Sub-Processors

At Shipbot.io, we are committed to protecting user privacy and ensuring transparency in how we handle data. This document outlines the sub-processors we use to provide our services and how we safeguard user data in compliance with privacy regulations.

What is a Sub-Processor?

A sub-processor is a third-party service that processes data on behalf of Shipbot.io to deliver core functionality. We carefully vet all sub-processors to ensure compliance with data protection laws such as GDPR and CCPA.

Our Sub-Processors

1. Supabase

• Purpose: Database and authentication services
• Data Processed: User data, application data
• Location: United States
• Privacy & Security: Supabase Privacy Policy

2. PostHog

• Purpose: Product analytics
• Data Processed: Anonymous usage metrics
• Location: EU
• Privacy & Security: PostHog Privacy Policy

3. Google Analytics (GA4)

• Purpose: Website analytics
• Data Processed:Anonymized usage data (no advertising data, IP anonymization)
• Location: Global
• Privacy & Security: Google Privacy Policy

Privacy Settings

We implement strict privacy settings with our analytics providers:

• IP anonymization enabled
• No ad personalization
• Ad storage denied, analytics storage granted
• No personal data collection beyond basic usage metrics

How We Manage Sub-Processors

We take several steps to ensure responsible data handling:

• Careful selection of sub-processors for GDPR and CCPA compliance
• Regular review of security measures and privacy practices

Contact Us

If you have any questions about our sub-processors or data privacy practices, please contact us at [email protected].