Back to Home

Privacy Policy

Last Updated: March 2, 2026

1. Introduction

At ShipInPublic ("we", "us", "our"), we respect your privacy and are committed to protecting the personal data you share with us. This Privacy Policy explains what information we collect, how we use it, who we share it with, and how we protect it when you use our SaaS application (shipinpublic.xyz).

2. Data We Collect

We collect the following types of information when you use our Service:

  • Account Information: When you sign up, we collect your name, email address, profile picture, and authentication identifiers provided by our authentication provider (Clerk).
  • OAuth Tokens & Profiles: When you connect third-party platforms like GitHub and X (Twitter), we collect OAuth access tokens necessary to perform actions on your behalf (e.g., read commit history, publish tweets). We securely encrypt and store these tokens.
  • Commit Metadata: We collect and process the commit messages, branch names, authors, and timestamps (metadata) from your linked GitHub repositories. We do not read, clone, or store your actual source code.
  • Generated Content: We store the AI-generated social media drafts, your edits, and the final published posts to provide you with historical records and analytics tracking.
  • Analytics Data: We track application usage, feature interaction, and the performance of your published posts (impressions, replies) to improve our Service and display your dashboard statistics.

3. How We Use Your Data

We use your information strictly to provide and improve the ShipInPublic service, specifically to:

  • Authenticate your account and maintain active sessions.
  • Listen to GitHub webhooks to capture your commit activity in real-time.
  • Generate relevant social media post drafts using AI language models.
  • Publish approved posts to your connected X (Twitter) account on your behalf.
  • Process subscription payments and manage your billing status.
  • Provide customer support and send critical service updates (e.g., webhook failures, billing notices).

4. Third-Party Processors

We do not sell your personal data. We share your data only with trusted third-party service providers necessary to run our application:

  • Hosting & Database: Vercel (Hosting) and Neon (PostgreSQL Database) for core infrastructure.
  • Authentication: Clerk for user sign-up and login securely.
  • Payments: Stripe to process and manage your Pro subscription.
  • AI Providers: Google Generative AI (Gemini) strictly to convert your commit metadata into natural language drafts. We configure API settings to ensure your data is not used to train their base models.
  • Integrations: GitHub (to read commits) and X / Twitter (to publish posts).

5. Data Retention and Security

We prioritize the security of your data. All sensitive information, including OAuth access tokens, is stored using AES-256-GCM encryption. We retain your account data, commit metadata, and generated drafts for as long as your account is active. If you delete your account or specific projects, we permanently delete the corresponding data and revoke our OAuth access tokens from our servers.

6. Your Data Rights

Depending on your location, you may have the right to access, correct, export, or delete your personal data. You can disconnect your GitHub or X accounts at any time from your settings page, which immediately destroys the associated access tokens on our end. To request a full account deletion and data export, please contact our support email.

7. Contact Information

If you have any questions or concerns about this Privacy Policy or how we handle your data, please contact us at support@shipinpublic.xyz.