Privacy Policy for Weevio Cloud
Last Updated: April 9, 2026
Weevio ("Weevio", "we", "us", or "our") is committed to protecting the privacy of our customers and visitors to our website and applications ("Users"). This Privacy Policy explains how we collect, use, and disclose the personal information of our Users.
Data Controller
Weevio by MacExperience is the data controller responsible for your personal data. If you have any questions about this Privacy Policy or how we handle your data, you can contact us at:
Email: [email protected]
Mailing Address: Weevio by MacExperience, 8685 Edison Plaza Dr STE 4103 Fishers, IN 46038
Data Collection
We collect personal information from our Users when they use our services or visit our website. This information may include:
- Contact information, such as name, email address, and phone number
- Account information, such as username and password
- Payment information, such as credit card details (processed by Stripe)
- Usage data, such as how you interact with our services, pages visited, and features used
- Technical information, such as browser type and device information
- Session recordings, which may capture your interactions with our applications (with form inputs masked where applicable)
- Cookies and local storage data used for authentication, session management, and analytics preferences
- Location data, such as zipcode (used for shipping estimates)
- Appointment details, such as date, time, type, and comments
- Service records, such as orders, repairs, and shipment tracking information
Legal Basis for Processing
We process your personal data only where we have a lawful basis to do so. The table below sets out the legal basis we rely on for each type of processing:
| Processing Activity | Data Involved | Legal Basis |
|---|---|---|
| Account creation and authentication | Email address, name | Contract — necessary to provide the service you requested |
| Payment processing | Email, payment details (via Stripe) | Contract — necessary to process your transactions |
| Appointment booking | Name, email, phone, appointment details | Contract — necessary to schedule and manage your appointment |
| Order, repair, and shipment management | Customer code, order details, service records | Contract — necessary to fulfil and track your orders and services |
| Shipping estimates | Zipcode, product/cart details | Legitimate interest — to provide accurate delivery information |
| Product analytics (anonymous) | Page views, anonymous interaction events | Legitimate interest — to understand usage patterns and improve our services |
| Session recordings (where enabled) | Interaction replays with form inputs masked | Legitimate interest — to identify and fix technical issues; you may opt out at any time via the analytics toggle |
| Error monitoring and diagnostics | Error details, technical context | Legitimate interest — to identify and fix technical issues |
| Service communications | Email address, phone number | Contract — necessary to send appointment confirmations, order updates, and service notifications |
| Legal and regulatory compliance | Transaction records, account data | Legal obligation — to comply with tax, accounting, and other legal requirements |
Data Use
We use the personal information we collect from our Users to provide, maintain, and improve our services, as well as for the following purposes:
- To send you updates and important information about our services
- To process your payments and prevent fraud
- To respond to your customer service requests
- To analyze usage data and session recordings to improve our services and user experience
- To diagnose technical issues and monitor application performance
- To comply with legal and regulatory requirements
Analytics and Session Recording
We use PostHog, a product analytics platform, to understand how users interact with our consumer-facing applications. PostHog may collect the following data:
- Page views, clicks, and other user interactions
- Session recordings that replay user interactions with the application
- Technical information such as browser type and device
Where applicable, form inputs are masked in session recordings to protect sensitive data. We do not collect IP addresses through our analytics platform. You may opt out of analytics tracking at any time using the opt-out link available in our applications. Opting out will disable all PostHog data collection for your browser.
Data Sharing
We do not sell your personal information to third parties.
We share personal information only with third-party service providers who assist us in operating our platform. These providers include:
- AWS (Amazon Web Services) — cloud infrastructure and data storage
- Stripe — payment processing
- PostHog — product analytics and error monitoring
- Firebase (Google) — authentication for our Customer Portal
- Auth0 — authentication for our employee-facing platform
- Google Maps — location services for appointment scheduling and shipping estimates
- Shopify — eCommerce platform integration
These providers are contractually bound to protect the confidentiality of the personal information we share with them and to use it only to provide the services we have engaged them to provide.
We may also disclose personal information as required by law or to comply with a legal process.
International Data Transfers
Weevio is based in the United States. When you use our services, your personal data is transferred to and processed in the United States, where our servers and third-party service providers are located.
