Privacy Policy

Learn how ShipYardHQ collects, uses, and protects your personal information.

Last updated: Oct 9, 2025

ShipYardHQ builds tools that help independent founders and product teams launch, promote, and measure their products. This Privacy Policy explains what information we collect, how we use and share it, and the choices you have. By using ShipYardHQ, you agree to this policy. If you do not agree, please do not access the service.

Information We Collect

Information you provide

  • Account and profile data: Name, email, photo, and authentication details supplied through Clerk, plus optional information such as job title, role preferences, organization membership, and onboarding responses.
  • Product and workspace content: Product names, descriptions, categories, pricing details, media assets, metadata links, organization details, campaign notes, and other material you or your teammates submit to ShipYardHQ.
  • Transactions and rewards: Plan selections, redemption activity, reward balances, feature entitlements, and limited billing metadata associated with purchases initiated through Dodo Payments. Card details are handled directly by Dodo—we do not store full payment instrument numbers.
  • Community interactions: Reviews, upvotes, feedback messages, support requests, surveys, and newsletter subscriptions routed through Resend.

Information collected automatically

  • Analytics signals: Page views, links you click, engagement with rewards and placements, and other in-product actions. Traffic events record device type, browser, operating system, referrer, and coarse geolocation (country, region, and city) derived from request headers.
  • Network data: We hash IP addresses using a salted HMAC before storing them so we can detect abuse and build aggregate analytics without keeping plain IPs.
  • Technical logs: Diagnostic log entries, error traces, and performance metrics generated by the hosted infrastructure we run on Vercel.

Information from other sources

  • Authentication, profile, and security signals received from Clerk so we can verify your account.
  • Billing status, checkout events, and payment confirmations provided by Dodo Payments when you purchase a plan or redeem a perk.
  • AI service outputs from OpenAI when you opt into features such as product autofill, analytics narratives, or social copy generation. We send only the data required to fulfil the request.
  • Publicly available information about your product gathered by ShipYardHQ for onboarding (for example, parsing a public marketing site you ask us to analyze).

How We Use Information

  • Operate, maintain, and secure the ShipYardHQ platform.
  • Publish product listings, organization workspaces, and reward dashboards you create.
  • Process transactions, deliver perks, and provide billing support.
  • Generate analytics, insights, and automated suggestions to help you understand performance.
  • Communicate with you about your account, respond to requests, and send optional marketing updates (you can opt out at any time).
  • Monitor usage, prevent fraud or abuse, and enforce our Terms of Service.
  • Research, develop, and improve new products, features, and automation tools.
  • Comply with applicable law, legal requests, and regulatory obligations.

Legal Bases (EEA & UK Users)

Where required, we rely on one or more of the following legal bases to process personal data: (i) performance of a contract (providing the service you signed up for); (ii) our legitimate interests (for example, securing the platform, understanding product usage, and improving features); (iii) your consent (for marketing messages or optional AI features); and (iv) compliance with legal obligations.

How We Share Information

  • Service providers: We partner with vendors who support hosting, authentication, email delivery, analytics, AI processing, file storage, and payments. Key providers include Vercel (infrastructure and storage), Clerk (identity management), Resend (email), OpenAI (AI features), and Dodo Payments (billing).
  • Teams and community: Content you publish—such as product listings, reviews, and leaderboard standings—is visible to other users by design. Organization members may see shared workspace data.
  • Business transfers: In connection with a merger, acquisition, financing, or sale of assets, your information may be disclosed as part of the transaction.
  • Legal obligations: We may disclose information if we believe it is reasonably necessary to comply with law, protect our rights, investigate fraud, or respond to lawful requests from public authorities.

We never sell your personal information.

AI-Facilitated Features

ShipYardHQ offers optional AI tooling (such as product autofill, analytics narratives, and launch copy suggestions). When you use these features we send the minimum viable prompt data—often product metadata or aggregated analytics—to OpenAI. Outputs may contain inaccuracies, so you should review them before publishing. We do not permit OpenAI to train on your prompts or outputs.

Your Rights and Choices

  • Access, update, or delete profile information from your account settings or by emailing support@shipyardhq.dev.
  • Export or delete your data by submitting a support request. We may retain certain records where required by law or for legitimate business purposes.
  • Manage marketing preferences using the unsubscribe link in any email or by contacting us.
  • Adjust browser or device settings to control cookies and other tracking technologies. Core functionality may require essential cookies.

Data Retention

We keep personal information for as long as it is needed to deliver the service, fulfill the purposes outlined above, or comply with legal obligations. When data is no longer required, we delete or de-identify it according to our retention schedules.

Security

We use administrative, technical, and organizational measures to protect your information, including account access controls, encrypted transport (HTTPS), salted IP hashing, and restricted data access for employees and contractors. No system is perfectly secure, so please report suspected incidents to us immediately.

International Data Transfers

ShipYardHQ operates from the United States. If you access the service from another region, your information may be transferred to, stored, and processed in the U.S. or other countries where our vendors operate. We implement appropriate safeguards, such as contractual data protection terms, for cross-border transfers.

Children's Privacy

ShipYardHQ is not directed to children under 18, and we do not knowingly collect personal information from them. If we learn that a minor under 18 has provided personal data, we will delete it.

Changes

We may update this Privacy Policy to reflect operational, legal, or regulatory developments. When we make material changes we will update the date at the top of this page and, where appropriate, provide additional notice.

Contact Us

Questions or requests? Email support@shipyardhq.dev.