May 12, 2025

Weave Corp Privacy Policy

July 10th, 2025

1 . Introduction

Weave Corp (“Weave,” “we,” “our,” or “us”) builds tools that let people stitch together their favorite apps, data, and automation threads via our apps, website, APIs, and SMS updates. Protecting your privacy is core to that mission. This Policy explains what data we collect, why, how we use it, and the choices you control across every Weave-branded product or service that links here (collectively, the “Services”).

2 . Scope

This Policy applies worldwide to anyone who visits, registers for, or uses our Services, including:

  • Core Apps – iOS/Android, desktop clients, browser extensions, and public APIs

  • Web Properties – weave.cloud, weave.services, sub-domains, and landing pages

  • SMS Program – promotional or transactional texts you expressly opt in to
    If you signed a separate written agreement (e.g., a Master Service Agreement), that contract controls where it conflicts with this Policy.

3 . Information We Collect

  • Account Info:
    Name, email, hashed password, optional phone, auth tokens → create & secure your account, connect integrations

  • Usage Data:
    Workflows created, API calls, clicks, session duration, crash logs → operate, improve, and troubleshoot the Services

  • Integration Content:
    Data you deliberately pull from connected apps (e.g., calendar events, emails, health data) → execute automations & show results

  • Device / Log Data:
    IP, device IDs, OS version, browser, language, referring URL, diagnostics → fraud prevention, analytics, debugging

  • Cookie & Similar Tech: first-/third-party cookies, local storage, SDK events → remember preferences, personalize content, measure performance

  • SMS Metadata:
    Opt-in timestamp, phone number, carrier info, message logs → deliver SMS, maintain compliance, audit opt-outs

We do not knowingly collect data from children under 13 (or the equivalent minimum age in your jurisdiction).


4 . How We Use Your Information

  1. Provide & maintain the Services (authenticate you, run automations, route SMS/push notifications)

  2. Improve & develop new features (analyze aggregated, de-identified data)

  3. Personalize your experience (suggest workflows, integrations, settings)

  4. Communicate

    • Transactional: security alerts, status updates, receipts

    • Marketing: email/SMS only with opt-in; unsubscribe or text STOP any time

  5. Protect Weave & users (detect fraud, enforce Terms, resolve disputes, comply with law)

5 . Legal Bases for Processing (EEA/UK)

  • Contractual Necessity – provide the Services you request

  • Legitimate Interests – improve security, prevent abuse, analyze usage

  • Consent – marketing messages, certain integrations

  • Legal Obligation – tax, accounting, law-enforcement requests

6 . Sharing & Disclosure

We do not sell your personal data. We share it only when necessary:

  • Service providers – cloud hosting, SMS delivery (e.g., Twilio), payments, analytics (under confidentiality & least-privilege access)

  • Integration partners you connect – receive minimal tokens/data needed to run workflows; access is revocable at any time

  • Corporate transactions – merger, acquisition, or asset sale (successor must honor this Policy; you will be notified)

  • Legal & safety – comply with law or protect rights, property, or safety (Weave challenges over-broad requests)

7 . Data Retention

  • Account profile: kept until you delete your account

  • Workflow logs: 90 days by default (enterprise configurable)

  • SMS opt-in/opt-out logs: ≥ 6 years (CTIA compliance)

  • Legal / financial records: retained as required by law

You can delete your account in Settings → Privacy → Delete Account; most associated data queues for deletion within 30 days unless legal retention applies.

8 . Your Rights & Choices

Depending on your location, you may:

  • Access, correct, delete, or port your data

  • Opt out of marketing or certain processing

  • Object to or restrict processing in specific circumstances

Submit requests via privacy@weavecorp.com or in-app at Settings → Privacy. California residents can toggle Do Not Share My Info to opt out of “sharing” under the CCPA. We verify and respond within 30 days.

9 . Security

We use industry-standard safeguards, including:

  • TLS 1.2+ encryption in transit

  • AES-256 encryption at rest

  • Role-based access controls & audit logs

  • Annual SOC 2 Type II reviews & third-party penetration testing

No system is 100 % secure—please protect your credentials and report concerns to security@weavecorp.com.

10 . International Data Transfers

We store data primarily in the United States. For transfers from the EEA/UK or other regions with data-transfer restrictions, we rely on Standard Contractual Clauses or comparable safeguards.

11 . Changes to This Policy

We may update this Policy periodically. Material changes will be announced via email or in-app at least 30 days before they take effect. Continuing to use the Services after changes means you accept the updated Policy.

12 . Contact Us

Email: legal@weave.services
Phone: +1 (855) 572-2507
Mail: Weave Corp, 251 Little Falls Dr., Wilmington, DE 19808, USA

By using the Services, you acknowledge that you have read, understood, and agree to this Privacy Policy.

Weave Corp Privacy Policy ›