Anyone who has information stored about them has the right to know why their data is stored, what it is used for and where it is stored, under the General Data Protection Regulations or GDPR (Knowing in the UK as the Data Protection Act 2018).
For this purpose, we have created this page here to help you understand our role in processing your data.
Who we are
Courier API is a business service provider to eCommerce and similar companies, and part of Despatch Cloud Ltd. Courier API services allow companies to interface with multiple couriers, to book deliveries, create courier labels, request insurance, and to track deliveries.
Why we process your data
We provide Shipping Management software as a service that connects retail companies who process orders from their own websites, from third party sites, like Amazon, Fruugo or Etsy, take telephone orders or mail order or other orders which involve sending items through post or courier networks.
Because of that your data is passed through our systems. We therefore act as a Data Processor as defined by the GDPR. This means we process the data on behalf on some one else (defined as the Data Controller under GDPR).
Your data is used to book orders into couriers’ systems, generate labels, and allow your order to be tracked.
Data is shared with courier and post services to enable orders to be booked and for items to be tracked.
No other third parties have access to personal data.
What data do we store?
The data we store includes the name on the delivery address, the delivery address, telephone numbers, and email addresses as well as any comments you left for your delivery. These are considered Personal Identifiable information (PII).
How long do we store your data for?
Under our standard terms we store your data for 90 days before it is deleted from our systems. It is stored to allow our client companies to check delivery details, and tracking for missing orders.
The security of your data
Data security is our primary concern we have multiple layers of security. All data whether it is being sent across networks (in transit) or in stored (at rest) in encrypted to AES-256 which is stands for Advanced Encryption Standard and is the current industry standard in data security.
Access to the servers is strictly limited and monitored. Any uploads and downloads are logged and our staff are trained in cyber security and data ethics.
We only use data centres in the UK and all our data centres conform to ISO27001.
About Despatch Cloud Ltd & Courier API
Courier API is a brand of Despatch Cloud Ltd, we are registered with the Information Commissioners office (ICO) registration number A8116774. Despatch Cloud offers Order processing, Warehouse Management and integration software.
Our registered address is Unit 76, Kelleythorpe Industrial Estate, Warfield Rd, Kelleythorpe, Driffield YO25 9FQ.
If you have further questions, please contact us [email protected]
What happens if I want to see, change and delete (Rectification/Deletion) the data?
By law any individual has a right to see the data stored and processed about them, and have that data edited if incorrect or deleted if there is no good reason for retaining that data. In the first instance, please contact the data protection organiser of the company who you ordered from and raise a “Subject Access Request”. They will be able to access the data about you for your request. You may need to provide evidence of your identity to ensure that data is not released to the wrong person.
You may also raise a subject access request to us and we will immediately rectify or erase your personal data. We will in that case also notify the data controller of the data.