Introduction
Parcel Shield Insurance Services, LLC and Pegasus Insurance LLC (together, the "Company" or "We") respect your privacy and are committed to protecting it through our compliance with this policy.
This policy describes the types of information we may collect from you or that you may provide when you (i) visit the website https://pactprotection.com (our "Website") and/or (ii) our shipping protection services are activated through the use of our related software-as-a-service platform (the “Pact Protection Platform”) on a merchant’s website. This policy also outlines our practices for collecting, using, maintaining, protecting, and disclosing any information we collect from you.
Please read this policy carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, your choice is not to use our Website or shipping protection services. By accessing or using this Website and/or Pact Protection Platform, you agree to this privacy policy. This policy may change from time to time (see Changes to Our Privacy Policy). Your continued use of this Website or Pact Protection Policy after we make changes is deemed to be acceptance of those changes, so please check the policy periodically for updates.
Children Privacy
Our Website is not intended for children under 16 years of age. No one under age 16 may provide any information on the Website or use our shipping protection services. We do not knowingly collect personal information from children under 16. If you are under 16, do not use or provide any information on this Website or through the Pact Protection Platform. If we learn we have collected or received personal information from a child under 16 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 16, please contact us at support@pactprotection.com
California residents under 16 years of age may have additional rights regarding the collection and sale of their personal information.
Whom Do We Collect Personal Information From?
We collect personal information from four groups of data subjects:
- general visitors to, and users of, our online and mobile resources;
- current members of our workforce and those who apply for posted jobs;
- our third-party vendors and business partners and affiliates; and
- our consumer-customers and merchant-customers.
What Kinds of Personal Information Do We Collect and Hold?
The categories of information we collect and hold from each group of data subjects and the ways in which we collect, use and hold it vary, depending on a few factors. The following paragraphs describe those categories and uses. We note that it’s possible for the same person to fall into more than one group of data subjects. For instance, someone who works for us might also use the Pact Protection Platform on a merchant’s website.
Personal Information Collected from Technology Partners
A “Technology Partner” means a business entity that operates an ecommerce platform, providing proprietary shipping solutions and services to their merchants to whom we provide the Pact Protection Platform and services under a separate contract.
Technology Partners enter into a contract with us which is separate from this statement and has its own terms and conditions for notice of collection and governing our overall confidentiality, data privacy, and data security obligations with respect to personal information about our Technology Partner’s personnel we collect from them. As a result, those terms also apply to the personal information of Technology Partners, merchants, and their personnel.
Personal Information Collected from Merchant-Customers
A “merchant-customer” means a business entity that operates an ecommerce platform and to whom we provide the Pact Protection Platform and services under a separate contract.
Merchant-customers enter into a contract with us, or their Technology Partner, which is separate from this statement and has its own terms and conditions for notice of collection and governing our overall confidentiality, data privacy, and data security obligations with respect to personal information about our merchants’ personnel we collect from them. As a result, those terms also apply to the personal information of merchants and their personnel.
Personal Information Collected from Consumer-Customers
When our shipping protection products and services are activated through the use of the Pact Protection Platform on a merchant website or by having a merchant provide them to you automatically as part of the benefits they offer, you become our consumer-customer and we may collect from you, or receive from our merchant-customer, the following personal information:
- your name and contact information, which may include your phone number.
- information about the products you purchased, including their value.
- the shipping destination you requested, which may be your residential address.
- such other information about you or your order as may be reasonably necessary to provide, inform you about, and improve our tracking, discovery, and protection services.
Personal Information Collected from Our Workforce and Job Applicants
We collect and retain the types of professional or employment related personal information you would expect an employer to have about its existing and former workforce and new job applicants, including your name, contact details, qualifications and work history. We provide legally required notices of collection and describe our use and sharing of the personal information of our workforce and applicants in greater detail in confidential internal human resource manuals and documents accessible to members of our workforce, or by publication on the proprietary workforce/applicant portals and apps we operate. In some cases, such portals and apps may be operated by third parties who transfer the personal information to us. In those situations, the legal responsibility to provide notice may rest with the relevant third party.
Personal Information Collected from Vendors, Business Partners, and Affiliates
Like all large corporate enterprises, we buy goods and services, lease equipment and office space, and attend industry events. In doing so, we interact with many existing and potential vendors and business partners and affiliates from whom we necessarily collect certain personal information in connection with our contractual and business relationships. This information is typically limited to minimum business contact information. We use and share personal information collected from our vendors and business partners and affiliates to manage, administer, and perform under our contracts with them or share information about our products or services. We describe our use of vendor and business partner personal information in greater detail in our confidential contracts with those parties or on the internal vendor management portals we operate.
