top of page
logo.png

Available Credits: $0.00

Privacy Policy

This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our Platform.
SECTION 1: INTRODUCTION AND SCOPE
1.1 Unified Governance

This Privacy Policy (the “Policy”) is established by Shipnovia Group Inc., dba SHIPVIA

COURIERS (collectively, “ShipVia Couriers,” the “Platform,” or the “Company”).

This Policy governs the collection, use, disclosure, processing, retention, storage, transfer, and

safeguarding of personal information across all ShipVia Couriers platforms, including but not

limited to shipviacouriers.ca and shipviacouriers.com, together with all associated dashboards,

APIs, support interfaces, mobile-optimized views, and digital integrations.

This Policy is inextricably linked to the Master Terms and Conditions. Together, the two

documents form a unified contractual and governance framework. By accessing the Platform,

generating a Shipping Label, purchasing ShipVia Package Protection, purchasing any optional

services or completing checkout, you provide unified, binding consent to both this Policy and

the Master Terms and Conditions.

In the event of an irreconcilable conflict between this Policy and the Master Terms and

Conditions, the Master Terms shall prevail with respect to commercial liability, fee

adjudication, and operational disputes. This Policy governs specifically the handling,

protection, and lawful processing of personal information.

1.2 Compliance Baselines (Canada & USA)

ShipVia Couriers maintains a centralized privacy governance model that aligns with the

following baseline regulatory frameworks:

Canadian Operations: For data collected, processed, or stored in connection with Canadian

operations, ShipVia Couriers adheres to the Personal Information Protection and Electronic

Documents Act (PIPEDA), including its principles of accountability, identifying purposes,

consent, limiting collection, limiting use, safeguarding, openness, and individual access rights.

United States Operations: For U.S.-based operations, ShipVia Couriers adopts the California

Consumer Privacy Act (CCPA) as its operational baseline standard for transparency, consumer

rights, disclosure obligations, and limitations on the “sale” of personal information. Where

additional U.S. state privacy laws apply, we endeavor to apply protections consistent with or

exceeding the CCPA baseline.

Centralized Standard: Where data flows cross provincial, state, or international boundaries,

ShipVia Couriers applies a unified privacy standard designed to meet or exceed the stricter

applicable requirement.

1.3 Regional Accommodations & Special Requests

ShipVia Couriers recognizes that privacy regulations may vary by jurisdiction. While we

maintain a centralized compliance standard, we respect local mandates and reasonable regional

accommodation requests.

Users located in specific provinces, states, or countries may submit written inquiries regarding

region-specific rights, access requests, or compliance accommodations to our central privacy

office at privacy@shipviacouriers.ca.

All requests are reviewed in good faith and assessed in accordance with applicable legal

obligations, operational feasibility, and data retention constraints.

1.4 Non-Commercialization & Authorized Data Use

ShipVia Couriers maintains a strict operational principle regarding the integrity of User data.

Our “Zero-Sale” policy is defined and limited as follows:

Prohibition of Data Brokerage: ShipVia Couriers does not sell, rent, lease, trade, or monetize

personal information by transferring it to third-party data brokers, advertising networks,

analytics resellers, or marketing firms for their independent commercial exploitation.

Authorized Logistics Purpose: Personal information is collected and processed exclusively as

a professional logistics asset to facilitate shipment fulfillment, security verification, fraud

prevention, regulatory compliance, claim adjudication, billing reconciliation, loyalty or

volume-tier administration, and other legitimate operational purposes directly connected to the

Platform’s services.

No Authorization for Unauthorized Sale: ShipVia Couriers does not authorize, permit,

condone, or tolerate the sale, disclosure, or exploitation of User data by any individual

employee, independent contractor, intern, support staff member, or affiliated personnel for

personal or unauthorized commercial gain. Any such unauthorized action would constitute a

breach of internal Governance Standards, employment or contractor agreements, and

potentially applicable criminal or civil law. Such unauthorized conduct does not reflect the

Company’s corporate business model and is expressly prohibited.

