• Iniciar sesión / Registrarse

    ShipThis Privacy Policy

    Last Updated: 5th February 2026

    Introduction

    ShipThis is committed to protecting the privacy and security of the information we collect and to being transparent about the ways in which we collect and process your information.

    ShipThis is the trading name of Hello Invent Ltd, a company incorporated in England and Wales with company number 09342309 and registered office at Makers Building, 1 Jasper Walk, London, England, N1 7TW.

    This privacy policy explains how we collect, use, share, process, and store your personal information, including data related to Google services. Please read this privacy policy carefully. Data that we collect from you will always be in accordance with the Data Protection Act 2018 ("The Act") and relevant privacy laws such as the General Data Protection Regulation (GDPR).

    It applies to the websites and online services that we operate and that link to this Privacy Policy (the "Services").

    Data Controller

    For the purpose of the Data Protection Act 2018, the data controller for this Privacy Policy is Hello Invent Ltd. We are registered with the Information Commissioner’s Office (“ICO”) with registration number ZB812823.

    Hello Invent Ltd has appointed a data protection officer who can be contacted in the following way:

    • Email: [email protected]
    • Post: ShipThis, Makers Building, 1 Jasper Walk, London, England, N1 7TW.

    General Data Collection

    We collect the following categories of information when you use our Services:

    Information You Provide Directly to Us:

    • Email Address: Used for communication.
    • Transaction and Billing Data: Including payment card details (credit card number, expiration date, and security code, where needed to complete a transaction), and billing address.
    • Correspondence: Any messages you send to us, such as emails.

    Information We Collect Automatically:

    We collect internet, or other electronic network activity information automatically from the devices and browsers that you use, including your IP address, browser type, browser or device language preference, operating system (including mobile device information, if applicable), errors, performance metrics, and webpage and app interactions.

    Google User Data Collected:

    ShipThis integrates with Google services for project setup and game deployment and collects:

    • Short-lived OAuth Token: Used for API calls during setup.
    • Service Account Key (JSON format): Stored securely for deployment purposes.
    • Service Account Email: Used for deployment authentication.
    • Google Play Developer Account ID: Provided by the user to invite the service account but not stored.

    General Use of Information

    We use the information we collect to provide, maintain, and improve our Services, including:

    1. General Usage:

      • Processing payments and providing receipts.
      • Customer support and troubleshooting.
      • Developing new features and improving services.
      • Understanding which languages our visitors use, to improve the website and documentation (for example, by prioritising translations and localised content).

    2. Google API Usage:

      • Setup Process: Creating Google Cloud projects, generating service accounts, enabling APIs, and adding accounts to the Google Play Developer platform.
      • Build & Deployment: Using the stored service account key to authenticate with the Android Publisher API and submit new game versions to Google Play.

    ShipThis does not use Google user data for any other purposes beyond deployment automation.

    General Disclosure of Information

    We are committed to maintaining your trust and want you to understand when and with whom we may share the information we collect.

    • Authorized Third-Party Vendors and Service Providers: Data is shared with third-party services for business purposes such as payment processing, analytics, and data storage.
    • Business Transfers: Data may be transferred if ShipThis is acquired or merged with another company.
    • Legal Requirements: Data may be disclosed in response to legal obligations or law enforcement requests.
    • Google User Data: ShipThis does not share Google user data with third parties. The data is used solely for automating game deployment.

    ShipThis does not sell your personal or Google user data.

    Cookies and Local Storage

    Cookies

    We use the following cookies:

    Cookie NameProviderPurposeDurationType
    __cf_bmCloudflareBot detection and security30 minutesStrictly Necessary

    This cookie is set by Cloudflare and is essential for protecting our service against automated attacks. It does not track you for advertising purposes and does not contain personally identifiable information.

    Local Storage

    We use browser local storage to store authentication data (such as tokens or headers) on your device so you can stay logged in and use the service. This data remains on your device and can be cleared via your browser settings.

    Data Storage and Security

    • Personal Data: Stored securely on our encrypted servers.
    • Google Service Account Keys:
      • Stored in a private, encrypted Amazon S3 bucket.
      • Access is restricted through strict IAM policies.
      • Audit logging ensures security monitoring.

    User Rights and Revoking access (including to Google)

    Users have the right to:

    • Request deletion of personal information.
    • Restrict processing of their data.
    • Withdraw consent for marketing communications.
    • Revoke ShipThis’ Google access at any time by:
      • Deleting the created Google Cloud project, service account, and service account key via Google Cloud Console.
      • Removing connections to the app in https://myaccount.google.com/permissions
      • The OAuth token used during setup is short-lived and cannot be refreshed automatically. You can delete the token from ShipThis using the following command:

    Compliance with Industry Standards

    • GDPR Compliance: We adhere to GDPR regulations for data protection.
    • Encryption: All stored data, including service account keys, is encrypted at rest.
    • Access Controls: IAM policies restrict access to only essential ShipThis services.

    Google Services and Data

    ShipThis integrates with Google services for project setup and game deployment. This section explains how we access, use, store, and protect Google user data to comply with Google's API policies.

    Google Services We Use

    ShipThis interacts with the following Google services:

    • Google Cloud Platform (GCP): Used to create a Google Cloud project, service account, and key for game deployments.
    • Google OAuth Flow: Used to generate an access token with these scopes:
      • https://www.googleapis.com/auth/cloud-platform
      • https://www.googleapis.com/auth/androidpublisher
    • Google APIs Used:
      • Cloud Resource Manager API: Creates a Google Cloud project.
      • IAM API: Creates a service account and key.
      • Service Usage API: Enables APIs.
      • Android Publisher API: Adds the service account to Google Play (the Google Play Developer Account ID is provided by the user but not stored).

    Google User Data We Collect

    ShipThis collects and processes the following Google user data:

    • Short-lived OAuth Token: Used temporarily for API authentication.
    • Service Account Key (JSON format): Stored securely for deployment.
    • Service Account Email: Used for authentication.
    • Google Play Developer Account ID: Used during setup but not stored.

    How We Use Google User Data

    • During Setup: To create a Google Cloud project and configure necessary permissions.
    • During Build & Deployment: To authenticate with the Android Publisher API and submit new game versions.

    ShipThis does not use Google user data for any other purposes beyond these functions.

    How Google User Data is Stored and Secured

    • OAuth Tokens: Stored ephemerally and securely.
    • Service Account Keys:
      • Stored in a private, encrypted Amazon S3 bucket.
      • Access is controlled via IAM policies.
      • Audit logging tracks access and modifications.

    Google User Data Sharing Policy

    ShipThis does not share Google user data with any third parties. It is used solely for deployment automation.

    How Users Can Revoke ShipThis’ Access to Google Data

    Users can revoke ShipThis’ access at any time by:

    • Deleting the created service account, key, and Google Cloud project in Google Cloud Console.

    • Removing connections to the app in https://myaccount.google.com/permissions

    • The OAuth token used during setup is short-lived and therefore cannot be refreshed automatically. You can delete the token from ShipThis using the following command:

    Compliance with Google's API Policies

    • ShipThis complies with Google’s Limited Use policy to ensure responsible handling of Google user data.
    • Data use is restricted to disclosed, user-authorized purposes.
    • ShipThis follows GDPR principles, including data minimization and security measures.

    Privacy Policy Updates

    We may update this Privacy Policy from time to time. If changes are made, we will:

    • Post the updated policy on this page with a revised date.
    • Notify users via a website announcement or email for material changes.
    • Continued use of ShipThis after updates constitutes acceptance of the revised policy.

    Contact Information

    For any privacy-related questions, concerns, or requests, please contact us at: