← Back to ShipmentScope

Privacy Policy

Last updated: July 2, 2026

What we do

ShipmentScope helps you track online orders by connecting to your email account. We scan your inbox for order confirmation and shipping emails from supported retailers and display that information in one dashboard.

Data we access

Data storage

Your orders and connected email account details are stored on our server, scoped to your account only — no other user can see them. Email account passwords are encrypted at rest (AES-256-GCM) before being stored, and are only decrypted in memory when actively syncing your inbox. Your browser also keeps a local cache of your orders for faster loading, tied to your account so it can't leak to someone else signing in on the same browser. Data transmitted between your browser and our server is encrypted in transit.

Data sharing

We do not sell, rent, or share your personal data or order information with any third party. Nothing you connect is used for advertising.

Data deletion

You can permanently delete your account at any time from Settings → Account. This immediately erases your orders, connected email accounts, and account record, and signs you out everywhere.

Security

Login passwords are hashed with scrypt and compared using timing-safe checks. Email passwords are encrypted at rest and used only to connect directly to your provider's mail server — never sent anywhere else. Sign-in sessions use an HttpOnly cookie that JavaScript can't read. Login and signup attempts are rate-limited to protect against automated password guessing.

Hosting

ShipmentScope is hosted on Amazon Web Services (AWS).

Changes to this policy

If this policy changes, we'll update the "Last updated" date above.

Contact

For questions about this policy, contact us at vrajp1030@gmail.com.