For users in the United Kingdom, these transfers are protected by appropriate safeguards in accordance with UK GDPR, including:
- The UK-US Data Bridge (UK Extension to the EU-US Data Privacy Framework), where our processors are certified participants
- Standard Contractual Clauses (SCCs) approved by the UK Information Commissioner's Office, where applicable
You may request further information about the safeguards we use for international transfers by contacting us at [email protected].
Cookies and Local Storage
We use cookies and browser local storage for the following purposes:
- Authentication and session management (keeping you signed in)
- Storing your analytics opt-out preference
- Remembering your login preferences
We do not use cookies for advertising or cross-site tracking. Some of our consumer-facing applications (such as the Appointment Scheduler) operate without setting any cookies.
Data Security
We take the security of our Users' personal information seriously. We encrypt all sensitive customer data in transit (via HTTPS/TLS) and at rest (via AES encryption). We also implement security measures including multi-factor authentication, role-based access controls, and automatic session timeouts to protect against unauthorized access to or unauthorized alteration, disclosure, or destruction of data.
Data Retention
We retain personal information only for as long as necessary to fulfil the purposes for which it was collected, or as required by law. The table below sets out our retention periods for each category of data:
| Data Category | Retention Period | Reason |
|---|---|---|
| Account and profile data | Duration of your account, plus 30 days after account closure | Service delivery and grace period for account recovery |
| Authentication tokens and session data | Up to 90 days | Session management and keeping you signed in |
| Payment and transaction records | 7 years after the transaction | Tax, accounting, and legal obligations |
| Appointment records | 10 years after the appointment date | Service history and follow-up |
| Order, repair, and shipment records | Duration of your account (sourced from your dealer's management system) | Service fulfilment and warranty support |
| Analytics data | 1 year | Product improvement and usage analysis |
| Shopping cart cache | 30 days | Shipping estimate caching |
| Customer service communications | 10 years | Quality assurance and dispute resolution |
| One-time verification codes | 15 minutes | Authentication security |
After the applicable retention period, we will delete or anonymize your personal information. Where data is held by a third-party system (such as your dealer's PIMS management system), retention is governed by that system's policies.
Automated Decision-Making
We do not use your personal data for automated decision-making or profiling that produces legal effects or similarly significantly affects you.
Your Privacy Rights
All Users have the right to:
- Access the personal information we have collected about you
- Rectification — request correction of inaccurate personal information
- Erasure — request deletion of your personal information
- Restriction — request that we limit how we use your data
- Data portability — receive your personal data in a structured, commonly used, machine-readable format
- Object — object to processing based on legitimate interest
- Withdraw consent — where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal
- Opt out of analytics tracking using the controls available in our applications
To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 30 days (or 45 days for CPRA requests).
UK Residents — Right to Complain
If you are a UK resident and you are not satisfied with how we handle your personal data or respond to your rights request, you have the right to lodge a complaint with the UK Information Commissioner's Office (ICO):
- Website: ico.org.uk
- Telephone: 0303 123 1113
- Post: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
We encourage you to contact us first so we have the opportunity to resolve your concern.
California Privacy Rights (CPRA)
If you are a California resident, you have additional rights under the California Privacy Rights Act (CPRA):
- Right to Know: You may request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources from which it was collected, the business purpose for collecting it, and the categories of third parties with whom it is shared.
- Right to Delete: You may request that we delete the personal information we have collected about you, subject to certain exceptions.
- Right to Correct: You may request that we correct inaccurate personal information we maintain about you.
- Right to Opt Out: You may opt out of analytics data collection using the opt-out controls available in our applications, or by contacting us at [email protected].
- No Sale of Personal Information: We do not sell or share your personal information with third parties for cross-context behavioral advertising.
- Non-Discrimination: We will not discriminate against you for exercising any of your privacy rights. You will not receive different pricing, a different quality of service, or be denied service for exercising your rights.
We retain each category of personal information for the periods described in the Data Retention section above.
Children's Privacy
Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected data from a child, please contact us at [email protected] and we will promptly delete it.
Changes to this Privacy Policy
We may update this Privacy Policy from time to time. We will notify Users of any material changes by posting the new Privacy Policy on our website or by sending an email. We encourage you to review this page periodically.
Contact Us
If you have any questions about this Privacy Policy, our privacy practices, or wish to exercise your privacy rights, please contact us:
Email: [email protected]
Mailing Address: Weevio by MacExperience, 8685 Edison Plaza Dr STE 4103 Fishers, IN 46038
Need Help?
For assistance, please send a message to our Support page.