Privacy Policy

Introduction

Crevio ("we", "us", or "our") respects your privacy and is committed to protecting your personal and business data. This Privacy Policy explains how we collect, use, store, and protect information when you access or use our website, software, and services (collectively, the "Services").

Information We Collect

We may collect the following types of information:

• Personal information such as name, email address, and company or brand name (merchant account holders)
• Shopify store order data: order ID, timestamps, line items, total price, currency, financial status — for up to 24 months of order history per store
• Customer data tied to those orders: customer ID, email, phone, first name, last name, and number of orders
• Meta connection metadata: pixel ID, access token, and ad-account identifiers (provided by the merchant during setup)
• Usage data including interactions with the platform, feature usage, and performance metrics
• Information submitted through forms, including waitlist and onboarding forms

How We Use Information

We use collected information to:

• Provide, operate, and improve Crevio's Services
• Analyze customer acquisition and lifetime value data
• Generate predictive analytics and insights
• Communicate with users about product updates, onboarding, and support
• Maintain security, prevent abuse, and ensure platform reliability

Third-Party Integrations

Crevio connects with two third-party platforms: Shopify (your store's order and customer data) and Meta (Facebook, for the Conversions API integration).

Data sent to Meta: Customer personal data — email, phone, first name, last name — is SHA-256 hashed before any transmission, per Meta's Conversions API specification. We send hashed customer identifiers together with aggregated order events (event name, value, currency, timestamp, event ID) to Meta's Conversions API so the merchant's ad campaigns can attribute and optimize conversions on the merchant's behalf, as configured by the merchant within Crevio.

Meta is the only external destination for customer or order data. Raw, unhashed personal data never leaves our infrastructure. You are responsible for ensuring you have the right to share customer data with Crevio for this purpose.

Data Storage and Security

Order and customer data is stored in our MySQL database on dedicated infrastructure. Access is restricted to Crevio's LTV training and event-delivery pipelines.

All personally identifiable customer fields (email, phone, first name, last name) are SHA-256 hashed before any external transmission, per Meta's Conversions API specification. Raw plaintext personal data never leaves our infrastructure or is shared with any other third party.

We implement reasonable technical and organizational measures — TLS in transit, access controls, audit logging — to protect your data from unauthorized access, loss, or misuse. However, no system is completely secure, and we cannot guarantee absolute security.

Predictive Analytics Disclaimer

Crevio uses machine learning and predictive models to generate insights such as predicted lifetime value. These outputs are estimates based on historical data and algorithms and should not be interpreted as guarantees of future performance.

Your Choices

You may:

• Request access to or deletion of your personal information
• Disconnect third-party integrations at any time
• Opt out of non-essential communications

Data Retention

Order and customer data is retained only while Crevio is installed on the merchant's store. On uninstall, all merchant data — order history, customer records, Conversions API configuration, and trained machine-learning models — is permanently deleted within seconds via Shopify's app/uninstalled webhook. There is no soft-delete and no archive.

We honor Shopify's GDPR compliance webhooks (customers/data_request, customers/redact, shop/redact) per Shopify's compliance schedule. Customer data subject requests are responded to within 30 days.

Account information for merchant users may be retained as required for legal, operational, or security purposes.

Children's Privacy

Crevio is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children.

Changes to This Policy

We may update this Privacy Policy from time to time. If changes are material, we will notify users through the website or email.

Contact Us

If you have questions about this Privacy Policy or how your data is handled, contact us at:

[email protected]