Limitation on “Sale” Definition: The transfer of personal information to authorized service

partners, including Carriers, EU-based Protection Partners, upstream aggregators, Community
 

Partners, Support and business development team members, auditors, or Successor Entities,

where such transfer is strictly necessary for shipment fulfillment, claims adjudication, rebate

verification, or lawful business continuity, constitutes a functional and contractual requirement

of the Platform’s services and does not constitute a “sale” of data under our operational

interpretation of applicable law.

No Secondary Exploitation: Authorized partners receiving data for operational purposes are

contractually restricted from using such data for unrelated marketing, resale, or independent

commercial exploitation.

SECTION 2: COMPREHENSIVE DATA COLLECTION AND STORAGE
2.1 Categories of Data Collected

To facilitate logistics, security, regulatory compliance, financial reconciliation, and dispute

adjudication, ShipVia Couriers collects and processes a comprehensive range of personal and

transactional information, including but not limited to:

Personal & Account Details: Full names, physical and mailing addresses, email addresses,

telephone numbers, billing details, and communication preferences associated with account

creation or guest checkout.

Security & Verification Data: One-Time Passwords (OTPs), multi-factor authentication logs,

password reset history, IP verification data, device confirmation markers, and identity

verification records submitted for claims or fraud review.

Logistics & Shipment Data: Complete shipment information for both sender and recipient,

including parcel weights, dimensions, declared contents, declared values, chosen service

levels, selected Carriers, origin and destination data, routing decisions, Pickup or drop off hub

service details and tracking history.

Customs & Regulatory Data: All information included in customs declarations, including

itemized descriptions, harmonized system (HS) codes, country of origin data, declared values,

exporter/importer details, and any additional regulatory documentation required for

International transit.

Interaction & Support Records: Chatbot transcripts, support ticket logs, email correspondence,

dispute submissions, promotional or coupon code usage history, loyalty or volume-tier

participation records, and acknowledgment of disclaimers, waivers, or legal notices.

Audit & Interaction Records: Real-time tracking data, historical shipment logs, Carrier

Adjustment disputes, administrative fee adjudication records, promotional eligibility

verifications, rate display history, pre-rate safety screening inputs, customs declaration entries

submitted prior to ShipVia Rate visibility, and documentation of all legally binding

acknowledgments accepted by the User during any stage of session activity or checkout.

Financial & ShipVia Package Protection Data: Declared values for protection coverage, base

and total transaction amounts (including taxes), documentation submitted in support of claims,

and tokenized payment identifiers generated by PCI-compliant payment providers. Billing

records, wallet balances or email credit, invoice metadata, and post-billing adjustment records

may be administered through the Company’s designated Administrative Billing Provider used

for invoicing, financial reconciliation, ShipVia Wallet ledger management, and related billing

administration functions.

Note: ShipVia Couriers does not store raw credit card numbers or CVV data. All sensitive

payment information is processed exclusively through secure, PCI-compliant payment

processors utilizing tokenization.

2.2 Technical Metadata Repository (“Interaction Trail”)

ShipVia Couriers maintains a structured technical metadata repository, referred to internally as

the “Interaction Trail,” for each user session and transaction.

This repository may include:

• IP addresses and approximate geolocation data;

• Device fingerprints and browser identifiers;

• Session duration and navigation paths;

• Timestamped records of platform acknowledgments;

• Version-controlled acceptance logs for the Master Terms and this Privacy Policy;

• Promotional code or affiliate code usage logs;

• Login attempt history and anomaly detection markers.

Purpose of Metadata Collection: This metadata is collected and processed for legitimate

operational purposes, including but not limited to:

• Fraud detection and prevention;

• Identification of unauthorized account access;

• Bot detection and automated abuse mitigation;

• Validation of promotional eligibility and reward integrity;

• Defense against payment disputes and credit card chargebacks;

• Adjudication of Carrier Adjustments;
• Verification of legally binding consent at checkout.

In addition to technical session data, the Interaction Trail includes timestamped records of all

shipment-related and financial inputs entered or generated by the User or system, including but

not limited to shipment details entered prior to rate display, safety screening responses, customs

declarations, ShipVia Rate display and selection activity, ShipVia Package Protection

elections, declared values, payment confirmations, Pickup or drop off hub related data, Carrier

integration responses, billing adjustments, refund processing events, and claim submissions.

These records form part of the structured evidentiary metadata repository.

Evidentiary Function: The Interaction Trail serves as an authoritative internal record of User

actions, acknowledgments, and transactional behavior. Such records may be relied upon in

internal investigations, dispute resolution processes, arbitration proceedings, regulatory

inquiries, or court proceedings where necessary.

2.3 Storage and Security Protocols

Digital Storage: Collected data is stored within secure Wix Collections, restricted-access digital

drives, or comparable secure cloud infrastructure environments. Access is role-based and

limited strictly to authorized personnel on a need-to-know basis.

Encryption & Infrastructure Safeguards: Data is protected using industry-standard encryption

protocols while in transit and at rest. The Platform leverages enterprise-grade cloud

environments featuring firewalls, intrusion monitoring, access logging, and segregation of

environments where feasible.

Access Controls: Administrative access to personal information is restricted through credential

management, multi-factor authentication (where feasible), and periodic access review

processes.

Physical Records: Although ShipVia Couriers operates primarily in a digital-first environment,

any physical copies of shipping labels, customs declarations, claim documentation, or other

materials containing personal data are stored securely and destroyed via secure shredd ing

protocols once their operational purpose has been fulfilled.

Minimization Principle: Where feasible, personal data is limited to what is reasonably

necessary to fulfill the identified operational purpose.

2.4 Communications Governance

All operational communications issued by ShipVia Couriers, including platform notifications,

rate displays, system alerts, shipping confirmations, tracking updates, Protection claims data

handling and claims updates, SMS notifications, email communications, policy updates,

promotional communications, loyalty or fundback notices, customer support responses, and

website announcements, are processed in accordance with this Privacy Policy.

Communication records may be logged, timestamped, stored, and retained as part of the

Interaction Trail and metadata repository for fraud prevention, dispute resolution, compliance

verification, and evidentiary purposes.

SECTION 3: HOW WE USE AND DISCLOSE YOUR INFORMATION
3.1 Operational Fulfillment and Carrier Integration

The primary purpose for collecting and processing your personal information is to facilitate the

end-to-end logistics chain and associated financial reconciliation.

Carrier Integration via Technology and Rate Integrations: We disclose necessary shipment and

customs data through authorized rate, technology, and logistics integration partners that

facilitate access to third-party Carrier networks. Such disclosures enable Shipping Label

generation, transit initiation, tracking, customs data facilitation to carriers, Return to Sender

processing, and Carrier liability coordination. ShipVia Couriers does not independently operate

transportation services but facilitates logistics services through integrated upstream rate and

technology providers.

Upstream Aggregator Partners and Carriers: We may share operational data with authorized

wholesale logistics aggregators, carriers and upstream technology partners to secure volume-

based discounted shipping rates, enable label generation and shipment processing through

integrated APIs.

Purpose Limitation: Such disclosures are strictly limited to the operational necessity of

fulfilling Shipments and reconciling Carrier adjustments. Carriers and upstream partners are

not authorized to independently market unrelated products to you using this data unless

governed by their own separate relationship with you.

Administrative Billing Infrastructure: ShipVia Couriers may utilize a designated

Administrative Billing Provider to administer invoicing, financial reconciliation, ShipVia

Wallet balances and email credit, Carrier Adjustment pass-through charges, and related billing

records. This administrative billing platform operates as a secure operational layer between the

Platform, payment processors (including Stripe and PayPal), and operational partners. Payment

processing itself remains handled exclusively by PCI-compliant payment processors, while the

Administrative Billing Provider maintains invoice records, billing logs, and related financial

metadata required for operational reconciliation.

3.2 ShipVia Package Protection and International Claims

To administer and adjudicate ShipVia Package Protection claims, we share comprehensive

claim-related data with designated Service Partners, including partners located in the European

Union or other jurisdictions.

Scope of Data Shared: Data shared for claims adjudication may include:

• Customer and Recipient identity and contact details, including sender and recipient names,

addresses, contact numbers, and any declarations made in connection with shipment or customs

processing;

• Protection purchase confirmation;

• Declared values and original purchase invoices;

• Shipment tracking history and Carrier scan records;

• Carrier loss or damage confirmations;

• Photographic evidence of damage or packaging;

• Police reports (where applicable);

• Customs documentation for international Shipments.

• Interaction metadata and other documentation submitted relevant to the claim.

Cross-Border or International Data Transfers: Where Service Partners operate outside Canada,

personal information may be transferred internationally for underwriting review and claim

adjudication. Such transfers occur under contractual safeguards requiring confidentiality,

restricted purpose use, and commercially reasonable data protection standards. Data processed

in foreign jurisdictions may be subject to the lawful access requirements of those jurisdictions.

Operational Necessity: Such transfers are strictly necessary for the professional evaluation and

payment of protection claims and do not constitute a commercial sale of data.

Underwriting Autonomy: Service Partners process claim data solely for adjudication and

compliance purposes and are contractually prohibited from independent exploitation of such

information.

3.3 Regulatory, Customs, and Law Enforcement Disclosure

ShipVia Couriers complies with applicable legal obligations and lawful government requests.

Customs Authorities: We disclose customs declarations, shipment values, sender and recipient

information, and related documentation to customs authorities through our carrier or upstream

partner integrations to facilitate border clearance, tariff assessment, and regulatory compliance.

Legal and Law Enforcement: We may disclose relevant personal information and metadata:

• In response to subpoenas, court orders, or legally binding requests;

• To prevent imminent physical harm or financial fraud;

• To investigate Fraud, Misrepresentation, or Account Abuse;

• To defend the Company in legal proceedings.

Data Minimization in Legal Disclosure: Where disclosure is required, we limit such disclosure

to what is reasonably necessary to comply with the legal mandate.

3.4 Community Partners, Volume Perks or Affiliate code users, and Audit
Disclosures

For Users participating in Partner Clubs, Volume Tiers or Perks, loyalty programs, or

community-based incentives, certain transactional and operational data may be shared with

authorized Community Partners and auditors.

Fundback & Loyalty Facilitation: We may disclose transactional metrics, including shipment

frequency, total spend, qualifying thresholds, and relevant metadata necessary to calculate and

verify eligibility for rebates, Fundbacks and volume-based pricing incentives.

Audit and Compliance: Data may be disclosed to independent auditors or authorized

administrators to:

• Verify promotional integrity;

• Confirm eligibility thresholds;

• Prevent misuse of promotional codes or affiliate codes;

• Ensure compliance with the Master Terms and Conditions.

Anonymized Analytics: Where feasible, we may provide anonymized or pseudonymized trend

data to Community Partners for optimization of logistics performance.

Confidentiality & NDA Safeguards: Where personally identifiable information (PII) must be

disclosed to a Community Partner or Volume Perks users or affiliate code user administrator,

we require formal confidentiality agreements or Non-Disclosure Agreements (NDAs) to

restrict use exclusively to the authorized administrative purpose.

3.5 Internal Support, Platform Optimization, Fraud Defense, and
Automated Oversight

Support Resolution: Communication history, chatbot transcripts (stored only when required),

support ticket logs, and dispute records are used to resolve customer inquiries, investigate

shipment discrepancies, and improve support training systems.

