Menu

Privacy Policy

ClickNShip — Last updated: April 2026

1. Purpose

This policy defines how ClickNShip detects, responds to, and communicates security incidents that may affect merchant or customer data.

2. What Constitutes a Security Incident

A security incident includes any event that results in, or may result in, unauthorized access, disclosure, alteration, or destruction of personal data. Examples include:

  • Unauthorized access to merchant or customer data
  • Data breach or leak of personally identifiable information (PII)
  • Compromise of system credentials or access tokens
  • Ransomware or malicious attacks on our infrastructure

3. Detection & Reporting

  • Our systems are monitored continuously for anomalies and unauthorized access attempts
  • Any team member who discovers or suspects a security incident must report it immediately to security@clicknship.app
  • Incidents reported by merchants or third parties are acknowledged within 24 hours

4. Response Steps

Step 1 — Containment (within 24 hours)
  • Isolate affected systems to prevent further exposure
  • Revoke compromised credentials or access tokens
  • Preserve logs and evidence for investigation
Step 2 — Investigation (within 48 hours)
  • Identify the scope, cause, and data affected
  • Determine which merchants and customers are impacted
  • Document findings
Step 3 — Notification (within 72 hours of confirmed breach)

Notify affected merchants via email with:

  • What happened
  • What data was involved
  • What we have done to contain it
  • What merchants should do

Notify relevant data protection authorities where required by law (e.g. GDPR)

Step 4 — Remediation
  • Fix the root cause
  • Apply patches or configuration changes
  • Review and strengthen controls to prevent recurrence
Step 5 — Post-Incident Review
  • Conduct a review within 14 days of resolution
  • Update policies and systems based on lessons learned

5. Merchant Responsibilities

Merchants are responsible for:

  • Keeping their ClickNShip account credentials secure
  • Reporting any suspected unauthorized access to their account promptly
  • Notifying their own customers where required by applicable law

6. Contact

To report a security concern or data breach:

Email: security@clicknship.app

Response time: Within 24 hours

7. Policy Review

This policy is reviewed annually or after any significant security incident.