Privacy Policy

ShipPosts is operated by GoUnlimited Ltd., a company registered in England and Wales, with its registered office at 7 Bell Yard, London, WC2A 2JR, United Kingdom (“we,” “us,” “our”). We operate the website at shipposts.com and the ShipPosts application. This Privacy Policy explains how we collect, use, store, and protect your information when you use our service.

Account information

When you sign up, we collect your name, email address, and profile information provided by your authentication provider (Google, GitHub, or LinkedIn).

Work signal metadata

When you connect read-only integrations (GitHub, Linear, Slack, Notion, Google Calendar, Jira, Figma, Claude Code), we collect metadata — titles, subjects, timestamps, and identifiers. We do not fetch source code, file contents, or attachments.

For forwarded emails, voice memos, and pasted text, we do receive the full content you send us. We process it in-memory to extract a structured summary, apply best-effort PII redaction (emails, phone numbers, URLs, common name patterns), and discard the raw content. Only the PII-redacted summary is stored.

Note: PII redaction uses pattern matching. It reliably removes emails, phone numbers, URLs, IP addresses, SSNs, credit-card-style numbers, and common "First Last" name patterns. It does not catch company names, acronyms, role titles, project codenames, or contextual references. You review every draft before it publishes.

Content you create

Draft posts, published content, voice memos, and any text you write or edit within ShipPosts.

Usage data

We collect analytics data (pages visited, features used, session duration) via FullStory to improve the product. This data is tied to your account but never sold.

• Generate content suggestions and draft posts from your work signals
• Run AI processing (via Anthropic Claude and OpenAI) to produce and refine drafts
• Publish content to platforms you authorize (LinkedIn, X/Twitter)
• Send you email notifications and weekly summaries (via Resend)
• Improve the product through aggregated, anonymized usage analytics

Your work signal metadata and draft content are sent to third-party AI providers (Anthropic, OpenAI) for processing. We send only the minimum data needed to generate or refine content. These providers process data according to their own privacy policies and do not use your data for model training under our API agreements.

• All data is stored in Supabase (hosted on AWS) with row-level security enabled on every table
• OAuth tokens are encrypted with AES-256 before storage — we cannot read them at rest
• All connections use TLS/HTTPS in transit
• Integrations use read-only scopes wherever possible — we never modify your repos, send emails on your behalf, or change calendar events

We do not sell your personal data. We share data only with:

• AI providers (Anthropic, OpenAI) — to generate and refine content
• Infrastructure providers (Supabase, Vercel, Inngest, Resend) — to operate the service
• Analytics (FullStory) — to understand product usage
• Publishing platforms (LinkedIn, X/Twitter) — only when you explicitly publish

We may also disclose data if required by law or to protect our legal rights.

We retain your data for as long as your account is active. You can delete individual signals, drafts, or your entire account at any time from Settings. When you delete your account, we remove all associated data within 30 days, except where retention is required by law.

We use essential cookies for authentication and session management. We also use FullStory for product analytics, which sets its own cookies. You can manage your cookie preferences through the consent banner shown on your first visit.

Depending on your jurisdiction, you may have the right to:

• Access and export your data
• Correct inaccurate data
• Delete your data and account
• Object to or restrict processing
• Withdraw consent for analytics cookies

To exercise these rights, email us at privacy@shipposts.com.

Your data may be processed in the United States and other countries where our infrastructure providers operate. By using ShipPosts, you consent to such transfers.

ShipPosts is not intended for anyone under 16 years of age. We do not knowingly collect data from children.

We may update this policy from time to time. We will notify you of material changes by email or by posting a notice in the app. Continued use after changes constitutes acceptance.

For questions about this Privacy Policy, contact us at privacy@shipposts.com or by post at:

GoUnlimited Ltd.
7 Bell Yard
London, WC2A 2JR
United Kingdom