Privacy

Privacy Policy

This policy explains how ShipLine collects, uses, stores, and shares personal data across the website, the workspace, and the customer portal.

Last updated

March 10, 2026

1. Scope and roles

For legal and contracting purposes, references to "ShipLine", "we", "us", or "our" in these legal documents mean BNB STORE ELEKTRONİK SATIŞ HİZMETLERİ VE TİCARET ANONİM ŞİRKETİ, except where a signed order form or separate agreement identifies a different contracting entity.

This Privacy Policy applies to ShipLine marketing pages, demo and contact forms, the authenticated workspace, support interactions, and any customer portal pages operated under the ShipLine brand.

When a shipping company uses ShipLine to manage customers, vendors, products, purchases, shipments, cartons, invoices, documents, and portal access, that shipping company generally acts as the controller or business for its operational data, and ShipLine generally acts as a processor or service provider on that company's instructions.

For website analytics, account creation, authentication, billing, security, product administration, direct communications, and legal compliance, ShipLine acts as an independent controller or business.

2. Data we collect

Identity and account data, such as names, email addresses, phone numbers, job titles, organization names, invite records, and authentication events.

Workspace and operational data, such as customers, vendors, products, purchase records, receiving records, cartons, shipment records, tracking references, accounting entries, invoices, payments, support tickets, notes, attachments, and audit trails.

Customer portal data, such as portal access records, shipment visibility, downloadable documents, notification preferences, password-reset status, and customer-facing account summaries.

Technical and usage data, such as IP-derived security signals, browser and device details, log events, language choices, theme preferences, cookies, and service diagnostics.

Commercial and support data, such as demo requests, sales notes, pricing selections, onboarding details, and communications with our team.

3. Sources of data

Directly from you when you request a demo, contact us, create an account, sign in, submit forms, open support tickets, or upload documents.

From your organization administrators and invited users when they create or manage workspace access.

From customer portal users when they sign in, review documents, or interact with portal features.

From integrations, imports, or files that your organization chooses to upload into the service.

Automatically from the app and website through logs, cookies, preferences, and security monitoring.

4. How we use personal data

To provide, secure, maintain, and improve the ShipLine platform and customer portal.

To authenticate users, manage sessions, restore access, and enforce role-based permissions.

To process demo requests, sales conversations, onboarding, customer support, and account administration.

To generate documents, notifications, reports, invoice outputs, shipment records, and customer-facing portal views.

To monitor reliability, investigate errors, prevent abuse, protect accounts, and detect fraud or unauthorized access.

To comply with applicable law, legal process, tax, accounting, sanctions, export-control, or record-keeping obligations.

5. Legal bases and regional rights

Where laws such as the GDPR, UK GDPR, or similar frameworks apply, we rely on legal bases that may include performance of a contract, legitimate interests, consent, and compliance with legal obligations.

Depending on your region, you may have rights that include access, correction, deletion, objection, restriction, portability, withdrawal of consent, and complaint to a supervisory authority. California residents may also have rights to know, access, correct, and delete qualifying personal information, and to opt out of sales or sharing where applicable.

ShipLine does not sell personal information for money and does not intentionally use customer operational data for cross-context behavioral advertising.

6. How we share data

With hosting, infrastructure, database, email, support, security, and similar service providers acting under contractual obligations.

With your organization and its authorized users, because workspace records are visible according to roles, permissions, and portal access granted by the customer organization.

With professional advisers, auditors, insurers, payment processors, and regulators where necessary.

In response to legal requests or to protect the rights, safety, security, operations, or property of ShipLine, our users, or the public.

As part of a merger, acquisition, reorganization, financing, or sale of assets, subject to appropriate safeguards.

7. International transfers

ShipLine may process data in countries outside the country where it was originally collected. Where required, we use contractual, technical, and organizational safeguards designed to support lawful transfers.

8. Retention

We retain personal data for as long as reasonably necessary to provide the service, maintain security, support legitimate business operations, resolve disputes, enforce agreements, and meet legal, tax, or accounting obligations.

Operational records may remain in the workspace until deleted by the customer organization, subject to backups, security logs, and legal retention requirements.

9. Security

We use administrative, contractual, technical, and organizational measures designed to protect personal data. No system is absolutely secure, and you remain responsible for account credentials, user permissions, document-sharing decisions, and the accuracy of data uploaded into the platform.

10. Customer and portal responsibilities

Shipping companies using ShipLine are responsible for determining the legal basis for their customer, vendor, shipment, financial, and portal data, for giving any required notices, and for configuring user access appropriately.

If you enable a customer portal, you are responsible for deciding which shipment, document, invoice, and account information should be exposed to portal users.

11. Children

ShipLine is designed for business use and is not directed to children. Do not use the service to intentionally collect personal data from children in violation of applicable law.

12. Changes and contact

We may update this Privacy Policy from time to time. The version published on this page controls from its effective date unless a different effective date is stated.

For privacy requests or questions, use the contact channels published on the ShipLine website or the support route provided in your commercial relationship with ShipLine.

This policy should be read together with the Terms of Service, Cookie Policy, and any order form or data-processing terms that apply to your organization.