Conveyco, Inc. — Privacy Policy

Introduction

Conveyco, Inc. ("Conveyco," "we," "us," or "our") respects your privacy. This Privacy Policy explains how we collect, use, share, and protect personal information in connection with our website and password-protected customer portal at theconveyco.com (together, the "Portal"), and the rights you may have. It applies to visitors to our website and to customers and their authorized users who access the Portal.

This Privacy Policy is incorporated into, and should be read together with, the Conveyco Website & Customer Portal Terms of Use. It addresses the Portal as an online service; it does not govern the transportation or forwarding services Conveyco provides, which are subject to Conveyco's separate Service Terms (including its FMC tariff, House Bill of Lading, and Terms and Conditions of Service).

Who is responsible for your information. Conveyco, Inc., 1170 Cliff Road East, Burnsville, Minnesota 55337, is the controller of personal information processed through the Portal. You can reach us using the details in the "How to Contact Us" section below.

Summary

In short:

• We collect information you give us (such as account and contact details and documents you upload), information created as you use the Portal (such as log and usage data), and limited information from cookies and analytics.
• We use it to provide and secure the Portal, to perform and administer logistics services, to communicate with you, and to meet legal and regulatory obligations.
• We do not sell your personal information, and we do not share it for cross-context behavioral advertising.
• We share information only with service providers that help us run the Portal, with parties needed to perform your shipments, and where required by law.
• Depending on where you live, you may have rights to access, correct, delete, or limit the use of your information, and to object to certain processing.

The sections below provide the full detail.

1. Personal Information We Collect

Depending on how you interact with us, we may collect the following categories of personal information:

• Identifiers and account information — name, business email address, phone number, job title, employer, username, and password (stored in hashed form).
• Business contact and commercial information — information about your company and the shipments, quotes, and requests you submit.
• Documents and content you upload — shipping instructions, commercial invoices, packing lists, certificates, and similar documents, together with any notes you store. These documents may themselves contain personal information about third parties (for example, the names and contact details of consignees, notify parties, or other individuals).
• Usage, device, and log information — IP address, browser and device type, pages viewed, access times, and similar technical data generated when you use the Portal.
• Cookies and analytics data — information collected through cookies and similar technologies (see the Cookies section).
• Communications — the content of messages you send us, including through our contact forms and any customer-support chat.

Sensitive information. We do not seek to collect sensitive personal information (such as government identifiers, financial account numbers, or similar) through the Portal beyond what may appear in documents you choose to upload. Please do not upload sensitive personal information that is not necessary for your shipment.

2. Where We Get Your Information

We obtain personal information from: (a) you directly, when you register, submit forms, upload documents, or communicate with us; (b) automatically, as you use the Portal (log, device, and cookie data); and (c) in limited cases, from third parties involved in your shipments, such as ocean carriers and our service providers. Where documents you upload contain personal information about other individuals, that information comes from you rather than from those individuals.

3. How and Why We Use Your Information

We use personal information to:

• create and manage your account and authenticate users;
• provide, operate, secure, and improve the Portal;
• perform, coordinate, and administer logistics and forwarding services and related communications, including displaying shipment and tracking information;
• respond to your inquiries, quotes, and support requests;
• detect, prevent, and address security incidents, fraud, and misuse;
• comply with legal, regulatory, tax, and recordkeeping obligations, including those applicable to a licensed NVOCC and ocean freight forwarder; and
• establish, exercise, or defend legal claims.

Our legal bases (for individuals protected by the GDPR). Where the GDPR applies, we rely on: performance of a contract (to provide the Portal and services you or your employer request); our legitimate interests (to operate, secure, and improve the Portal and to communicate with business contacts), balanced against your rights; compliance with a legal obligation (including regulatory recordkeeping); and, where required, your consent (for example, certain cookies). For business-contact information, our usual basis is legitimate interest.

4. Cookies and Analytics

We use cookies and similar technologies to operate the website, remember preferences, and understand usage. We use Google Analytics for analytics and Tawk.to for customer-support chat. You can control cookies through your browser settings; disabling some cookies may affect how the Portal works.

5. How We Share Your Information

We do not sell your personal information, and we do not share it for cross-context behavioral advertising.

