top of page

ShipInsure Privacy Policy

Last Updated: May 18, 2026

Please read this Privacy Policy carefully.

ShipInsure LLC and its affiliates (collectively, “ShipInsure,” “we,” “us,” or “our”) are committed to ensuring the security and protection of the personal information we collect. This Privacy Policy describes (a) the products and services we offer and the processes by which we gather personal information; (b) the purposes and legal bases for processing personal information; (c) the persons or entities with whom we share personal information; (d) how long we retain personal information; and (e) your privacy rights, including additional rights for California residents (see Section 10).

 

This Privacy Policy applies to:

  • All information we collect through the services and products we offer, including our websites (the “Sites”), our mobile applications (the “Applications”), our online services (the “Services”), any affiliated or non-affiliated third-party sites or platforms (including Shopify), and all social media platforms.

  • All current, potential, and former customers, merchants, vendors, third parties, and any other person whose personal information we have collected electronically, in person, or otherwise.

 

Special Note for Parents: The Sites and Services are general audience sites and are not designed or intended to target children younger than 16. We do not knowingly target or collect personal information from any person younger than 16. If we learn that we have collected personal information from a person younger than 16 without verifiable parental consent, we will delete that information as promptly as possible. If you believe we may have collected such information, please contact us at support@shipinsure.io.

1. What Products and Services Do We Provide?

ShipInsure provides declared value shipping protection and related insurance and post-purchase services for online merchants and their customers.

2. What Information Do We Collect and How Do We Use It?

ShipInsure processes data both as a Processor (on behalf of our merchant clients) and as a Controller (for our own business purposes).

2.1 Information We Collect Automatically

When you use the Sites or Services, your web browser or device automatically sends us information, including:

  • The internet domain through which you access the internet;

  • Internet protocol (IP) address;

  • Type of browser software, operating system, and browser language;

  • The date and time you accessed the Sites and Services;

  • Referring/exit pages and clickstream data;

  • Specific path, actions, and navigation choices on the Sites;

  • The internet address of the site from which you linked to the Sites;

  • Information about your mobile device, including a unique device identifier; and

  • Cookies and similar tracking technologies (see Section 3).

Legal Basis. The legal basis for collecting this information is one or more of the following: (i) it is necessary for the performance of a contract to which you are a party, or to take steps at your request prior to entering into a contract; (ii) it is necessary for us to comply with a legal obligation; or (iii) it is necessary to preserve a legitimate interest, including securing and improving our Services.

2.2 Information You Provide to Us

If you are a customer, merchant, employee, or otherwise interact with our Services, we collect information you provide on the Sites, in the Applications, or directly to us in person, via telephone, email, or otherwise. We collect:

  • Identifiers such as your first and last name, email address, telephone number, postal address, username, and password;

  • Payment information necessary to complete transactions, including name, shipping information, and billing information;

  • Communications you send to us, including the contents of your inquiries, feedback, support requests, and survey or quiz responses;

  • Company information, position or title, and business specifics such as past orders and payment terms (for merchant accounts).

We use this information to:

  • Respond to your inquiries and provide the goods and Services you request;

  • Facilitate the creation of and secure your account;

  • Identify you in our system;

  • Send you administrative emails (such as security, support, and maintenance notices) and, where you have consented, newsletters, updates, marketing, and event information;

  • Evaluate how you use the Sites and Services;

  • Process payment information;

  • Conduct internal research, development, and product improvement;

  • Conduct polls and surveys;

  • Personalize the content, business information, or user experience;

  • Meet internal audit, fraud prevention, and compliance requirements;

  • Facilitate the management of ShipInsure’s business and related internal affairs; and

  • Comply with legal obligations.

Legal Basis. The legal basis for collecting this information is one or more of the following: (i) we have received your consent for one or more specific purposes; (ii) it is necessary for the performance of a contract to which you are a party, or to take steps at your request prior to entering into a contract; (iii) it is necessary for us to comply with a legal obligation; or (iv) it is necessary to preserve a legitimate interest.

2.3 Financial Information

We process your personal financial information solely for one-time use when you purchase our Services or submit a claim. We do not retain payment card data (such as full card numbers or CVV codes) after such one-time use. Payment processing is handled by Stripe, a PCI-DSS compliant third-party payment processor.

