Privacy Policy — VShip Document Upload App

This Privacy Policy describes Our policies and procedures on the collection, use and disclosure of Your information when You use the Service and tells You about Your privacy rights and how the law protects You.

By using the Service, You agree to the collection and use of information in accordance with this Privacy Policy. This Privacy Policy has been created with the help of the Privacy Policy Generator.

Interpretation and Definitions

Interpretation

The words whose initial letters are capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.

Definitions

For the purposes of this Privacy Policy:

Account means a unique account created for You to access our Service or parts of our Service.
Affiliate means an entity that controls, is controlled by, or is under common control with a party, where "control" means ownership of 50% or more of the shares, equity interest or other securities entitled to vote for election of directors or other managing authority.
Application refers to VShip Document Upload, the software program provided by the Company.
Company (referred to as either "the Company", "We", "Us" or "Our" in this Privacy Policy) refers to VShip, 3636 33rd Street.
Country refers to: United States
Device means any device that can access the Service such as a cell phone or a digital tablet.
Personal Data (or "Personal Information") is any information that relates to an identified or identifiable individual.
We use "Personal Data" and "Personal Information" interchangeably unless a law uses a specific term.
Service refers to the Application.
Service Provider means any natural or legal person who processes the data on behalf of the Company. It refers to third-party companies or individuals employed by the Company to facilitate the Service, to provide the Service on behalf of the Company, to perform services related to the Service or to assist the Company in analyzing how the Service is used.
Usage Data refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).
You means the individual accessing or using the Service, or the company, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable.

Collecting and Using Your Personal Data

Types of Data Collected

Personal Data

While using Our Service, We may ask You to provide Us with certain personally identifiable information that can be used to contact or identify You. Personally identifiable information may include, but is not limited to:

Email address
First name and last name
Phone number

Usage Data

Usage Data is collected automatically when using the Service.

When You access the Service by or through a mobile device, We may collect certain information automatically, including, but not limited to, Your mobile device's unique ID, the type of mobile Internet browser You use, unique device identifiers and other diagnostic data.

We may also collect information that Your browser sends whenever You visit Our Service or when You access the Service by or through a mobile device.

Information Collected while Using the Application

While using Our Application, in order to provide features of Our Application, We may collect, with Your prior permission:

Pictures and other information from your Device's camera and photo library
Documents and files You upload through the Application, including PDF and image files (JPEG, PNG, and RAW formats)

We use this information to provide the core functionality of Our Service, which includes processing and assembling Your uploaded documents for submission to the Company. The information is uploaded to the Company's servers for processing, storage, and delivery to designated recipients. Uploaded content may be converted to PDF format, stored on Our cloud infrastructure, and transmitted to designated email addresses or document management systems as part of the Service.

You can enable or disable access to Your Device's camera and photo library at any time through Your Device settings. Disabling such access may limit Your ability to use certain features of the Application.

Use of Your Personal Data

The Company may use Personal Data for the following purposes:

To provide and maintain our Service, including to monitor the usage of our Service.
To manage Your Account: to manage Your registration as a user of the Service. The Personal Data You provide can give You access to different functionalities of the Service that are available to You as a registered user.
To contact You: To contact You by email, telephone calls, SMS, or other equivalent forms of electronic communication, such as a mobile application's push notifications regarding updates or informative communications related to the functionalities, products or contracted services, including the security updates, when necessary or reasonable for their implementation.
To manage Your requests: To attend and manage Your requests to Us.

We may share Your Personal Data in the following situations:

With Your consent: We may disclose Your Personal Data for any other purpose with Your consent.

Retention of Your Personal Data

The Company will retain Your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use Your Personal Data to the extent necessary to comply with our legal obligations (for example, if We are required to retain Your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.

Where possible, We apply shorter retention periods and/or reduce identifiability by deleting, aggregating, or anonymizing data. Unless otherwise stated, the retention periods below are maximum periods ("up to") and We may delete or anonymize data sooner when it is no longer needed for the relevant purpose. We apply different retention periods to different categories of Personal Data based on the purpose of processing and legal obligations:

Account Information
- User Accounts: retained for the duration of your account relationship plus up to 24 months after account closure to handle any post-termination issues or resolve disputes.
Usage Data
- Application usage statistics: up to 24 months to understand feature adoption and service improvements.
- Server logs (IP addresses, access times): up to 24 months for security monitoring and troubleshooting purposes.

