Privacy Policy

1. Information We Collect

We collect only the data necessary to provide and improve our services:

• Account Information: name, email address, company name, and authentication credentials.
• Business & Operational Data: orders, product information, fulfillment events, and related data processed through our platform.
• Usage Data: browser type, IP address, device identifiers, and site interactions for analytics, fraud detection, and performance optimization.
• Communications: messages and support requests you send to us.

We do not collect sensitive personal data unless required for a specific feature and only with your consent.

2. How We Use Your Information

We process your data for the following legitimate purposes:

• Provide, maintain, and improve the ShipBundle platform and related services.
• Authenticate users, detect and prevent unauthorized access, and protect against fraud or abuse.
• Communicate about service updates, account notices, and customer support requests.
• Analyze usage and improve product performance and reliability.
• Comply with legal obligations and enforce our Terms of Service.

We rely on one or more lawful bases under GDPR—contract performance, legal obligation, legitimate interest, and consent—depending on the purpose of processing.

3. Data Sharing and Disclosure

We do not sell or rent personal data. We share information only with trusted third-party service providers (“processors”) who help operate our platform—such as cloud hosting, email delivery, analytics, and customer support systems.

All processors are bound by strict data processing agreements requiring confidentiality, security, and compliance with GDPR and PIPEDA standards. We may also disclose limited data when required by law or to protect our legal rights.

4. Security and Data Retention

We implement industry-standard security measures to protect your information, including:

• Encryption in transit and at rest
• Access controls and multi-factor authentication
• Continuous monitoring and vulnerability management

We retain personal data only as long as necessary for the purposes outlined in this policy or as required by law. Once data is no longer needed, it is securely deleted or anonymized.

5. International Data Transfers

Where data is transferred outside of your jurisdiction (for example, to cloud providers in the U.S.), we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the European Commission.

6. Your Rights

You have the right to:

• Access the personal data we hold about you
• Correct inaccurate or incomplete information
• Request deletion of your data (subject to legal or contractual limits)
• Withdraw consent for processing where applicable
• Request data portability and information about automated decision-making

To exercise these rights, contact us at privacy@shipbundle.com. We will respond within applicable legal timeframes.

7. Cookies and Tracking

We use cookies and similar technologies for authentication, security, and analytics. You can manage cookie preferences through your browser settings.

8. Contact Us

If you have questions, concerns, or complaints about this Privacy Policy or our data practices, please contact our Privacy Officer:

• Email: privacy@shipbundle.com

If you are in the EU or UK and are not satisfied with our response, you may lodge a complaint with your local data protection authority.

9. Policy Updates

We may update this Privacy Policy periodically. When we do, we will revise the “Last Updated” date above and notify users of significant changes via email or our website.