Privacy Policy
How ShadeOfHue SSO collects, uses, and protects the information tied to your identity across the ShadeOfHue ecosystem.
Last updated: June 5, 2026
On this page
ShadeOfHue SSO ("ShadeOfHue", "we", "us", or "our") is the single sign-on and identity provider for the ShadeOfHue ecosystem. This Privacy Policy explains what information we collect when you create and use a ShadeOfHue account, how we use it, and the choices you have. It applies to the sign-in experience and to the identity data we share with apps you choose to sign in to.
Overview
A single ShadeOfHue account lets you sign in once and access every connected app in the ecosystem. To make that possible, we act as the central place where your identity, sessions, and security settings live.
We aim to collect only what we need to authenticate you, keep your account secure, and pass the minimum necessary information to the apps you authorize. We do not sell your personal information.
Information we collect
We collect the following categories of information to operate the identity provider.
- Account information
- Your name, email address, profile photo, and password (stored only as a salted hash). If you sign in with a third-party provider such as Google, we receive the basic profile and email that provider shares.
- Authentication & security data
- Credentials and security factors such as passkeys, linked accounts, sign-in events, and password reset requests, used to verify it is really you and to protect your account.
- Usage & log data
- Records of how you interact with the sign-in service — for example sign-in and sign-out events, which app initiated a request, and consent decisions — kept for security, troubleshooting, and audit.
- Device & connection data
- Technical information such as IP address, browser and device type, and approximate location derived from your IP, used to detect suspicious activity and keep sessions secure.
How we use your information
We use the information we collect to:
- Authenticate you and create and maintain secure sign-in sessions across ShadeOfHue apps.
- Share the minimum necessary identity claims with apps you choose to sign in to.
- Protect your account and the ecosystem by detecting, preventing, and responding to fraud, abuse, and security incidents.
- Provide support, respond to your requests, and send essential service messages such as password resets and security alerts.
- Meet our legal, regulatory, and audit obligations.
Sharing with connected apps
When you sign in to a ShadeOfHue or partner app through SSO, we share identity information so that app can recognize you. For first-party apps within the ShadeOfHue family this happens automatically; for other apps you may be asked to review and consent first.
Depending on the app and the scopes it requests, the information shared may include:
- Your basic profile — such as user ID, name, email, and profile photo.
- Subscription and entitlement claims — which ShadeOfHue plans are active for that app, so it can unlock the right features.
- Tokens that confirm your sign-in, issued and verified through our standard OAuth 2.x / OpenID Connect endpoints.
We share information with service providers (such as payment and email infrastructure) only as needed to run the service, and when required by law. We do not sell your personal information.
Cookies & sessions
We use strictly necessary cookies to keep you signed in and to remember preferences such as your language. Session cookies are set as httpOnly and Secure where applicable so they cannot be read by scripts. These cookies are essential to the sign-in service and cannot be turned off without breaking it.
Data retention
We keep your account information for as long as your account is active. Security and audit logs are retained for a limited period needed for fraud prevention, troubleshooting, and legal compliance, after which they are deleted or anonymized. When you delete your account, we remove or anonymize associated personal data, except where we must retain it to meet legal obligations.
How we protect your data
We apply industry-standard safeguards including encryption in transit, hashed passwords, signed tokens, httpOnly session cookies, and support for passkeys and strong authentication. No method of transmission or storage is perfectly secure, so we also encourage you to use a strong, unique password and enable passkeys.
Your rights & choices
Depending on where you live, you may have the right to:
- Access, correct, or update the personal information in your account.
- Delete your account and associated personal data.
- Disconnect linked accounts or revoke an app's access to your identity.
- Object to or restrict certain processing, and lodge a complaint with a data protection authority.
International data transfers
ShadeOfHue operates globally, so your information may be processed in countries other than the one where you live. Where we transfer data across borders, we use appropriate safeguards to protect it consistent with this policy and applicable law.
Children's privacy
ShadeOfHue SSO is not directed to children under the age required by your local law to consent to online services, and we do not knowingly collect their personal information. If you believe a child has provided us information, please contact us so we can remove it.
Changes to this policy
We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date above and, where appropriate, notify you. Your continued use of ShadeOfHue SSO after an update means you accept the revised policy.
Contact us
If you have questions about this Privacy Policy or how we handle your information, reach us at one of our offices or by email:
Hue City, Viet Nam
53 Nguyen Hue Street, Vinh Ninh District
Da Nang City, Viet Nam
112 30/4 Street, Hai Chau District
California State, USA
25060 Monte Vista Drive, Hayward, CA, 94545
Email: info@shadeofhue.com