Routing and Carrier Optimization: Aggregated shipment data, transit times, Carrier

performance metrics, and historical delivery outcomes are analyzed to refine routing logic,

improve pricing accuracy, and enhance Carrier integrations.

Promotion and Incentive Validation: Interaction logs, transaction history, and metadata are

used to verify eligibility for coupon codes, referral programs, Volume perks or affiliate code

user eligibility, loyalty benefits, Fundbacks, and Volume Tier pricing. These controls are

designed to prevent promotional abuse, duplicate account manipulation, and circumvention of

program rules.

Chargeback and Dispute Defense: Stored interaction logs and checkout acknowledgment

records may be used to defend against payment processor disputes, credit card chargebacks,

and regulatory complaints.

Automated Processing and Human Oversight: Certain fraud detection and risk monitoring

functions may involve automated analytical systems. However, ShipVia Couriers does not rely

solely on fully automated decision-making to impose account termination, financial penalties,

or denial of ShipVia Package Protection claims. Material enforcement decisions are subject to

human review and oversight to ensure fairness, proportionality, and consistency with

contractual obligations.

No Automated Legal Determinations: ShipVia Couriers does not engage in automated profiling

that produces solely automated legal or similarly significant effects without meaningful human

intervention.

3.6 Dispute, Adjustment Resolution, and Investigative Audits

We utilize stored communication logs, transaction history, and shipment metadata to:

Financial Adjudication: Resolve disputes relating to Administrative Fees (including $15.00

Weight Adjustments), $3.00 Label Void Fees, Carrier Adjustments, and other service charges.

Internal Investigations: Investigate suspected systematic under-declaration, repeated

adjustment disputes, promotional abuse, or account-level misconduct.

Evidentiary Documentation: Maintain a timestamped record of truth for use in credit card

chargebacks, arbitration, regulatory inquiries, or court proceedings.

Carrier Accountability: Cross-reference Carrier or upstream partner audit data against User-

declared metrics to verify billing accuracy and, where appropriate, contest erroneous

surcharges.

SECTION 4: DATA RETENTION, SECURITY, CONSENT, AND INCIDENT
RESPONSE
4.1 Retention Period

Data Retention & Minimization: In alignment with Canadian and U.S. tax and audit

obligations, ShipVia Couriers retains primary transactional records, billing logs, and platform

metadata for a minimum of seven (7) years. To maintain system efficiency and uphold our

commitment to privacy, we systematically purge non-essential shipment data, claims data,

platform interaction trails, support chat or ticket logs and transcripts, and user-uploaded files

once they are no longer required for operational or legal purposes. We strive to retain only the

minimum data necessary, proactively excluding unnecessary files or redundant metadata to

reduce our data footprint.

Extended Retention: Where required by legal hold, litigation, regulatory investigation, fraud

review, or ongoing dispute, relevant data may be retained beyond seven years until final

resolution.

Archived records are subject to restricted access controls.

Operational Data Minimization: ShipVia Couriers retains only the minimum categories of data

necessary to comply with operational, financial, tax, regulatory, and dispute-resolution

obligations. Certain categories of secondary operational data, support materials, user-uploaded

files, or historical metadata may be periodically purged or anonymized once their operational

purpose has been fulfilled. As a result, not all historical operational records may remain

available indefinitely.

4.2 Technical Security Standards

Encryption Protocols: All personal information is encrypted in transit and at rest using industry-

standard encryption methodologies.

Secure Cloud Infrastructure: ShipVia Couriers utilizes enterprise-grade cloud environments,

including secure Wix infrastructure and similar service providers with activity logging, and

controlled access segmentation.

Payment Security: All payment processing occurs through PCI-compliant payment processors

utilizing tokenization technology. ShipVia Couriers does not store raw credit card numbers or

CVV data. In the event of accidental or operational collection, storage and retention is noticed,

we immediately remove the information from our sites and servers. We never intentionally

store the payment information.

