Privacy Policy

This policy applies to the ShipGenius dashboard, the ShipGenius mobile apps when released, our public marketing site, and any APIs we offer. It does not apply to third-party services you reach via links from ShipGenius — those operate under their own policies.

When you sign up for ShipGenius, you are acting on behalf of an organization. Under data-protection law, that organization is the data controller of any personal data you upload (for example, your colleagues' names and emails); ShipGenius is the data processor, acting on your instructions.

ShipGenius is an independent company operating the parcel-invoice audit and carrier-contract intelligence service available at shipgenius.ai. ShipGenius is a separate entity from any prior business relationship you may have with our founders, including Parcel-IQ. We do not share customer data between ShipGenius and any related business.

You can reach our privacy team at privacy@shipgenius.ai at any time.

From you, when you sign up

• Your work email address (used as your sign-in identifier).
• Your name and your organization's name.
• Your role at the organization, if you choose to share it.

From you, when you use the product

• Carrier invoices (PDF, EDI 210, or CSV files you upload or connect).
• Carrier contract documents (master agreements and amendments).
• Carrier API credentials, when you choose to connect a carrier directly. See section 7.
• Messages you send to the Genie chat. We retain these to maintain conversational context across the session and to improve our internal prompts; see section 5 for how the AI itself handles them.
• Saved views, dashboard preferences, and notification settings.

Automatically

• Standard server logs: IP address, browser user-agent, request path, response code, response time. Retained 90 days.
• Product analytics: which pages you visit and how long they take to load. We collect this to identify product issues and to prioritize improvements. No raw business content (invoices, contracts) is included in analytics events.
• Audit-log entries for sensitive actions inside the product: sign-in, role change, credential upload, credential revocation, recovery-claim authorization. These are immutable and retained for the life of your account plus 90 days, for compliance and security purposes.

We do not collect: payment card numbers (we don't process payments during the launch period); social security numbers; biometric data; health data; location data beyond IP-derived country/region.

We process your data to:

• Provide the ShipGenius service — audit your invoices, score your contracts, surface tier progress, and answer Genie chat queries about your own data.
• Send you service emails: monthly executive summary, security alerts, billing notices once paid tiers are enabled, and product announcements you can unsubscribe from.
• Operate, debug, and improve the platform — including fixing parsing errors, investigating support tickets you file with us, and reviewing aggregate usage patterns.
• Comply with applicable law — for example, retaining audit logs for SOC 2 evidence or responding to a valid legal request.

We do not sell your data to anyone. We do not share your data with your carriers (FedEx, UPS, others) unless you specifically authorize a transaction that requires it — for example, authorizing us to file a recovery claim on your behalf. We do not share your data with other ShipGenius customers, including in aggregate form unless explicitly de-identified to the point of irreversibility.

ShipGenius uses Anthropic's Claude family of models to power the Genie chat, the monthly executive narrative, and parts of our contract-parsing pipeline. We do so under Anthropic's Enterprise terms, which we have explicitly chosen for the following guarantees:

• Zero retention by default. Anthropic does not retain prompts or completions after the request is served. Your invoice data, contract terms, and chat history do not persist on Anthropic's servers beyond the moment of generation.
• No training on your data. Customer prompts and completions are contractually excluded from any Anthropic model training corpus.
• Encrypted in transit. All requests are TLS-encrypted between ShipGenius and Anthropic.
• Data Processing Addendum. ShipGenius and Anthropic operate under a DPA that contractually binds Anthropic to our customer-data instructions.

We do retain your Genie chat history in our own database for the life of the chat session, so that we and you can continue the conversation later. You can delete a chat session at any time from the Genie surface — once deleted, it is removed from our database within 24 hours.

We rely on a short list of vendors to host, store, transmit, and process your data on our behalf. Each one is contractually bound to confidentiality and security terms at least as strict as our own commitments to you.

The current list is published at /subprocessors with the type of data each one accesses, where they're located, and a link to their own privacy policy. We will update that page in advance of adding any new sub-processor, and you can subscribe to changes by writing to privacy@shipgenius.ai.

