Legal

Privacy Policy

Last updated: [EFFECTIVE DATE]

This Privacy Policy explains how Sheen ("Sheen," "we," "us") collects, uses, shares, and protects personal information when you use the Sheen Platform. By using the Platform, you agree to this Policy. If you are a California resident, the Notice at Collection in Section 1 and the California Rights in Section 8 apply to you. Sheen Insurance Services LLC, a separate Sheen affiliate, is a separate controller of personal information you submit when you apply for or buy an insurance policy through the Platform. See Section 11.

1. Notice at Collection

At the point of collection, the categories of personal information we collect and the purposes for which we use them are summarized below. Full detail is in the rest of this Policy.

Retention: see Section 7. We do not sell personal information, and we do not share personal information for cross-context behavioral advertising. See Section 10.

  • Identifiers (name, email, phone, account ID) — Account creation, communication, fraud prevention
  • Commercial info (bookings, payments, transactions) — Provide and bill for the service
  • Internet/network activity (app interactions, device info, logs) — Operate, secure, and improve the Platform
  • Geolocation (service addresses, approximate or precise location) — Match Pros, geocode, live tracking
  • Sensory data (before/after and condition photos) — Service records, quality, claims
  • Professional or employment-related info (Pros only — business entity, business license, COI, background-check results) — Pro onboarding and verification
  • Sensitive personal information (precise geolocation; account credentials; payment information; government identifiers collected during Pro background check) — See Section 5
  • Inferences (preferences, propensity to repeat-book) — Personalization and recommendations

2. Information We Collect

  • Account information: name, email, phone, password (hashed), and profile details.
  • Vehicle & service details: make/model, vehicle class, service selections, notes.
  • Location & address data: service addresses, gate codes, and approximate or precise geolocation used to match Pros, geocode addresses, and show live tracking.
  • Payment information: processed by Stripe. Sheen does not store full card numbers; we store limited tokens and transaction metadata.
  • Photos & job records: before/after and condition photos, check-in records, timestamps, ratings, and messages between Customers and Pros.
  • Pro onboarding information: business entity name and type (LLC, S-Corp, sole prop with DBA), EIN or SSN provided for tax reporting via Stripe Connect, business license, certificates of insurance, and FCRA-compliant background-check results (provided to Sheen by the consumer reporting agency).
  • Device & usage data: app interactions, log data, device identifiers, and (with permission) push-notification tokens.

3. How We Use Information

To create and manage your account and provide the booking, matching, payment, and payout services. To facilitate communication and live tracking between Customers and Pros. To process payments, payouts, tips, refunds, loyalty credits, and memberships. To detect, prevent, and investigate fraud, abuse, and policy violations. To improve the Platform, provide support, and send service and (where permitted) marketing communications. To comply with legal obligations and enforce our Terms.

Automated decision-making: we use algorithmic matching to recommend a Pro for your job based on proximity, availability, ratings, and vehicle type. This is a routine logistics function and does not, by itself, deny you service.

4. How We Share Information

We share booking-relevant information (such as service address, vehicle details, and access notes) with the Pro assigned to your job so they can perform it.

We share information with service providers who process data on our behalf under contracts that limit their use of the data to providing the contracted service:

Our current sub-processor list is published at sheen.co/subprocessors and is updated when new providers are added.

We may disclose information to comply with law, respond to lawful requests, protect rights and safety, or in connection with a merger, acquisition, or asset sale. We do not sell personal information and we do not share personal information for cross-context behavioral advertising as those terms are defined in the California Consumer Privacy Act.

  • Stripe, Inc. — payments, payouts, and Pro onboarding (separate controller for payment-card data under PCI scope).
  • Supabase, Inc. — authentication, database, and file storage.
  • Mapbox, Inc. — geocoding and maps.
  • Resend (email), Twilio (SMS) and web-push providers — transactional and (where consented) marketing notifications.
  • Checkr / Sterling or equivalent — Pro background-check processing (FCRA-regulated).
  • Sheen Insurance Services LLC — when a Pro applies for or buys insurance through the Platform (separate controller; see Section 11).

5. Sensitive Personal Information

Some of the information we collect is "sensitive personal information" under California law, including precise geolocation, account credentials, payment information, and government identifiers collected during the Pro background-check process. We use this information only as necessary to provide and secure the service, prevent fraud, complete payment processing, comply with law, and perform Pro verification. California residents may request that we limit our use and disclosure of sensitive personal information to these purposes; see Section 8.

6. Location Data

Location data is used to match nearby Pros, geocode and validate service addresses, enable en-route tracking, and improve service quality. Pro location may be shared with the Customer during an active job for tracking. You can limit precise location through your device settings, though this may limit functionality.

7. Cookies & Similar Technologies; Data Retention; Security

Cookies. We use cookies and similar technologies for authentication, language and other preferences, security, and aggregate analytics. A list of categories and durations is at sheen.co/cookies. You can control cookies through your browser; some features may not work without them. If we ever use cookies or pixels for cross-context behavioral advertising, we will honor the Global Privacy Control browser signal and publish a 'Do Not Sell or Share My Personal Information' link.

