Privacy policy

Information you give us

• Account information — email address and a password (stored as an argon2id hash, never in cleartext).
• Billing information — handled entirely by Stripe. We never see or store credit-card numbers. Stripe gives us back a customer ID and subscription status; that's all.
• Container shipment lookups — when you track a container number or Bill of Lading, we cache the result for 12 hours and record which container you looked up so we can enforce the 30-day "free re-track" window.
• Watchlists, API keys, and webhook URLs — the content you create on Pro features.

Information we collect automatically

• Session data — when you sign in we store an opaque session token, your IP address, and your User-Agent string to protect against session hijacking and to power the "active sessions" admin view.
• Server logs — request paths, status codes, timing. Retained ~30 days for debugging and abuse detection.
• Email-verification + password-reset tokens — stored as SHA-256 hashes (we never see the raw token after issuing).

What we don't collect: we don't run third-party analytics (Google Analytics, Facebook Pixel, etc.) on the Service. We don't sell or share your email address.

• To operate and maintain the Service
• To send transactional email (verification, password reset, billing receipts)
• To process payments via Stripe
• To enforce the Terms of Service and detect abuse
• To support you when you contact us
• To debug operational issues from server logs

We don't use your data to train AI models. We don't run behavioural advertising. The Service is paid-for by paid-tier subscribers; we don't need to monetise free users.

We use one cookie:

• sr_session — set when you sign in. HttpOnly, Secure, SameSite=Lax. Expires 30 days after issue. Deletes itself when you sign out.

That's it. No tracking pixels, no third-party analytics cookies, no advertising cookies.

We rely on the following processors to operate the Service. Each handles a narrow slice of data and has their own privacy policy:

• Stripe — payment processing. Receives the payment information you provide at checkout. Privacy policy: stripe.com/privacy
• Resend — transactional email. Receives your email address and the message body when we send verification or reset emails. Privacy policy: resend.com/legal/privacy-policy
• Hetzner — hosting (Frankfurt / Falkenstein, Germany). Receives your IP at the network layer for log and abuse-detection purposes.
• AIS data providers (AISStream.io, MyShipTracking, JSONCargo, etc.) — receive only the queries we make to them on our infrastructure's behalf. They do not receive your account or billing information.

• Account info — until you delete your account, or 12 months after subscription cancellation if you don't explicitly request deletion.
• Vessel position history — 30 days, then automatically purged by our retention worker.
• Container shipment cache — 12 hours per shipment, then refreshed.
• Container lookup history — kept while the associated credit grant is alive (12 months from purchase) so the re-track-free window can be enforced.
• Server logs — ~30 days.
• Audit log of admin actions — kept indefinitely for security forensics. Doesn't contain your personal data unless you're an admin who acted on the system.

Depending on where you live, you may have rights including:

• Access — request a copy of the personal data we hold about you
• Deletion — request that we delete your account and associated data
• Correction — update inaccurate data (most data is editable from the account page)
• Portability — receive a machine-readable export of your data
• Object / restrict — object to certain processing (we don't profile or use your data for marketing, so this is rarely relevant for ShipRadar)

To exercise these rights, email support@shipradar.io from the address associated with your account. We aim to respond within 30 days. Where required by law (GDPR / CCPA), we won't charge a fee for reasonable requests.

We take the protection of your data seriously. In particular:

• Passwords are hashed with argon2id (memory-hard, OWASP-baseline parameters)
• One-shot tokens (verification, password reset) are stored as SHA-256 hashes — the raw values never persist server-side
• Admin-managed secrets in the platform settings table are encrypted at rest with AES-256-GCM
• All public traffic is HTTPS (TLS 1.3) with HSTS
• Database access is restricted to the application network

No system is perfectly secure. If you believe your account has been compromised, contact us immediately at support@shipradar.io.

The Service is not directed to children under 13. We don't knowingly collect personal data from children under 13. If you believe a child has created an account, contact us and we'll delete the account and any associated data.

Our infrastructure is hosted in Germany (Hetzner). If you access the Service from outside the European Economic Area, your data will be transferred to and processed in Germany under standard contractual clauses where required.

For users in California: we don't sell or share personal information for cross-context behavioural advertising. CCPA rights — knowledge, deletion, correction, opt-out of sale — are available via the contact methods above.

For users in the EEA / UK: GDPR rights apply. Our lawful basis for processing your account data is performance of contract (running the Service you signed up for); for billing data, it's legal obligation (tax / accounting); for security logs, it's legitimate interest (preventing abuse).

We may update this policy from time to time. The "Last updated" date at the top reflects the current version. For material changes, we'll notify users by email or via a banner on the Service.

For privacy questions or to exercise your rights:

See also: Terms of Service · Data Processing Agreement