Personal Information Collected from Visitors and Users of Our Online Resources
If you visit and/or use our online resources, we collect, retain, and share certain personal information about you.
Generally, we collect your personal information through automated/technical means and when you voluntarily provide it to us. By using our online resources, you are signifying to us that you agree with this section of our privacy statement and that we may use and disclose your information as described.
Information We Collect Through Automatic Data Collection Technologies
As you navigate through and interact with our Website and Pact Protection Platform via a Technology Partner’s or merchant’s website, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including:
- Details of your visits to our Website and/Pact Protection Platform, including traffic data, location data, logs, and other communication data and the resources that you access and use on the Website and/or Pact Protection Platform.
- Information about your computer and internet connection, including your IP address, operating system, and browser type.
We also may use these technologies to collect information about your online activities over time and across third-party websites or other online services (behavioral tracking).
The information we collect automatically may include personal information. It helps us to improve our Website and to deliver a better and more personalized service, including by enabling us to:
- Estimate our audience size and usage patterns.
- Store information about your preferences, allowing us to customize our Website and Pact Protection Platform according to your individual interests.
- Speed up your searches.
- Recognize you when you return to our Website or Pact Protection Platform.
The technologies we use for this automatic data collection may include:
- Cookies (or browser cookies). A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting you may be unable to access certain parts of our Website. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our Website.
- Web Beacons. Pages of our Website, Parcel Projection Platform, and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).
- Flash Cookies. Certain features of our Website and Pact Protection Platform may use local stored objects (or Flash cookies) to collect and store information about your preferences and navigation to, from, and on our Website and Pact Protection Platform. Flash cookies are not managed by the same browser settings as are used for browser cookies. For information about managing your privacy and security settings for Flash cookies, see Choices About How We Use and Disclose Your Information.
Third-Party Use of Cookies and Other Tracking Technologies
Some content or applications, including advertisements on Pact Protection, Technology Partner’s or the merchant’s websites providing the Pact Protection Platform, are served by third parties, including advertisers, ad networks and servers, content providers, and application providers. These third parties may use cookies alone or in conjunction with web beacons or other tracking technologies to collect information about you when you use our Website or the Pact Protection Platform via a merchant’s website. The information they collect may be associated with your personal information or they may collect information, including personal information, about your online activities over time and across different websites and other online services. They may use this information to provide you with interest-based (behavioral) advertising or other targeted content.
We do not control these third parties' tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly. For information about how you can opt out of receiving targeted advertising from many providers, see Choices About How We Use and Disclose Your Information.
How and Why Do We Use the Personal Information We Collect and Hold?
We use the personal information we collect only in the manner and through the means allowed by applicable law. That means we determine whether we have a lawful basis and legitimate business purpose to use your personal information before doing so. As stated in applicable law, such lawful bases and legitimate business purposes include receiving express consent, operating our business, performing a contract, and complying with a legal obligation. More specifically, how and why we use the personal information of each group of data subjects is as follows, but in all cases for all data subjects, we do not sell or rent personal information.
Visitors and Users of Our Online Resources
We use the automatically collected personal information described here to compile generic reports about popular pages/features of our online resources, and to see how users are accessing our online resources and, in some cases, send materials to you. We use the personal information you voluntarily submitted, as described here, to respond back directly to you and/or send you the information you requested or about which you inquired. We may also use any such personal information you provide to customize our programs and newsletters to make them more relevant to you.
Technology Partners, Merchant-Customers, Vendors and Business Partners
We use personal information received from Technology Partners, merchant-customers and business partners to communicate with them and satisfy our contractual obligations to them and in such other ways as our separate written contracts with them permit.
Consumer-Customers
We use the personal information collected from consumer-customers as may be reasonably necessary to provide, inform you about, and improve, our shipping protection services.
When / With Whom Do We Share Personal Information and Why Do We Share Personal Information?
We may share your personal information as described below. This sharing applies to the personal information of all four groups of data subjects.
Technology Partners, Merchant-Customers and Consumer-Customers
The purposes for which we may share your personal information will depend on the products or services we are providing to you.
Affiliates
We may share personal information with our other corporate affiliates who may use that information in the same way as we can under this statement.
Legal Requirements
We may disclose personal information to government authorities and to other third parties when compelled to do so by such government authorities, or at our discretion, or otherwise as required or permitted by applicable law, including responding to court orders and subpoenas.
