SwiftGreen Couriers Privacy Policy

Effective: January 20, 2025 | Version: 4.0

1. Introduction

SwiftGreen Couriers International Ltd ("we", "us", or "our") operates a global logistics network serving 180+ countries. This Privacy Policy explains how we collect, use, disclose, and protect personal data across:

  • Our websites (www.swiftgreencouriers.com and regional domains)
  • Mobile applications (iOS/Android)
  • API integrations with e-commerce platforms (Shopify, WooCommerce)
  • Physical operations at 300+ facilities worldwide

1.1 Compliance Framework

We adhere to:

  • GDPR (EU General Data Protection Regulation)
  • CCPA/CPRA (California Consumer Privacy Act)
  • PIPEDA (Canada's Personal Information Protection Act)
  • LGPD (Brazil's Lei Geral de Proteção de Dados)

2. Data We Collect

Category Examples Purpose Legal Basis
Account Data Full name, email, phone, business address, tax ID User registration, invoicing Contractual necessity
Shipping Data Sender/recipient details, package contents, customs declarations Service fulfillment, regulatory compliance Legal obligation
Payment Data Card last 4 digits, billing address (processed via Stripe/PayPal) Transaction processing Contractual necessity
Device Data IP address, browser type, mobile device ID Fraud prevention, analytics Legitimate interest
Location Data GPS coordinates (for driver tracking), pickup/delivery addresses Real-time shipment tracking Consent (where required)

Sensitive data: We do not intentionally collect racial, health, or biometric data unless required for customs (e.g., FDA-regulated shipments).

3. How We Use Your Data

3.1 Core Operations

  • Calculate shipping rates and taxes
  • Generate customs documentation
  • Provide real-time tracking updates
  • Process claims for lost/damaged items

3.2 Business Improvement

  • Optimize delivery routes using historical data
  • Develop predictive analytics for delays
  • Train AI models for address validation

3.3 Marketing

With consent, we may:

  • Send promotional emails (opt-out available)
  • Show targeted ads (via Facebook Pixel, Google Ads)
  • Analyze campaign performance

4. Data Sharing & Third Parties

4.1 Necessary Disclosures

We share data with:

  • Carriers: FedEx, DHL, local postal services for last-mile delivery
  • Customs Authorities: HS codes, commercial invoices
  • Payment Processors: Stripe, PayPal (PCI-DSS compliant)

4.2 Service Providers

Under strict NDAs:

  • Cloud Storage: AWS (encrypted at rest)
  • Customer Support: Zendesk (data processing agreement in place)
  • Analytics: Google Analytics 4 (IP anonymization enabled)

4.3 Business Transfers

In mergers/acquisitions, customer data may transfer to successors after privacy review.

5. International Data Transfers

As a global courier, your data may transit through:

  • EU → US: Under GDPR Standard Contractual Clauses
  • UK: Under UK International Data Transfer Agreement
  • Other Regions: Only when adequate protections are verified

Our data centers are SOC 2-certified in the US, Germany, and Singapore.

6. Data Security

6.1 Technical Measures

  • Transport Layer Security (TLS 1.2+) for all web traffic
  • AES-256 encryption for sensitive data at rest
  • Annual penetration testing by independent auditors

6.2 Access Controls

  • Role-based permissions for employees
  • Mandatory MFA for admin accounts
  • Quarterly security training for staff

6.3 Incident Response

In the event of a breach affecting your data, we will:

  1. Notify regulators within 72 hours (where required)
  2. Inform affected users via email within 7 business days
  3. Provide free credit monitoring for exposed financial data

7. Your Privacy Rights

Right Description How to Exercise
Access Request a copy of your data Submit a Data Subject Access Request
Rectification Correct inaccurate information Update your account settings or contact support
Erasure Delete non-essential data Email [email protected]
Portability Receive your data in machine-readable format Available for automated processing via API
Opt-Out (CCPA) Direct marketing or data sales Click "Unsubscribe" or enable "Do Not Sell My Data" in account

Response time: We fulfill requests within 30 days (15 days for CCPA).

8. Data Retention

  • Active accounts: Retained for 5 years after last shipment
  • Shipment records: 7 years (for tax/legal compliance)
  • Marketing data: 2 years from last interaction

Data is securely purged after retention periods using NIST 800-88 standards.

9. Children's Privacy

We do not knowingly collect data from individuals under 16. Shipments for minors require adult consent.

10. Policy Updates

We will notify users of material changes via:

  • Email alerts 30 days in advance
  • Website banners with summaries of changes
  • In-app notifications for mobile users

11. Contact Us

Data Protection Officer
SwiftGreen Couriers International Ltd
944 South S-Grove Road, Memphis, TN 38120, USA
Email: [email protected]
Phone: +1 (800) 555-7943 (Ext. 700)

EU Representative:
SwiftGreen EU Ltd, Attn: Data Protection
28 Rue de la Loi, 1000 Brussels, Belgium