Last updated: June 15, 2025
the short version
we collect the minimum data needed to run ShipClaw. we dont sell your data. we dont do anything weird with it. we use it to provide the service and thats about it.
if you want the full picture keep reading. if you have questions hit us up at privacy@shipclaw.io.
1. who we are
ShipClaw ("we", "us", "our") operates the ShipClaw platform at shipclaw.io. were the data controller for the personal information we collect through the service.
2. what we collect
information you give us directly
- account info: name, email address, password when you sign up
- billing info: payment details processed through Polar (we dont store your full card number β Polar handles that)
- profile info: any additional details you add to your account like company name or avatar
- support messages: anything you send us through email or the contact form
information collected automatically
- usage data: pages you visit, features you use, how you interact with the builder and dashboard
- device info: browser type, operating system, screen size, IP address
- cookies: we use cookies for authentication and basic analytics. see our Cookie Policy for details
- log data: server logs including request timestamps, URLs, and response codes
tenant runtime data
when you deploy AI runtimes through ShipClaw we store your tenant configs (topology, env vars, deployment settings). the data your runtimes actually process flows through isolated containers and we dont access or monitor it unless you ask us to for support.
3. how we use your data
we use your information to:
- provide and maintain the ShipClaw service
- process payments and manage subscriptions
- send you important updates about the service (outages, security issues, billing)
- respond to your support requests
- improve the platform based on usage patterns
- detect and prevent fraud or abuse
- comply with legal obligations
we do not use your data to:
- sell to third parties. ever.
- train AI models on your content or runtime data
- target you with ads from other companies
- build profiles for advertising networks
4. third-party services
we use a few third-party services to run ShipClaw. heres who has access to what and why:
| service | what they do | data they access |
|---|---|---|
| Supabase | database and authentication | account data, auth tokens |
| Polar | billing and subscriptions | payment info, billing history |
| Railway | tenant runtime hosting | container configs, deployment data |
| Vercel | web application hosting | request logs, IP addresses |
each provider has their own privacy policy. we share the bare minimum they need to do their job.
5. data storage and security
your data lives on US-based servers (Supabase and Railway). heres what we do to keep it safe:
- encryption in transit (TLS/SSL on all connections)
- encryption at rest for sensitive data
- row-level security policies on our database
- isolated container environments per tenant
- regular security updates and patches
no system is perfectly secure tho. we do our best but we cant guarantee absolute security. if we discover a breach that affects your data well notify you as required by law.
6. data retention
we keep your data for as long as your account is active. if you delete your account:
- account data is deleted within 30 days
- tenant runtime configurations are destroyed immediately upon deployment teardown
- billing records are kept for 7 years as required for tax and legal compliance
- anonymized usage analytics may be retained indefinitely (but theres no way to tie them back to you)
7. your rights
depending on where you live you may have the right to:
- access β request a copy of the personal data we hold about you
- correction β ask us to fix inaccurate data
- deletion β ask us to delete your personal data
- portability β get your data in a machine-readable format
- objection β object to certain types of processing
- restriction β ask us to limit how we use your data
to exercise any of these rights email us at privacy@shipclaw.io. well respond within 30 days. no hoops to jump through.
8. children
ShipClaw is not designed for children under 18. we dont knowingly collect data from minors. if you believe a child has provided us with personal information please contact us and well delete it.
9. international transfers
if youre outside the US your data gets transferred to and processed here. by using ShipClaw you consent to that. we use standard contractual clauses and appropriate safeguards where required.
10. changes to this policy
we might update this policy now and then. if anything major changes well let you know by email or in-app. the date at the top tells you when we last touched it.
11. contact us
questions or concerns about your privacy? reach out:
- email: privacy@shipclaw.io
- contact form: shipclaw.io/contact
well get back to you as fast as we can.