Privacy Policy
Last updated: June 5, 2026
Westline Trade Partners LLC ("Westline", "we", "us") operates westlinetp.com. This policy explains how we collect, use, store, and protect information when you use our platform. For business customers acting as data controllers under applicable privacy law, our Data Processing Agreement is available at /dpa.
01Information We Collect
When you use Westline we collect information you provide directly: your name, email address, business name, EIN or sales tax ID (for verification), shipment origin and destination addresses, recipient contact information, package contents description, and payment method (tokenized through our payment processor). When you connect a third-party integration (Shopify, eBay, QuickBooks, Fishbowl, Cin7, etc.) we access order, customer, and product data from that integration. We also collect platform usage data (login times, page views, action logs) and technical data (IP address, browser, device type) for security and operational purposes.
02How We Use Your Information
We use collected data exclusively to: generate carrier shipping labels (UPS, FedEx, USPS, FedEx Freight, and other carriers); submit fulfillment and tracking updates back to your connected integrations; send shipment confirmation, tracking, and account emails to you and your recipients; calculate accurate shipping rates; process payments and subscription charges; verify your business identity for tier upgrades; comply with anti-fraud, sanctions screening (OFAC), and regulatory obligations; and operate, secure, and improve the platform. We do not sell personal information, do not share personal information for cross-context behavioral advertising, and do not use customer data to train artificial intelligence or machine learning models.
03Third-Party Integration Data
When you connect a third-party platform (Shopify, eBay, QuickBooks Online, Fishbowl, Cin7, or other) Westline accesses order data including customer name, phone, shipping address, line items, and order status. Phone numbers are required by carriers for delivery notifications. This data is used exclusively to populate carrier shipping labels and report fulfillment status back to the source integration. You may revoke any integration's access at any time from your Westline dashboard or directly within the integration's app management surface.
04Data Storage and Security
Application data is stored in encrypted Postgres databases hosted on Neon with TLS encryption in transit and AES-256 encryption at rest. Application infrastructure runs on Vercel. Sensitive integration credentials (API keys, OAuth refresh tokens) are encrypted with AES-256-GCM in the database. Verification documents are stored in private Vercel Blob storage accessible only through admin-authenticated signed proxies. Payment card data is handled exclusively by our PCI-DSS-compliant payment processor (Square) and never touches Westline servers. Administrative access uses role-based access controls and multi-factor authentication. We maintain append-only audit logs of sensitive actions for incident-response and breach-notification purposes.
05Service Providers and Subprocessors
We share data only with the following categories of service providers strictly as necessary to operate the service: shipping carriers (UPS, FedEx, USPS, FedEx Freight, and other authorized motor carriers we arrange transportation through), payment processor (Square), transactional email (Resend), identity verification (Persona), authentication (Clerk), database hosting (Neon), application hosting (Vercel), error monitoring (Sentry), rate limiting and caching (Upstash), and sanctioned-parties screening (OFAC SDN list). Each subprocessor is bound by data-handling obligations consistent with this Policy. A current subprocessor list is available on request to info@westlinetp.com.
06Data Retention
Shipment records (addresses, tracking, label images, billing data) are retained for seven (7) years for billing, dispute resolution, carrier audit, tax, and regulatory compliance purposes. Identity verification records and consent ledgers (Terms of Service acceptances, EULA acceptances, Subscription Agreement acceptances, OFAC screening events) are retained as required by the underlying obligation, in some cases up to ten (10) years post-account-departure. Package photographs are retained until you delete them from your dashboard. Disconnecting a third-party integration immediately stops new data inflow from that integration; historical shipment records remain per the seven-year retention policy.
07Your Rights (California Residents: CCPA / CPRA)
If you are a California resident, the California Consumer Privacy Act and California Privacy Rights Act give you the right to: (a) know what personal information we collect about you and how we use it; (b) request a copy of your personal information in a portable format; (c) request correction of inaccurate personal information; (d) request deletion of your personal information, subject to legal retention obligations described above; and (e) opt out of any "sale" or "sharing" of personal information. Westline does not sell personal information and does not share personal information for cross-context behavioral advertising, so no opt-out is needed for those activities. To exercise any of these rights, email info@westlinetp.com with your request and the email address associated with your account. We will respond within forty-five (45) days as required by law. We do not discriminate against users for exercising their privacy rights.
08Your Rights (Other Jurisdictions)
Residents of other U.S. states with privacy laws (Virginia, Colorado, Connecticut, Utah, and others) and individuals subject to the EU General Data Protection Regulation (GDPR) where applicable have substantially similar rights to access, correct, delete, and obtain a portable copy of their personal information. The same request channel and forty-five (45) day response window apply. EU-based business customers acting as data controllers may execute Westline's Data Processing Agreement at westlinetp.com/dpa.
09Cookies
Westline uses cookies only for functional and security purposes: authentication and session management (Clerk), payment processing (Square), and CSRF protection. We do not use third-party advertising cookies, do not run analytics that build cross-site advertising profiles, and do not sell cookie data. Disabling functional cookies will prevent you from logging in to the platform.
10Security Incident Notification
In the event of a confirmed data breach affecting your personal information, Westline will notify affected users without undue delay and in any event consistent with applicable law (in most U.S. jurisdictions, within seventy-two (72) hours of confirmation). Notification will describe the nature of the incident, the categories of information involved, the steps Westline is taking in response, and recommended actions you can take to protect yourself.
11Changes to This Policy
We may update this privacy policy from time to time. For material changes affecting your rights or how we handle your personal information, we will provide at least thirty (30) days advance notice via email to registered users and post the updated policy here. The date at the top of this page reflects when the policy was last updated. Continued use of the platform after the effective date constitutes acceptance of the updated policy.
Contact
For privacy questions, data subject requests, or to exercise any right described above, contact us at info@westlinetp.com.
Westline Trade Partners LLC. 3104 North Armenia Avenue, Tampa FL 33607