Privacy Policy Privacy Policy | Shipit
Go to homepage
Customer Portal Registration

Privacy Policy

1. General Information

Registrar:
Shipit Oy Ab
Askonkatu 9
15100 Lahti

Email: [email protected]
Phone: +358 (0) 20 752 8488
Business ID: 2705721-8

Hereinafter referred to as Shipit, website, controller, or service.

Responsible for the Register:
Lari Pihlajapuro
Email: [email protected]
Phone: +358 (0) 20 752 8488

Name of the Register:
Shipit Customer Register

2. Purpose of Processing Personal Data
Personal data is processed to complete our service, maintain customer relationships, fulfill agreements, maintain and archive records, process orders, provide customer service, and conduct marketing. Private individuals have marketing restrictions by default, which are removed only upon explicit consent.

Please note that if you do not approve the processing of your personal data, you will not be able to create shipments correctly. Blocking cookies may affect website functionality, such as data transfers between pages and the redirection from the payment page.

Learn more about traffic law >
Learn more about general transport regulations on the Finlex website >
Road Transport Contract Act >

LEGAL BASIS AND EXAMPLES OF PROCESSING ACTIVITIES

  • Contract or pre-contractual activities: We process customer data based on contractual relationships for the purposes mentioned in Section 2.

  • Legal obligation: We store and manage customer data, e.g., in compliance with the Accounting Act.

  • Legitimate interests: If we do not have a contractual relationship with you, we process your data based on legitimate interest, such as customer service, analyzing website traffic, security audits, and preventing misuse.

  • Consent: When you order a guide or newsletter from our website, we process your data based on your consent.

3. Stored Customer Information and Data Sources
Customer data is primarily obtained from the customer or related order details. We may also collect data via customer service interactions, website visits, and public sources such as company registries.

Stored data includes:

  • Username

  • Customer number

  • Order history (shipment details, tracking numbers, and delivery information)

  • Sender and recipient type (business or private individual)

  • Payment methods and billing information

  • Recruitment data

Shipit does not store banking or credit card details, except in compliance with banking laws when payments are made directly to Shipit's account.

We do NOT perform personal profiling or automated decision-making.

4. Who Processes My Data, and Is It Shared with Third Parties?
Data is processed by our employees and trusted third-party service providers, ensuring confidentiality and compliance with legal obligations. Customer data is shared only:

  • Due to legal requirements

  • At the customer’s request

  • Upon government authorities' request

Personal data is also processed by transport companies, payment service providers, email operators, and invoicing services. Shipit does NOT use customer data for any other purpose unless specifically authorized.

Data may be transferred outside the EU/EEA if:

  • The order is made from outside the EU

  • The order is shipped outside the EU

  • FedEx or UPS services are used

All transport providers and their subcontractors are bound by confidentiality agreements. Personal data may also be transferred via email through Postmark, which handles Shipit's emails.

Shipit ensures an adequate level of data protection when transferring data outside the EU, using standard contractual clauses approved by the European Commission.

Data is transferred to the following recipients:

  • Stripe

  • Postmark

  • Brevo

  • Crisp Chat

5. Data Storage and Security
Shipit employs standard technical security measures to protect stored data. Access to the register requires a personal username and password, granted only to authorized personnel.

Shipit only collaborates with trusted transport companies.

Data is stored on secure servers, with SSL encryption ensuring secure transmission.

How Long Is Personal Data Retained?
Data is retained as long as necessary for order processing and any claims period. Thereafter, personal data is retained for a maximum of 18 months unless required by law. For example:

  • Posti retains personal data for 3 years and 3 months.

  • The Accounting Act requires data retention for at least 6 years.

6. Access, Deletion, and Modification of Personal Data
For inquiries about our privacy policy or to access, modify, or delete your personal data, contact us at [email protected]. You can also request an export file of your stored data.

If services are already in progress, changes to data may incur a fee depending on the service selected. Ensure all details are correct before finalizing an order.

Personal data can be deleted upon written request after fulfilling legal obligations.

7. Use of Cookies
We use cookies to enhance user experience. Cookies are short text files stored on a user’s computer, providing insights into website usage.

You can allow or block cookies via our cookie banner or browser settings. Blocking cookies may limit website functionality.

8. Updates to Privacy Policy
Changes to our privacy policy will be posted on this page. Significant updates may be communicated via email or website notifications. We recommend regularly reviewing our privacy policy.

9. Information and Links on Shipit's Website
We strive to keep information up-to-date but cannot guarantee its accuracy. We are not responsible for the content of external websites linked to ours.

NOTE: By using our services, you accept the terms outlined above.