Privacy Policy

Last updated: May 16, 2026

This Privacy Policy explains how New Eve (“New Eve,” “we,” “us,” or “our”) collects, uses, and shares personal information when you visit our websites at neweve.com and related subdomains, sign up for an account, use our services, or otherwise interact with us.

We operate two distinct roles under data protection law:

  • As a controller, when we collect information from you as a New Eve customer, prospect, or website visitor.
  • As a processor, when our customers store or process personal information about their own end users on services we host (such as eveCloud, eveMail, eveClips, eveTeam, eveSpace, and eveAnalytics). In that role, our customer is the controller, and our handling of that information is governed by our agreement with that customer and Section 8 of this Policy.

1. Information We Collect

1.1 Information you give us

  • Account information: name, email address, business name, billing address, and phone number.
  • Payment information: card details are collected and stored by our payment processor (Stripe, Inc.); we receive limited information such as the last four digits, card brand, and expiration date.
  • Communications: messages you send us by email, contact form, support ticket, or phone, including any attachments.
  • Project information: for professional services engagements, information you share with us about your business, audience, content, brand assets, and project goals.

1.2 Information we collect automatically

  • Log data: IP address, browser type and version, operating system, referring URL, pages viewed, and timestamps. Server access logs are retained for up to 90 days for security and troubleshooting.
  • Device and usage data: information about how you interact with our websites and account dashboard.
  • Cookies and similar technologies: see Section 7.

1.3 Information from third parties

  • Domain registry data: when you register a domain through eveDomains, we receive information from the relevant registry and registrar required to provide the domain.
  • Service providers: our payment processor, email deliverability provider, and analytics provider share limited information with us as needed to provide their services.
  • Public sources: business contact details where reasonably available.

We do not knowingly collect personal information from children under 13. If you believe a child has provided us personal information, contact us at [email protected] and we will delete it.

2. How We Use Information

We use the information described above to:

  • create and operate your account and provide the Services you request;
  • process payments and send invoices, receipts, and renewal notices;
  • provide customer support and respond to your inquiries;
  • monitor, secure, and improve the Services, including detecting and preventing fraud, abuse, and security incidents;
  • back up data and recover from outages;
  • send service-related notices (billing, security, scheduled maintenance, policy updates) — you cannot opt out of these as long as you have an active account;
  • send marketing communications about our products and services where permitted, which you can opt out of at any time using the unsubscribe link or by emailing [email protected];
  • understand how the Services are used (in aggregate) and develop new features;
  • comply with legal obligations and enforce our Terms of Service.

2.1 Legal bases (for EEA and UK residents)

Where the EU or UK General Data Protection Regulation applies, we rely on the following legal bases:

  • Performance of a contract: to provide the Services you request and bill for them.
  • Legitimate interests: to secure and improve the Services, prevent fraud, send relevant business communications to existing customers, and operate our business — provided those interests are not overridden by your rights.
  • Consent: for non-essential cookies, marketing emails to prospects where required, and any other processing that requires consent. You may withdraw consent at any time.
  • Legal obligation: to comply with tax, accounting, and other legal requirements.

3. AI Features

eveAi uses third-party large language model providers to generate website copy, layout suggestions, and imagery from prompts you provide. When you use eveAi:

  • Prompts and brand information you submit are sent to the model provider to generate output.
  • We do not knowingly include other customers’ content in your prompts.
  • We have contractual commitments from our model providers that prompts and outputs submitted through our API integrations are not used to train their public models.
  • Generated output is provided to you for use under the Terms of Service. You are responsible for reviewing AI-generated content before publishing it.

4. How We Share Information

We do not sell personal information, and we do not share it for cross-context behavioral advertising.

We share information only as follows:

  • Service providers (subprocessors): companies that help us operate the Services under contracts requiring confidentiality and appropriate security. Current categories and providers include:
    • Infrastructure and hosting: data center providers in the United States.
    • Payment processing: Stripe, Inc.
    • Email deliverability: Postmark (ActiveCampaign LLC) for transactional email.
    • Domain registration: ICANN-accredited registrars and registry operators (varies by TLD).
    • Error monitoring and logging: tools we operate on our own infrastructure.
    • Customer communication: tools that support our shared inbox and support workflow.
  • Professional advisors: lawyers, accountants, and auditors, where reasonably necessary.
  • Business transfers: in connection with a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, subject to confidentiality.
  • Legal compliance and protection: when we believe in good faith that disclosure is necessary to comply with a legal obligation, respond to a valid legal process, protect our or others’ rights, property, or safety, or investigate fraud or abuse. We will challenge overbroad or improper requests where appropriate.
  • With your consent or at your direction.

A current list of subprocessors is available on request at [email protected].

5. Data Retention

We retain personal information for as long as needed to provide the Services and for the purposes described in this Policy, including:

  • Active accounts: for the life of the account.
  • Billing and tax records: at least seven (7) years, as required by U.S. tax and accounting rules.
  • Server access logs: up to 90 days.
  • Backups of customer sites: at least 14 days, rolling.
  • Closed accounts: customer site data is permanently deleted within thirty (30) days of account closure unless you have requested an export, in which case we will hold it for a reasonable additional period to complete the transfer.
  • Marketing contacts: until you unsubscribe or three (3) years of inactivity, whichever comes first.

6. Security

We protect personal information using technical and organizational measures, including encryption in transit (TLS), encryption at rest where appropriate, network segmentation, access controls, the principle of least privilege, logging, and regular software updates. No system is perfectly secure. If we become aware of a security incident affecting your personal information, we will notify you as required by law.

7. Cookies and Tracking

Our websites use cookies and similar technologies for:

  • Strictly necessary purposes (authentication, security, load balancing, remembering your cookie preferences) — these are always on.
  • Functional purposes (remembering your settings).
  • Analytics purposes (understanding how the site is used), implemented through eveAnalytics. eveAnalytics is designed to be privacy-friendly: it does not use third-party cookies, does not build cross-site profiles, and does not require a cookie banner under most jurisdictions because it does not store personal identifiers in the browser. Where local law still requires consent, we ask for it.

We do not use third-party advertising cookies on our own websites. If you visit a customer site hosted on eveCloud, that customer is responsible for its own cookie practices.

You can manage cookies through your browser settings or, where applicable, through the cookie preference center linked in the footer of our websites. Most browsers also respect Global Privacy Control (GPC) signals, which we honor as an opt-out of sale or sharing for residents of states where required.

8. Customer Data on the Services (Processor Role)

When you use eveCloud, eveMail, eveClips, eveTeam, eveSpace, eveAnalytics, or eveAi to process personal information about your own end users, customers, subscribers, or members, you are the controller of that information and New Eve acts as your processor.

In that capacity:

  • We process Customer Content only on your documented instructions, which include your configuration of the Services and the Terms of Service.
  • We will not access Customer Content except as necessary to provide and support the Services, to respond to a support request you initiate, to maintain the integrity and security of the Services, or to comply with law.
  • We require our subprocessors to commit to confidentiality and appropriate security.
  • On request, we will support you in responding to data subject requests, performing data protection impact assessments, and notifying regulators of qualifying incidents.
  • A Data Processing Addendum (DPA) is available on request to customers whose use of the Services is subject to GDPR, UK GDPR, or similar laws.

9. International Transfers

We are based in the United States and process information in the United States. If you access the Services from outside the United States, your information will be transferred to, stored, and processed in the United States, which may not provide the same level of data protection as your jurisdiction. For transfers of personal information from the EEA, UK, or Switzerland, we rely on the European Commission’s Standard Contractual Clauses (and the UK Addendum or Swiss equivalents, as applicable), or other lawful transfer mechanisms.

10. Your Rights

Depending on where you live, you may have the following rights:

  • Access: ask for a copy of the personal information we hold about you.
  • Correction: ask us to correct inaccurate or incomplete information.
  • Deletion: ask us to delete personal information, subject to exceptions (for example, information we must keep for legal or accounting reasons).
  • Portability: ask us to provide your information in a portable, machine-readable format.
  • Objection or restriction: object to or restrict certain processing based on legitimate interests, including direct marketing.
  • Withdraw consent: where we rely on consent.
  • Opt out of sale or sharing: we do not sell personal information or share it for cross-context behavioral advertising; we honor opt-out signals such as GPC.
  • Non-discrimination: we will not discriminate against you for exercising these rights.

To exercise any of these rights, email [email protected]. We will verify your request, generally by confirming control of the email address on your account, and respond within the timeframe required by applicable law (typically 30–45 days).

If you are an end user of a customer’s site hosted on our Services, please direct your request to that customer in the first instance; we will support them in responding.

You may also lodge a complaint with your local data protection authority. For California residents, you may designate an authorized agent to submit a request on your behalf.

11. Do Not Track

Our websites do not respond to traditional Do Not Track browser signals because no consistent industry standard exists. We do honor Global Privacy Control as described in Section 7.

12. Third-Party Sites and Services

Our websites and Services may link to third-party sites or integrate third-party services. We are not responsible for the privacy practices of those third parties. Review their privacy policies before providing them personal information.

13. Changes to This Policy

We may update this Privacy Policy from time to time. If we make a material change, we will notify you by email or by posting a prominent notice on our website at least thirty (30) days before the change takes effect. The “Last updated” date at the top of this Policy reflects the most recent revision.

14. Contact

For questions about this Privacy Policy or our privacy practices, or to exercise any of your rights:

New Eve 2608 W Kenosha St, #452 Broken Arrow, OK 74012 Email: [email protected] Phone: (224) 459-0629