Privacy Policy for Shaku Embedded SDK (Sign-In Users)

Last Updated: 03/09/2026

User Accounts

This Privacy Policy describes how Shaku ("we", "us", "our") collects, uses, and protects personal information from users who sign in through Shaku's embedded SDK or widgets on demo pages or on websites and applications that integrate Shaku services ("Partner Sites").

By signing in or using Shaku services, you agree to the practices described in this Privacy Policy.

1. Information We Collect

1.1 Login Information

When you create an account or sign in through the Shaku SDK, we collect:

  • Email address
  • Encrypted password (hashed and salted — Shaku never stores raw or readable passwords)

This information is used solely to authenticate your account and maintain secure access to the service.

1.2 Usage Data

When you interact with Shaku services through Partner Sites, we may collect technical and usage data, including:

  • Measurement requests
  • Device type and browser type
  • Time and date of service usage
  • Error and diagnostic reports

This information helps operate, maintain, and improve the service.

1.3 Measurement Images

Some Shaku features allow users to upload images for body or garment measurement.

If you choose to use these features:

  • Images are processed by Shaku's measurement system
  • Images may be stored temporarily for service operation and quality improvement
  • Images are retained for up to three (3) months and then automatically deleted

Merchants or retailers using Shaku services cannot access these uploaded images.

A separate notice or consent screen may be presented before images are captured.

2. How We Use the Information

Your information may be used to:

  • Authenticate your identity securely
  • Maintain your account and user session
  • Provide measurement and size recommendation services
  • Improve the accuracy and performance of Shaku services
  • Monitor system security and prevent fraud or misuse

Shaku does not sell personal data or share login information with advertisers.

3. Relationship With Partner Websites

Shaku services may be used on third-party websites and online stores ("Partner Sites").

When you sign in through Shaku on a Partner Site:

  • The retailer does not receive your Shaku password
  • The retailer may receive measurement results generated through their integration
  • Images uploaded for measurement processing remain accessible only to Shaku systems

Each Partner Site operates under its own privacy policy for its own services.

4. Data Security

Shaku uses industry-standard security measures to protect user data, including:

  • Hashed and salted password storage
  • Encrypted data transmission (HTTPS)
  • Encrypted storage of sensitive information
  • Access controls that limit internal access to authorized personnel

Shaku aims to comply with applicable privacy laws including:

  • GDPR (European Union)
  • PIPEDA (Canada)
  • Other applicable privacy regulations.

5. Data Deletion

You may request deletion of your Shaku account and associated data at any time by contacting:

📧 [email protected]

Once a deletion request is processed, account data will be removed from Shaku systems except where retention is required for legal, security, or operational purposes.

Partner Sites cannot delete your Shaku account on your behalf.

6. Minors

Shaku services are intended for users 18 years of age or older.

Users under 18 must have permission from a parent or legal guardian to use the service.

Shaku does not knowingly collect personal information from minors without appropriate consent.

7. Contact

For privacy questions, data requests, or account deletion requests:

📧 [email protected]

Merchant Accounts and Store Integrations

Shaku provides services to online stores and applications ("Merchants") through an SDK, API integration, or Shopify plugin. Merchants may create a business account to access Shaku's dashboard and services.

1. Information We Collect From Merchants

When a Merchant registers for a Shaku business account, we may collect the following information:

  • Contact email address
  • Contact person name
  • Website URL
  • Shopify store name (if applicable)
  • Payment information (processed through invoicing or Shopify billing systems)

This information is used to manage the Merchant account, provide services, and handle billing.

2. API Keys and Integration Data

When a Merchant integrates Shaku services using an API key, SDK, or Shopify plugin, we may collect and process technical data related to the integration, including:

  • API keys associated with the Merchant account
  • API usage logs
  • Request volume and service usage metrics
  • IP addresses used to access the API
  • Error and diagnostic logs

This data is used to operate, monitor, and secure the Shaku services.

3. Measurement Data and End-User Information

When end users interact with Shaku services through a Merchant's website or application, Shaku may process measurement data generated through the service.

  • Stores may have access to measurement results produced through their integration.
  • Images submitted for measurement processing are stored by Shaku for service operation and quality improvement purposes.
  • Such images are retained for up to three (3) months and are then deleted.
  • Merchants do not have access to user images stored by Shaku.

4. Data Roles and Responsibilities

For measurement and user-generated data:

  • The end user remains the owner of their personal data.
  • The Merchant acts as the Data Controller, determining how the service is used on their website or application.
  • Shaku acts as the Data Processor, processing data on behalf of the Merchant in order to provide the service.

Merchants are responsible for ensuring that their own privacy policies properly disclose their use of Shaku services to their users.

5. Payment and Billing

Merchant services may be billed through:

  • Direct invoicing issued by Shaku, or
  • Shopify's application billing system (for Shopify integrations).

Payment processing providers may collect and process payment information according to their own privacy policies.

6. Data Retention

Shaku retains Merchant account information, API logs, and service usage records until the Merchant account is deleted.

Certain operational logs may be retained as necessary for security, compliance, and fraud prevention.

7. Security

Shaku implements industry-standard security measures to protect Merchant data and service integrations, including:

  • API key authentication
  • OAuth authentication for Shopify integrations
  • Encrypted data transmission using HTTPS
  • Encrypted storage of sensitive information
  • Access control mechanisms to limit internal access to data

8. Contact

Questions or data requests?

📧 [email protected]