Omaship

Privacy Policy

Responsible Party

bloomed AI UG (haftungsbeschränkt)
Königstr. 70
53115 Bonn
Germany

For privacy-related questions:
Email: hello@omaship.com

Data Collection Overview

1. Free Template Access (GitHub OAuth + Email)

Data: GitHub user ID, GitHub login, GitHub profile name, primary email address, optional reason message, timestamps

Purpose: Unlocking template access, preventing abuse, and sending onboarding emails

Legal basis: Contract initiation (GDPR Art. 6 para. 1 lit. b) and consent for onboarding emails (GDPR Art. 6 para. 1 lit. a)

Retention: Until deletion is requested or data is no longer needed for access and onboarding

2. User Account

Data: Email, encrypted password, creation timestamp

Purpose: Authentication and platform access

Legal basis: Contract fulfillment (GDPR Art. 6 para. 1 lit. b)

Retention: Until account deletion or 3 years after last activity

3. Project Data

Data: GitHub org/repo names, domains, provisioning logs

Purpose: Creating and managing GitHub repositories

Legal basis: Contract fulfillment (GDPR Art. 6 para. 1 lit. b)

Retention: Until project or account deletion

4. Technical Data

Data: Anonymized IP, browser, OS, timestamp

Purpose: Technical provision and security

Legal basis: Legitimate interest (GDPR Art. 6 para. 1 lit. f)

Retention: 7 days

GitHub Integration

For free template access, GitHub OAuth is used to verify your account and retrieve your GitHub ID, login, name, and primary email. For product provisioning, we additionally process repository configuration and encrypted access tokens as required to create and manage repositories.

GitHub's own privacy policy applies: GitHub Privacy Statement

Cookies

We use essential cookies for authentication and session management. These are technically necessary and stored based on GDPR Art. 6 para. 1 lit. f. Session cookies are deleted when you close your browser.

Our scheduling tool Calendly may set cookies when you use the embedded booking widget on our Book a Call page. These cookies enable the scheduling functionality and are processed by Calendly, Inc. For details, see Calendly's Cookie Policy.

Third-Party Services

GitHub

Purpose: OAuth sign-in and repository integration

Provider: GitHub, Inc., San Francisco, CA, USA

Data: GitHub account identifiers and profile/email data permitted by OAuth scopes

Legal basis: Contract initiation (GDPR Art. 6 para. 1 lit. b)

GitHub Privacy Statement

Resend

Purpose: Sending onboarding and product emails

Provider: Resend, Inc., San Francisco, CA, USA

Data: Email address and email metadata required for delivery

Legal basis: Consent or contract-related communication (GDPR Art. 6 para. 1 lit. a/b)

Resend Privacy Policy

Calendly

Purpose: Scheduling calls via embedded widget

Provider: Calendly, LLC, Atlanta, GA, USA

Data: Name, email, and scheduling preferences you enter when booking

Legal basis: Your consent (GDPR Art. 6 para. 1 lit. a)

Calendly Privacy Policy

Data Security

  • SSL/TLS encryption for all data transmission
  • Encrypted password storage using bcrypt
  • Secure servers in Germany
  • Regular security updates
  • Access controls and authentication

Your Rights

Under GDPR, you have the right to:

  • Request information about your stored data
  • Request correction of inaccurate data
  • Request deletion of your data
  • Request restriction of processing
  • Receive your data in machine-readable format
  • Object to processing based on legitimate interest
  • Withdraw consent at any time

Contact: hello@omaship.com

Supervisory Authority

State Commissioner for Data Protection NRW
Email: poststelle@ldi.nrw.de
Phone: 0211/38424-0

Last updated: February 21, 2026