Legal

Privacy Policy

Last updated: 3 July 2026

Shipnote (“we”, “us”) turns your development activity into customer-facing announcements. This policy explains what we collect, why, and the choices you have. We collect as little as we can to make the product work.

1. Who we are

Shipnote is operated by Nizamuddin Chishti, a sole trader based in the United Kingdom, at [YOUR BUSINESS OR SERVICE ADDRESS]. We are the data controller responsible for your personal data. You can contact us any time at shipnote.app@gmail.com.

2. Information we collect

We collect the following categories of information when you use Shipnote:

3. How we use your information

We use the information we collect to:

4. Lawful bases (UK GDPR)

Shipnote is operated from the United Kingdom and we act as the data controller for your account data. We process personal data on the following lawful bases:

5. Git repository access

When you connect a provider (GitHub, GitLab or Bitbucket) we request the minimum scopes needed to read commits, pull requests, tags, issues and milestones. We do not request write access to your source code, and you can revoke access at any time from your provider settings or from within Shipnote.

6. AI processing & subprocessors

To generate content we send relevant repository metadata and your configured prompts to third-party AI providers, which may include Anthropic, OpenAI and Google (Gemini). These providers process the data only to return a result to us. We do not permit them to use your data to train their models where an opt-out is available.

We also rely on subprocessors for hosting and payments (Stripe).

7. Storage & security

Data is stored on infrastructure operated by reputable cloud providers and encrypted in transit, and credentials such as access tokens and webhook URLs are additionally encrypted at rest. We apply access controls and review our security practices regularly. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.

We never store your source code, only repository metadata (such as commit messages and pull request titles) and the announcements Shipnote generates for you. Our authorised staff may access your account data and generated content where necessary to operate, support, secure, moderate or improve the service, investigate suspected abuse, or comply with the law.

8. Sharing your information

We do not sell your personal information. We share data only with the subprocessors described above, when required by law, or to protect our rights and the safety of our users. If Shipnote is involved in a merger or acquisition, we will notify you before your information becomes subject to a different policy.

9. Your rights

Under the UK GDPR you have the right to access, correct, export or delete your personal information, and to object to or restrict certain processing. To exercise these rights, contact us using the details below. You can delete your workspace and its data at any time from Settings. You also have the right to lodge a complaint with the Information Commissioner's Office (ico.org.uk), though we would appreciate the chance to resolve any concern with you first.

10. International transfers

Some of our subprocessors (including our AI providers and Stripe) are based in the United States. Where personal data leaves the UK, we rely on recognised transfer safeguards such as the UK Extension to the EU-US Data Privacy Framework or standard contractual clauses with the UK Addendum.

11. Data retention

We retain your account and generated content for as long as your workspace is active. When you delete your account, we remove or anonymise your personal data within 30 days, except where we are required to retain it for legal or accounting purposes.

12. Cookies

We use strictly necessary cookies only: a session cookie to keep you signed in and a security (CSRF) cookie that protects forms. We use no advertising or third-party analytics cookies, which is why you don't see a cookie banner. Your theme preference is stored locally in your browser and is never sent to us.

13. Children

Shipnote is not intended for anyone under 16, and we do not knowingly collect personal information from children.

14. Changes to this policy

We may update this policy from time to time. If we make material changes, we will notify you by email or within the product before they take effect.

15. Contact us

Questions about privacy? Email shipnote.app@gmail.com and we will respond as quickly as we can.