Privacy Policy

Learn how Skippership collects, uses, and protects your data while ensuring compliance with global privacy standards.

Effective Date: October 13, 2025

At Skippership (“we,” “our,” or “us”), protecting your sensitive data is a top priority. This Privacy Policy explains how we collect, use, share, and safeguard information about visitors, customers, partners, and end-users (collectively, “you”) in connection with our services, including session recordings, heatmaps, goal tracking, and AI analytics (the “Services”).
By using our websites or Services, you agree to this Privacy Policy.

This Privacy Policy is the official English version. Any translations are for convenience only and have no legal effect.

1. Scope

This Privacy Policy applies to:

  • Visitors to our websites (“Visitors”)
  • Customers who purchase or use our Services (“Customers”)
  • Partners and resellers who have agreements with us

If you visit a Customer’s website that uses our Services, the Customer’s privacy policy applies. Below, we explain how we process your data for our Customers.

2. Information We Collect

A. Information from Visitors (Automatically Collected)

We may automatically collect the following data when you visit our websites or use our Services:

  • Device & technical data: IP address (may be anonymized), browser type, operating system, device type, screen resolution, language preferences
  • Digital behavior data: pages visited, clicks, scrolling, session duration, interaction with content
  • Location data: approximate location based on IP address
  • Referral information: information about the website or source that led you to our website
  • Cookies and similar technologies: see our Cookie Policy for details

B. Information Provided Directly

When you contact us, sign up for a trial, demo, newsletter, or create an account, we may collect:

  • Full name, email address, phone number
  • Company and job position
  • Login credentials (excluding passwords)
  • Billing information (processed by third-party payment processors; we do not store it)

C. Information from Customer Websites (Data Processor Role)

For Visitors to Customer websites, we process data on behalf of Customers, including:

  • Session recordings, mouse movements, clicks, scrolls
  • Heatmap and goal tracking data
  • Device and referral information
  • AI analytics generated from aggregated or pseudonymized data

Sensitive Data Protection:

Skippership automatically masks and removes sensitive information from all session recordings. This includes:

  • Password input fields
  • Payment card fields (credit/debit)
  • Personal identification numbers (e.g., SSN)
  • Email addresses in forms
  • Any other input field containing personal information

As a result, recordings show only user actions without exposing private details.

3. How We Use Information

We use collected data for the following purposes:

  • Providing Services: account management, billing, and operational support (legal basis: contract performance)
  • Improving Services: analyzing usage patterns, testing features, enhancing performance and usability (legal basis: legitimate interest)
  • Personalization: customizing website content and analytics dashboards (legal basis: consent or legitimate interest)
  • Customer Support: responding to inquiries, resolving issues, and providing technical assistance (legal basis: contract performance)
  • Security and Compliance: monitoring security, detecting fraud or unauthorized access, enforcing terms, and complying with legal obligations (legal basis: legitimate interest and legal compliance)
  • Marketing: sending promotional materials, newsletters, and updates about Services (legal basis: consent or legitimate interest)

4. Data Sharing and Disclosure

We do not sell personal data. Data may be shared only in the following cases:

  • With Customers: aggregated, anonymized, or pseudonymized analytics results
  • With service providers or subprocessors: for service delivery (e.g., cloud hosting, analytics, storage) under strict contractual obligations
  • For legal reasons: to comply with laws, legal requests, or protect our rights and the rights of others

International Transfers:

When transferring data outside the EU or other jurisdictions with strict privacy laws, we ensure adequate safeguards, including:

  • EU-U.S. Data Privacy Framework (DPF)
  • Standard Contractual Clauses (SCCs)

5. Data Retention

Data is retained only as long as necessary to fulfill the purposes described above.

  • Customer data is retained in accordance with the Customer's instructions.
  • Legal or regulatory requirements may require longer retention.
  • After retention, personal data is deleted or anonymized.

6. General Privacy Rights

Depending on your jurisdiction, you may have the right to:

  • Access your data
  • Correct inaccurate data
  • Delete your data
  • Restrict processing
  • Receive a portable copy of your data
  • Object to processing, including for marketing
  • Withdraw consent at any time

Requests can be sent to: [email protected]

A response will be provided within one month (exceptions may apply).

EU/EEA residents may also contact their local data protection authorities.

A. California (CCPA/CPRA)

If you are a resident of California, you have additional privacy rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA). These rights may include:

  • The right to know what personal information we collect about you, the sources of that information, and how it is used or shared.
  • The right to request deletion of your personal information, subject to certain exceptions.
  • The right to opt out of the sale of your personal information. (Note: Skippership does not sell personal information.)
  • The right to non-discrimination for exercising your privacy rights.

To exercise your California privacy rights, please submit a request to: [email protected]. We will respond within the timeframes required by applicable law.

Note: CCPA/CPRA rights apply only to California residents, and certain thresholds may apply (e.g., annual revenue, number of consumer records processed). Skippership is committed to assisting customers who need to comply with these regulations.

B. European Union (GDPR)

European Union (EU/EEA) Privacy Rights (GDPR)

If you are located in the European Union (EU) or European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR). These include:

  • Right of Access: You can request access to the personal data we hold about you.
  • Right to Rectification: You can request correction of inaccurate or incomplete data.
  • Right to Erasure (“Right to be Forgotten”): You can request deletion of your data where legally applicable.
  • Right to Restrict or Object: You can object to or restrict our processing of your data in certain circumstances.
  • Right to Data Portability: You can request a copy of your data in a structured, commonly used, and machine-readable format.
  • Right to Withdraw Consent: You can withdraw your consent at any time where processing is based on consent.

You can exercise these rights by contacting [email protected]. We will respond within the timelines required by GDPR, usually within one month.

When we transfer data outside the EU or EEA, we use safeguards such as the EU Standard Contractual Clauses (SCCs) to protect your personal data.

7. Cookies and Tracking

We use cookies and similar technologies to improve website functionality, track analytics, and personalize user experience.
Users can manage cookie preferences or opt out entirely using our Cookie Policy.

8. Data Security

We implement technical and organizational measures to protect data, including:

  • Encryption for data in transit and at rest
  • Access control and authentication
  • Monitoring for unauthorized access or breaches

User Responsibilities:

  • Keep login credentials confidential.
  • Report any suspected security incidents to [email protected]

Sensitive Data Masking:

All sensitive elements in session recordings are automatically masked to ensure visitor privacy.

Our websites may link to external websites. We are not responsible for the privacy practices or content of these sites.

10. Children

We do not knowingly collect personal data from individuals under 16. If we discover such data, it will be deleted.

11. Changes to This Policy

Updates are effective when posted. Significant changes will be communicated via email, account notifications, or on the website.

12. Contact

For questions about this Privacy Policy or your data: [email protected]