Usage Data is retained in accordance with the retention periods described above, and may be retained longer only where necessary for security, fraud prevention, or legal compliance.

We may retain Personal Data beyond the periods stated above for different reasons:

Legal obligation: We are required by law to retain specific data (e.g., financial records for tax authorities).
Legal claims: Data is necessary to establish, exercise, or defend legal claims.
Your explicit request: You ask Us to retain specific information.
Technical limitations: Data exists in backup systems that are scheduled for routine deletion.

You may request information about how long We will retain Your Personal Data by contacting Us.

When retention periods expire, We securely delete or anonymize Personal Data according to the following procedures:

Deletion: Personal Data is removed from Our systems and no longer actively processed.
Backup retention: Residual copies may remain in encrypted backups for a limited period consistent with our backup retention schedule and are not restored except where necessary for security, disaster recovery, or legal compliance.

Transfer of Your Personal Data

Your information, including Personal Data, is processed at the Company's operating offices and in any other places where the parties involved in the processing are located. It means that this information may be transferred to — and maintained on — computers located outside of Your state, province, country or other governmental jurisdiction where the data protection laws may differ from those from Your jurisdiction.

Where required by applicable law, We will ensure that international transfers of Your Personal Data are subject to appropriate safeguards and supplementary measures where appropriate. The Company will take all steps reasonably necessary to ensure that Your data is treated securely and in accordance with this Privacy Policy and no transfer of Your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of Your data and other personal information.

Delete Your Personal Data

You have the right to delete or request that We assist in deleting the Personal Data that We have collected about You.

Our Service may give You the ability to delete certain information about You from within the Service.

Please note, however, that We may need to retain certain information when we have a legal obligation or lawful basis to do so.

Disclosure of Your Personal Data

Business Transactions

If the Company is involved in a merger, acquisition or asset sale, Your Personal Data may be transferred. We will provide notice before Your Personal Data is transferred and becomes subject to a different Privacy Policy.

Law enforcement

Under certain circumstances, the Company may be required to disclose Your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).

Other legal requirements

The Company may disclose Your Personal Data in the good faith belief that such action is necessary to:

Comply with a legal obligation
Protect and defend the rights or property of the Company
Prevent or investigate possible wrongdoing in connection with the Service
Protect the personal safety of Users of the Service or the public
Protect against legal liability

Security of Your Personal Data

The security of Your Personal Data is important to Us. We implement commercially reasonable technical and organizational measures to protect Your Personal Data against unauthorized access, alteration, disclosure, or destruction. These measures include, but are not limited to:

Encryption in transit using TLS 1.2 or higher for all data transmitted between Your Device and Our servers.
Secure authentication and role-based access control to limit access to Personal Data to authorized personnel.
Password complexity requirements for all user Accounts.
Error logging and security monitoring to detect and respond to potential threats.

While We strive to use commercially reasonable means to protect Your Personal Data, no method of transmission over the Internet or method of electronic storage is 100% secure. We cannot guarantee the absolute security of Your Personal Data.

Children's Privacy (COPPA Compliance)

Our Service is not directed to children under the age of 13, and We do not knowingly collect, use, or disclose Personal Data from children under 13. The Service requires users to be at least 18 years of age, as stated in Our Terms and Conditions.

We comply with the Children's Online Privacy Protection Act ("COPPA") of the United States. We do not knowingly collect personally identifiable information from anyone under the age of 13. If You are a parent or guardian and You become aware that Your child has provided Us with Personal Data, please contact Us immediately using the contact information provided below.

If We become aware that We have collected Personal Data from a child under the age of 13 without verification of parental consent, We will take prompt steps to delete that information from Our servers and terminate any associated Account.

In compliance with COPPA, We affirm that:

We do not knowingly request or collect Personal Data from children under 13.
We do not knowingly allow children under 13 to create Accounts or use the Service.
We do not condition a child's participation in any activity on the disclosure of more Personal Data than is reasonably necessary for that activity.
We do not knowingly share Personal Data collected from children under 13 with third parties for their own marketing purposes.

If You are a parent or guardian and believe Your child under 13 has provided Personal Data to Us, You may contact Us to: (a) review the Personal Data collected from Your child; (b) request that We delete such data; or (c) refuse further collection or use of Your child's data. We will respond to such requests within a reasonable time.