Access Controls: Internal access to sensitive systems is governed by role-based permissions,

least-privilege principles, multi-factor authentication (where possible), and periodic access

audits.

Physical Record Safeguards: Any physical documents containing personal information are

stored securely and destroyed via controlled shredding procedures once operational necessity

concludes.

4.3 Security Incidents and Breach Notification

ShipVia Couriers maintains internal incident response protocols designed to detect, contain,

investigate, and remediate unauthorized access, data breaches, or cybersecurity incidents.

Incident Assessment: In the event of a suspected or confirmed security incident involving

personal information, the Company will assess:

• The nature and scope of the incident;

• The sensitivity of affected information;

• The likelihood of misuse;

• The risk of significant harm to affected individuals.

Regulatory Notification: Where required under applicable law, including PIPEDA or relevant

U.S. state breach notification statutes, ShipVia Couriers will notify affected individuals and

applicable regulatory authorities within legally mandated timeframes.

Containment and Remediation: Reasonable steps will be taken to contain the incident, mitigate

potential harm, and prevent recurrence.

No Guarantee of Absolute Security: While ShipVia Couriers implements commercially

reasonable safeguards, no electronic transmission or storage system can be guaranteed to be

completely secure.

4.4 Binding Consent at Checkout

ShipVia Couriers requires explicit, affirmative acknowledgment of both this Privacy Policy

and the Master Terms and Conditions at checkout.

Record of Consent: Timestamped and IP-logged confirmation of acknowledgment is stored

within our metadata repository and may be retained pursuant to the 7-Year Rule.

Version Control: The specific version of this Privacy Policy accepted by the User is recorded

to ensure traceability and legal clarity in dispute resolution or regulatory review.

SECTION 5: YOUR RIGHTS AND COOKIE POLICY
5.1 Your Privacy Rights

Regardless of geographic location, ShipVia Couriers provides a high standard of transparency

and control.

You have the right to: Access & Portability: Request a structured digital copy of personal

information we hold about you.

Correction: Request correction of inaccurate or incomplete information.

Withdrawal of Consent: Withdraw consent for future processing, recognizing that withdrawal

may result in account suspension or termination of services.

Inquiry & Redress: Contact our Privacy Officer at privacy@shipviacouriers.ca regarding

questions, complaints, or concerns.

5.2 Data Deletion Requests & Limitations

While we respect the principle commonly referred to as the “Right to be Forgotten,” deletion

requests are subject to mandatory retention obligations under tax, audit, fraud-prevention, and

dispute-defense requirements.

ShipVia Couriers retains only those categories of data required for operational and statutory

obligations. Certain categories of platform interaction data, shipment metadata, or support

documentation may already have been minimized, anonymized, or permanently deleted in

accordance with the Company’s operational data minimization practices. Consequently,

responses to access, correction, or deletion requests are limited to the categories of information

that remain available within the Company’s retained records at the time the request is

processed.

5.3 Cookie & Tracking Technology

ShipVia Couriers uses cookies and similar technologies to enhance performance, security, and

analytics. Users may manage cookie preferences through browser settings. However, disabling

essential or security cookies may impair the ability to complete Shipments, access secure areas,

or verify account identity.

SECTION 6: ADDITIONAL OPERATIONAL DISCLOSURES
6.1 Accuracy of User-Provided Data

ShipVia Couriers relies entirely upon the accuracy and lawfulness of the data provided by the

User when generating Shipments.

User Responsibility as Data Provider: You are solely responsible for ensuring that all sender

and recipient information entered into the Platform is accurate, lawfully obtained, and

authorized for disclosure.

Data Controller Status for Recipient Information: For recipient information that you input

(including names, addresses, phone numbers, and customs details), you act as the data

controller responsible for the lawful collection and disclosure of that information to ShipVia

Couriers and its authorized service partners, carriers and upstream partners.

