MyCustomsInfo® - AI-Powered Customs Compliance Platform
MyCustomsInfo®

Privacy Policy

Last updated: December 22, 2024

1. Introduction

MyCustomsInfo® ("we," "our," or "us") is committed to protecting your privacy and the security of your information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our customs compliance platform and services.

This policy applies to information we collect through our website, platform, and services (collectively, the "Services"). By using our Services, you consent to the data practices described in this policy.

2. Information We Collect

2.1 Information You Provide

We collect information you provide directly to us, including:

  • Account information (name, email, company name, job title)
  • Contact information (phone number, business address)
  • Payment information (credit card details, billing address)
  • Customs declaration data you upload for auditing
  • Communications with our support team
  • Feedback, survey responses, and testimonials

2.2 Automatically Collected Information

When you use our Services, we automatically collect certain information:

  • Device information (IP address, browser type, operating system)
  • Usage data (pages viewed, features used, time spent)
  • Log data (access times, error logs, referral URLs)
  • Cookies and similar tracking technologies

2.3 Information from Third Parties

We may receive information about you from third parties, such as customs databases, regulatory authorities (for verification purposes), payment processors, and analytics providers.

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our Services
  • Process customs declaration audits and generate reports
  • Validate findings with licensed customs professionals
  • Process payments and manage billing
  • Communicate with you about Services, updates, and support
  • Send you marketing communications (with your consent)
  • Analyze usage patterns and improve user experience
  • Train and improve our AI models
  • Detect, prevent, and address fraud and security issues
  • Comply with legal obligations and enforce our Terms

4. Data Security and Storage

We implement industry-standard security measures to protect your information:

  • 256-bit AES encryption for data at rest
  • TLS/SSL encryption for data in transit
  • Regular security audits and penetration testing
  • Access controls and authentication requirements
  • Employee training on data protection practices
  • Secure data centers with physical access controls
  • Regular backups and disaster recovery procedures

4.1 Global Data Storage Infrastructure

Your customs declaration data is stored in secure, geographically distributed data centers across multiple regions to provide optimal performance and comply with local data residency requirements. Our data centers are located in:

  • European Union: For EU-based customers and GDPR compliance
  • United Kingdom: For UK-based customers and UK GDPR compliance
  • United States: For North American customers and US regulatory requirements
  • Canada: For Canadian customers and PIPEDA compliance
  • Australia: For Australian customers and Privacy Act compliance
  • Singapore: For Asia-Pacific customers and PDPA compliance

4.2 Data Sovereignty and Residency

We respect data sovereignty principles, meaning your data is governed by the laws of the country or region where it was created and stored. During onboarding, you can specify your preferred data residency location to ensure your customs data remains within your chosen jurisdiction and complies with local data protection regulations.

By default, your data will be stored in the region closest to your business operations to optimize performance while maintaining compliance with applicable data protection laws including GDPR (EU/UK), PIPEDA (Canada), Privacy Act (Australia), PDPA (Singapore), and relevant US state and federal privacy laws.

5. Information Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

  • With your consent: When you explicitly authorize us to share information
  • Service providers: Third parties who perform services on our behalf (hosting, analytics, payment processing)
  • Licensed customs brokers: For expert validation of audit findings (under confidentiality agreements)
  • Business transfers: In connection with mergers, acquisitions, or asset sales
  • Legal requirements: When required by law or to protect our rights
  • Aggregated data: De-identified data for research and analysis

6. Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information:

  • Access: Request access to your personal information
  • Correction: Request correction of inaccurate information
  • Deletion: Request deletion of your information
  • Portability: Request a copy of your information in a portable format
  • Objection: Object to certain processing of your information
  • Restriction: Request restriction of processing
  • Withdrawal of consent: Withdraw consent for marketing communications

To exercise these rights, please contact us at [email protected]. We will respond to your request within 30 days as required by applicable law.

7. GDPR Compliance

For users in the European Economic Area (EEA) and UK, we comply with the General Data Protection Regulation (GDPR) and UK GDPR. EU/UK customer data is stored in data centers located within the EU or UK respectively, ensuring compliance with data residency requirements.

Legal basis for processing: We process your information based on:

  • Contractual necessity (to provide Services you've requested)
  • Legitimate interests (improving Services, security)
  • Legal obligations (compliance with laws and regulations)
  • Consent (for marketing communications)
Data Protection Officer: You can contact our Data Protection Officer at [email protected] with any questions about our data practices.

8. Data Retention

We retain your information for as long as necessary to provide Services and fulfill the purposes described in this policy, unless a longer retention period is required by law.

Customs declaration data is retained for 7 years to comply with customs record-keeping requirements. After this period, data is securely deleted unless you request earlier deletion.

9. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Remember your preferences and settings
  • Understand how you use our Services
  • Improve performance and user experience
  • Provide personalized content

You can control cookies through your browser settings. However, disabling cookies may limit your ability to use certain features of our Services.

10. International Data Transfers

10.1 Cross-Border Data Processing

As a global customs compliance platform, we operate data centers in the European Union, United Kingdom, United States, Canada, Australia, and Singapore. While we respect data residency preferences and store your primary data in your chosen region, certain processing activities may involve limited cross-border data transfers for:

  • System backups and disaster recovery
  • Global security monitoring and threat detection
  • Technical support and customer service operations
  • AI model training and improvement (using anonymized data)

10.2 Transfer Safeguards

We ensure appropriate safeguards are in place for all international data transfers:

  • Standard Contractual Clauses (SCCs): Approved by the European Commission for EU/UK data transfers
  • Data Processing Agreements: Binding agreements with all service providers and partners
  • Privacy Shield Framework: For applicable US-based transfers (where legally recognized)
  • Adequacy Decisions: Reliance on adequacy decisions issued by relevant data protection authorities
  • Enhanced Security Measures: Encryption in transit and at rest for all cross-border transfers

10.3 Regional Compliance

We comply with regional data protection requirements:

  • EU/UK: GDPR and UK GDPR compliance with Standard Contractual Clauses
  • Canada: PIPEDA compliance with provincial privacy laws (FIPPA, PIPA)
  • Australia: Privacy Act 1988 compliance with Australian Privacy Principles (APPs)
  • Singapore: Personal Data Protection Act (PDPA) compliance
  • United States: Compliance with applicable federal and state laws (CCPA/CPRA, VCDPA, etc.)

If you have specific concerns about data transfers or wish to restrict cross-border processing, please contact our Data Protection Officer at [email protected] to discuss available options and potential service limitations.

11. Children's Privacy

Our Services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal information, please contact us immediately.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on our website and updating the "Last updated" date.

We encourage you to review this Privacy Policy periodically. Your continued use of the Services after changes become effective constitutes acceptance of the revised policy.

13. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

MyCustomsInfo® - Privacy Team

Email: [email protected]

Data Protection Officer: [email protected]

Address: Cholmondeley House, Dee Hills Park, Chester, Cheshire, CH3 5AR United Kingdom

Phone: US: +1 (312) 728-4277 | UK: +44 151 808 0111

Your Privacy Matters

We take your privacy seriously and are committed to transparency about our data practices. If you have any questions or concerns, please don't hesitate to reach out to our privacy team.