To Prevent Harm
We may disclose personal information when we have reason to believe that someone is causing injury to or interference with our rights or property or harming or potentially harming other persons or property (as permitted by applicable law).
Business Sale/Purchase
We may disclose your personal information if we or any of our affiliates sell or transfer all or substantially all of our assets, equity interests, or securities, or are acquired by one or more third parties as a result of an acquisition, merger, sale, reorganization, divestiture, consolidation, or liquidation, personal information may be one of the transferred assets.
Vendors and Business Partners
We also share personal information with those of our vendors and business partners who need it to perform under the contracts we have with them. For instance, the insurance brokers and carriers who are involved in the issuance of the policies used in our shipping protection services may require that we share your personal information with them in order to cover your purchases.
As part of our Security Program (defined below), we have adopted standards for those vendors and business partners who receive personal information from us, as reflected in our written contracts. These standards include the expectation that when we share personal information with vendors and business partners, they will comply with all applicable privacy and data security laws and regulations as well as our Security Program. We also expect that they will contractually require and cause their subcontractors and agents to do the same.
For any personal information our vendors and business partners process or store at their own locations (including at overseas locations), we further expect them to use a technology infrastructure that meets, at least at the facilities level, the minimum recognized standards for security controls. Such recognized standards include those published by the International Standards Organization, the National Institute of Standards and Technology, or any reasonably equivalent standards.
Please note that we cannot guarantee that all of our vendors and business partners will agree to the above-described contractual requirements, nor can we ensure that even when they do agree they will always fully comply.
For Administration and Management
We will also use and disclose personal information for a range of administrative and operational purposes. This includes: administering billing and payments and debt recovery; planning, managing, monitoring and evaluating our services; quality improvement activities, statistical analysis and reporting; training staff, contractors and other workers; risk management and the management of legal liabilities and claims; responding to enquiries and complaints regarding our products or services; obtaining advice from consultants and other professional advisers; and responding to subpoenas and other legal orders and obligations.
Other Uses and Disclosures
We may use and disclose your personal information for other purposes explained at the time of collection or otherwise as set out in this privacy statement.
Overseas Sharing of Personal Information
We are a global organization and we work with Technology Partners, Merchant-Customers, service providers and commercial interests across the globe. It is likely that your personal information will be disclosed to overseas recipients, including in the United States and Australia.
Unless we have your consent, or we are otherwise permitted under applicable privacy and data protection law, we will only disclose your personal information to overseas recipients where we have taken reasonable steps to ensure that the overseas recipient does not breach applicable privacy and data protection law in relation to your personal information.
How Do We Store and Protect Collected Personal Information?
We store information in paper-based files or other electronic record keeping methods in secure databases (including trusted third-party storage providers). We take reasonable steps to protect your personal information from misuse, interference and loss and from unauthorized access, modification or disclosure and maintain physical security over paper and electronic data stores, such as through locks and security systems at our premises. We also maintain computer and network security as set out below.
Data Security Program
We have implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. All information you provide to us is stored on our secure servers behind firewalls. Any payment transactions will be encrypted using SSL technology.
The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. We urge you to be careful about giving out information in public areas of the Website like message boards. The information you share in public areas may be viewed by any user of the Website.
Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our Website. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Website.
Choices About How We Use and Disclose Your Information
We strive to provide you with choices regarding the personal information you provide to us. We have created mechanisms to provide you with the following control over your information:
- Tracking Technologies and Advertising. You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. If you disable or refuse cookies, please note that some parts of this site may then be inaccessible or not function properly.
- Disclosure of Your Information for Third-Party Advertising. If you do not want us to share your personal information with unaffiliated or non-agent third parties for promotional purposes, you can opt-out by checking the relevant box located on the form on which we collect your data. You can also always opt-out by logging into the Website and adjusting your user preferences in your account profile, or by sending us an email with your request to support@pactprotection.com.
- Promotional Offers from the Company. If you do not wish to have your email address/contact information used by the Company to promote our own or third parties' products or services, you can opt-out by checking the relevant box located on the form on which we collect your data or at any other time by logging into the Website and adjusting your user preferences in your account profile by checking or unchecking the relevant boxes or by sending us an email stating your request to support@pactprotection.com. If we have sent you a promotional email, you may send us a return email asking to be omitted from future email distributions.
We do not control third parties' collection or use of your information to serve interest-based advertising. However, these third parties may provide you with ways to choose not to have your information collected or used in this way. You can opt out of receiving targeted ads from members of the Network Advertising Initiative ("NAI") on the NAI's website.
