Privacy Policy

Platform: JWALLEN ("the Platform", "the Service")

Provider: DATANSGHTS LLC, a Florida limited liability company (FL Document No. L20000084511) ("Company", "we", "us", "our")

Effective Date: May 29, 2026

Last Updated: May 29, 2026

1. Introduction

This Privacy Policy explains how the Company collects, uses, discloses, and safeguards information when you use the Platform. It applies to our customers (freight forwarders, customs brokers, and their clients) and to the individual users who access the Platform on their behalf.

For most data submitted to the Platform, the Company acts as a data processor / service provider on behalf of our customers (the data controllers). For account administration, billing, and security, the Company acts as a data controller.

2. Information We Collect

2.1 Information You Provide

Account & profile data: name, business email, role, tenant/organization, phone (where provided).
Authentication data: passwords (stored only as salted hashes), session information, password-reset tokens (stored as SHA-256 hashes only).
Operational data you submit: shipment records, containers, customs/CBP entries, documents, invoices, notes, and messages.
Support communications: live chat messages, attachments, bug reports, and ratings/feedback.

2.2 Information Collected Automatically

Usage & device data: IP address, browser/user-agent, pages visited, timestamps, and feature interactions.
Cookies & similar technologies: session cookies (HttpOnly, SameSite, Secure) used for authentication and preferences. We do not use third-party advertising cookies.

2.3 Information from Third Parties / Integrations

The Platform retrieves logistics data from integrated providers, including carrier and tracking APIs (e.g., OpenTrack, PortPro), SeaRates, customer ERP systems (via secure gateway), and may use AI services to assist support. This data may include shipment milestones, ETAs, customs status, and related records.

3. How We Use Information

We use information to:

Provide, operate, maintain, and secure the Platform;
Authenticate users and manage tenant access and permissions;
Deliver tracking, visibility, notifications, and analytics features;
Process documents and integrate with ERP and carrier systems;
Provide customer support and respond to inquiries;
Send transactional emails (invitations, password resets, alerts, notifications);
Monitor, troubleshoot, and improve performance and reliability;
Comply with legal obligations and enforce our Terms;
Generate aggregated or de-identified statistics.

We do not sell personal information.

4. Legal Bases for Processing (where GDPR/UK GDPR applies)

Contract: to provide the Service you or your organization requested.
Legitimate interests: to secure, maintain, and improve the Platform.
Legal obligation: to comply with applicable law.
Consent: where required (e.g., certain communications); you may withdraw consent at any time.

5. How We Share Information

We share information only as needed:

Sub-processors / service providers: cloud hosting (e.g., Microsoft Azure), email delivery, AI processing, and similar vendors bound by confidentiality and data-protection obligations.
Integrated logistics providers: as required to fetch or send shipment, customs, and document data on your behalf.
Within your organization: data is visible to authorized users of your tenant according to role-based permissions.
Legal & safety: to comply with law, enforce our Terms, or protect rights, property, and safety.
Business transfers: in connection with a merger, acquisition, or sale of assets, subject to this Policy.

We do not share one tenant's data with another tenant. The Platform enforces tenant isolation at the database, application, storage, and real-time-messaging layers.

6. International Data Transfers

Your information may be processed in countries other than your own. Where required, we use appropriate safeguards (such as Standard Contractual Clauses) for cross-border transfers.

7. Data Retention

We retain Customer Data for as long as your account is active or as needed to provide the Service. Certain records (e.g., billing/usage history) may be retained longer for legal, accounting, or audit purposes. Upon termination, Customer Data may be exported for a limited period and then deleted, except where retention is required by law.

When chat or document records are deleted, associated database records are removed; aggregate billing/usage logs may be retained with identifiers removed or nulled.

8. Security

We implement technical and organizational measures designed to protect information, including:

Encryption in transit (TLS) and encryption at rest for sensitive configuration secrets (AES-256);
Salted password hashing and hashed reset tokens;
Role-based access controls and tenant isolation;
Session security (HttpOnly/SameSite/Secure cookies, server-side session store);
Rate limiting on authentication endpoints and security headers;
Webhook signature verification and least-privilege storage access.

No method of transmission or storage is 100% secure; we cannot guarantee absolute security.

9. Your Rights

Depending on your jurisdiction, you may have rights to:

Access, correct, or delete personal information;
Object to or restrict certain processing;
Data portability;
Withdraw consent.

Because we often process data on behalf of our customers (controllers), individuals should direct requests to the relevant organization. We will assist our customers in responding to such requests. To exercise rights or ask questions, contact us using Section 13.

10. Cookies

We use strictly necessary cookies for authentication and to remember preferences (e.g., theme, navigation layout). You can control cookies through your browser, but disabling necessary cookies may impair the Platform.

11. Children's Privacy

The Platform is intended for business use and is not directed to children under 16. We do not knowingly collect personal information from children.

12. Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be communicated through the Platform or by email. The "Last Updated" date reflects the latest revision.