Privacy Policy

Last updated: April 23, 2026

1. Information We Collect

Account Information: Name, email address, company name, phone number (optional), credentials, and professional background for experts.

API Usage Data: AI outputs submitted for review, review results, risk assessments, audit trails, API call logs, and usage statistics.

Technical Data: IP addresses, browser type, device information, and cookies for authentication and analytics.

Payment Data: Billing information is processed by our third-party payment processor. We do not store full credit card numbers.

2. How We Use Your Information

  • To provide and operate the Service
  • To route AI outputs to appropriate domain experts
  • To generate audit trails and compliance records
  • To process payments and manage account balances
  • To improve our risk engine and AI pre-screening using anonymized data
  • To generate aggregated industry benchmarks and reports
  • To communicate with you about your account, updates, and the Service
  • To comply with legal obligations

3. Data Sharing

We share data only in these circumstances:

  • With experts: AI outputs submitted for review are shared with the assigned expert reviewer.
  • With clients: Expert verdicts, corrections, and credentials are shared with the submitting API client.
  • Service providers: Hosting (Vercel), database (Upstash), payment processing, and email services.
  • Legal compliance: When required by law, subpoena, or legal process.
  • Aggregated data: Anonymized, aggregated statistics may be used in industry reports and benchmarks.

We do not sell personal information to third parties.

4. Data Retention

Audit trail records are retained for a minimum of 7 years to support compliance requirements. Account data is retained while your account is active and for 12 months after termination. You may request deletion of your account data by contacting us.

5. Data Security

We implement industry-standard security measures including encryption in transit (TLS), encrypted storage, access controls, and regular security reviews. No system is 100% secure, and we cannot guarantee absolute security.

6. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data (subject to retention requirements)
  • Object to processing of your data
  • Data portability
  • Withdraw consent where processing is based on consent

To exercise these rights, contact contact@withev.com.

7. GDPR (EU Users)

If you are in the European Economic Area, we process your data under the following legal bases: contractual necessity (providing the Service), legitimate interest (improving the Service, security), and consent (where applicable). You may contact us to exercise your rights under GDPR.

8. CCPA (California Users)

California residents have the right to know what personal information we collect, request deletion, and opt out of sale of personal information. We do not sell personal information. To make a request, contact contact@withev.com.

9. International Transfers

Data may be transferred to and processed in the United States. By using the Service, you consent to this transfer. We implement appropriate safeguards for international data transfers.

10. Children's Privacy

The Service is not intended for use by anyone under 18. We do not knowingly collect data from minors.

11. Changes

We may update this Privacy Policy at any time. Material changes will be communicated via email to registered users at least 30 days before taking effect.

12. Contact

Questions about this Privacy Policy should be directed to contact@withev.com.