Privacy Policy

Effective date: April 25, 2026

ShipWave ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service at shipwave.dev ("the Service").

1. Information We Collect

Account Information

When you create an account, we collect:

• Name and email address
• Profile information (display name, avatar)
• Password (stored securely using industry-standard hashing)
• Billing information (processed securely by our payment provider, Paddle; we do not store full payment card details)

OAuth Tokens

When you connect third-party platforms (Twitter/X, LinkedIn, Reddit, Product Hunt), we collect and securely store OAuth access tokens and refresh tokens. These tokens allow the Service to publish content on your behalf. We only request the minimum permissions necessary to provide the Service.

Usage Data

We automatically collect certain information when you use the Service, including:

• IP address and approximate geographic location
• Browser type and version, device type, and operating system
• Pages visited, features used, and actions taken within the Service
• Timestamps, session duration, and referral source
• Performance data and error logs

Content Data

We store content you create or generate through the Service, including app descriptions, AI-generated post drafts, and published post history.

2. How We Use Your Information

We use the information we collect to:

• Provide, operate, and maintain the Service
• Generate AI-powered launch posts based on your app information
• Publish and schedule content to your connected platforms
• Process payments and manage subscriptions
• Provide analytics and engagement tracking for your published content
• Send transactional emails (account confirmations, billing receipts, service updates)
• Improve the Service through usage analysis and feedback
• Detect, prevent, and address technical issues and security threats
• Respond to support requests and communicate with you

3. Third-Party Services

We integrate with and share data with the following third-party services to provide the Service:

• Supabase — Database hosting and authentication. Your account data and application data are stored on Supabase infrastructure. See Supabase Privacy Policy.
• Paddle — Payment processing and subscription management. Paddle processes your payment information and manages billing. See Paddle Privacy Policy.
• Twitter/X — Content publishing via API. When connected, we transmit post content to Twitter/X on your behalf. See Twitter/X Privacy Policy.
• LinkedIn — Content publishing via API. When connected, we transmit post content to LinkedIn on your behalf. See LinkedIn Privacy Policy.
• Reddit — Content publishing via API. When connected, we transmit post content to Reddit on your behalf. See Reddit Privacy Policy.
• Product Hunt — Content publishing via API. When connected, we transmit post content to Product Hunt on your behalf. See Product Hunt Privacy Policy.

We do not sell your personal information to any third party.

4. Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Service. Specifically:

• Account data is retained for the duration of your account and up to 30 days after deletion
• OAuth tokens are deleted immediately when you disconnect a platform or delete your account
• Usage data is retained in aggregated, anonymized form for up to 24 months
• Published content history is retained for the duration of your account
• Billing records are retained as required by applicable tax and financial regulations

5. Your Rights

Depending on your location, you may have the following rights regarding your personal information:

• Access — Request a copy of the personal data we hold about you
• Correction — Request correction of inaccurate or incomplete data
• Deletion — Request deletion of your personal data
• Portability — Request your data in a structured, machine-readable format
• Restriction — Request that we limit the processing of your data
• Objection — Object to the processing of your data for certain purposes
• Withdraw consent — Withdraw your consent at any time where processing is based on consent

To exercise any of these rights, please contact us at support@shipwave.dev. We will respond to your request within 30 days.

6. Cookies

We use cookies and similar tracking technologies to operate and improve the Service:

• Essential cookies — Required for authentication, session management, and security. These cannot be disabled.
• Analytics cookies — Help us understand how you use the Service so we can improve it. You may opt out of these.

We do not use advertising or third-party tracking cookies. You can manage cookie preferences through your browser settings.

7. Data Security

We implement industry-standard security measures to protect your information, including encryption in transit (TLS) and at rest, secure token storage, and regular security audits. However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

8. Children's Privacy

The Service is not intended for users under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately at support@shipwave.dev.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by updating the "Effective date" at the top of this page and sending a notification to your registered email address. Your continued use of the Service after changes constitutes acceptance of the updated policy.

10. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at:

Email: support@shipwave.dev
Website: shipwave.dev