We share personal information only as follows:

• Service providers / processors — vendors that host and operate the Portal and process data on our behalf under contract, such as our cloud hosting and database providers, file-storage provider, transactional-email provider, analytics provider, and support-chat provider. They are permitted to use the information only to provide services to us.
• Parties needed to perform your shipments — for example, ocean carriers and, where applicable, a licensed customs broker partner (which Conveyco coordinates with and which performs customs clearance), to the extent needed to carry out the services you request.
• Legal, regulatory, and safety — government authorities, regulators (including the Federal Maritime Commission), and others where required by law or to protect rights, safety, or our legitimate interests.
• Professional advisors and business transfers — advisors such as lawyers and accountants, and a successor in the event of a reorganization, merger, or sale of assets.

6. International Data Transfers

Conveyco is based in the United States and operates in international trade. Personal information we process may be stored in or transferred to the United States and other countries whose data-protection laws may differ from those in your country. Where we transfer personal information protected by the GDPR out of the European Economic Area or the United Kingdom, we use an appropriate safeguard, such as the European Commission's Standard Contractual Clauses (and the UK Addendum, where applicable), or another lawful transfer mechanism.

7. How Long We Keep Your Information

We keep personal information for as long as needed to provide the Portal and services, and afterward as necessary to comply with our legal, regulatory, tax, and recordkeeping obligations, resolve disputes, and enforce our agreements. Because Conveyco is a regulated NVOCC and ocean freight forwarder, certain shipment and transaction records must be retained for periods set by law. When information is no longer needed, we delete or de-identify it.

8. How We Protect Your Information

We use reasonable administrative, technical, and organizational measures designed to protect personal information, including access controls, encryption in transit, scoped access so that each customer's users can access only that customer's data, account lockout protections, and support for multi-factor authentication. No method of transmission or storage is completely secure, however, and we cannot guarantee absolute security. You are responsible for keeping your credentials confidential and for notifying us of any suspected unauthorized access.

9. Your Rights — European Economic Area and United Kingdom

If you are in the EEA or the UK, you may have the right to: request access to your personal information; request correction of inaccurate data; request erasure; restrict or object to certain processing (including processing based on legitimate interests); request portability of certain data; and, where processing is based on consent, withdraw consent at any time. You also have the right to lodge a complaint with your local data-protection supervisory authority.

To exercise these rights, contact us using the details below. We will respond within the time required by law.

10. Your Rights — California

If you are a California resident, the CCPA (as amended by the CPRA) may give you the right to:

• Know / access — the categories and specific pieces of personal information we have collected, the sources, the purposes, and the categories of third parties to whom we disclose it.
• Delete — personal information we collected from you, subject to legal exceptions.
• Correct — inaccurate personal information.
• Opt out — of the "sale" or "sharing" of personal information. As stated above, we do not sell or share personal information.
• Limit — the use of sensitive personal information, to the extent we process any.
• Non-discrimination — we will not discriminate against you for exercising these rights.

To exercise these rights, contact us using the details below. We will verify your request as required and respond within the timeframe the law allows (generally 45 days, extendable). You may use an authorized agent where permitted.

11. Other U.S. State Privacy Rights

Residents of certain other U.S. states may have similar rights to access, correct, delete, or obtain a copy of their personal information, and to opt out of certain processing. We honor applicable state privacy rights. To make a request, contact us using the details below.

12. Children's Privacy

The Portal is intended for business use and is not directed to children. We do not knowingly collect personal information from children. If you believe a child has provided us personal information, please contact us and we will take appropriate steps to delete it.

13. Third-Party Services and Links

The Portal may rely on or link to third-party services (for example, carrier data feeds, mapping providers, analytics, and chat). We are not responsible for the privacy practices of third parties, and their handling of your information is governed by their own policies.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Effective Date" above and, for material changes, provide additional notice as required by law. We will review and, where necessary, update this Policy at least once every twelve months.

15. How to Contact Us

To ask a question about this Privacy Policy or to exercise your rights, contact:

Conveyco, Inc.
1170 Cliff Road East, Burnsville, Minnesota 55337
Attention: Compliance Manager
Email: Conveyco-Concierge@theconveyco.com