Legal Basis. The legal basis for processing this information is performance of a contract and compliance with a legal obligation.

2.4 Information We Collect From Third Parties

We may also collect information about you from third parties who operate portions of the Sites or Services on our behalf, including merchants whose stores you have purchased from and payment processors. These third parties may share with us your name, address, email address, phone number, order details, and information about your interaction with their websites. When we receive personal information from third parties, we treat it in accordance with this Privacy Policy.

Legal Basis. The legal basis is one or more of (i) performance of a contract; (ii) compliance with a legal obligation; or (iii) preservation of a legitimate interest.

3. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to recognize you when you return to the Sites and to provide a better user experience. We use both session cookies (which expire when you close your browser) and persistent cookies (which remain until you delete them) to deliver a more personal and interactive experience, tailor the experience to your interests, and deliver relevant advertising.

Traffic Analytics. We use third-party analytics providers, such as Google Analytics, to help us analyze how users use the Services. These providers use cookies to collect information such as how often users visit, what features they use, and what sites they visited prior to coming to the Sites. We use this information to improve our Sites and Services. These providers collect the IP address assigned to you on the date you visit, rather than your name or other directly identifying information. We do not combine analytics information with your personal information without your consent.

Advertising. Technologies like cookies, pixel tags, device identifiers, and local storage are used to deliver, secure, and understand products, services, and advertising on and off social media platforms (including Facebook, Instagram, X, LinkedIn, YouTube, and TikTok). These technologies also gather information for remarketing to similar audiences. Third-party vendors, including Google, may show our ads on sites across the internet and use cookies to serve ads based on past visits to our Sites. You may opt out of Google’s use of cookies by visiting Google’s Ads Settings, and you may opt out of certain third-party vendors’ use of cookies by visiting the Network Advertising Initiative opt-out page or the Digital Advertising Alliance opt-out page.

Your Choices. You may refuse to accept cookies by activating the setting on your browser that allows you to refuse cookies. However, if you select this setting, you may be unable to access certain parts of the Sites. Where required by applicable law, we will obtain your consent before placing non-essential cookies.

4. Do We Share Information With Third Parties?

We do not sell your personal information. We disclose personal information only as described below.

4.1 Your Consent

We may share personal information with your consent.

4.2 Service Providers

We share personal information with third-party service providers that perform services on our behalf, including hosting, fulfillment, payment processing, claim adjudication, fraud prevention, analytics, customer support, email and SMS delivery, and quality assurance. These service providers are bound by written agreements that require them to keep your information confidential, use it only to provide the contracted services, and comply with safeguards consistent with this Privacy Policy.

4.3 Merchant Partners and Co-Branded Services

ShipInsure operates as a shipping-protection service offered through merchant partners. When you purchase a product from a merchant and elect ShipInsure coverage, we share information necessary to administer your coverage and any claim with that merchant. We may also have arrangements with companies that provide our Services through private-labeled or co-branded websites. Co-branded sites may have their own privacy policies, which you should review.

4.4 Legal Disclosure

We may disclose personal information to third parties (i) to comply with a valid legal requirement such as a law, regulation, search warrant, subpoena, or court order; or (ii) in special cases such as a physical threat to you or others, a threat to homeland security, a threat to our systems or networks, or where we believe disclosure is reasonably necessary to investigate or prevent harm, fraud, abuse, or illegal conduct. We may also disclose personal information to enforce our rights, protect our property, protect the rights, property, or safety of others, or as needed to support external auditing, compliance, and corporate governance functions.

4.5 Corporate Restructuring

We may share some or all of your personal information in connection with or during negotiation of any merger, financing, acquisition, dissolution, transaction, or proceeding involving the sale, transfer, divestiture, or disclosure of all or any portion of our business or assets. In the event of an insolvency, bankruptcy, or receivership, personal information may also be transferred as a business asset. Any successor entity will assume the rights and obligations regarding your personal information described in this Privacy Policy.

4.6 Aggregated, Non-Personal Information

We may share aggregated, de-identified information about users with third parties. This information is combined with information about other users and does not allow you to be identified or contacted.

