Plain-English Privacy
Privacy.
Shiny is built so that we can't spy on you, even if we wanted to. Here's exactly what that means, written to satisfy UK GDPR without losing the plain English.
Who is the data controller?
The data controller for any personal data we hold about you is:
TJH/CO LIMITED (trading as THEODORE HQ)
A company registered in England and Wales
Company number: 16589593
Registered office:
Fairway House, Links Business
Fortran Rd, St. Mellons
Cardiff, CF3 0LT
United Kingdom
Email: support@theodorehq.com
We are not required to appoint a Data Protection Officer under Article 37 of the UK GDPR (we are not a public authority, our core activities do not require large-scale regular monitoring of individuals, and we do not process special-category data on a large scale). Email support@theodorehq.com for any data-protection question.
Where your purchase email comes from
When you buy Shiny, your purchase is handled by Polar.sh, our payment and licensing provider and the Merchant of Record (the legal seller of the licence). At its own checkout Polar collects your email address, country of purchase, payment details, billing information and tax/fraud signals, and acts as a separate (independent) controller for that data under its own privacy policy and data-processing addendum. For data Polar handles on our behalf (the licence-key record, activation logs we read from its API), it acts as our processor. Polar in turn uses Stripe as its payment processor, so card details are handled by Stripe and never received by us. We receive your email and country from Polar so we can deliver and verify your licence. (This source-of-data line is required by Article 14 of the UK GDPR, because we obtain the data from Polar rather than from you directly.)
What information does Shiny collect from inside the app?
None. Shiny runs entirely on your Mac. It does not record what you click, when you launch it, which apps it pauses, how much memory it freed, or anything else about how you use it.
Does Shiny make any network requests?
Yes, exactly two kinds.
Once a day, an update check against https://www.theodorehq.com/shiny/appcast.xml. The request contains your current Shiny version and your macOS version (so we can serve the right update). It does not contain a unique identifier. The request is signed by Apple's Sparkle framework. You can disable update checks in Settings.
Once at first launch, a license-key activation check against Polar's licensing server, to verify your purchase. After activation, Shiny caches the verification locally and runs entirely offline; it does not re-check on every launch. See "International transfers" below for where this data goes.
What personal data do we hold, and on what lawful basis?
Three categories. We list each one with the lawful basis under Article 6 of the UK GDPR, because the law requires us to.
How long do we keep your data?
- Purchase email and licence record: while your licence is active, plus seven years after your last purchase, for HMRC tax-record requirements (Schedule 11 of the VAT Act 1994 and corresponding income-tax rules).
- Newsletter subscription: until you unsubscribe, plus thirty days while we process the unsubscribe.
- Licence-activation logs: twelve months from activation, then automatically deleted by Polar.
- Support emails: two years, then deleted, unless you ask us to keep them as a reference for an open issue.
Crash reports
Shiny never sends crash reports automatically. If Shiny crashes, the next time you open it you'll see a calm dialog explaining what happened, with a button to read the full report and a button to send it to support. Nothing leaves your Mac unless you choose to send it: you see the entire report first, and the email goes out from your own mail client so you remain in control of the message.
If macOS itself shows a separate "Send to Apple" dialog after a crash, that's Apple's standard system, not us, and you control it in System Settings → Privacy & Security → Analytics & Improvements.
Cookies and local storage on this website
No cookies. No third-party trackers. No advertising scripts. No fingerprinting. Our web fonts are self-hosted (served from this site), so loading a page makes no third-party requests at all. We do not show a cookie banner because we do not set cookies and the small bits of local storage we use fall under the exceptions described below.
A few small things are stored locally in your browser's localStorage, only on your own machine:
- Your light/dark theme preference (key:
shiny-theme-cache). Purely functional. Stored under the PECR "appearance" exception (Reg 6(3)(c), as amended by the Data (Use and Access) Act 2025) for storage that adapts the site to a user-selected preference. Clearing your browser's site data removes it. - A first-touch attribution record (keys:
ta_landing,ta_first_at, and, if you arrive with UTM tags in the URL,ta_source,ta_medium,ta_campaign,ta_term,ta_content,ta_ref). This is the page you first landed on, the site that referred you, any campaign tags in the link you arrived through, and a first-visit timestamp. We use it solely to understand which links lead to purchases. It is not a cookie, it stays in your own browser, it is never shared with anyone else, and it is not used to track you across other websites. Storage basis: PECR "statistical purposes" exception (Reg 6(3)(d), DUAA 2025). UK GDPR basis for the data itself: legitimate interests (Art 6(1)(f)) in understanding aggregate attribution.
Umami, our website analytics (described below), is cookieless and stores nothing on your device by default. It writes a single umami.disabled key only if you opt out (see the button below).
