Legal

Privacy Policy

How Shipsy collects, uses, and protects your data.

Last updated: 14 April 2026

1. Introduction

Shipsy Technologies Private Limited ("Shipsy", "we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website (shipsy.ai), use our platform, or engage with our services.

By using our services, you consent to the practices described in this policy. If you do not agree, please discontinue use of our services.

2. Information We Collect

2.1 Information you provide

  • Contact details (name, email, phone number, company name, job title) when you request a demo, fill out a form, or contact us
  • Account credentials when you register for the Shipsy platform
  • Communication records from emails, support tickets, and chat interactions
  • Payment and billing information processed through secure third-party payment providers

2.2 Information collected automatically

  • Device and browser information (IP address, browser type, operating system)
  • Usage data (pages visited, time spent, clicks, referral sources)
  • Cookies and similar tracking technologies (see Section 7)

2.3 Information from third parties

  • Data from analytics partners, advertising networks, and CRM integrations
  • Publicly available business information

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our platform and services
  • Process demo requests and respond to enquiries
  • Send transactional communications (account updates, security alerts)
  • Send marketing communications where you have opted in
  • Analyse usage patterns to improve user experience
  • Comply with legal obligations and enforce our terms
  • Detect and prevent fraud or security incidents

4. Legal Basis for Processing (GDPR)

If you are in the European Economic Area (EEA), United Kingdom, or Switzerland, we process your data under one or more of the following legal bases:

  • Consent — where you have given explicit consent (e.g., marketing emails)
  • Contractual necessity — to perform our obligations under a contract with you
  • Legitimate interest — to operate and improve our business, provided this does not override your rights
  • Legal obligation — to comply with applicable laws and regulations

5. Data Sharing and Disclosure

We do not sell your personal data. We may share information with:

  • Service providers — hosting, analytics, CRM, and email service providers who process data on our behalf under strict contractual obligations
  • Legal authorities — when required by law, court order, or to protect our rights
  • Business transfers — in connection with a merger, acquisition, or sale of assets

6. Data Retention

We retain your personal data only as long as necessary to fulfil the purposes described in this policy, comply with legal obligations, resolve disputes, and enforce agreements. When data is no longer needed, it is securely deleted or anonymised.

7. Cookies and Tracking

We use cookies and similar technologies for analytics, personalisation, and advertising. You can manage cookie preferences through your browser settings. Disabling certain cookies may affect the functionality of our website.

We use the following categories of cookies:

  • Essential cookies — required for the website to function
  • Analytics cookies — help us understand how visitors use our site
  • Marketing cookies — used to deliver relevant advertisements

8. Data Security

We implement industry-standard security measures to protect your data, including:

  • AES-256 encryption at rest and TLS 1.3 encryption in transit
  • SOC 2 Type II certification and ISO 27001 compliance
  • Role-based access controls and regular security audits
  • Infrastructure hosted on enterprise-grade cloud providers with data residency controls

For more details, see our Data Security page.

9. International Data Transfers

Your data may be transferred to and processed in countries other than your own. Where we transfer data outside the EEA, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the European Commission and data residency options for EU customers.

10. Your Rights

Depending on your jurisdiction, you may have the following rights:

  • Access — request a copy of the personal data we hold about you
  • Rectification — request correction of inaccurate or incomplete data
  • Erasure — request deletion of your personal data
  • Restriction — request that we limit processing of your data
  • Portability — receive your data in a structured, machine-readable format
  • Objection — object to processing based on legitimate interests
  • Withdraw consent — where processing is based on consent, withdraw it at any time

To exercise any of these rights, contact us at privacy@shipsy.io.

11. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child, we will take steps to delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page with a revised "Last updated" date. Continued use of our services after changes constitutes acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, please contact:

Shipsy Technologies Private Limited
Email: privacy@shipsy.io
Website: shipsy.ai/contact-us