4.7 Links to Other Sites

We may provide links to third-party sites. When you click on one of those links, we will not provide any personal information about you, but the third party may know that you came from our Sites. We do not control the privacy practices of other sites and encourage you to read their privacy policies.

5. How and Where Do We Process and Store Data?

5.1 Purposes of Processing

We process personal information for the purposes described in Section 2, including providing and improving our Services, communicating with you, processing transactions and claims, preventing fraud, and complying with legal obligations.

5.2 Methods of Processing

Data processing is carried out in accordance with our privacy procedures and policies and using computers and related software and IT tools. Data may be accessible to (i) internal parties involved in the operation of our Sites, products, and Services (such as administration, legal, claims, sales, and engineering personnel) and (ii) external parties who assist us in providing, operating, and maintaining our Sites and Services. We require internal parties (through employment agreements and related employment policies) and external parties (through written agreements) to maintain the data in accordance with the safeguards described in this Privacy Policy.

5.3 Third-Party Processors

We are committed to minimizing the number of third-party processors we utilize and assess and review each to ensure compliance with this Privacy Policy. Our current third-party processors include Shopify (for merchant integration) and Stripe (for payment processing). We may engage additional processors in the future and will update this Privacy Policy accordingly.

5.4 Place of Processing and International Transfers

ShipInsure is a United States-based company. We store personal information in the United States, and we may transfer personal information to countries other than the country in which it was originally collected. If you are located in the European Economic Area, the United Kingdom, or Switzerland, we will only transfer your personal information internationally if we have put in place appropriate safeguards, such as entering into Standard Contractual Clauses approved by the European Commission with the recipient, relying on the recipient’s binding corporate rules, or another mechanism permitted under applicable law.

6. How Do We Protect Personal Information?

We protect personal information using administrative, technical, and physical safeguards designed to protect against unauthorized access, disclosure, alteration, and destruction. When we use third-party service providers, we require those providers to implement similar safeguards. However, no method of transmission over the internet or method of electronic storage is 100% secure, and we cannot guarantee that your information is completely secure either within ShipInsure or on the systems of third-party service providers.

7. How Long Do We Keep Your Personal Information?

We retain personal information when we have an ongoing legitimate business need to do so (for example, to provide you with the Services you have requested, to administer claims, to detect or prevent fraud, or to comply with applicable legal, tax, accounting, or insurance regulatory requirements). When we no longer have an ongoing legitimate business need to process your personal information, we will either delete or anonymize it or, if this is not possible (for example, because the information is stored in backup archives), securely store the information and isolate it from any further processing until deletion is possible.

8. Your Rights

Subject to applicable law and the limitations described below, you may have the following rights with respect to the personal information we hold about you:

  • Right to Withdraw Consent. Where you have previously provided consent, you have the right to withdraw it at any time.

  • Right to Object. In certain cases, you have the right to object to processing of your personal information, including for direct marketing purposes and profiling.

  • Right to Access. You have the right to obtain confirmation as to whether we process personal information concerning you and, if so, to request access to that information.

  • Right to Rectification. You have the right to request the correction of inaccurate personal information and to complete any incomplete personal information.

  • Right to Erasure. In certain cases, you have the right to request that we delete your personal information.

  • Right to Data Portability. Where data is processed based on your consent or in performance of a contract by automated means, you have the right to receive your personal information in a structured, commonly used, and machine-readable format and to transmit it to another controller.

  • Right to Restrict Processing. You have the right to request that we restrict processing of your personal information in certain circumstances.

  • Right Regarding Automated Decision-Making. You have the right not to be subject to a decision based solely on automated processing, including profiling, that produces legal or similarly significant effects.

  • Right to Lodge a Complaint. You have the right to file a complaint with your data protection authority.

California residents have additional rights under the California Consumer Privacy Act, as amended. See Section 10 for details.

9. How Do You Exercise Your Rights?

To exercise any of the rights described above, please contact us using the information in Section 12. Unless your request is complex, repetitive, or manifestly unfounded or excessive, we will process your request within one month (or as required by applicable law) and at no cost to you. We may need to verify your identity before fulfilling your request.

9.1 Email and Marketing Communications

We may periodically send you emails that promote the Services. You may indicate a preference to stop receiving promotional communications by following the unsubscribe instructions in any email or by contacting us at support@shipinsure.io. We may continue to send service-related communications (such as notices about your account, transactions, claims, or updates to this Privacy Policy) regardless of your marketing preferences.