Limitation of Liability: ShipVia Couriers shall not be responsible for privacy breaches, delivery

failures, regulatory penalties, customs seizures, or legal claims arising from:

• Inaccurate address entry;

• Unauthorized disclosure of recipient information;

• Misdeclared contents or values;

• Entry of personal information without lawful authority.

Indemnity Alignment: To the extent permitted by applicable law, you agree that any privacy

complaint or regulatory action arising from inaccurate or unauthorized data entry shall arise

from the User’s data submission and not from the Company’s independent processing

practices.

6.2 Children’s Privacy

ShipVia Couriers services are intended exclusively for individuals who have reached the age

of majority in their applicable jurisdiction.

No Knowing Collection: We do not knowingly collect, solicit, or process personal information

from individuals under the age of 18 (or the applicable age of majority).

Remedial Action: If we become aware that personal information has been collected from a

minor without lawful consent, such data will be deleted promptly upon verification.

6.3 Updates to this Policy

Notice of Material Changes: Material changes will be communicated by updating the “Last

Updated” date and posting the revised Policy on our Platform.

Continued Use as Acceptance: Continued use of the Platform after publication of changes

constitutes acceptance of the updated Policy.

Version Logging: The specific version of this Policy accepted at checkout is recorded in our

metadata repository to preserve contractual clarity.

SECTION 7: INTERNAL ACCESS, GLOBAL GOVERNANCE, AND
INTERNATIONAL TRANSFERS
7.1 Controlled Access (Need-to-Know Basis)

ShipVia Couriers maintains strict internal governance standards regarding access to personal

information.

Role-Based Access: Access to User data is granted only to authorized employees, interns,

independent contractors, technical developers, support personnel, and logistics staff on a

strictly limited “need-to-know” basis.

Authorized Operational Purposes Include:

• Resolving customer support tickets or chat inquiries, shipment inquiries, and operational

disputes;

• Assisting with ShipVia Package Protection claims administration and documentation review;

• Supporting customer communications and partner relationship management;

• Facilitating parcel routing support, Coordinating ShipVia Pick up or drop off hub services or

support, operational troubleshooting, or logistics coordination where applicable;

• Performing essential platform maintenance, security audits, and fraud detection activities;

• Conducting internal investigations relating to account misuse, billing discrepancies, or

operational compliance.

These functions may be performed by authorized employees or independent support

contractors operating under confidentiality obligations and secure system access controls.

Access Logging: Administrative access to sensitive systems is logged and monitored to ensure

accountability.

7.2 Data Storage Location and Limited Cross-Border Transfers

Primary Storage: ShipVia Couriers stores primary platform data, metadata repositories, and

user account information within secure cloud infrastructure environments managed from

Canada.

Controlled International Access: While ShipVia Couriers maintains its primary operational

governance from Canada, authorized personnel, business development team and independent

support contractors or employees located outside Canada may access certain customer data

through secure administrative systems for the limited purposes of customer support, claims

administration, operational troubleshooting, business outreach and partner communications.

Such personnel operate under confidentiality obligations, contractual data protection

requirements, and role-based system access controls. These individuals are not separate

establishments of ShipVia Couriers but operate as authorized service providers supporting the

Platform’s administrative operations.

Foreign Legal Access Notice: Where personal information is accessed or processed outside

Canada by authorized service providers, such information may be subject to the lawful access

requirements of the jurisdiction in which the service provider operates.

Limited Cross-Border Data Transfers to Independent Partners: Where operationally necessary,

shipment-related or claim-related data may be shared with independent third-party service

providers, logistics technology partners, protection underwriting partners, or customs

intermediaries located outside Canada for the limited purpose of fulfilling shipments,

adjudicating claims, or complying with regulatory requirements.

Such third parties are independent entities and are not employees, agents, or establishments of

ShipVia Couriers.

