Privacy & Security Essentials

Last Updated: April 2026

1. Data Collection & Purpose

We process only the minimum personal data required to provide value to our merchants. We are transparent about the data we process and strictly limit its use to the following purposes:

• Shipment Fulfillment: Recipient names and addresses for label generation and customs compliance.
• Account Management: Merchant contact and billing info governed by formal Data Protection Agreements.
• Consent: We respect all customer consent decisions and do not sell personal data.

2. Data Retention & Protection

• Retention: Data is subject to strict retention periods and is not kept longer than necessary for operational or legal requirements.
• Encryption: All data is encrypted both at rest and in transit. This extends to all data backups.
• Environment Integrity: We strictly separate test and production data environments to prevent accidental exposure.
• Loss Prevention: We maintain a dedicated Data Loss Prevention (DLP) strategy to monitor and secure sensitive information.

3. Operational Security & Access

• Staff Access: Access to customer personal data is strictly limited to authorized personnel and is governed by strong password requirements.
• Monitoring: Every instance of access to personal data is logged for audit and security purposes.
• Response: We maintain a formal Security Incident Response Policy to address and mitigate potential threats immediately.

4. Your Legal Rights

Under GDPR/UK GDPR, you have the right to access, correct, or delete your data. We ensure that automated decision-making does not produce legal or significant effects without appropriate safeguards.

5. Contact Information