πŸš€ Free shipping on orders over $500 πŸ“¦ Real-time GPS tracking on every shipment 🌍 Delivering to 220+ countries worldwide πŸ’¬ 24/7 Customer support available πŸ† Best Courier Service 2024 Award Winner 🌱 Carbon neutral certified β€” we plant a tree per delivery ⚑ Same-day delivery available in 500+ cities πŸš€ Free shipping on orders over $500 πŸ“¦ Real-time GPS tracking on every shipment 🌍 Delivering to 220+ countries worldwide πŸ’¬ 24/7 Customer support available πŸ† Best Courier Service 2024 Award Winner
🏠 Home πŸ“¦ Services πŸ” Track Package πŸ’° Get a Quote πŸ’Ό Business 🌍 Coverage πŸ‘₯ About Us πŸ“ž Contact πŸ“° Blog 🎯 Careers ❓ FAQ πŸ“Š My Account
Get a Quote Track Package
Legal

Privacy Policy

Last updated: January 15, 2025

πŸ”’ Privacy First: Crest Courier is committed to protecting your personal data. We never sell your data. We collect only what's necessary to deliver your parcels and improve our service.

1. Overview

This Privacy Policy explains how Crest Courier Inc. ("we", "us", or "our") collects, uses, discloses, and protects your personal information when you use our services. This policy applies to our website, mobile apps, and delivery services.

We comply with the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and all other applicable data protection laws in the countries where we operate.

2. Data We Collect

Information You Provide

  • Account data: Name, email address, phone number, password
  • Shipment data: Sender/recipient names, addresses, parcel contents declarations
  • Payment data: Credit card type and last 4 digits (full card data processed by PCI-compliant payment processor, never stored by us)
  • Communications: Chat transcripts, emails, and support tickets

Information Collected Automatically

  • IP address, browser type, device identifiers, operating system
  • Pages visited, time spent, click patterns, referral sources
  • GPS location (only when you use live tracking, with your permission)
  • Cookies and similar tracking technologies (see Section 8)

Information from Third Parties

  • Social login providers (Google, Apple) β€” limited profile information
  • Payment processors for fraud prevention signals
  • Address verification services to correct delivery information

3. How We Use Your Data

PurposeLegal Basis (GDPR)
Processing and delivering your shipmentsContract performance
Account management and authenticationContract performance
Sending shipment status notificationsContract performance
Processing payments and preventing fraudContract / Legitimate interest
Customer support and dispute resolutionContract / Legitimate interest
Improving our services and AI modelsLegitimate interest
Marketing emails (if opted in)Consent
Legal compliance and regulatory requirementsLegal obligation

We do not use your data for automated decision-making that has significant legal effects, except for fraud prevention (which you can contest).

4. Data Sharing

We never sell your personal data. We share data only as described below:

  • Delivery partners: Recipient names and addresses are shared with sub-contracted couriers strictly to effect delivery
  • Customs authorities: Shipment manifests are shared with government customs agencies as legally required for international shipments
  • Payment processors: Stripe, PayPal β€” only what's needed to process transactions
  • Cloud services: AWS and Google Cloud β€” data processed under data processing agreements with GDPR standard contractual clauses
  • Analytics: Aggregated, anonymized data only β€” never individual-level data
  • Legal requirements: When required by law, court order, or to protect our rights

5. Security

We implement industry-standard security measures to protect your data:

  • 256-bit AES encryption at rest; TLS 1.3 in transit
  • SOC 2 Type II certified infrastructure
  • Annual third-party penetration testing
  • Multi-factor authentication for all internal systems
  • Employee security training and background checks
  • Incident response plan with 72-hour GDPR breach notification

Despite these measures, no system is 100% secure. Please use a strong password and enable two-factor authentication on your account.

6. Data Retention

We retain your data for as long as necessary to provide services and comply with legal obligations:

  • Account data: Until account deletion + 30 days
  • Shipment records: 7 years (legal/customs requirements)
  • Payment records: 7 years (financial regulations)
  • Support communications: 3 years
  • Analytics data: 24 months (anonymized)
  • Marketing consent records: Until withdrawal + 3 years

7. Your Privacy Rights

Under GDPR, CCPA, and other applicable laws, you have the right to:

  • Access: Request a copy of all personal data we hold about you
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your data (subject to legal retention obligations)
  • Portability: Receive your data in a machine-readable format
  • Restriction: Request we limit how we process your data
  • Objection: Object to processing based on legitimate interests
  • Opt out of marketing: Unsubscribe at any time via email link or account settings

To exercise these rights, contact privacy@crestcourier.com. We will respond within 30 days (GDPR) or 45 days (CCPA).

8. Cookies & Tracking

We use cookies and similar technologies for:

  • Essential: Session management, authentication, security (cannot be disabled)
  • Functional: Language preferences, dark/light mode, saved addresses (optional)
  • Analytics: Page views, user flows, error tracking β€” anonymized (optional)
  • Marketing: Retargeting ads on Google/Meta networks (only with explicit consent)

Manage your cookie preferences via our Cookie Consent banner or in your browser settings. Note: disabling functional cookies may affect site usability.

9. Children's Privacy

Our services are not directed to children under 16. We do not knowingly collect personal information from children under 16. If you believe we have collected data from a child, please contact us immediately at privacy@crestcourier.com and we will delete it promptly.

10. International Data Transfers

Crest Courier operates globally. Your data may be transferred to and processed in countries outside your home country, including the United States and EU member states. All international transfers are protected by:

  • EU Standard Contractual Clauses (SCCs) for transfers from the EEA
  • UK International Data Transfer Agreements (IDTAs)
  • Adequacy decisions where applicable

11. Policy Changes

We may update this Privacy Policy periodically. For material changes, we will notify you by email (registered users) and post a prominent notice on our website at least 14 days before changes take effect. The date of the last update is shown at the top of this page.

12. Contact & Data Protection Officer

  • Privacy inquiries: privacy@crestcourier.com
  • DPO (EU/UK): dpo@crestcourier.com
  • Mail: Crest Courier Inc., Privacy Team, 1 Logistics Plaza, Suite 400, Wilmington, DE 19801, USA
  • EU Representative: Crest Courier EU Ltd., 25 Lower Thames St, London EC3R 6EN, UK

You also have the right to lodge a complaint with your local data protection authority (e.g., ICO in the UK, or your national DPA in the EU).

1