Contractual Safeguards: ShipVia Couriers implements contractual controls requiring such

partners to use personal information solely for authorized operational purposes and to maintain

appropriate confidentiality and security measures.

7.3 Personnel Compliance & Accountability

Contractual Safeguards: Employees and contractors are bound by confidentiality agreements

and data protection obligations.

Usage Restriction: Authorized personnel may access personal information solely for the

administrative, investigative, technical, or logistics purpose for which access is granted.

Prohibition of Unauthorized Use: Any unauthorized access, misuse, or disclosure of personal

information by personnel that occurs outside the scope of their authorized duties and in

violation of Company policies constitutes a breach of internal governance standards. ShipVia 

Couriers does not authorize such conduct and will take appropriate remedial action. Nothing

in this clause limits the Company’s statutory obligations under applicable privacy laws.

Secure Channels: All internal access to sensitive data repositories, including Wix Collections

and related systems, is conducted through secure and encrypted channels.

SECTION 8: GOVERNING LAW, SEVERABILITY, AND ENTIRE AGREEMENT
8.1 Governing Law and Jurisdiction

This Privacy Policy and all matters relating to the collection, use, processing, or disclosure of

personal information are governed by and construed in accordance with the laws of the

Province of Ontario and the federal laws of Canada applicable therein.

Exclusive Jurisdiction: Any legal action or proceeding arising specifically out of this Policy

shall be brought exclusively before the courts located in Toronto, Ontario, Canada.

You irrevocably submit to the jurisdiction of such courts and waive any objection based on

forum non conveniens or similar doctrines.

8.2 Severability

If any provision of this Policy is found to be invalid, illegal, or unenforceable by a court of

competent jurisdiction, such provision shall be severed to the minimum extent necessary.

The remaining provisions shall continue in full force and effect as though the invalid portion

had never been included.

8.3 Entire Agreement

This Privacy Policy, together with the Master Terms and Conditions, constitutes the entire

agreement between you and ShipVia Couriers regarding privacy governance and data handling

practices.

This Policy supersedes all prior informal representations, support communications, marketing

materials, or unofficial explanations regarding privacy practices.

8.4 Changes and Updates

ShipVia Couriers reserves the right to modify this Policy at any time.

Material updates will be reflected by updating the “Last Updated” date and publishing the

revised version on the Platform.

Continued use of the Platform following such updates constitutes acceptance of the revised

Policy.

SECTION 9: MISCELLANEOUS PROVISIONS
9.1 Business Transfers and Successors

ShipVia Couriers reserves the right to modify this Policy at any time.

Material updates will be reflected by updating the “Last Updated” date and publishing the

revised version on the Platform.

Continued use of the Platform following such updates constitutes acceptance of the revised

Policy.

9.2 Third-Party Links and API Integrations

The Platform may contain links to, or technical integrations with, third-party platforms,

including upstream aggregators, carriers, rate and logistics technology partners, payment

processors, protection underwriting partners, and Partner Club portals.

This Privacy Policy does not apply to external third-party platforms. We encourage Users to

review the privacy policies of such third parties independently.

9.3 Non-Waiver

Failure by ShipVia Couriers to enforce any provision of this Policy shall not constitute a waiver

of such provision or any other right.

No waiver shall be deemed continuing unless expressly confirmed in writing by the Company.

9.4 Language, Interpretation, and Precedence

Definitive Version: The English language version of this Policy is the authoritative and legally

binding version. Any translations are provided for convenience only.

Headings: Section titles and headings are included for convenience and do not affect

interpretation.

Incorporation & Precedence: This Privacy Policy is incorporated by reference into the Master

Terms and Conditions. Together, both documents govern your use of the Platform.

In the event of an irreconcilable conflict, the Master Terms and Conditions shall prevail

specifically with respect to fee adjudication, service adjustments, and commercial liabilities,

while this Privacy Policy governs data handling practices.

bottom of page