ShipReady logoShipReady
Last updated: May 11, 2026
Back

Privacy Policy

Effective date: May 11, 2026

1. Who we are

ShipReady is a web quality audit tool built and operated by Eugene Gusakov. You can reach us at egusakov74@gmail.com.

2. What data we collect

We collect only what is necessary to provide the service:

  • URLs you submit — to run the audit. We do not crawl or store the content of your pages beyond what is needed to generate the report.
  • Account data — if you sign up: your email address, provided via Supabase Auth (supports magic link and OAuth).
  • Payment data — processed by PayPro Global (Merchant of Record). We never see or store your card details.
  • Usage data — scan history linked to your account (URL, scores, timestamp).
  • Technical data — standard server logs (IP address, browser, timestamps) retained for up to 30 days.

3. How we use your data

  • To run scans and generate reports for you.
  • To manage your account and subscription.
  • To send transactional emails (scan complete, billing receipts). We do not send marketing emails without your consent.
  • To detect abuse and protect the service.
We do not sell your data. We do not use it for advertising.

4. Third-party services

  • Supabase — database and authentication (EU region). Privacy policy.
  • PayPro Global — payment processing and billing (Merchant of Record). Privacy policy.
  • Vercel — hosting and edge functions. Privacy policy.
  • OpenAI — AI-generated report enrichment and fix prompts. URLs and issue data are sent to generate prompts. Privacy policy.

4a. Payment processing and PayPro Global

PayPro Global acts as Merchant of Record and processes all payment and customer billing data on ShipReady's behalf. We do not store card numbers, payment credentials, or sensitive payment information — all payment processing is handled exclusively by PayPro Global in accordance with their privacy policy.

We receive webhooks from PayPro Global containing subscription status events (paid, overdue, cancelled). This information is used solely to grant or revoke access to your account and platform features.

5. Cookies

We use only essential cookies required for session management, authentication, and interface language selection. We do not use tracking or advertising cookies.

6. Data retention

  • Scan results are retained as long as your account is active.
  • Anonymous scans (no account) may be deleted after 30 days.
  • You can request deletion of your data at any time by emailing us.

6a. Report visibility

Anonymous reports are accessible to anyone who has the report URL. Reports linked to a signed-in account are private to that account unless we add an explicit sharing feature in the future. If you do not want a report to be accessible by URL, run the scan from a signed-in account.

7. Your rights (GDPR)

If you are in the European Economic Area, you have the right to:
  • Access the personal data we hold about you.
  • Correct inaccurate data.
  • Request deletion of your data ("right to be forgotten").
  • Object to or restrict processing.
  • Data portability.
To exercise any of these rights, email egusakov74@gmail.com.

8. Security

All data is transmitted over HTTPS. Database access is protected by row-level security (Supabase RLS). We do not store passwords — authentication is handled via magic links and OAuth.

9. Changes to this policy

We may update this policy. We will notify you by posting the new policy on this page and updating the effective date. Material changes will be communicated by email if you have an account.

10. Contact

Questions about this policy? Email us at egusakov74@gmail.com.