Privacy Policy

Account information. When you sign up, we collect your email address and the authentication credentials you use (GitHub OAuth or Twitter/X OAuth). We do not store raw passwords.

Profile data. We may receive your name, username, and profile image from GitHub or Twitter/X when you authorize our application through their OAuth flows.

Usage data. We collect information about how you interact with HypeShip, including pages visited, actions taken in the dashboard, and feature usage patterns. This data is used in aggregate to improve the product.

Log data. Our servers automatically record information such as your IP address, browser type, referring URL, and timestamps when you access the service.

We use the information we collect to:

• Provide, operate, and maintain the HypeShip service
• Authenticate your identity and manage your account
• Generate AI-powered social post drafts from your GitHub activity
• Publish approved posts to your connected Twitter/X account
• Send transactional emails (account confirmation, password reset)
• Respond to your support requests and inquiries
• Monitor and improve the quality of our service
• Detect, prevent, and address abuse or security issues

We do not sell your personal information to third parties. We do not use your data to train AI models.

When you connect your GitHub account, HypeShip requests read-only access to your repositories. Specifically, we access:

• Commit messages and metadata (author, timestamp, repository name)
• Pull request titles and descriptions
• Release notes and tags

We do not access, store, or transmit the actual source code contained in your repositories. We do not write to your repositories or make any changes to your GitHub data.

GitHub access tokens are stored encrypted and are used solely to fetch activity data for draft generation. You can revoke HypeShip’s GitHub access at any time from your GitHub account settings under Applications.

When you connect your Twitter/X account, we request permission to post tweets on your behalf. We only post content that you have explicitly approved in the HypeShip dashboard.

We do not read your direct messages, access your followers list, or perform any Twitter/X action beyond publishing approved posts. Twitter/X access tokens are stored encrypted.

You can disconnect your Twitter/X account from HypeShip at any time in your account settings, or by revoking access directly in your Twitter/X account security settings.

Your data is stored in Supabase (PostgreSQL), hosted on infrastructure in the United States. We implement industry-standard security measures including:

• Encryption in transit (TLS 1.2+) for all data transfers
• Encryption at rest for all stored data
• Row-level security (RLS) policies to ensure users can only access their own data
• Encrypted storage of OAuth access tokens

While we take reasonable steps to protect your information, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

We retain your account data for as long as your account is active. Generated post drafts and published post logs are retained indefinitely unless you delete them from the dashboard.

When you delete your account, we permanently delete your personal data within 30 days, except where retention is required by law or for legitimate business purposes such as fraud prevention.

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you.
• Correction: Request that we correct inaccurate or incomplete data.
• Deletion: Request that we delete your personal data.
• Portability: Request a machine-readable export of your data.
• Objection: Object to certain types of processing of your data.

To exercise any of these rights, email us at privacy@hypeship.site. We will respond within 30 days.

HypeShip relies on the following third-party services, each governed by their own privacy policies:

• Supabase — database and authentication infrastructure
• Anthropic (Claude) — AI model used to generate post drafts
• Ayrshare — social media publishing API
• Inngest — background job orchestration
• Vercel — application hosting and deployment

We only share the minimum data necessary with each provider to deliver the service.

We use cookies and similar technologies to maintain your authentication session. We do not use cookies for advertising or cross-site tracking. You can disable cookies in your browser settings, but doing so will prevent you from logging in to HypeShip.

We may update this Privacy Policy from time to time. When we make material changes, we will update the “Last updated” date at the top of this page. We encourage you to review this policy periodically. Continued use of the service after changes constitutes acceptance of the updated policy.

If you have questions about this Privacy Policy or how we handle your data, please contact us:

• Email: privacy@hypeship.site
• General inquiries: hello@hypeship.site