9.2 Changing or Deleting Your Information

You may change personal information in your account by editing your account settings or by contacting support@shipinsure.io. You may request deletion of your personal information, and we will use commercially reasonable efforts to honor your request, subject to legal, regulatory, fraud-prevention, and contractual retention obligations. When we delete information, it will be removed from the active database but may remain in archives or backups for a limited period.

9.3 Mobile Applications

You may stop the collection of information by an Application by uninstalling it using the standard processes available on your mobile device or through the applicable application marketplace.

9.4 Do Not Track Signals

Some browsers transmit “do not track” signals to websites. There is no industry standard governing how websites should respond to these signals. We currently do not take action in response to these signals. If and when a standard is established, we may revise this policy.

10. California Residents

This Section 10 applies solely to visitors, users, customers, and others who reside in the State of California (“consumers” or “you”). We provide this Section in accordance with the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (collectively, the “CCPA”), and other California privacy laws. Any terms defined in the CCPA have the same meaning when used in this Section.

“Personal information” for purposes of this Section means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. Personal information does not include: (1) publicly available information from government records; (2) deidentified or aggregated consumer information; or (3) information excluded from the CCPA’s scope, such as information covered by HIPAA, CMIA, FCRA, GLBA, FIPA, or the Driver’s Privacy Protection Act.

Special Note: We do not knowingly collect personal information from consumers under 16 years of age, and we have no actual knowledge of selling or sharing personal information of consumers under 16.

10.1 Categories of Personal Information We Collect

In the preceding 12 months, we have collected the following categories of personal information from California consumers:

  • Identifiers (Category A): Real name, postal address, email address, telephone number, account name, IP address, unique personal identifier, online identifier, and customer number.

  • Customer Records (Category B): Name, signature, address, telephone number, credit card or debit card number, and other financial information. Payment card data is processed only for transaction completion and not retained.

  • Commercial Information (Category D): Records of products or services purchased, obtained, or considered (including shipping protection coverage and claim history), and other purchasing histories or tendencies.

  • Internet or Other Network Activity (Category F): Browsing history, search history, and information regarding a consumer’s interaction with a website, application, or advertisement.

  • Sensitive Personal Information (Category L) – limited collection: Account log-in credentials necessary to operate your account. We do not use or disclose sensitive personal information for purposes that would require us to offer a right to limit under the CCPA.

We do not collect the following CCPA categories: Protected Classification Characteristics (Category C), Biometric Information (Category E), Geolocation Data (Category G), Sensory Information (Category H), Professional or Employment Information (Category I), Non-Public Education Information (Category J), or Inferences (Category K).

10.2 Sources of Personal Information

We obtain the categories of personal information listed above from the following categories of sources:

  • Directly from you, through information you submit on the Sites or through passive means such as cookies and similar technologies;

  • From our merchant partners and their agents, who share information about your orders and purchases when you elect ShipInsure coverage;

  • From third-party service providers, payment processors, auditors, advisors, and government authorities, as applicable and necessary.

10.3 Purposes for Collection

We use the personal information described above for the business purposes described in Section 2 of this Privacy Policy, including providing the Services, processing claims, preventing fraud, improving our Services, and complying with legal obligations. We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.

10.4 Disclosure of Personal Information

In the preceding 12 months, we have disclosed personal information for business purposes to the categories of third parties described in Section 4 of this Privacy Policy, including service providers (such as Shopify and Stripe), merchant partners, professional advisors, and government authorities when required by law. When we disclose personal information for a business purpose, we enter into a written agreement that requires the recipient to keep the personal information confidential and to use it only for purposes of performing the contract.

10.5 Sale or Sharing of Personal Information

We do not sell personal information as the term “sell” is defined under the CCPA, and we do not “share” personal information for cross-context behavioral advertising as that term is defined under the CCPA. We have no actual knowledge of selling or sharing the personal information of consumers under 16 years of age.

