Last modified: May 2023
Parcel Shield Insurance Services, LLC and Pegasus Insurance LLC (together, the "Company"or "We") respect your privacy and are committed to protecting it through our compliance with this policy.
This policy describes the types of information we may collect from you or that you may provide when you (i) visit the website http://parcelprotection.com (our "Website") and/or (ii) our shipping protection services are activated through the use of our related software-as-a-service platform (the “Parcel Protection Platform”) on a merchant’s website. This policy also outlines our practices for collecting, using, maintaining, protecting, and disclosing any information we collect from you.
Our Website is not intended for children under 16 years of age. No one under age 16 may provide any information on the Website or use our shipping protection services. We do not knowingly collect personal information from children under 16. If you are under 16, do not use or provide any information on this Website or through the Parcel Protection Platform. If we learn we have collected or received personal information from a child under 16 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 16, please contact us at firstname.lastname@example.org.
California residents under 16 years of age may have additional rights regarding the collection and sale of their personal information.
We collect personal information from four groups of data subjects:
1. General visitors to, and users of, our online and mobile resources;
2. Current members of our workforce and those who apply for posted jobs;
3. Our third-party vendors and business partners and affiliates; and
4. Our consumer-customers and merchant-customers.
The categories of information we collect and hold from each group of data subjects and the ways in which we collect, use and hold it vary, depending on a few factors. The following paragraphs describe those categories and uses. We note that it’s possible for the same person to fall into more than one group of data subjects. For instance, someone who works for us might also use the Parcel Protection Platform on a merchant’s website.
A “Technology Partner” means a business entity that operates an e-commerce platform, providing proprietary shipping solutions and services to their merchants to whom we provide the Parcel Protection Platform and services under a separate contract.
Technology Partners enter into a contract with us which is separate from this statement and has its own terms and conditions for notice of collection and governing our overall confidentiality, data privacy, and data security obligations with respect to personal information about our Technology Partner’s personnel we collect from them. As a result, those terms also apply to the personal information of Technology Partners, merchants, and their personnel.
A “merchant-customer” means a business entity that operates an e-commerce platform and to whom we provide the Parcel Protection Platform and services under a separate contract.
Merchant-customers enter into a contract with us, or their Technology Partner, which is separate from this statement and has its own terms and conditions for notice of collection and governing our overall confidentiality, data privacy, and data security obligations with respect to personal information about our merchants’ personnel we collect from them. As a result, those terms also apply to the personal information of merchants and their personnel.
When our shipping protection products and services are activated through the use of the Parcel Protection Platform on a merchant website or by having a merchant provide them to you automatically as part of the benefits they offer, you become our consumer-customer and we may collect from you, or receive from our merchant-customer, the following personal information:
Your name and contact information, which may include your phone number.
Information about the products you purchased, including their value.
The shipping destination you requested, which may be your residential address.
Such other information about you or your order as may be reasonably necessary to provide, inform you about, and improve our tracking, discovery, and protection services.
We collect and retain the types of professional or employment-related personal information you would expect an employer to have about its existing and former workforce and new job applicants, including your name, contact details, qualifications and work history. We provide legally required notices of collection and describe our use and sharing of the personal information of our workforce and applicants in greater detail in confidential internal human resource manuals and documents accessible to members of our workforce, or by publication on the proprietary workforce/applicant portals and apps we operate. In some cases, such portals and apps may be operated by third parties who transfer the personal information to us. In those situations, the legal responsibility to provide notice may rest with the relevant third party.
Like all large corporate enterprises, we buy goods and services, lease equipment and office space, and attend industry events. In doing so, we interact with many existing and potential vendors and business partners and affiliates from whom we necessarily collect certain personal information in connection with our contractual and business relationships. This information is typically limited to minimum business contact information. We use and share personal information collected from our vendors and business partners and affiliates to manage, administer, and perform under our contracts with them or share information about our products or services. We describe our use of vendor and business partner personal information in greater detail in our confidential contracts with those parties or on the internal vendor management portals we operate.
If you visit and/or use our online resources, we collect, retain, and share certain personal information about you.
Generally, we collect your personal information through automated/technical means and when you voluntarily provide it to us. By using our online resources, you are signifying to us that you agree with this section of our privacy statement and that we may use and disclose your information as described.
As you navigate through and interact with our Website and Parcel Protection Platform via a Technology Partner’s or merchant’s website, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including:
Details of your visits to our Website and/Parcel Protection Platform, including traffic data, location data, logs, and other communication data and the resources that you access and use on the Website and/or Parcel Protection Platform.
Information about your computer and internet connection, including your IP address, operating system, and browser type.
We also may use these technologies to collect information about your online activities over time and across third-party websites or other online services (behavioral tracking).
The information we collect automatically may include personal information. It helps us to improve our Website and to deliver a better and more personalized service, including by enabling us to:
1. Estimate our audience size and usage patterns.
2. Store information about your preferences, allowing us to customize our Website and Parcel Protection Platform according to your individual interests.
3. Speed up your searches.
4. Recognize you when you return to our Website or Parcel Protection Platform.
The technologies we use for this automatic data collection may include:
Web Beacons. Pages of our Website, Parcel Projection Platform, and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).
Flash Cookies.Certain features of our Website and Parcel Protection Platform may use local stored objects (or Flash cookies) to collect and store information about your preferences and navigation to, from, and on our Website and Parcel Protection Platform. Flash cookies are not managed by the same browser settings as are used for browser cookies. For information about managing your privacy and security settings for Flash cookies, see "Choices About How We Use and Disclose Your Information".
We do not control these third parties' tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly. For information about how you can opt out of receiving targeted advertising from many providers, see Choices About How We Use and Disclose Your Information.
We use the personal information we collect only in the manner and through the means allowed by applicable law. That means we determine whether we have a lawful basis and legitimate business purpose to use your personal information before doing so. As stated in applicable law, such lawful bases and legitimate business purposes include receiving express consent, operating our business, performing a contract, and complying with a legal obligation. More specifically, how and why we use the personal information of each group of data subjects is as follows, but in all cases for all data subjects, we do not sell or rent personal information.
We use the automatically collected personal information described here to compile generic reports about popular pages/features of our online resources, and to see how users are accessing our online resources and, in some cases, send materials to you. We use the personal information you voluntarily submitted, as described here, to respond back directly to you and/or send you the information you requested or about which you inquired. We may also use any such personal information you provide to customize our programs and newsletters to make them more relevant to you.
We use personal information received from Technology Partners, merchant-customers and business partners to communicate with them and satisfy our contractual obligations to them and in such other ways as our separate written contracts with them permit.
We use the personal information collected from consumer-customers as may be reasonably necessary to provide, inform you about, and improve, our shipping protection services.
We may share your personal information as described below. This sharing applies to the personal information of all four groups of data subjects.
The purposes for which we may share your personal information will depend on the products or services we are providing to you.
We may share personal information with our other corporate affiliates who may use that information in the same way as we can under this statement
We may disclose personal information to government authorities and to other third parties when compelled to do so by such government authorities, or at our discretion, or otherwise as required or permitted by applicable law, including responding to court orders and subpoenas.
We may disclose personal information when we have reason to believe that someone is causing injury to or interference with our rights or property or harming or potentially harming other persons or property (as permitted by applicable law).
We may disclose your personal information if we or any of our affiliates sell or transfer all or substantially all of our assets, equity interests, or securities, or are acquired by one or more third parties as a result of an acquisition, merger, sale, reorganization, divestiture, consolidation, or liquidation, personal information may be one of the transferred assets.
We also share personal information with those of our vendors and business partners who need it to perform under the contracts we have with them. For instance, the insurance brokers and carriers who are involved in the issuance of the policies used in our shipping protection services may require that we share your personal information with them in order to cover your purchases.
As part of our Security Program (defined below), we have adopted standards for those vendors and business partners who receive personal information from us, as reflected in our written contracts. These standards include the expectation that when we share personal information with vendors and business partners, they will comply with all applicable privacy and data security laws and regulations as well as our Security Program. We also expect that they will contractually require and cause their subcontractors and agents to do the same.
For any personal information our vendors and business partners process or store at their own locations (including at overseas locations), we further expect them to use a technology infrastructure that meets, at least at the facilities level, the minimum recognized standards for security controls. Such recognized standards include those published by the International Standards Organization, the National Institute of Standards and Technology, or any reasonably equivalent standards.
Please note that we cannot guarantee that all of our vendors and business partners will agree to the above-described contractual requirements, nor can we ensure that even when they do agree they will always fully comply.
We will also use and disclose personal information for a range of administrative and operational purposes. This includes: administering billing and payments and debt recovery; planning, managing, monitoring and evaluating our services; quality improvement activities, statistical analysis and reporting; training staff, contractors and other workers; risk management and the management of legal liabilities and claims; responding to enquiries and complaints regarding our products or services; obtaining advice from consultants and other professional advisers; and responding to subpoenas and other legal orders and obligations.
We may use and disclose your personal information for other purposes explained at the time of collection or otherwise as set out in this privacy statement.
We are a global organization and we work with Technology Partners, Merchant-Customers, service providers and commercial interests across the globe. It is likely that your personal information will be disclosed to overseas recipients, including in the United States and Australia.
Unless we have your consent, or we are otherwise permitted under applicable privacy and data protection law, we will only disclose your personal information to overseas recipients where we have taken reasonable steps to ensure that the overseas recipient does not breach applicable privacy and data protection law in relation to your personal information.
We store information in paper-based files or other electronic record keeping methods in secure databases (including trusted third-party storage providers). We take reasonable steps to protect your personal information from misuse, interference and loss and from unauthorized access, modification or disclosure and maintain physical security over paper and electronic data stores, such as through locks and security systems at our premises. We also maintain computer and network security as set out below.
We have implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. All information you provide to us is stored on our secure servers behind firewalls. Any payment transactions will be encrypted using SSL technology.