For users between the ages of 13 and 16 who reside in the European Economic Area, We may require parental or guardian consent before collecting and processing Personal Data, as required by applicable law including the General Data Protection Regulation (GDPR).

Your Rights Under the General Data Protection Regulation (GDPR)

If You are a resident of the European Economic Area (EEA), the United Kingdom, or Switzerland, You have certain data protection rights under the General Data Protection Regulation (GDPR) and applicable local implementations. The Company aims to take reasonable steps to allow You to correct, amend, delete, or limit the use of Your Personal Data.

Legal Basis for Processing

We process Your Personal Data only where We have a valid legal basis to do so. Depending on the circumstances, Our legal bases for processing include:

Consent: You have given Us consent to process Your Personal Data for one or more specific purposes, such as accessing Your device camera and photo library. You have the right to withdraw consent at any time.
Legal obligation: Processing is necessary for compliance with a legal obligation to which the Company is subject.

Your GDPR Rights

Under the GDPR, You have the following rights regarding Your Personal Data:

Right of access: You have the right to request copies of Your Personal Data. We may charge a small fee for this service in certain circumstances.
Right to erasure: You have the right to request that We erase Your Personal Data, under certain conditions. This includes the right to have Your Account and associated data deleted.
Right to restrict processing: You have the right to request that We restrict the processing of Your Personal Data, under certain conditions.
Right to object to processing: You have the right to object to Our processing of Your Personal Data, under certain conditions, including processing based on legitimate interests or for direct marketing purposes.
Right to data portability: You have the right to request that We transfer the Personal Data that We have collected to another organization, or directly to You, under certain conditions, in a structured, commonly used, and machine-readable format.
Right to withdraw consent: Where We rely on Your consent to process Your Personal Data, You have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.
Right to lodge a complaint: You have the right to lodge a complaint with a supervisory authority in the EEA Member State of Your habitual residence, place of work, or place of the alleged infringement if You believe that the processing of Your Personal Data violates the GDPR.

International Data Transfers

Your Personal Data may be transferred to and processed in the United States, where our servers and Service Providers are located. If You are located in the EEA, United Kingdom, or Switzerland, We will ensure that such transfers are subject to appropriate safeguards as required by the GDPR, which may include Standard Contractual Clauses approved by the European Commission or other lawful transfer mechanisms.

Data Protection Officer

If You wish to exercise any of Your GDPR rights, or if You have questions or concerns about how We process Your Personal Data, You may contact Us using the contact information provided at the end of this Privacy Policy. We will respond to Your request within 30 days, or within the time period required by applicable law.

Your Rights Under the California Consumer Privacy Act and California Privacy Rights Act (CCPA/CPRA)

This section applies to California residents and supplements the information contained elsewhere in this Privacy Policy. It is provided in compliance with the California Consumer Privacy Act of 2018 ("CCPA") as amended by the California Privacy Rights Act of 2020 ("CPRA").

Categories of Personal Information Collected

Within the preceding twelve (12) months, We have collected the following categories of Personal Information from consumers:

Identifiers: such as name, email address, phone number, and unique device identifiers.
Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)): such as name, and phone number.
Sensory data: photographs and images uploaded through the Application's camera and photo library features.

Sources of Personal Information

We collect Personal Information from the following sources:

Directly from You when You create an Account, upload content, or contact Us.
Automatically when You use the Service, through device identifiers, server logs, and Usage Data.
From Your device when You grant permission to access Your camera or photo library.

Business or Commercial Purposes for Collecting Personal Information

We collect and use Personal Information for the business and commercial purposes described in the "Use of Your Personal Data" section of this Privacy Policy, including providing the Service, managing Accounts, processing document uploads, communicating with You, and improving the Service.

Sale and Sharing of Personal Information

We do not sell Your Personal Information as defined under the CCPA/CPRA. We do not share Your Personal Information for cross-context behavioral advertising purposes. We have not sold or shared Personal Information of consumers in the preceding twelve (12) months.

Disclosure of Personal Information for a Business Purpose

We may disclose Your Personal Information to Service Providers for business purposes, including cloud storage and hosting providers, and email delivery services. When We disclose Personal Information to a Service Provider, We enter into a contract that describes the purpose and requires the recipient to keep that Personal Information confidential, use it only for the purposes for which it was disclosed, and not sell or share it.