10.6 Your California Consumer Rights

If you are a California resident, you have the following rights:

  • Right to Know. You may request that we provide to you specific pieces of personal information and the following information for the 12-month period preceding your request: (i) the categories of personal information we collected about you; (ii) the categories of sources; (iii) the purposes for collecting; (iv) the categories of third parties to whom we disclosed your information; and (v) the categories of personal information sold or shared (we do not sell or share). For your security, we may not provide certain categories of information, including government-issued identification numbers, financial account numbers, health insurance or medical identification numbers, and account passwords or security questions and answers.

  • Right to Delete. You may request that we delete personal information that we have collected from you, subject to limited exceptions permitted under the CCPA (including completing transactions, detecting security incidents, complying with legal obligations, and certain internal uses compatible with the context in which you provided the information).

  • Right to Correct. You may request that we correct inaccurate personal information we maintain about you, taking into account the nature of the personal information and the purposes of processing it.

  • Right to Opt-Out of Sale or Sharing. As stated above, we do not sell or share personal information as those terms are defined under the CCPA.

  • Right to Limit Use of Sensitive Personal Information. To the extent we use or disclose sensitive personal information for purposes that would require offering a right to limit, you may direct us to limit such use or disclosure. As stated above, we do not currently use sensitive personal information for such purposes.

  • Right to Non-Discrimination. We will not discriminate against any consumer who exercises their rights under the CCPA. We will not deny you Services, charge you different prices or rates, or provide you a different level or quality of Services because you exercised your CCPA rights.

10.7 How to Submit a Verifiable Consumer Request

You may submit a Verifiable Consumer Request related to the rights described above by contacting us at:

Only you, or a person registered with the California Secretary of State whom you authorize to act on your behalf, may make a Verifiable Consumer Request related to your personal information. You may also make a Verifiable Consumer Request on behalf of your minor child.

Your request will not be processed until your identity has been verified. Once your identity has been verified, we will respond to your request within 45 days. If we require more time (up to an additional 90 days), we will notify you in writing of the reason and the extension period. We will deliver our written response by the means you indicate in the Verifiable Consumer Request. You may make a Verifiable Consumer Request for access or data portability no more than twice within a 12-month period.

The Verifiable Consumer Request must (i) provide sufficient information that allows us to reasonably verify that you are the person about whom we collected personal information, or an authorized representative; and (ii) describe your request with sufficient detail to allow us to properly understand, evaluate, and respond to it. Making a Verifiable Consumer Request does not require you to create an account with us, and we will only use personal information provided in a request to verify the requestor’s identity or authority.

We do not charge a fee to process or respond to your request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

10.8 Authorized Agents

You may designate an authorized agent to make a CCPA request on your behalf. The authorized agent must provide us with written permission signed by you authorizing the agent to act on your behalf, and we may require you to verify your identity directly with us before we process the agent’s request. If the authorized agent has a valid power of attorney under California Probate Code sections 4000 to 4465, you do not need to verify your identity directly with us.

10.9 Shine the Light

California Civil Code Section 1798.83 (the “Shine the Light” law) permits California residents to request certain information regarding our disclosure of personal information to third parties for those third parties’ direct marketing purposes. We do not disclose personal information to third parties for their direct marketing purposes. To request additional information, please contact us using the information in Section 12.

10.10 Notice of Financial Incentive

We do not currently offer financial incentives in exchange for the collection, sale, or deletion of personal information. If we begin to offer financial incentives, we will provide notice as required by the CCPA.

11. Changes to This Privacy Policy

We reserve the right to amend this Privacy Policy at our discretion and at any time. If we make material changes, we will notify you by sending an email to the last email address you provided to us and/or by prominently posting notice on our Sites or within our Applications. Any changes will be effective upon the earlier of (i) thirty (30) calendar days following our dispatch of an email notice or (ii) thirty (30) calendar days following our posting of the changes. These changes will be effective immediately for new users. You are responsible for keeping your contact information current. Continued use of the Sites, Applications, or Services following notice constitutes your acknowledgment of the changes and agreement to be bound by them. If you do not agree to the changes, you must notify us prior to the effective date that you wish to deactivate your account.

12. How to Contact Us

If you have any questions or concerns about this Privacy Policy, our data practices, or your privacy rights, or if you want to report a security violation, please contact us at:

ShipInsure LLC

1221 College Park Dr, Suite 116

Dover, DE 19904

Email: support@shipinsure.io

bottom of page