Zevvle's stance on privacy


As we’re nearing the launch (:tada:) I’d like to address some of my concerns regarding (sadly) common industry practices and how Zevvle is hopefully different.

  • Does Zevvle use any kind of analytics/stalking/tracking on its mobile app, and if so, can this be made opt-in, at least on the app (ad blockers take care of it on the web anyway)? It’s not that I don’t trust Zevvle (I very much do otherwise I wouldn’t be here in the first place) but I don’t necessarily trust the analytics provider, considering the most popular SDKs are provided by companies like Google and Facebook whose business models are inherently at odds with privacy. To be clear, I’m not saying to believe them when they say they don’t collect any PII (time and time again has shown that anything Facebook says is a lie for example), I’m saying don’t even load their code nor send them a single packet until the user opts-in.

  • Does Zevvle plan to provide any customer information as part of their advertising campaigns, for example to exclude existing customers, and again, can this be made opt-in (I’m not sure this can actually be legal otherwise - advertising is not essential to providing the service so it might be hard to call this “legitimate interest”)?

  • Does Zevvle share any subscriber data with the host carrier? I don’t necessarily trust the MVNO enabler or their host carrier (or any of the big carriers in fact) as far as privacy is concerned, and the amount of trackers on their homepage alone makes me feel right about my decision. If any sharing of data is in place (it could be a contractual requirement), are there any restrictions as to how the host carrier can use this data?

  • Some carriers resell anonymised (so they say) location information in bulk to help plan car traffic patterns, etc. Here’s an example by Vodafone - surprisingly this is opt-out and not readily disclosed when signing up, which I’m not sure is even allowed under the GDPR anymore. In any case, does the enabler or their host carrier do something similar, and if so are they allowed to use Zevvlers’ data and movement patterns for this?

  • Does Zevvle share any data with credit bureaus, whether for credit-checking applicants, or as “goodwill” (lol) to facilitate other companies’ credit checks? (I remember working with an identity verification API that took a phone number and could confirm whether the given number matches the rest of the details given, for which I suspect they have direct access to carriers’ customer databases to be able to check that.)

  • Will Zevvle be using third-party SMS providers for their service communications? I remember a major carrier was using these guys to deliver their notification texts (like for RPI-related price increases and such) which is a bit surprising (you’re a carrier and can’t even send SMS to your own customers directly). In any case, given this provider’s business is basically spam disguised as attempts to “improve your experience” I want to stay far away from them and would like some assurance that Zevvle won’t be dealing with similar companies.



Thank you for the questions :slight_smile: I’ll reply in full later when I’ve got a moment; for now I’ll say we don’t track your usage in the app – the only thing is Intercom that logs when you’re online and the device you’re using (helpful for troubleshooting).


Yeah Intercom is a fair trade off for now!

1 Like

Hey, sorry for the delay on this. Here are our answers:

At the moment, no (although as mentioned we use Intercom which logs your device model and the software its running which is helpful for troubleshooting).

Within the next few weeks, we are going to setup some basic analytics for experimenting (a/b testing) with Amplitude, only sharing the bare minimum for us to say “This button placement is 50% more effective” (i.e., no PII). We do not and will not use Facebook or Google.

If we do, it’ll be an anonymised average, e.g. “Our customers saved £X on average last month”. We’ll never do a Revolut and target/advertise a segment of our customers (e.g., “To the 400 people who called 0123456… You okay, hun?” – that’s disgusting) without their consent.

No. However, we will if required by law (e.g., an investigation into someone on our network).

It states in our contract that they do not process data beyond the scope of what they need to enable us.

No, we do not.

Yes, we will, though eventually we want to bring it in-house. We haven’t set anything up yet, but it’ll likely be Twilio. From their website, “We do not sell your end users’ personal information and we do not share your end users’ information with third parties for those third parties’ own business interests.”

Any questions let me know :slight_smile:


you savage, you :fire: