Privacy Policy

We collect information in three primary ways: (a) information you voluntarily provide, (b) information automatically collected through technology, and (c) information obtained from third parties.

1.1 Personal Information You Provide

• Full name, business name, title, and contact details (email, telephone, fax, mailing, shipping, and billing addresses).
• Account credentials (username, password, security questions, two-factor authentication data).
• Shipment & logistics data: origin/destination, dimensions, weight, contents, declared value, special handling instructions, hazmat declarations, customs documentation, tracking numbers.
• Payment & financial information (credit/debit card details, bank account, routing numbers, tax ID) — transmitted directly to third-party payment processors; we do not store full card numbers or CVV codes.
• Business information: company registration, EIN/SSN (where legally required), credit application data, references, insurance information.
• Communications: support tickets, live chat transcripts, emails, telephone recordings (with notice where required), survey responses.
• Marketing preferences, opt-in/opt-out selections, and contest or promotion entries.

1.2 Information Automatically Collected

• Device & usage data: IP address, browser type/version, operating system, device identifiers (UDID, advertising ID), MAC address, hardware information.
• Geolocation data (city-level or precise GPS when enabled for shipment tracking or quote requests).
• Internet activity: pages visited, time on page, click-stream data, referring/exit URLs, search terms, interactions with the Services.
• Cookies, web beacons, pixels, tags, scripts, and similar tracking technologies (see §5).
• Log files and server logs generated by our hosting and security infrastructure.

1.3 Information from Third Parties

• Shipping carriers (UPS, FedEx, USPS, DHL, and others), freight forwarders, and customs brokers.
• Payment processors, fraud-prevention services, and credit reporting agencies.
• Business partners, referrers, and integrated platforms (e.g., Shopify, Amazon Seller Central, ERP systems).
• Publicly available sources, social media platforms (if you link or log in via Google, LinkedIn, etc.), and lawful data brokers.
• Government agencies or regulatory bodies when required for customs clearance or compliance.

We use collected information for the following lawful business purposes:

Service Delivery & Fulfillment

Quote processing, booking, real-time tracking, label and customs generation, proof of delivery, returns and claims.

Account Management & Customer Service

Account creation and maintenance, identity verification, inquiry response, 24/7 support.

Payment Processing & Fraud Prevention

Transaction authorization, fraud detection, anti-money-laundering compliance.

Personalization & Improvement

Experience customization, service recommendations, usage analysis to enhance the Site and Services.

Marketing & Communications

Transactional notices, promotional offers, newsletters, surveys — only with consent or as permitted by law (with easy opt-out).

Analytics, Research & Product Development

Statistical analysis, ML for route optimization, demand forecasting, internal R&D (de-identified or aggregated where possible).

Security, Safety & Legal Compliance

Protecting against unauthorized access, investigating Terms violations, enforcing rights, complying with subpoenas, court orders, tax, customs, and applicable law.

Business Operations

Accounting, auditing, insurance claims, M&A due diligence, corporate governance.

We process your information only on a lawful basis: (i) performance of a contract, (ii) legitimate business interests, (iii) legal obligation, or (iv) your explicit consent (which you may withdraw at any time).

We may disclose information in the following limited circumstances:

• Service providers & vendors: cloud hosting (AWS, Azure), analytics (Google Analytics, Hotjar), payment processors (Stripe, Authorize.net), shipping APIs, email/SMS platforms, CRM, and professional advisors — bound by strict data-processing agreements.
• Affiliates & corporate group: shared within the Ivy League Logistics corporate family for operational efficiency.
• Business transfers: in a merger, acquisition, bankruptcy, or sale of assets, your information may transfer as a business asset.
• Legal & regulatory compliance: to law enforcement, courts, regulators, or government authorities pursuant to subpoena, warrant, or legal process; to protect public safety; to defend our legal rights.
• With your consent: any other sharing only after your explicit, informed consent.
• Aggregated or de-identified data: statistics or insights that do not identify any individual.

We conduct due diligence and maintain written contracts with every third party that receives personal information.

We implement and maintain commercially reasonable administrative, technical, and physical safeguards designed to protect personal information.

Strictly Necessary

Enable core Site functions (login, cart, shipment booking).

Functional

Remember preferences and improve user experience.

Performance / Analytics

Google Analytics, Microsoft Clarity, etc., to measure traffic and usage.

Targeting / Advertising

Only third-party advertising pixels where you have consented; no cross-context behavioral advertising that would be considered a “sale” under CCPA.

You may manage cookies via your browser settings or our cookie consent banner (where available). Blocking certain cookies may disable features.

Do-Not-Track Signals. Our Site does not currently respond to browser DNT signals. We honor global privacy controls and opt-out preferences where required by law.

We retain personal information only as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations (e.g., 7-year tax and customs records), resolve disputes, and enforce agreements.

• Active account data: retained while the account is active plus 7 years after closure (or longer if required by law).
• Shipment records: retained for the period required by carrier contracts and regulatory rules (typically 7–10 years).
• Marketing data: retained until you opt out or withdraw consent.
• De-identified or aggregated data: retained indefinitely.

Upon expiration of retention periods, we securely delete or anonymize the data.

All Users

• Access, correct, or delete your personal information (subject to legal exceptions).
• Opt out of marketing communications at any time (unsubscribe link in every email or by contacting us).
• Withdraw consent where processing is based on consent.

California Residents (CCPA / CPRA)

• Know what personal information we collect, use, disclose, or sell.
• Delete your personal information.
• Opt out of the sale or sharing of your personal information (we do not sell; sharing for cross-context behavioral advertising is limited).
• Limit the use and disclosure of sensitive personal information.
• Correct inaccurate information.
• Non-discrimination for exercising rights.

Submit requests via the methods in §12. We verify your identity and respond within 45 days (extendable once by 45 days).

Virginia, Colorado, Connecticut, Utah & Other State Residents

You have analogous rights under your state’s consumer privacy law. We treat all users equally and honor these rights where applicable.

EU / UK / Swiss Residents (GDPR)

If GDPR applies to you, you have additional rights including the right to object, restrict processing, data portability, and to lodge a complaint with your supervisory authority. Our lead supervisory contact is listed in §12.

We do not engage in automated decision-making or profiling that produces legal or similarly significant effects.

Your information may be transferred to, stored, and processed in the United States or other countries where our service providers operate. These countries may have different data-protection standards than your home country.

Where required, we use Standard Contractual Clauses (or equivalent safeguards) approved by the European Commission, UK ICO, or other authorities, along with supplementary measures, to ensure an adequate level of protection.

The Services are not directed to children under 13 (or the minimum age required in your jurisdiction). We do not knowingly collect personal information from children. If we learn we have collected such data, we will delete it promptly. Parents may contact us at the address below.

The Site may contain links to third-party websites or services. We are not responsible for their privacy practices. We encourage you to read their privacy policies.

We may update this Policy to reflect changes in our practices, technology, or applicable law. The “Last Updated” date at the top will be revised. Material changes will be notified by posting a prominent notice on the Site, sending an email to the address associated with your account, or both. Your continued use of the Services after the effective date constitutes acceptance of the revised Policy.

We acknowledge requests within 10 business days and respond substantively within the timeframes required by law.

Governing Law

This Policy is governed by the laws of the State of Maryland, United States, without regard to conflict-of-laws principles. Any disputes shall be resolved exclusively in the state or federal courts located in Howard County, Maryland.