Sign up for our Beta
Sign up for Beta
Shadow — Privacy Policy
This Privacy Policy explains how Shadow AI ("Shadow AI," "we," "us," or "our") collects, uses, and protects information when you access or use our website, platform, and related software-as-a-service offerings (collectively, the "Services").
By using the Services, you agree to the practices described in this Privacy Policy. If you do not agree, please do not use the Services.
1. Information We Collect
1.1 Information You Provide
Account Information: name, email address, company details, login credentials, and any profile information you choose to provide.
Inputs: prompts, files, configurations, or other content you submit to the Services.
Customer Data: any data you connect, upload, or transmit through integrations (e.g., e-commerce account data, ad account information, analytics data).
Payment Information: processed securely by our payment processor; we do not store credit card numbers.
Amazon Integration Data: if you connect Amazon, data retrieved from your authorized Amazon Selling Partner account via the Selling Partner API (SP-API), including analytics reports (such as Brand Analytics where available to your account).
1.2 Information We Automatically Collect
Usage Data: analytics on how you and Authorized Users interact with the Services (e.g., feature usage, performance logs).
Device & Technical Data: IP address, browser type, device identifiers, operating system, cookies, and similar technologies.
Log Data: server logs, error reports, and diagnostic information used to maintain reliability and security.
2. How We Use Your Information
To provide and operate the Services: including processing Inputs, generating Outputs, supporting integrations, and maintaining infrastructure.
To improve the Services: analyzing anonymized usage data to enhance performance, reliability, and user experience.
To provide support: troubleshooting, onboarding assistance, and responding to inquiries.
To maintain security: detecting fraud, monitoring for misuse, and enforcing our Terms of Service.
To communicate with you: onboarding materials, updates, notices, and administrative messages.
For legal compliance: meeting regulatory and data-protection obligations.
2.1 Amazon SP-API (Selling Partner API) & Brand Analytics Data Use
If you connect an Amazon Selling Partner account (e.g., Seller Central and/or Vendor Central), Shadow AI may access and process Amazon-provided data, including analytics and reports (such as Brand Analytics where available to your account), solely to provide the Services you request—such as dashboards, analytics, reporting, and AI-assisted insights for your organization.
We access Amazon data only for accounts that explicitly authorize Shadow AI, and we use that data only to provide features to the authorized account.
We do not (a) aggregate or combine Amazon data across different authorized selling partners to create or provide benchmarking, comparative datasets, or insights to other parties (including other sellers), or (b) publish, promote, or share insights about Amazon's business derived from Amazon data. We do not use Amazon-derived data or insights for Shadow AI's own business purposes outside of providing the Services to the authorized user.
3. How We Do Not Use Your Data
Shadow AI does not use your Customer Data—including Inputs or Outputs—to train, develop, or improve any independent AI models. We process Customer Data solely to provide the Services you request. Your proprietary data remains yours.
4. How We Share Information
We do not sell your personal information. We may share information only in the following circumstances:
4.1 Service Providers (Sub-processors)
Trusted vendors who help operate the Services (e.g., hosting, logging, support tools). These providers follow strict confidentiality and security obligations. A list of sub-processors is available upon request.
4.2 Legal
Complying with laws, regulations, or government requests.
Enforcing our Terms.
Protecting Shadow AI, users, or the public.
4.3 Business Transfers
If Shadow AI is involved in a merger, acquisition, financing, or sale, information may be transferred. We will notify you where required.
5. Data Security
We use industry-standard security practices, including encryption, access controls, SOC-2 aligned controls, authentication, and continuous monitoring. While no system is perfectly secure, we take commercially reasonable measures to protect your data.
All personal data is encrypted at-rest using AES-128 encryption or higher (or RSA with a 2048-bit key size or higher where applicable). Data in-transit is encrypted using TLS 1.2 or above to ensure secure communication between your devices and our Services.
We maintain strict access control policies. Employees and contractors are granted access privileges based on their specific roles and responsibilities. System access logs are retained, and user privileges to company systems are reviewed at least annually to ensure appropriate access levels are maintained.
Shadow AI maintains an incident response and business continuity policy. We conduct business impact assessments to identify key assets and establish appropriate Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO). Incident response drills are conducted at least annually, and drill reports are retained to ensure continuous improvement of our response capabilities.
6. Data Retention & Deletion
Customer Data is retained during your subscription and up to 30 days after termination unless you request earlier deletion. Upon request or expiration, Customer Data and backups are irreversibly deleted. Diagnostic and anonymized analytics data may be retained longer.
7. Your Rights
Depending on your location, you may have rights to:
Access
Correction
Deletion
Portability
Restriction or objection to processing
Requests may be submitted to support@shadow.co We respond within legally required timeframes.
8. Cookies & Tracking Technologies
We use cookies for essential functionality, analytics, and remembering preferences. You may modify cookie settings through your browser or our cookie banner when available.
9. International Data Transfers
If you access the Services from outside the U.S., your data may be transferred to countries with different privacy laws. We use Standard Contractual Clauses or similar safeguards where required.
10. Children's Privacy
The Services are not intended for individuals under 18. We do not knowingly collect data from children.
11. Changes to This Policy
We may update this Policy periodically. Updates will be posted with a revised date. For material changes, we will provide advance notice. Continued use after changes means acceptance.
