For users

Privacy

How Shippie treats your apps, app data, accounts, and local device storage.

Updated June 11, 2026

The short version

Shippie is built around apps that work on your device first. Primary app data is created and stored inside your browser or home-screen app by default. Shippie does not need that content to list or launch apps.

We collect the platform data needed to run Shippie: account identity if you sign in, app/deploy metadata for makers, operational logs, security events, product telemetry such as launches or home-screen guide interactions, and optional encrypted backup, sync, relay, or private-space payloads when those features are enabled.

Controller and contact

For launch, Shippie is the controller for platform account, marketplace, deploy, analytics, support, and operational data it decides to collect. Makers may be responsible for their own app content, external services, and private workflows.

Contact hello@shippie.app for privacy questions, access, correction, export, deletion, or objection requests about data Shippie servers hold.

What stays on your device

App content such as recipes, trip notes, journals, counters, drawings, and local files belongs to the app and the device where you created it unless the app clearly asks to connect, share, export, sync, relay, or back up.

  • Local storage, IndexedDB, Cache Storage, OPFS, and service-worker caches are controlled by your browser.
  • The Your Data panel helps you inspect, export, move, or clear Shippie-managed local storage on that device.
  • Deleting local browser data can remove app data stored only on this device. Export first when the data matters.

What Shippie servers may receive

The platform receives requests needed to serve shippie.app, app listings, app packages, public pages, invite links, auth flows, and maker dashboards.

  • Account information when you sign in, such as email, display name, avatar, and provider identifiers.
  • Maker app metadata, package hashes, scan results, deploy status, visibility settings, and public listing content.
  • Operational logs, abuse-prevention signals, rate-limit events, and aggregate usage signals needed to keep the service reliable.
  • Capability proof events when an app or wrapper reports that a feature worked, such as home-screen launch, offline load, or local data export.
  • Encrypted backup, sealed document, relay, or private-space payloads and their technical metadata when you choose features that need Shippie to store or relay sealed data.

Your controls

You can use local apps without signing in. When an app exposes Your Data, use that panel to inspect local storage, disclosed connections, available export or restore options, and device-only wipe controls.

For account deletion, access, correction, export, or privacy questions about data Shippie servers hold, contact hello@shippie.app from the email tied to the account.

Children

Shippie is not directed to children under 13. If you believe a child under 13 has provided account information to Shippie, contact hello@shippie.app so we can review and remove it where required.

Third-party apps

A public Shippie listing must pass the Local App policy scanner before it publishes. That scanner blocks common cloud databases, third-party auth, trackers, ads, insecure connections, and bundled secrets.

Static scanning is still not perfect proof. Check an app detail page or Your Data for capability badges, disclosed connection domains, and proof status before relying on it with sensitive data.

Ship

A sealed shipped item is encrypted in your browser with AES-256-GCM. The key lives only in the URL fragment, which browsers never send to the server, so Shippie stores and serves only ciphertext and cannot read it. The honest caveat: anyone who has the full link has the key and can read it, so treat a sealed link like a password.

A shareable shipped item is a public web page that Shippie serves and can read, because it is public by design. Shareable items are scanned for secrets and phishing patterns on upload. All shipped items are ephemeral and expire automatically (24 hours anonymous, up to 7 days signed in).

  • Report a public shipped item with the report control or via /api/drops/[id]/report.
  • For abuse, copyright, or takedown, contact hello@shippie.app.

Contact

For privacy questions, data requests, or concerns about a listed app, contact hello@shippie.app.