Weavz

Last updated: February 2026

Privacy Policy

1. Introduction

This Privacy Policy describes how Weavz ("we", "our", "the Service") collects, uses, and protects your information when you use our integration infrastructure platform.

2. Information We Collect

Account Information

When you create an account, we collect your name, email address, and authentication credentials. If you use social login (Google, GitHub, Discord), we receive basic profile information from the provider.

Third-Party Credentials

When you create connections to third-party services (e.g., Slack, Google Sheets), we store OAuth2 tokens and API keys. These credentials are encrypted at rest using AES-256 encryption with per-environment keys.

Usage Data

We collect information about your use of the Service including: actions executed, triggers enabled, MCP server activity, API requests, and error logs. This data is used for billing, debugging, and service improvement.

Activity Logs

Action execution logs include timestamps, piece names, action names, and success/failure status. Input and output data may be logged for debugging purposes. Log retention varies by plan (7-365 days).

3. How We Use Your Information

  • To provide and maintain the Service
  • To authenticate requests and manage access control
  • To execute actions on third-party services on your behalf
  • To calculate usage for billing purposes
  • To debug issues and improve service reliability
  • To communicate service updates and security notices

4. Data Security

We implement the following security measures:

  • AES-256 encryption for all stored credentials
  • TLS encryption for all data in transit
  • Per-environment encryption keys (never stored in the database)
  • Organization and project-level access isolation
  • Rate limiting to prevent abuse
  • Code execution in sandboxed environments

5. Data Sharing

We do not sell your personal information. We share data only in the following circumstances:

  • Third-party services: When you execute actions, we send the specified input to the target service (e.g., sending a Slack message sends your message content to Slack).
  • Payment processing: Billing information is processed by Stripe. We do not store credit card numbers.
  • Legal requirements: We may disclose information if required by law or legal process.

6. Private Cloud Deployments

Private cloud deployments are available for enterprise customers who require data to remain on their own infrastructure. In these deployments, data does not leave your environment and Weavz does not have access to your instance. To learn more, contact our sales team.

7. Data Retention

Account data is retained while your account is active. Activity logs are retained according to your plan tier (7-365 days). Upon account deletion, we remove your data within 30 days, except as required by law.

8. Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion of your data
  • Export your data
  • Revoke third-party connection access at any time

9. Cookies

The Service uses session cookies for authentication. We do not use tracking cookies or third-party analytics on the platform. The marketing website may use minimal analytics.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or in-app notification.

11. Contact

For privacy-related questions, contact us at hello@weavz.io.