Your CCPA/CPRA Rights

As a California resident, You have the following rights under the CCPA/CPRA:

Right to know: You have the right to request that We disclose the categories and specific pieces of Personal Information We have collected about You, the categories of sources from which it was collected, the business or commercial purpose for collecting it, the categories of third parties with whom We share it, and, if applicable, the categories of Personal Information sold or shared and the categories of third parties to whom it was sold or shared.
Right to delete: You have the right to request deletion of Your Personal Information that We have collected, subject to certain exceptions as permitted by law (e.g., data necessary to complete a transaction, detect security incidents, comply with legal obligations, or for certain internal uses).
Right to correct: You have the right to request the correction of inaccurate Personal Information that We maintain about You.
Right to opt-out of sale or sharing: Although We do not sell or share Your Personal Information, You have the right to opt out of any future sale or sharing should Our practices change. You may exercise this right by contacting Us using the information provided below.
Right to limit use of sensitive Personal Information: You have the right to limit the use and disclosure of sensitive Personal Information to purposes necessary to perform the Service.
Right to non-discrimination: We will not discriminate against You for exercising any of Your CCPA/CPRA rights. We will not deny You the Service, charge You different prices or rates, provide You a different level or quality of the Service, or suggest that You may receive a different price or rate or a different level or quality of the Service as a result of exercising Your rights.

Exercising Your CCPA/CPRA Rights

To exercise any of Your rights under the CCPA/CPRA, You may contact Us using the contact information provided at the end of this Privacy Policy. When You submit a request, We will verify Your identity by asking You to confirm information associated with Your Account, such as Your email address. Only You, or a person registered with the California Secretary of State that You authorize to act on Your behalf (an "authorized agent"), may make a verifiable consumer request related to Your Personal Information. If an authorized agent submits a request on Your behalf, We may require that the agent provide proof of written authorization and verify their own identity.

You may make a verifiable consumer request up to two (2) times within a twelve (12) month period. We will respond to Your request within forty-five (45) calendar days of receiving it. If We require more time (up to an additional 45 days), We will inform You of the reason and extension period in writing.

Retention of Personal Information

We retain each category of Personal Information for the period described in the "Retention of Your Personal Data" section of this Privacy Policy. We do not retain Personal Information for longer than is reasonably necessary for the disclosed purpose of collection.

Financial Incentive Programs

We do not offer any financial incentive programs in exchange for the retention, sale, or sharing of Your Personal Information.

Your Rights Under the California Online Privacy Protection Act (CalOPPA)

This section is provided in compliance with the California Online Privacy Protection Act ("CalOPPA"). CalOPPA requires commercial websites and online services that collect personally identifiable information from California consumers to conspicuously post a privacy policy.

CalOPPA Disclosures

In accordance with CalOPPA, We agree to the following:

Users can visit Our Service anonymously until they create an Account or submit Personal Data.
Our Privacy Policy link includes the word "Privacy" and can be easily found on the page where this policy is hosted.
You will be notified of any Privacy Policy changes on Our Privacy Policy page and via email.
You can change Your Personal Data by logging into Your Account and visiting Your account settings, or by contacting Us directly.

Do Not Track Signals

We honor Do Not Track ("DNT") signals. When a DNT browser mechanism is activated, We will not track Your activity across other websites or online services. Some third-party services integrated into Our Service may not respond to DNT signals. We encourage You to review the privacy policies of those third-party services.

We do not allow third-party behavioral tracking of users who visit Our Service. We do not engage in online behavioral advertising.

Links to Other Websites

Our Service may contain links to other websites that are not operated by Us. If You click on a third party link, You will be directed to that third party's site. We strongly advise You to review the Privacy Policy of every site You visit.

We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.

Changes to this Privacy Policy

We may update Our Privacy Policy from time to time. We will notify You of any changes by posting the new Privacy Policy on this page.

We will let You know via email and/or a prominent notice on Our Service, prior to the change becoming effective and update the "Last updated" date at the top of this Privacy Policy.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Contact Us

If you have any questions about this Privacy Policy, Your rights under applicable data protection laws, or Our data practices, You can contact us:

By email: support@vship2000.com
By phone: +1 (718) 706-8566
By mail: VShip, 3636 33rd Street, Astoria, NY 11106, United States

If You are a California resident exercising Your rights under the CCPA/CPRA, a resident of the European Economic Area exercising Your rights under the GDPR, or wish to submit any other privacy-related request, please use the contact methods listed above. We will respond to verified requests within the time periods required by applicable law.