Some ShipGenius features require us to call your carrier's API on your behalf — for example, to read your contracted rate sheet directly, or to retrieve invoices the carrier hasn't sent via EDI. When that's needed, you may choose to provide carrier credentials (typically a client ID, client secret, and account number).

We handle carrier credentials with elevated controls:

• Stored using envelope encryption: a per-credential data encryption key is itself encrypted by a master key held in our secrets manager and rotated on a documented schedule.
• Decrypted only at the moment of use, by a system process. No ShipGenius employee can read a credential's plaintext.
• Used solely to call the carrier on your behalf for the audit and rate-fetch operations you have authorized.
• Revocable at any time from the connections page in your dashboard. On revocation we wipe the credential from our active stores within 24 hours; encrypted backups holding the prior value follow our normal retention schedule (section 9).

See our Security page for the technical details.

ShipGenius is operated from the United States. Our primary data store, application hosting, and worker services are located in the United States. If you access ShipGenius from outside the United States, your data will be transferred to and processed in the United States.

Where required by law — including for European Economic Area, United Kingdom, or Swiss data subjects — we rely on Standard Contractual Clauses or equivalent transfer mechanisms with our sub-processors. We can provide a copy of the relevant clauses on request to privacy@shipgenius.ai.

We retain your data for as long as your account is active. On account closure:

• Customer business data (invoices, shipments, contracts, Genie history) is deleted or irreversibly anonymized within 90 days.
• Carrier credentials are removed from our active stores within 24 hours of revocation or account closure.
• Audit-log entries are retained for the life of your account plus 90 days, for security and compliance purposes.
• Encrypted backups are retained for up to 35 days under our point-in-time recovery schedule and then permanently deleted.
• Server logs are retained for 90 days and then deleted.

Where we are legally required to retain a piece of data longer (for example, tax or accounting obligations once paid tiers are enabled), we will retain only that data and only for as long as the obligation requires.

Depending on where you live, you may have rights over your personal data under laws such as the EU General Data Protection Regulation (GDPR), the UK Data Protection Act, or the California Consumer Privacy Act (CCPA). These typically include:

• Access. Get a copy of the personal data we hold about you.
• Rectification. Ask us to correct inaccurate data.
• Erasure. Ask us to delete your data, subject to our legal retention obligations.
• Portability. Get your data in a structured, machine-readable format.
• Objection. Object to certain types of processing, including processing for product analytics.
• Withdraw consent. Where we relied on your consent, withdraw it at any time.
• Complain. Complain to your local data-protection authority. We'd appreciate the chance to address your concerns first.

To exercise any of these rights, write to privacy@shipgenius.ai. We will respond within 30 days. We may ask you to verify your identity before we act on a request involving sensitive data.

California residents: we do not sell or share personal information as those terms are defined under the CCPA. You have the right to know, to correct, to delete, and to limit the use of sensitive personal information — exercise them by writing to the same address above.

ShipGenius uses cookies and similar technologies for three things only:

• Authentication. A session cookie keeps you signed in after you click the magic link in your email. Required for the product to function.
• Security. A short-lived cookie helps us defend against cross-site-request-forgery attacks. Required for the product to function.
• Product analytics. A first-party analytics cookie lets us measure how features are used in aggregate, so we can prioritize improvements. You can refuse this cookie via the consent banner that appears on first visit, or by sending Do-Not-Track headers — we honor both. No third-party advertising cookies are set from ShipGenius.

ShipGenius is a business product. We do not direct it to anyone under 16 and we do not knowingly collect personal information from anyone under 16. If you believe a child has provided us personal data, contact privacy@shipgenius.ai and we will delete it.

We will update this policy as ShipGenius evolves. We will (a) update the "Last updated" date at the top, and (b) notify you of material changes — for example, adding a new category of sub-processor, or changing how we use your data — by email or by an in-dashboard banner at least 30 days before they take effect.

Continuing to use ShipGenius after a change to this policy means you accept the change. If you don't accept it, close your account before the change takes effect.

For privacy questions, requests under section 10, or to report a concern:

• Privacy: privacy@shipgenius.ai
• Security disclosures: security@shipgenius.ai
• Support: support@shipgenius.ai