Privacy Policy
Last updated: January 1, 2026
ShipContent ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered content generation service.
1. Information We Collect
1.1 Account Information
When you create an account, we collect:
- Email address (required) — for authentication and communications
- Name (optional) — for personalization
- Profile image (optional, from OAuth providers) — for account display
1.2 Product Information
When you add a product to our Service, we collect:
- Product name and website URL
- Product description (if provided)
- Problems your product solves (if provided)
- Competitor information (if provided)
1.3 Website Data (Scraped)
When you submit your product URL, our system automatically extracts publicly accessible information from your website, including:
- Homepage headlines and value propositions
- Features and product descriptions
- Pricing information
- Any other content on publicly accessible pages
This data is processed by our AI to understand your product and generate relevant content. We only scrape pages that are publicly accessible and do not bypass authentication or access restricted areas.
1.4 Generated Content
We store content generated through our Service:
- Blog topics and outlines
- Blog post content, titles, and meta descriptions
- Research notes and drafts
- Your edits and modifications
1.5 Usage and Technical Data
We automatically collect:
- IP address (stored in session data)
- Browser type and user agent
- Pages visited and actions taken
- Session timestamps and duration
1.6 Payment Information
Payment processing is handled by DodoPayments. We do not store credit card numbers or full payment details. We receive and store:
- Customer ID from payment provider
- Subscription ID and status
- Billing period dates
- Payment success/failure events
2. How We Use Your Information
We use collected information to:
- Provide our Service — analyze your product, generate content, and deliver blog posts
- Authenticate you — verify your identity and maintain secure sessions
- Process payments — manage subscriptions and billing
- Send notifications — inform you when topics are ready, blogs are generated, and deadlines approach
- Improve our Service — analyze usage patterns to enhance features and user experience
- Communicate with you — respond to support requests and send service updates
3. Third-Party Service Providers
We share your information with the following third-party services to operate our platform:
3.1 Google (Gemini AI)
Purpose: AI content generation
Data shared: Your product name, URL, description, scraped website content, and topic selections
Why: To generate personalized blog topics and content tailored to your product
3.2 Google OAuth
Purpose: Social login authentication
Data received: Email, name, profile picture
Data shared: Only authentication tokens; we do not share your content with Google OAuth
3.3 DodoPayments
Purpose: Subscription billing and payment processing
Data shared: Email, name, user ID
Why: To process subscription payments and manage billing
3.4 Resend
Purpose: Transactional email delivery
Data shared: Email address, name, product names, blog titles, deadline information
Why: To send magic link authentication emails, notifications about topics and blogs, and deadline reminders
3.5 PostHog
Purpose: Product analytics
Data shared: User ID, email, name, page views, and interactions
Why: To understand how users interact with our Service and improve the user experience
Note: PostHog analytics are only active in production and only for identified (logged-in) users. No analytics data is collected from anonymous visitors.
4. Data Storage and Security
4.1 Storage
Your data is stored in a PostgreSQL database. We implement industry-standard security measures including:
- Encrypted connections (HTTPS/TLS)
- Secure authentication with session tokens
- OAuth token encryption
- Webhook signature verification for payment events
4.2 Authentication Security
We use passwordless authentication methods:
- Magic link emails (no passwords stored)
- Google OAuth (secure token-based authentication)
4.3 Access Controls
Users can only access their own products, topics, and blog content. Our backend enforces ownership verification for all data access.
5. Data Retention
We retain your data as follows:
- Account data: Retained while your account is active
- Generated content: Retained indefinitely unless you request deletion
- Session data: Retained until session expiration
- Payment records: Retained as required for accounting and legal compliance
If you cancel your subscription, your account and content remain accessible. Content is not automatically deleted upon cancellation.
6. Your Rights
You have the right to:
6.1 Access Your Data
You can view all your products, topics, and blog content through your account dashboard. For a complete export of your data, contact us at [email protected].
6.2 Correct Your Data
You can update your account information, product details, and blog content at any time through the Service.
6.3 Delete Your Data
To request deletion of your account and associated data, contact us at [email protected]. We will process deletion requests within 30 days.
Please note: Some data may be retained as required by law or for legitimate business purposes (e.g., billing records).
6.4 Export Your Data
Blog content can be downloaded in Markdown format through the Service. For a complete data export, contact us.
6.5 Opt Out of Analytics
PostHog analytics can be blocked using browser privacy extensions or by enabling Do Not Track. We respect browser DNT signals.
7. Cookies and Tracking
7.1 Essential Cookies
We use essential cookies for authentication and session management. These are required for the Service to function.
7.2 Analytics
PostHog may set cookies for analytics purposes. Analytics are only active for logged-in users in production. We do not use advertising cookies or sell data to advertisers.
8. International Data Transfers
Your data may be processed in countries other than your own. Our service providers (Google, PostHog, Resend, DodoPayments) may store data in various locations. We ensure all data transfers comply with applicable data protection laws.
9. Children's Privacy
ShipContent is not intended for users under 18 years of age. We do not knowingly collect information from children. If you believe we have collected data from a minor, please contact us immediately.
10. California Privacy Rights (CCPA)
If you are a California resident, you have the right to:
- Know what personal information is collected
- Know if personal information is sold or disclosed
- Request deletion of personal information
- Opt out of the sale of personal information
- Non-discrimination for exercising your rights
We do not sell your personal information.
To exercise your CCPA rights, contact us at [email protected].
11. European Privacy Rights (GDPR)
If you are in the European Economic Area (EEA), you have additional rights under GDPR:
- Right to access your personal data
- Right to rectification of inaccurate data
- Right to erasure ("right to be forgotten")
- Right to restrict processing
- Right to data portability
- Right to object to processing
- Right to withdraw consent
Legal basis for processing:
- Contract: Processing necessary to provide our Service
- Legitimate interest: Analytics to improve our Service
- Consent: Marketing communications (opt-in)
To exercise your GDPR rights, contact us at [email protected].
12. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated via email to registered users at least 14 days before taking effect. The "Last updated" date at the top of this page indicates when the policy was last revised.
13. Contact Us
For questions, concerns, or requests regarding this Privacy Policy or your data, contact us at:
- Email: [email protected]
- Website: shipcontent.co
For privacy-specific inquiries, you may also reach us at [email protected].
By using ShipContent, you acknowledge that you have read and understood this Privacy Policy. For information about our terms of use, please see our Terms of Service.