Privacy Policy

What we collect

When you create an account, we collect your email address and a hashed version of your password. When you use Shiplog, we store your changelog entries, project names, and revision history. We do not sell, rent, or share your personal information with third parties for marketing purposes.

How we use your data

Your data is used solely to provide and improve the Shiplog service: authenticating your account, storing and displaying your changelog entries, processing payments through Stripe, and generating AI-assisted entries through the Anthropic API. When you use the AI feature, your rough notes are sent to Anthropic's API to generate a polished entry. We do not use your data to train AI models.

Payments

Payments are processed by Stripe. We never see or store your full credit card number. Stripe handles all payment data in accordance with PCI-DSS standards. We store only your Stripe customer ID and subscription ID to manage your billing status.

Public changelog pages

Changelog entries you mark as "published" are publicly visible on your project's subdomain (e.g., yourapp.shiplog.page). Draft entries are only visible to you in the dashboard. You can unpublish or delete entries at any time.

Cookies

We use a single httpOnly cookie to maintain your login session. We do not use tracking cookies or third-party advertising cookies. We use Plausible Analytics, a privacy-friendly analytics tool that does not use cookies and does not collect personal data.

Data storage & security

Your data is stored in a PostgreSQL database hosted on Neon (cloud infrastructure). Passwords are hashed with bcrypt. All connections use TLS encryption. API tokens are generated using cryptographically secure random bytes.

Data deletion

You can delete individual entries, entire projects, or your account at any time. When you delete a project, all associated entries and revisions are permanently removed. When you cancel your subscription, you retain access until the end of the billing period.

Third-party services

Shiplog uses the following third-party services: Stripe (payment processing), Anthropic Claude API (AI entry generation), Neon (database hosting), Railway (application hosting), and Plausible (privacy-friendly analytics). Each service has its own privacy policy governing its handling of data.

Changes to this policy

We may update this policy from time to time. Changes will be posted on this page with an updated "last updated" date. Continued use of Shiplog after changes constitutes acceptance of the updated policy.

Contact

If you have any questions about this privacy policy or your data, contact us at support@shiplog.page.