CCPA and GDPR
Privacy and data protection laws vary around the world and among the several United States. Most prominently, residents of California, the European Economic Area, the United Kingdom and Canada have certain additional rights in cases where the party collecting that information is governed by the applicable law.
The California Consumer Privacy Act
When we collect personal information from California residents we become subject to, and those residents have rights under, the California Consumer Privacy Act or “CCPA”. This section explains your rights under the CCPA. For purposes of this section, the words “you” and “your” mean only California residents.
Information Collected from California Residents
We collected the following categories of personal information within the last 12 months:
Identifiers such as name, address, IP address, and other similar identifiers
Personal information under the Customer Records provision of the California Civil Code such as a name, address, or telephone number commercial information such as products or services purchased internet/electronic activity such as browsing history and search history geolocation data including geographic coordinates/physical location audio, video, electronic or other similar information professional or employment related information such as job history and performance evaluations inferences drawn from the foregoing to create a profile about a consumer reflecting the consumer’s preferences, predispositions, behavior, or attitudes.
Personal Information Disclosed for a Business Purpose
We may have disclosed the categories of personal information listed above for one or more business purposes permitted by the CCPA during the last 12 months.
Personal Information Sold
We do not sell, and within the last 12 months have not sold, personal information to third parties.
Rights of California Residents
You have the following rights under the CCPA. It’s important to us that you know that if you exercise these rights, we will not discriminate against you by treating you differently from other California residents who use our sites and mobile resources or purchase our services but did not exercise their rights.
- Right to Know:the right to request that we disclose to you, specifically beyond the general statement immediately above, the categories and specific elements of personal information collected including the source of the information, our use of it and, if the information was disclosed or sold to third parties, the categories so disclosed or sold as well as the categories of third party who received or purchased it.
- Right to Access:the right to receive a copy of the categories and specific elements of personal information we collected about you in the preceding 12 months.
- Right to Delete:the right to request that we delete the personal information we collected about you under certain circumstances.
You, or an authorized agent acting on your behalf, can exercise the Right to Know up to two different times every 12 months. To exercise these rights, contact us at support@pactprotection.com. We may ask you to fill out a request form. The CCPA only allows us to act on your request if we can verify your identity and/or your agent’s authority to make the request, so you will also need to follow our instructions for identity verification.
If you make a verifiable request per the above, we will confirm our receipt and respond within 45 calendar days.
The EU General Data Protection Regulation (“GDPR”)
We continue to develop and grow our compliance with applicable international data privacy laws and regulations. We have, as required by the CCPA and other applicable U.S. laws such as the New York SHIELD Act, and as a good business practice generally, adopted and implemented a data security program that includes technical, organizational and administrative measures reasonably designed to protect, in a manner consistent with accepted industry standards, the privacy of those natural persons with whom we do business and to reduce the likelihood of unauthorized access to or unauthorized use of personal information we collect. We also enter into Data Protection Agreements with those of our merchant-customers who have, or believe they have, GDPR obligations that flow down to us.
For general site visitors, consumer-customers, and regulators who have questions about whether or how the GDPR or other industry- or jurisdiction-specific laws apply to us, you can contact us using the contact information found below.
Changes to Our Privacy Policy
It is our policy to post any changes we make to our privacy policy on this page. If we make material changes to how we treat our users' personal information, we will notify you by email to the primary email address specified in your account and/or through a notice on the Website home page. The date the privacy policy was last revised is identified at the top of the page. You are responsible for ensuring we have an up-to-date active and deliverable email address for you, and for periodically visiting our Website and this privacy policy to check for any changes.
Complaints
If you have any questions or concerns about our privacy statement or privacy practices, you can contact us using the contact information found below.
You may make a complaint about privacy to us using our contact information found below. We will first consider your complaint or determine whether there are simple or immediate steps which can be taken to resolve the complaint. We will generally respond to your complaint within a week. If your compliant requires more detailed consideration or investigation, we will acknowledge receipt of your complaint within a week and endeavor to complete our investigation into your complaint promptly. We may ask you to provide further information about your complaint and the outcome you are seeking. We will then typically gather facts, locate and review documents and speak with individuals involved. In most cases, we will investigate and respond to a complaint within 30 days of receipt of the complaint. If the matter is more complex or our investigation may take longer, we will let you know.
If you are not satisfied with our response to your complaint, or you consider that we may have breached applicable data protection or privacy laws, you have the right to contact or lodge a complaint with your local data protection authority or privacy regulator.
Contact Information
To ask questions or comment about this privacy policy and our privacy practices, contact us at: support@pactprotection.com.