appropriate protections and continued compliance with this Privacy Policy.

8.4 Legal Requirements

We may disclose personal data if we believe disclosure is necessary to:

  • Comply with applicable law, regulation, or legal process
  • Respond to lawful governmental or court requests
  • Protect the rights, safety, or security of Shev.io, our users, or the public
  • Enforce our Terms of Use and investigate potential violations

8.5 With Your Consent

We may share personal data for other purposes with your explicit consent.

9. International Transfers

Shev.io may process and store personal data in multiple countries. If your data is transferred internationally (including from the European Economic Area, UK, or Switzerland to countries without adequate data protection determinations), Shev.io will use appropriate safeguards as required by applicable law, including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Other legally approved transfer mechanisms
  • Supplementary technical and organizational measures where appropriate

10. Data Retention

We retain personal data for as long as necessary to:

  • Provide the Service and maintain your account
  • Fulfill the purposes described in this Policy
  • Maintain billing, tax, and accounting records
  • Prevent fraud and enforce our agreements
  • Resolve disputes and comply with legal obligations

Typical Retention Periods

Data Type Retention Period
Account Data While account is active, plus 2 years for reactivation/dispute handling
Billing Records 7 years (or as required by applicable tax/accounting law)
Security Logs 12 months
Analytics Event Data 26 months
Support Communications 3 years after ticket closure
Marketing Preferences Until consent is withdrawn or account is deleted

After retention periods expire, we will delete or anonymize personal data, unless longer retention is required by law.

11. Security Measures

We implement administrative, technical, and organizational safeguards designed to protect personal data, including:

  • Encryption: TLS/SSL encryption in transit; encryption at rest for sensitive data
  • Access Controls: Role-based access and least-privilege principles
  • Authentication: Secure password hashing; single-device session enforcement
  • Monitoring: Logging, anomaly detection, and security monitoring
  • Infrastructure: Secure cloud hosting with appropriate certifications
  • Personnel: Security training and confidentiality obligations for staff

No system is completely secure. You are responsible for:

  • Maintaining the confidentiality of your login credentials
  • Using strong, unique passwords
  • Reporting any suspected security incidents to support@shev.io

12. Security Incidents and Breach Notification

If we become aware of a security incident affecting personal data, we will:

  • Investigate promptly and take steps to mitigate harm
  • Notify affected individuals and/or regulators as required by applicable law
  • Provide information about the nature of the incident and steps you can take

13. Your Rights and Choices

Depending on applicable law and your location, you may have the following rights:

13.1 Available Rights

Right Description
Access Request a copy of personal data we hold about you
Correction Request correction of inaccurate or incomplete data
Deletion Request deletion of your personal data (subject to legal/contractual limits)
Restriction Request restriction of certain processing activities
Data Portability Receive your data in a structured, commonly used format
Objection Object to processing based on legitimate interests
Withdraw Consent Withdraw consent where processing is consent-based
Complaint Lodge a complaint with a supervisory authority

13.2 How to Exercise Your Rights

Email: support@shev.io Subject Line: "Privacy Request - [Right Type]"

Please include:

  • Your full name and email address associated with your account
  • Specific description of your request
  • Any relevant details to help us locate and verify your information

Verification: To protect your privacy, we may request additional information to verify your identity before fulfilling a request.

Response Time: We will respond to verifiable requests within 30 days (or shorter periods where required by law). Complex requests may require an extension, which we will communicate to you.

Limitations: We may decline requests that are:

  • Unreasonable or repetitive
  • Technically infeasible
  • Would adversely affect the rights of others
  • Not required by applicable law

14. Regional Privacy Rights

Depending on your location, you may have additional privacy rights under local data protection laws. These may include:

  • Right to access your personal data
  • Right to correct inaccurate data
  • Right to delete your data (subject to legal requirements)
  • Right to restrict or object to certain processing
  • Right to data portability
  • Right to withdraw consent
  • Right to lodge a complaint with a supervisory authority

If you believe you have rights under your local law that are not addressed in this Policy, please contact us at support@shev.io and we will work with you to address your request in accordance with applicable law.

Nothing in this Privacy Policy shall limit or exclude any rights that you may have under mandatory data protection laws in your jurisdiction.

15. Children's Privacy

The Service is not intended for individuals under 18 years of age. We do not knowingly collect personal data from children under 18.

If we learn that we have collected personal data from a child under 18, we will take steps to delete that information promptly. If you believe we have inadvertently collected data from a child, please contact us at support@shev.io.

16. Do Not Track Signals

Some browsers offer a "Do Not Track" (DNT) feature. There is no industry standard for responding to DNT signals.

17. Third-Party Links and Services

The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal data.

18. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will:

  • Post the updated version on the Service
  • Update the "Last Updated" date at the top
  • Provide additional notice for material changes (e.g., in-product notification or email)

Your continued use of the Service after the effective date of changes constitutes acceptance of the updated Privacy Policy.

19. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: support@shev.io Website: https://shev.io

This Privacy Policy was last updated on February 24, 2026.