The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. We urge you to be careful about giving out information in public areas of the Website like message boards. The information you share in public areas may be viewed by any user of the Website.
Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our Website. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Website.
We strive to provide you with choices regarding the personal information you provide to us. We have created mechanisms to provide you with the following control over your information:
Disclosure of Your Information for Third-Party Advertising. If you do not want us to share your personal information with unaffiliated or non-agent third parties for promotional purposes, you can opt-out by checking the relevant box located on the form on which we collect your data. You can also always opt-out by logging into the Website and adjusting your user preferences in your account profile, or by sending us an email with your request to email@example.com.
Promotional Offers from the Company. If you do not wish to have your email address/contact information used by the Company to promote our own or third parties' products or services, you can opt-out by checking the relevant box located on the form on which we collect your data or at any other time by logging into the Website and adjusting your user preferences in your account profile by checking or unchecking the relevant boxes or by sending us an email stating your request to firstname.lastname@example.org. If we have sent you a promotional email, you may send us a return email asking to be omitted from future email distributions.
We do not control third parties' collection or use of your information to serve interest-based advertising. However, these third parties may provide you with ways to choose not to have your information collected or used in this way. You can opt out of receiving targeted ads from members of the Network Advertising Initiative ("NAI") on the NAI's website.
Privacy and data protection laws vary around the world and among the several United States. Most prominently, residents of California, the European Economic Area, the United Kingdom and Canada have certain additional rights in cases where the party collecting that information is governed by the applicable law.
When we collect personal information from California residents we become subject to, and those residents have rights under, the California Consumer Privacy Act or “CCPA”. This section explains your rights under the CCPA. For purposes of this section, the words “you” and “your” mean only California residents.
We collected the following categories of personal information within the last 12 months:
Identifiers such as name, address, IP address, and other similar identifiers.
Personal information under the Customer Records provision of the California Civil Code such as a name, address, or telephone number commercial information such as products or services purchased internet/electronic activity such as browsing history and search history geolocation data including geographic coordinates/physical location audio, video, electronic or other similar information professional or employment related information such as job history and performance evaluations inferences drawn from the foregoing to create a profile about a consumer reflecting the consumer’s preferences, predispositions, behavior, or attitudes.
We may have disclosed the categories of personal information listed above for one or more business purposes permitted by the CCPA during the last 12 months.
We do not sell, and within the last 12 months have not sold, personal information to third parties.
You have the following rights under the CCPA. It’s important to us that you know that if you exercise these rights, we will not discriminate against you by treating you differently from other California residents who use our sites and mobile resources or purchase our services but did not exercise their rights.
Right to Know—the right to request that we disclose to you, specifically beyond the general statement immediately above, the categories and specific elements of personal information collected including the source of the information, our use of it and, if the information was disclosed or sold to third parties, the categories so disclosed or sold as well as the categories of third party who received or purchased it.
Right to Access—the right to receive a copy of the categories and specific elements of personal information we collected about you in the preceding 12 months.
Right to Delete—the right to request that we delete the personal information we collected about you under certain circumstances.
You, or an authorized agent acting on your behalf, can exercise the Right to Know up to two different times every 12 months. To exercise these rights, contact us at email@example.com. We may ask you to fill out a request form. The CCPA only allows us to act on your request if we can verify your identity and/or your agent’s authority to make the request, so you will also need to follow our instructions for identity verification.
If you make a verifiable request per the above, we will confirm our receipt and respond within 45 calendar days.
We continue to develop and grow our compliance with applicable international data privacy laws and regulations. We have, as required by the CCPA and other applicable U.S. laws such as the New York SHIELD Act, and as a good business practice generally, adopted and implemented a data security program that includes technical, organizational and administrative measures reasonably designed to protect, in a manner consistent with accepted industry standards, the privacy of those natural persons with whom we do business and to reduce the likelihood of unauthorized access to or unauthorized use of personal information we collect. We also enter into Data Protection Agreements with those of our merchant-customers who have, or believe they have, GDPR obligations that flow down to us.
For general site visitors, consumer-customers, and regulators who have questions about whether or how the GDPR or other industry- or jurisdiction-specific laws apply to us, you can contact us using the contact information found below.
If you have any questions or concerns about our privacy statement or privacy practices, you can contact us using the contact information found below.
You may make a complaint about privacy to us using our contact information found below. We will first consider your complaint or determine whether there are simple or immediate steps which can be taken to resolve the complaint. We will generally respond to your complaint within a week. If your compliant requires more detailed consideration or investigation, we will acknowledge receipt of your complaint within a week and endeavor to complete our investigation into your complaint promptly. We may ask you to provide further information about your complaint and the outcome you are seeking. We will then typically gather facts, locate and review documents and speak with individuals involved. In most cases, we will investigate and respond to a complaint within 30 days of receipt of the complaint. If the matter is more complex or our investigation may take longer, we will let you know.
If you are not satisfied with our response to your complaint, or you consider that we may have breached applicable data protection or privacy laws, you have the right to contact or lodge a complaint with your local data protection authority or privacy regulator.