Contact us
Shadow AI
Email: support@shadow.co
Website: https://www.shadow.co
Privacy Policy
This Privacy Policy explains how Shadow AI ("Shadow AI," "we," "us," or "our") collects, uses, and protects information when you access or use our website, platform, and related software-as-a-service offerings (collectively, the "Services").
By using the Services, you agree to the practices described in this Privacy Policy. If you do not agree, please do not use the Services.
1. Information We Collect
1.1 Information You Provide
Account Information: name, email address, company details, login credentials, and any profile information you choose to provide.
Inputs: prompts, files, configurations, or other content you submit to the Services.
Customer Data: any data you connect, upload, or transmit through integrations (e.g., e-commerce account data, ad account information, analytics data).
Payment Information: processed securely by our payment processor; we do not store credit card numbers.
Amazon Integration Data: if you connect Amazon, data retrieved from your authorized Amazon Selling Partner account via the Selling Partner API (SP-API), including analytics reports (such as Brand Analytics where available to your account).
1.2 Information We Automatically Collect
Usage Data: analytics on how you and Authorized Users interact with the Services (e.g., feature usage, performance logs).
Device & Technical Data: IP address, browser type, device identifiers, operating system, cookies, and similar technologies.
Log Data: server logs, error reports, and diagnostic information used to maintain reliability and security.
2. How We Use Your Information
To provide and operate the Services: including processing Inputs, generating Outputs, supporting integrations, and maintaining infrastructure.
To improve the Services: analyzing anonymized usage data to enhance performance, reliability, and user experience.
To provide support: troubleshooting, onboarding assistance, and responding to inquiries.
To maintain security: detecting fraud, monitoring for misuse, and enforcing our Terms of Service.
To communicate with you: onboarding materials, updates, notices, and administrative messages.
For legal compliance: meeting regulatory and data-protection obligations.
2.1 Amazon SP-API (Selling Partner API) & Brand Analytics Data Use
If you connect an Amazon Selling Partner account (e.g., Seller Central and/or Vendor Central), Shadow AI may access and process Amazon-provided data, including analytics and reports (such as Brand Analytics where available to your account), solely to provide the Services you request—such as dashboards, analytics, reporting, and AI-assisted insights for your organization.
We access Amazon data only for accounts that explicitly authorize Shadow AI, and we use that data only to provide features to the authorized account.
We do not (a) aggregate or combine Amazon data across different authorized selling partners to create or provide benchmarking, comparative datasets, or insights to other parties (including other sellers), or (b) publish, promote, or share insights about Amazon's business derived from Amazon data. We do not use Amazon-derived data or insights for Shadow AI's own business purposes outside of providing the Services to the authorized user.
3. How We Do Not Use Your Data
Shadow AI does not use your Customer Data—including Inputs or Outputs—to train, develop, or improve any independent AI models. We process Customer Data solely to provide the Services you request. Your proprietary data remains yours.
4. How We Share Information
We do not sell your personal information. We may share information only in the following circumstances:
4.1 Service Providers (Sub-processors)
Trusted vendors who help operate the Services (e.g., hosting, logging, support tools). These providers follow strict confidentiality and security obligations. A list of sub-processors is available upon request.
4.2 Legal
Complying with laws, regulations, or government requests.
Enforcing our Terms.
Protecting Shadow AI, users, or the public.
4.3 Business Transfers
If Shadow AI is involved in a merger, acquisition, financing, or sale, information may be transferred. We will notify you where required.
5. Data Security
We use industry-standard security practices, including encryption, access controls, SOC-2 aligned controls, authentication, and continuous monitoring. While no system is perfectly secure, we take commercially reasonable measures to protect your data.
All personal data is encrypted at-rest using AES-128 encryption or higher (or RSA with a 2048-bit key size or higher where applicable). Data in-transit is encrypted using TLS 1.2 or above to ensure secure communication between your devices and our Services.
We maintain strict access control policies. Employees and contractors are granted access privileges based on their specific roles and responsibilities. System access logs are retained, and user privileges to company systems are reviewed at least annually to ensure appropriate access levels are maintained.
Shadow AI maintains an incident response and business continuity policy. We conduct business impact assessments to identify key assets and establish appropriate Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO). Incident response drills are conducted at least annually, and drill reports are retained to ensure continuous improvement of our response capabilities.
6. Data Retention & Deletion
Customer Data is retained during your subscription and up to 30 days after termination unless you request earlier deletion. Upon request or expiration, Customer Data and backups are irreversibly deleted. Diagnostic and anonymized analytics data may be retained longer.
7. Your Rights
Depending on your location, you may have rights to:
Access
Correction
Deletion
Portability
Restriction or objection to processing
Requests may be submitted to support@shadow.co We respond within legally required timeframes.
8. Cookies & Tracking Technologies
We use cookies for essential functionality, analytics, and remembering preferences. You may modify cookie settings through your browser or our cookie banner when available.
9. International Data Transfers
If you access the Services from outside the U.S., your data may be transferred to countries with different privacy laws. We use Standard Contractual Clauses or similar safeguards where required.
10. Children's Privacy
The Services are not intended for individuals under 18. We do not knowingly collect data from children.
11. Changes to This Policy
We may update this Policy periodically. Updates will be posted with a revised date. For material changes, we will provide advance notice. Continued use after changes means acceptance.
Contact us
Shadow AI
Email: support@shadow.co
Website: https://www.shadow.co
EthosXYZ Technologies Inc.
Copyright 2026
All Rights Reserved
EthosXYZ Technologies Inc.
Copyright 2026
All Rights Reserved