Privacy Policy and Terms of Service

Last updated: July 31, 2025

1. Introduction

ShipFifty LLC ("ShipFifty," "we," "our," or "us") provides logistics software, fulfillment management services, and integration tools for e-commerce sellers. This Privacy Policy and Terms of Service outlines our obligations and your rights under applicable privacy laws and platform agreements including but not limited to:

  • Amazon Selling Partner API (SP-API) requirements
  • GDPR (EU and UK versions)
  • PIPEDA (Canada)
  • CCPA/CPRA (California)
  • General U.S. data privacy and consumer protection laws

2. Scope

This policy governs how we:

  • Collect, process, store, and share personal and business data
  • Use third-party services to fulfill logistics, labeling, and analytics
  • Protect and secure Personally Identifiable Information (PII)
  • Operate our web platform, APIs, integrations, and services

This policy applies to all users of our platform, including clients, customers of clients (e.g., buyers on Amazon), and partners.

3. What Data We Collect

A. Directly Provided Data

  • Name, email, phone number
  • Company details
  • Shipping and billing addresses
  • Login credentials and identifiers

B. Automatically Collected Data

  • IP addresses, device/browser info
  • Timestamps, usage patterns, error logs
  • Session activity and analytics

C. Platform-Integrated Data (via OAuth/API)

  • Amazon order data, including buyer name/address
  • Inventory, shipment, and product metadata
  • Tracking numbers and carrier status
  • Historical marketplace data via APIs like Keepa

We only collect this data after explicit authorization is granted.

4. Purpose of Use

We use your data to:

  • Provide warehouse receiving, fulfillment, and shipping workflows
  • Generate labels and process outbound shipments
  • Display dashboards for order/inventory status
  • Enable integrations with platforms like Amazon, ShipStation, and Keepa
  • Monitor and improve platform stability and performance

We do not sell your data. All data access is granted through secure OAuth authorization or direct consent.

5. Data Sharing

We share data only as necessary to fulfill our services:

  • Shipping carriers (e.g., UPS, FedEx) for generating labels
  • Cloud infrastructure providers (e.g., AWS, GCP) for secure hosting
  • Integrated platforms (Amazon, Shopify, ShipStation, etc.)
  • Legal authorities if required by law

All third-party services are subject to strict security and compliance requirements.

6. Data Storage & Security

  • All data is encrypted in transit (TLS 1.2+) and at rest (AES-256)
  • Role-based access control (RBAC) is enforced
  • Secrets and credentials are stored in secret managers (e.g., AWS Secrets Manager)
  • MFA and IP restrictions are enforced for all admin-level users
  • Audit logs and access records are retained for review

7. Data Retention

  • PII is retained no longer than 30 days after fulfillment unless legally required
  • Data may be retained longer if needed for compliance, invoicing, or tax reporting
  • Secure deletion or anonymization is performed after expiration

8. Your Rights

You may request:

  • Access to or correction of your data
  • Deletion of data (Right to be Forgotten)
  • Data portability
  • Withdrawal of consent
  • Restriction or objection to processing

To make a request, email: privacy@shipfifty.com

9. Testing & Development

  • Production PII is never used in test environments
  • Synthetic data is used for QA and pre-deployment testing
  • Staging systems are isolated and access-controlled

10. Incident Response

In case of a breach or unauthorized access:

  • Access is immediately revoked
  • Logs and systems are reviewed
  • Amazon is notified (security@amazon.com) if data is impacted
  • Affected users and authorities are notified as required

11. Compliance & Certifications

Our practices are designed to comply with:

  • GDPR & UK GDPR
  • PIPEDA (Canada)
  • CCPA/CPRA (California)
  • Amazon SP-API Data Protection Policy
  • SOC 2 and ISO 27001-aligned controls (where applicable)

12. Terms of Service

A. Use of Services

You agree not to:

  • Misuse, reverse-engineer, or bypass systems
  • Resell or expose APIs without written permission
  • Violate any marketplace or carrier policies

B. Account Responsibilities

You are responsible for:

  • Safeguarding your credentials
  • Ensuring your integrations are properly authorized
  • Notifying us immediately of unauthorized use

C. Service Availability

We strive for 99.9% uptime but cannot guarantee uninterrupted access. We are not liable for downtime caused by third-party systems (e.g., Amazon APIs).

D. Limitation of Liability

ShipFifty is not responsible for indirect or consequential losses. Our total liability is limited to the amount paid for services in the past 90 days.

E. Termination

We may suspend accounts that violate these terms, applicable laws, or abuse our services.

13. Contact Us

Email: privacy@shipfifty.com
Mailing Address: ShipFifty LLC, 150 Main Rd, Montville, NJ 07045

14. Updates

We may update this policy. Material changes will be posted at shipfifty.com/privacy-policy and notified via email where applicable.

By using our platform, you agree to this Privacy Policy and our Terms of Service.