Privacy Policy

Last updated: March 23, 2026

1. Introduction

Ship0.ai ("Ship0", "we", "us") respects your privacy. This Privacy Policy explains what data we collect, how we use it, and your rights. By using Ship0, you agree to the practices described here.

2. Data We Collect

We collect the following categories of data:

  • Account data: Your email address and display name provided during sign-up or OAuth login.
  • Generated content: The prompts you submit and the code we generate for you, stored so you can access your projects.
  • Usage metrics: Generation count, model selections, and feature usage to operate and improve the service.
  • Payment data: Billing details are handled directly by Stripe. We only store your subscription plan and status — no raw card numbers.
  • Log data: IP addresses, browser type, and timestamps for security and debugging purposes.

3. How We Use Your Data

  • To provide, operate, and maintain the Ship0 service.
  • To authenticate your identity and manage your account.
  • To process payments and manage subscriptions.
  • To improve AI model quality and product features (aggregated, anonymized).
  • To send transactional emails (account confirmation, billing receipts). We do not send marketing emails without your consent.
  • To detect and prevent fraud, abuse, and security incidents.

4. Third-Party Services

We share data with the following third-party providers only to the extent necessary to provide the service:

  • Stripe — payment processing. Your payment information is governed by Stripe's Privacy Policy.
  • Neon — PostgreSQL database hosting for your account and project data.
  • OpenRouter— AI inference routing. Your prompts are sent to AI models via OpenRouter. They may be subject to OpenRouter's data policies.
  • Cloudflare Pages— hosting for deployed websites. Deployed site content is stored on Cloudflare's infrastructure.
  • GitHub / Google OAuth — if you choose to sign in via OAuth, we receive your name and email from the provider.

We do not sell your personal data to any third party.

5. Cookies and Sessions

Ship0 uses a single session cookie issued by NextAuth.js to keep you logged in. This cookie contains a signed session token and no personally identifiable information. We do not use advertising cookies or third-party tracking pixels.

6. Data Retention

We retain your account data and projects for as long as your account is active. If you delete your account, we will remove your personal data and projects within 30 days, except where retention is required by law (e.g., billing records for tax purposes, retained for 7 years).

7. Your Rights

Depending on your jurisdiction, you may have the following rights:

  • Access: Request a copy of the personal data we hold about you.
  • Deletion: Request deletion of your account and associated data.
  • Export: Download your project code from the editor at any time.
  • Correction: Update your name or email in account settings.

To exercise these rights, email privacy@ship0.ai. We will respond within 30 days.

8. Data Security

We use industry-standard measures to protect your data, including HTTPS encryption in transit and encrypted storage at rest. However, no system is perfectly secure. Please use a strong, unique password and notify us immediately if you suspect unauthorized access to your account.

9. Children

Ship0 is not directed to children under 13 years of age. We do not knowingly collect personal data from children. If you believe we have inadvertently collected such data, contact us and we will delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes by email or by posting a notice on Ship0.ai. The "Last Updated" date at the top of this page reflects the most recent revision.

11. Contact Us

For any privacy-related questions or requests, contact us at privacy@ship0.ai.