← Back to homepage

Privacy Policy

Last updated: March 2026

1. Controller

The controller within the meaning of the GDPR is:
[Name], [Address], [Email]

2. Collection and Processing of Personal Data

Waitlist: When you sign up for our waitlist, we collect your email address. The legal basis is Art. 6(1)(a) GDPR (consent). You may withdraw your consent at any time.

User account: Upon registration, we process your email address and password (encrypted). Legal basis: Art. 6(1)(b) GDPR (performance of a contract).

Analyses: The idea descriptions you enter are processed and stored for the purpose of providing the analysis service. Legal basis: Art. 6(1)(b) GDPR.

3. Hosting and Data Storage

All data is stored exclusively on servers within the European Union. Our database provider Supabase operates the server we use in Frankfurt am Main, Germany (AWS eu-central-1).

4. Third-Party Providers and Data Transfers

Supabase (Ireland/USA): Database and authentication. Standard contractual clauses pursuant to Art. 46 GDPR are in place.

Stripe (USA): Payment processing. Only on purchases. Data is transmitted solely for the purpose of payment processing.

Anthropic Claude API: The idea descriptions you enter are transmitted to Anthropic (USA) for AI analysis. Standard contractual clauses are in place.

We do not sell personal data or share it for advertising purposes.

5. Cookies

We use technically necessary cookies for session management. Optional analytics cookies are only set with your consent (cookie banner). You can delete cookies at any time in your browser settings.

6. Your Rights

You have the following rights under the GDPR:

  • Access to stored data (Art. 15 GDPR)
  • Rectification of inaccurate data (Art. 16 GDPR)
  • Erasure of your data (Art. 17 GDPR)
  • Restriction of processing (Art. 18 GDPR)
  • Data portability (Art. 20 GDPR)
  • Objection to processing (Art. 21 GDPR)
  • Withdrawal of consent (Art. 7(3) GDPR)

To exercise your rights, contact us at: datenschutz@shipably.io

7. Right to Lodge a Complaint

You have the right to lodge a complaint with a data protection supervisory authority. The competent authority is the data protection commissioner of your federal state.

8. Data Security

We implement technical and organisational measures to protect your data: HTTPS encryption, bcrypt password hashing, row-level security in the database, regular security updates.

9. Data Protection Contact

For questions about data protection: datenschutz@shipably.io