This is the plain-English version. ShipMate is a tool for turning your work into authentic public content. We try to collect as little as possible, never sell your data, and let you delete everything at any time. The sections below describe exactly what we collect, why, where it goes, and your rights.
Who we are
ShipMate is operated by Simon Smaluhn and Jan Tammen (the "ShipMate team"). The service is available at shipmate.so. For any privacy or data question, email info@shipmate.so.
What we collect (and why)
- Account info: email address, optional name, profile photo, hashed password (only if you sign up with email/password). We use this to identify you and let you sign in.
- OAuth identity tokens: if you sign in with GitHub, Google, LinkedIn, or X, we receive your basic profile information (email, name, avatar) and store an access token to maintain your session and call provider APIs you authorize.
- Work logs & activity: the text you write in /log, GitHub commits and repo activity from repos you connect, and any other activity you intentionally enter into the product. This is the raw material for content generation.
- Style profile: writing samples you paste, social-media posts you choose to import (X, LinkedIn, Instagram), and the AI-derived voice profile we extract from them. Used only to generate content in your voice for you.
- Generated content: posts ShipMate writes for you, refinements, approvals, rejections, and engagement metrics if you connect a posting destination.
- Connected accounts & tokens: if you connect a publishing destination (LinkedIn, X, Instagram, Facebook, WordPress, Substack, Mailchimp), we store the OAuth access/refresh tokens or API credentials needed to publish on your behalf. These are never shared and only used for actions you initiate.
- Schedule & preferences: the days/times you want posts published, content pillars, project settings, notification preferences, push notification tokens (if you install the desktop or mobile app), and reminder settings.
- Billing info: if you subscribe, Stripe handles the payment. We see and store only your customer ID, subscription tier, and subscription status. Card numbers and bank details never touch our servers.
- Support & feedback: messages you send via in-app feedback forms or email, including any context you choose to attach.
- Product analytics: anonymized usage events (which page you visited, which feature you clicked) via PostHog and Google Analytics 4. We use these to understand which parts of the product work well. We do not use these tools to identify individuals beyond an opaque user ID, and you can opt out (see "Your rights").
- Error logs: if something crashes, PostHog Error Tracking captures the stack trace and a small amount of context (URL, browser, anonymized user ID) so we can fix the bug.
- Server logs: standard request logs (IP address, user agent, timestamp, path) kept for up to 30 days for security and debugging.
How we use your data
- To generate content in your voice (AI prompts include your work logs and style profile).
- To publish posts you approve to the destinations you connect.
- To send you the email reminders and digests you opted into.
- To run the product, debug issues, and keep your account secure.
- To process payments and manage your subscription.
- To improve the product through aggregated, anonymized analytics.
We do not sell your data, train external AI models on your private content, or share with advertisers.
Subprocessors (the companies we share data with to operate the service)
ShipMate is built on top of trusted infrastructure. Each provider below is bound by a data-processing agreement and processes data only on our instructions:
| Provider | What it processes | Where |
|---|
| Turso (libSQL) | All persistent app data | EU / US |
| OVH Cloud | Application hosting, server logs | Singapore |
| Cloudflare | CDN, DDoS protection, edge SSL | Global |
| Vercel Blob | Generated images, uploaded media | US |
| Stripe | Payment processing, subscription state | US / EU |
| Resend | Transactional email (magic link, reminders) | US |
| Groq | AI inference fallback (when Gemini rate-limits) | US |
| Google Gemini | Primary AI inference (work-log text, style extraction) | US / Global |
| FAL | AI image generation (optional) | US |
| Apify | Social-media post import for style training (only when you opt in) | US / EU |
| PostHog | Product analytics events | US (us.i.posthog.com) |
| Google Analytics 4 | Marketing / page-view analytics | US / Global |
| GitHub, Google, LinkedIn, X (Twitter) | OAuth sign-in & (where you authorize) posting / repo access | Global |
| Meta (Facebook, Instagram) | OAuth posting on accounts you connect | Global |
| WordPress.com, Substack, Mailchimp | Publishing your posts to destinations you connect | Varies |
We will update this list as we add or remove providers. Material changes will be announced before they take effect.
International transfers
Some subprocessors above are based outside the EU/UK. Where transfers occur, they rely on standard contractual clauses (SCCs) and equivalent safeguards. Our primary application server is in Singapore (OVH); our database is on Turso in the EU and/or US depending on region.
Cookies & tracking
We use cookies for sign-in sessions (essential), CSRF protection, and to remember your preferences. We use first-party analytics cookies via PostHog and Google Analytics. We do not use advertising cookies and do not sell behavioral data. EU/UK visitors will see a consent banner before any non-essential analytics are loaded.
Data retention
- Active accounts: we keep data as long as the account exists and you use the service.
- Inactive accounts: we may delete inactive free accounts after 24 months of inactivity (we'll email you first).
- Deleted accounts: hard-deleted within 30 days of your deletion request. Some legal/billing records may be retained longer where required by tax law (Stripe receipts, etc.).
- Server logs: 30 days.
- Error logs (PostHog): 90 days.
- Backups: rolling encrypted backups retained up to 30 days.
Your rights
Wherever you live, we honor the following rights for everyone (some are explicitly required by GDPR for EU/UK residents and CCPA for California residents):
- Access: export everything we have on you. Email info@shipmate.so with the subject "data export".
- Correction: edit your profile in Settings, or ask us.
- Deletion: delete your account in Settings → Account, or email us.
- Portability: we'll provide a JSON export of your content on request.
- Opt-out of analytics: we honor "Do Not Track" and provide an in-app analytics opt-out (Settings → Privacy).
- Opt-out of marketing email: every marketing email has an unsubscribe link.
- Complain to a regulator: EU/UK residents can complain to their data protection authority. We'd rather you tell us first so we can fix it.
Children
ShipMate is not directed at children under 16. We do not knowingly collect data from children. If you believe we have, email info@shipmate.so and we will delete it.
Security
All traffic is encrypted with TLS. Passwords are hashed with bcrypt. OAuth tokens are stored encrypted at rest. Access to production systems is restricted to the ShipMate team and protected by 2FA. We follow least-privilege practices for subprocessor access. No system is perfectly secure - if you find a vulnerability, please report it to info@shipmate.so with subject "security".
Changes to this policy
We may update this policy as we add features or change subprocessors. Material changes will be announced via email and/or in-app notice at least 14 days before they take effect. The "last updated" date at the top reflects the latest revision.
Contact
Anything privacy-related, the simplest path is to email info@shipmate.so. We aim to respond within 5 business days.