Privacy Policy

1. Introduction

ShipCommerce ("we", "us", or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you visit our website or purchase our products.

This policy applies to shipcommerce.io and all related services. By using our website or purchasing our products, you consent to the practices described in this policy.

2. Data Controller

The data controller responsible for your personal data is:

ShipCommerce
Email: hello@shipcommerce.io

3. Information We Collect

We collect the following types of information:

3.1 Information You Provide

• Purchase Information: Name, email address, and payment details (processed securely by Stripe — we do not store your credit card information)
• Communication: Any information you provide when contacting us via email
• GitHub Username: If you request repository access with a different GitHub account

3.2 Automatically Collected Information

• Analytics Data: Page views, browser type, device type, and approximate location (country level)
• Cookies: Essential cookies for website functionality
• Log Data: IP address, access times, and referring URLs (collected automatically by our hosting provider)

4. How We Use Your Information

We use your information for the following purposes:

• Fulfill Orders: To deliver the product you purchased (GitHub access or download link)
• Customer Support: To respond to your questions and provide assistance
• Product Updates: To send important updates about the product (Lifetime plan only)
• Improve Our Service: To understand how users interact with our website
• Fraud Prevention: To detect and prevent fraudulent transactions or unauthorized access
• Legal Compliance: To comply with applicable laws, regulations, and legal processes

5. Legal Basis for Processing (GDPR)

If you are in the European Economic Area (EEA), we process your data based on:

• Contract Performance: Processing necessary to fulfill your purchase
• Legitimate Interests: Analytics, service improvement, and fraud prevention
• Legal Obligation: Tax, accounting, and regulatory requirements
• Consent: Where you have given explicit consent (e.g., marketing emails)

6. Third-Party Services

We use the following third-party services that may process your data. Each service has its own privacy policy:

• Stripe: Payment processing. We do not store your payment card details. stripe.com/privacy
• GitHub: Repository hosting and access management. GitHub Privacy Statement
• Resend: Transactional email delivery. resend.com/privacy
• Vercel: Website hosting. Vercel Privacy Policy

We are not responsible for the privacy practices of these third-party services. We encourage you to review their privacy policies.

7. Data Retention

We retain your personal data for as long as necessary to:

• Provide you with the services you purchased
• Comply with legal obligations (e.g., tax records for 7 years as required by Bulgarian law)
• Resolve disputes and enforce our agreements
• Prevent fraud and abuse

8. Your Rights (GDPR)

If you are in the EEA, you have the following rights regarding your personal data:

• Access: Request a copy of your personal data
• Rectification: Request correction of inaccurate data
• Erasure: Request deletion of your data (subject to legal obligations)
• Restriction: Request limited processing of your data
• Portability: Request transfer of your data in a structured, machine-readable format
• Objection: Object to processing based on legitimate interests
• Withdraw Consent: Where processing is based on consent, you may withdraw it at any time

To exercise these rights, contact us at hello@shipcommerce.io. We will respond within 30 days as required by GDPR.

9. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including encryption in transit (HTTPS), secure payment processing through Stripe, and limited access to personal data.

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your data, we cannot guarantee its absolute security and shall not be liable for any breach caused by circumstances beyond our reasonable control.

10. International Transfers

Your data may be transferred to and processed in countries outside the EEA through our third-party service providers. When this happens, we ensure appropriate safeguards are in place (e.g., Standard Contractual Clauses) to protect your data in accordance with GDPR requirements.

11. Cookies

We use only essential cookies necessary for the website to function properly. We do not use tracking or advertising cookies.

Essential cookies include session cookies for maintaining your browsing session and security cookies for fraud prevention. These cookies are strictly necessary and do not require consent under GDPR.

12. Children's Privacy

Our services are not directed to individuals under 16. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately and we will take steps to delete such data.

13. Limitation of Liability

To the maximum extent permitted by law, we shall not be liable for any damages arising from unauthorized access to your data, data breaches caused by third-party services, or any loss resulting from circumstances beyond our reasonable control. Our total liability related to data privacy shall not exceed the amount you paid for the Product.

14. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. Your continued use of our website or Product after changes constitutes acceptance of the updated policy. We encourage you to review this policy periodically.

15. Governing Law

This Privacy Policy is governed by the laws of the Republic of Bulgaria and applicable EU regulations (including GDPR). Any disputes shall be resolved in accordance with the dispute resolution procedures outlined in our Terms of Service.

16. Contact Us

For questions about this Privacy Policy or to exercise your data protection rights, contact us at:

hello@shipcommerce.io

17. Supervisory Authority

If you are in the EEA and believe we have not addressed your concerns adequately, you have the right to lodge a complaint with your local data protection supervisory authority. For Bulgaria, this is the Commission for Personal Data Protection (CPDP).