Shippy

Privacy Policy

Last updated: 2025-12-14

This Privacy Policy explains how Desiderata LLC ("Desiderata," "we," "us," or "our") collects, uses, and shares information when you use Shippy (the "Service").

Shippy is a U.S.-based service and (at this time) data is stored in the United States. If you access the Service from outside the U.S., you understand your information may be transferred to, stored, and processed in the U.S.

TL;DR (friendly summary)

This section is a convenience summary. The full Privacy Policy below controls.

  • We collect info you provide (account details, content, messages) plus basic usage/log/cookie data to run and secure Shippy.
  • If you use a third-party login, we may receive basic profile info from that provider.
  • We use data to provide the Service, keep it secure, communicate with you, and prevent abuse (and marketing only if you opt in).
  • We share data with service providers and, depending on what you post, with other users/the public (Shippy is built for transparency).
  • You can request access/correction/deletion and other rights depending on where you live by emailing hello@shippy.sh.

1. Who we are (data controller)

Desiderata LLC is the entity responsible for processing personal information described in this Privacy Policy (the "data controller" in some jurisdictions).

2. Information we collect

We may collect the following categories of information:

2.1 Information you provide

  • Account information: such as name, username, email address, and profile image.
  • Content you provide: such as projects, bounties, submissions, comments, and other content you post.
  • Communications: messages you send to us (for example, support requests).

2.2 Information we collect automatically

  • Usage information: such as interactions with the Service, pages viewed, and basic device/browser information.
  • Log data: such as IP address, timestamps, and diagnostic data.
  • Cookies and similar technologies: used for authentication, security, and to operate the Service.

2.3 Information from third parties

If you sign up or log in using a third-party account (for example, an authentication provider), we may receive information from that third party such as a unique identifier, name, email address, and profile image, depending on the settings you choose and the third party's policies.

2.4 Sensitive information

We do not intentionally collect sensitive personal information (such as government identifiers, health information, precise geolocation, biometric data, or information about religion or political opinions). Please do not submit sensitive personal information through the Service.

3. How we use information

We use personal information to:

  • Provide, maintain, and improve the Service.
  • Authenticate users and secure accounts.
  • Communicate with you about the Service (including operational messages).
  • If you choose to receive them, send marketing or promotional communications (you can opt out at any time).
  • Enforce these Terms and prevent abuse.

4. Legal bases (EEA/UK and similar jurisdictions)

If you are located in the European Economic Area, the United Kingdom, or another jurisdiction that requires a legal basis for processing, we process personal information based on:

  • Performance of a contract (to provide the Service you request).
  • Legitimate interests (to secure, maintain, and improve the Service, and prevent fraud and abuse).
  • Compliance with legal obligations.
  • Consent (where required, such as certain cookies).

5. How we share information

We may share information:

  • With service providers that help us operate the Service (for example: hosting, authentication, storage, email delivery, analytics, and customer support tools). You can contact us to request additional information about our service providers.
  • With other users and the public, depending on your settings and what you post (for example: project pages, bounties, submissions, contributor lists, and payout history may be visible to other users).
  • For legal reasons if required to comply with law, or to protect rights, safety, and security.
  • In connection with a business transfer such as a merger, acquisition, or sale of assets.

We do not sell your personal information in exchange for money. If we ever engage in practices that constitute a "sale" or "sharing" under applicable law, we will update this policy and provide required choices.

6. Public information

Depending on how you use the Service, some information may be visible to other users or the public (for example, your username and profile, and content you post to projects). Please do not post personal information you do not want to be public.

7. Payments and payouts

Shippy may display or store payout-related records (for example, payout amounts, dates, and confirmations) to support transparency.

Unless we explicitly state otherwise, payments to contributors are handled off-platform by project owners, and Shippy does not collect or store your payment card details.

8. Cookies

We use cookies and similar technologies for authentication, security, and to operate the Service. You may be able to control cookies through your browser settings, but the Service may not function properly without certain cookies.

We may also use analytics technologies to understand how the Service is used and to improve performance and reliability.

Some browsers offer a "Do Not Track" signal. There is no common industry understanding of how to interpret those signals, and we do not respond to them in a uniform way.

9. International transfers

If you use the Service from outside the United States, your information may be transferred to and processed in the United States and other locations where our service providers operate. Where required, we use appropriate safeguards for such transfers.

10. Data retention

We retain information for as long as reasonably necessary to provide the Service, comply with legal obligations, resolve disputes, and enforce agreements.

Because the Service is designed around transparency and auditability (for example, submissions, point allocations, and payout history), we may retain certain records even if you request account deletion, including to comply with law, prevent fraud, and maintain accurate financial and audit logs. Where appropriate, we may de-identify or anonymize information.

11. Security

We implement reasonable administrative, technical, and organizational safeguards designed to protect information. No method of transmission or storage is 100% secure.

If a data breach affects your personal information, we will notify you and/or relevant authorities as required by applicable law.

12. Your choices and rights

Depending on where you live, you may have rights to access, correct, delete, or object to certain processing of your information. You can request account deletion or exercise privacy rights by contacting us at hello@shippy.sh.

12.1 EEA/UK (and similar jurisdictions)

If you are located in the EEA/UK, you may have the right to:

  • Access your personal information.
  • Correct inaccurate or incomplete personal information.
  • Request deletion of your personal information.
  • Object to or restrict certain processing.
  • Request portability of certain personal information.
  • Withdraw consent (where processing is based on consent).

You may also have the right to lodge a complaint with your local data protection authority.

12.2 California (CCPA/CPRA)

If you are a California resident, you may have the right to:

  • Know what personal information we collect, use, disclose, and share.
  • Request deletion of certain personal information (subject to exceptions).
  • Correct inaccurate personal information.
  • Not be discriminated against for exercising your rights.

We do not sell personal information in exchange for money. If we engage in practices that constitute "selling" or "sharing" under California law, we will update this policy and provide required opt-out mechanisms.

12.3 Verification and authorized agents

To protect your information, we may need to verify your identity before responding to certain requests. In some jurisdictions, you may be able to designate an authorized agent to submit requests on your behalf (subject to verification and proof of authorization).

If you are a California resident, you may have additional rights under the California Consumer Privacy Act (CCPA), including the right to request access to or deletion of certain personal information. We will respond in accordance with applicable law.

12.4 Other U.S. states

If you are a resident of another U.S. state with applicable privacy laws, you may have similar rights to access, correct, delete, or obtain a copy of certain personal information. Contact us to exercise your rights, and we will respond as required by applicable law.

13. Children's privacy

The Service is not directed to children, and we do not knowingly collect personal information from children.

14. Changes to this policy

We may update this Privacy Policy from time to time. If we make material changes, we will take reasonable steps to notify you (for example, by email or by posting a notice on the Service) before the changes take effect. The "Last updated" date indicates when the latest changes were made.

15. Contact

Desiderata LLC
4607 Library Road, Ste 220 PMB 630
Bethel Park, PA 15102
United States

Email: hello@shippy.sh