Retention. We retain personal information for the periods set out below, or longer where required by law:

Security. We use reasonable administrative, technical, and organizational safeguards (including encryption in transit, access controls, and least-privilege provisioning) to protect information. No method of transmission or storage is 100% secure.

  • Account profile and credentials: while your account is active, plus 24 months after closure (then deleted or de-identified).
  • Booking and transaction records: 7 years from the booking date for tax and audit purposes.
  • Photos and job records: 12 months from the job date (longer if associated with an open dispute or claim, until resolved + 3 years).
  • Background-check results: as required under FCRA and CA ICRAA, plus any minimum retention required by our background-check vendor.
  • Marketing-consent records: 4 years from the last consent action.
  • Device and log data: typically 90–365 days, depending on data type.

8. Your Privacy Rights (California / CCPA-CPRA)

If you are a California resident, you have the right to:

How to submit a request. Two methods: (a) email privacy@sheen.co, or (b) submit a request at sheen.co/privacy-request. You may also use an authorized agent; we will require written proof of authorization and may verify directly with you. To verify your identity, we will match information you provide against information we already maintain about you (for example, email, phone, and recent booking). For sensitive requests, additional verification may be required, consistent with the CCPA Regulations.

Timing. We will confirm receipt within 10 business days and complete most requests within 45 days (extendable by 45 more, with notice).

  • Know — what personal information we collect about you, the sources, the purposes, and the categories of third parties to whom we disclose it.
  • Access and Portability — receive a copy of your personal information in a portable format.
  • Correct — correct inaccurate personal information we maintain about you.
  • Delete — request deletion of personal information, subject to legal exceptions (for example, transaction records we must retain for tax or fraud-prevention purposes).
  • Limit Use of Sensitive Personal Information — restrict our use and disclosure of sensitive personal information to the purposes listed in Section 5.
  • Opt out of "sale" or "sharing" — we do not sell or share personal information; if this ever changes, we will publish a 'Do Not Sell or Share My Personal Information' link.
  • Non-discrimination — we will not deny service, charge different prices, or provide a different level of service because you exercise these rights, except as permitted for bona fide financial-incentive programs (see Section 9).

9. Financial Incentives (Loyalty and Credits)

Our loyalty and promotional credit programs (see Terms of Service §6) may provide benefits (points, credits, discounts) in exchange for your participation in the program. To the extent these benefits are a "financial incentive" under CCPA §1798.125, the value of the benefits is reasonably related to the value to us of your participation, calculated by reference to our incremental margin from participating customers. You may opt in at sign-up and opt out at any time without losing access to the Platform; opting out forfeits unredeemed program benefits.

10. Other State Privacy Rights

Residents of Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA), Texas (TDPSA), Oregon (OCPA), Montana (MCDPA), Delaware (DPDPA), Iowa, Tennessee, Indiana, and New Jersey may have rights similar to those described above, including the right to confirm processing, access, correct, delete, port, and opt out of targeted advertising or profiling. To exercise these rights, contact privacy@sheen.co. You also have a right to appeal a denied request — appeals may be submitted to privacy-appeals@sheen.co and will be reviewed within 45 days.

11. Sheen Insurance Services LLC

If you apply for or buy a commercial insurance policy through the Platform, Sheen Insurance Services LLC acts as a separate controller for the information you submit in connection with that application (and any subsequent policy administration). The insurance carrier is also a separate controller and will provide its own privacy notice. Sheen Insurance Services LLC's privacy notice is at sheen.co/insurance-privacy.

12. Account & Data Deletion

You can delete your account in-app (Account → Delete My Account) or by contacting privacy@sheen.co. We will confirm receipt within 10 business days and complete deletion within 45 days, except where we must retain certain records (for example, transaction and tax records, fraud-prevention data, or records subject to a legal hold). Where we retain data under a legal exception, we will not use it for any other purpose.

13. Children

The Platform is not directed to children under 18, and we do not knowingly collect personal information from children under 13 (or under 16 for purposes of any "sale" or "sharing," though we do not sell or share). If you believe a minor has provided us information, contact privacy@sheen.co and we will delete it.

14. International Users

The Platform is operated from the United States. If you access the Platform from outside the U.S., your information will be transferred to and processed in the U.S. We do not currently market to or knowingly collect personal information from residents of the EU, UK, or other jurisdictions with comprehensive data-protection regimes equivalent to those laws. If you believe we hold information about you that is subject to those laws, contact privacy@sheen.co.

15. Changes & Contact

We may update this Policy and will post the new effective date. Material changes will be communicated where required by law (for example, by email or in-app notice). Questions or requests: privacy@sheen.co.

This document is a draft provided for convenience and is not legal advice. Sheen recommends review by qualified counsel before relying on these terms. Contact hello@sheen.co with questions.