Privacy Policy
Last reviewed:
1) Introduction
Welcome to ChannelWeave ("ChannelWeave", "we", "us", or "our"). We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our websites, products, and services (collectively, the "Services"). It also explains your rights under the UK GDPR, the EU GDPR, and other applicable data protection laws.
2) Who we are (Controller)
ChannelWeave acts as the data controller for personal data processed via the Services.
Contact details
- Trading entity: ChannelWeave
- Trading address: 124 City Road, London, EC1V 2NX
- Contact email: privacy@channelweave.com
3) Scope
This policy applies when you:
- Access or use ChannelWeave websites or dashboards;
- Create an account, subscribe to a plan, or use our APIs;
- Integrate your sales channels/marketplaces, or otherwise interact with our Services;
- Communicate with us (e.g., support requests, sales, or marketing).
It does not apply to third-party services you connect to ChannelWeave (e.g., marketplaces, payment processors). Those third parties are responsible for their own privacy practices.
4) Data we collect
We collect and process the following categories of personal data, depending on how you use the Services:
| Category | Examples | Source |
|---|---|---|
| Account & profile data | Name, email, password hash, role, organisation, plan, preferences. | Directly from you. |
| Billing data | Billing contact, tax/VAT ID, transaction history (processed via a payment provider; we do not store full card numbers). | Directly from you / payment processor. |
| Channel & inventory data | Identifiers and metadata for products, listings, orders, and related contact data of your customers as provided via connected channels. | From you and connected third-party platforms on your instruction. |
| Usage & telemetry data | Log files, IP address, device and browser info, pages viewed, time on page, feature interactions, error diagnostics. | Automatically collected. |
| Support & communications | Messages, tickets, call notes/recordings (where lawful), survey responses. | From you. |
| Cookies & similar | Session cookies, preference cookies, analytics identifiers. | Automatically collected; see Cookies & analytics. |
5) How we use data & legal bases
We use personal data for the following purposes and under the legal bases indicated (UK/EU GDPR):
- Account creation, authentication, user management
- Provision of APIs, dashboards, and integrations you request
- Customer support and incident response
To process payments, manage subscriptions, issue invoices, and comply with tax and accounting laws.
To protect accounts, investigate suspicious activity, and secure our infrastructure.
To understand usage, improve features and performance, and fix bugs. Where law requires consent (e.g., certain cookies), we rely on your consent.
We may send service messages and, where permitted, product updates or marketing. You can opt out of marketing at any time.
6) When we act as a processor
For personal data of your customers that you input or sync into ChannelWeave, you are the data controller and ChannelWeave acts as your data processor. Our processing of that data is governed by our Data Processing Addendum (DPA), which forms part of your agreement with us.
9) Data retention
We retain personal data only for as long as necessary to fulfil the purposes described in this policy, including to comply with legal, accounting, or reporting requirements. Typical retention examples include:
- Account data: kept for the life of your account and a reasonable period after closure.
- Billing records: retained per tax and accounting laws.
- Logs and telemetry: retained for a limited period for security and troubleshooting.
10) Security
We implement appropriate technical and organisational measures designed to protect personal data, including encryption in transit, access controls, least-privilege principles, and regular monitoring. No method of transmission or storage is 100% secure; we cannot guarantee absolute security.
If we become aware of a data breach affecting your personal data, we will notify you and regulators as required by law and in line with our incident response procedures.
11) International transfers
Where personal data is transferred outside the UK/EEA, we ensure an adequate level of protection through mechanisms such as adequacy regulations/decisions, UK/EU Standard Contractual Clauses (SCCs), and supplementary measures as appropriate.
12) Your rights
Subject to conditions and exceptions under applicable law, you may have the right to:
- Access a copy of your personal data
- Request correction (rectification) of inaccurate data
- Request deletion (erasure)
- Object to or restrict processing
- Data portability
- Withdraw consent at any time where processing is based on consent
To exercise these rights, contact us at privacy@channelweave.com. We may need to verify your identity.
13) Children’s data
Our Services are not directed to children and we do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will take appropriate steps.
14) Changes to this policy
We may update this policy from time to time. We will post the updated version with a new “Effective date” and, where appropriate, will notify you through the Services or by email.
15) Contact & complaints
Supervisory authority (UK)
You have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO) or your local authority.
ico.org.uk • Tel: 0303 123 1113