Both the appearance and statistical-purposes exceptions require us to give you a simple, free way to object. You can use the button below at any time, or clear this site's data in your browser, or use any standard content blocker (uBlock Origin, Ghostery, Brave's built-in shields all block our analytics by default).
Website analytics (Umami)
We use Umami, a privacy-friendly analytics tool we self-host on our own server at analytics.theodorehq.com. The server is located in Manchester, United Kingdom, so no international transfer is involved. We installed it in May 2026 to understand which pages people read so we can write better articles and improve what we publish.
Umami records: page URL, page title, page referrer, country (derived from your IP, then immediately discarded), browser, operating system, device type, and screen size. It does not set cookies, does not fingerprint your device, does not follow you across other websites, and shares nothing with any third party. The analytics server is run by us alone.
Storage basis (PECR): the "statistical purposes" exception (Reg 6(3)(d), as amended by the Data (Use and Access) Act 2025), because the access is solely to compile aggregate statistics about how people use this site. We give you a simple, free way to opt out (the button in the section above) as that exception requires. UK GDPR basis for the brief IP-to-country step before the IP is discarded: legitimate interests (Art 6(1)(f)). Retention: aggregate figures kept indefinitely; raw event records for twelve months.
Who handles your data, and international transfers
We keep suppliers to a minimum. Where one is based outside the UK, an approved UK transfer safeguard is in place:
- Polar.sh (United States) is our payment and licensing provider and the Merchant of Record (the legal seller) for your purchase. At its own checkout it acts as a separate controller for the data it collects there (email, country, payment, billing, tax/fraud); for data it handles on our behalf via its API (your licence-key record, activation logs) it acts as our processor. Polar uses Stripe (United States) as its payment processor; we never receive your card details. See Polar's data-processing addendum and privacy policy.
- Vercel (United States) hosts this website. Vercel is certified under the UK Extension to the EU-US Data Privacy Framework, and its data-processing agreement also incorporates the UK International Data Transfer Agreement (IDTA).
- Apple iCloud runs our
support@theodorehq.commailbox. For UK and EU users this is controlled by Apple Distribution International Limited in Ireland (within the EEA), with Standard Contractual Clauses for any onward transfer outside the EEA. - Website analytics is self-hosted on a server we run ourselves (Umami) in Manchester, United Kingdom, so your analytics data is never shared with a third-party analytics company and never leaves the UK.
You can ask us for more detail on any of these safeguards at support@theodorehq.com.
Your rights under UK GDPR
You have the following rights with respect to the personal data we hold about you:
- Right of access: ask us for a copy of the data we hold (Art 15).
- Right to rectification: correct any data that is inaccurate (Art 16).
- Right to erasure: ask us to delete your data, subject to our HMRC retention obligation above (Art 17).
- Right to restrict processing: pause our processing while a dispute is resolved (Art 18).
- Right to data portability: receive your data in a structured, common format (Art 20).
- Right to object: object to processing based on legitimate interests, including direct marketing (Art 21).
- Right to withdraw consent: for the newsletter, at any time, via the unsubscribe link or by emailing us (Art 7(3)).
- Right not to be subject to automated decision-making: we do not make any such decisions about you (Art 22).
To exercise any of these rights, email support@theodorehq.com. We respond within thirty days, free of charge.
Complaints
You have the right under section 164A of the Data Protection Act 2018 (inserted by the Data (Use and Access) Act 2025) to complain to us directly about how we have handled your personal data. The simplest electronic route is to email support@theodorehq.com. Tip to reach us fast: include the words "Privacy complaint" in the subject line. We flag every email containing that phrase so it goes to the front of the queue. We will:
- Acknowledge your complaint within 30 days of receiving it,
- Investigate it without undue delay, and
- Tell you the outcome, in writing, with our reasoning.
You also have the right to complain to the UK Information Commissioner's Office (ICO), the independent supervisory authority:
Information Commissioner's Office
Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Helpline: 0303 123 1113
ico.org.uk/make-a-complaint
You can contact the ICO at any time, though we would appreciate the chance to investigate first.
Children
Shiny is not directed at children under 13 (the UK age of digital consent under section 9 of the Data Protection Act 2018). We do not knowingly collect any personal data from anyone under 13. If you believe we hold such data in error, email us and we will delete it promptly.
Changes to this policy
If we ever change this policy, we'll update the date at the top, and email anyone on the customer list a plain-English summary of what changed at least fourteen days before the changes take effect. We will not retroactively start collecting more from existing users without telling them first.
Contact
Questions, concerns, or anything that smells off: support@theodorehq.com. A real human (Theodore) reads every email.