SHIPSAVING TERMS OF SERVICE

SHIPSAVING TERMS OF USE

The ShipSaving site located at the precise address as https://shipsaving.com/ belongs to ShipSaving The Terms of Use apply to all the features of the site in question. Some of them may be subjected to new or different rules, terms and guidelines. All of the mentioned features will be posted on the official site with corresponding details. Those rules or guidelines will also be incorporated in the following available terms. ShipSaving Terms of Use define and represent legal bindings affecting all visitors to the site. BY VISITING THE SITE, ALL VISITORS ARE COMPLIANT TO READ THE TERMS OF USE AND THEY ARE COMPLIANT WITH ALL SECTIONS. ALL VISITORS MUST BE AT LEAST 18 YEARS OF AGE OR ABOVE. ALL OF THOSE WHO DISAGREE WITH THE TERMS OF USE SHOULD EXIT THE SITE IMMEDIATELY.

‍

ACCESSING THE SHIPSAVING SITE

‍ShipSaving grants a non-exclusive, limited license to all visitors for using the platform for personal and commercial applications. Different licenses apply for the corresponding types of use. The licenses are subjected to certain restrictions as follows:

  • A visitor will NOT sell, lease, rent, transfer, distribute, host, or exploit the site with a free license.
  • All visitors must NOT change the coddling of the site, add new lines, or affect in any way on the overall functionality.
  • Visitors will NOT access the site to copy the content or the architecture behind the site.
  • Except for otherwise specified visitors and users will NOT republish the sections or content found at the site.

‍

All the content and elements related to ShipSaving in any way must have proper notices and symbols on all the documents including the copies.

ShipSaving has all the rights to terminate the site at any given moment without notifying you, the visitor, in any way. All visitors agree that ShipSaving will NOT be held liable for any further changes, improvements, suspensions, or site termination. Visitors also agree that the company has no obligation of any kind to offer customer support for non-related businesses or requests.

You agree that all the content found at the ShipSaving at this very moment or in an indefinite future belongs solely to ShipSaving and you do not have any rights, interest, or title to the aforementioned elements. All visitors are granted partial or complete access as aforementioned.

‍

BASICS OF USING SHIPSAVING

ShipSaving, available at https://shipsaving.com is an e-store management software developed for processing labels, batch label printing, assisting with the shipment, offering smart scan features and much more.

All users are required to register and pick a pricing plan available on the site’s official page. Each user must create a unique username and password which must not be shared with third parties. From the ShipSaving main menu, the solution can be integrated into any online store to assist with shipments and processing time.

ShipSaving also allows the user to manage the warehouse(s) and manage all the shipments created through orders pulled from the eCommerce store(s).

ShipSaving has integrated with over 20+ e-Commerce platforms. The software allows users to track shipments and use real-time reports which are developed to enhance the overall shipping experience and make the entire process less time-consuming. To get detailed integration information, please check https://shipsaving.com/en/partners. ShipSaving has the right to add new partners to the list without notifying you or future users about the newly formed partnership. New partners will be available at the official site of the company.

‍

OTHER USERS, ADS, AND THIRD-PARTY LINKS

ShipSaving may display third-party ads and links on the site. Those links and ads are not controlled by ShipSaving and ShipSaving does not accept responsibility for the content or the nature of the ads and links. ShipSaving may provide those links as a convenience for visitors. The links are not tested, reviewed, or endorsed by ShipSaving. Visitors agree that clicking on the links and ads found at the ShipSaving other Terms of Use are applied present on the following sites and locations. Visitors accept the terms and the use of the links and ads at their own risk and ShipSaving is not responsible for any issue that may or might occur at any given moment.

ShipSaving doesn’t hold responsibility for possible disputes among the other users. ShipSaving will not be held responsible for the loss or damage of the data and content. ShipSaving is not responsible for any user-created, managed, or imported content in any way. Hereby all visitors to the ShipSaving site agree that ShipSaving and all of its employees, managers, agents, developers, testers, and other personnel won’t be held responsible for any loss or damage of the data or the content in any way and ShipSaving’s employees will not be mandated to participate in any disputes. For visitors from California, the United States, you hereby accept the civil code section 1542, which states: "A general release does not extend to claims which the creditor does not know or suspect to exist in his or her favor at the time of executing the release, which if known by him or her must have materially affected his or her settlement with the debtor."

‍

WEB BEACONS AND THE COOKIES OF THE SHIPSAVING

ShipSaving uses cookies and web beacons to enhance the user experience while visiting the site. The cookies may or may not store your preferences. The information obtained will be used solely by ShipSaving and its partners for providing better services and more detailed features of the site in the future. Disclaimer: The ShipSaving site is available as it is now. There are no guarantees or warranties that the site will meet the users’ requirements nor that it will not contain malware or viruses of any kind. The notice applies to the official ShipSaving site and all of its partners. If mandated, all warranties that refer to the above-mentioned sections will be issued no longer than 90 (ninety) days after the first site visit. All visitors where jurisdiction doesn’t allow the exclusion of the warranties and guarantees as specified above are not covered by the above section.

‍

SERVICE PRICING

ShipSaving offers multiple types of services. If any, your monthly or yearly service fee will be calculated based on the service presented to you and agreed to by you. In addition, you are responsible for all variable and transactional costs of using the service (including but not limited to: postage, fees for carrier services, package insurance, direct and indirect costs of third-party service providers and carriers, transaction fees charged directly by ShipSaving for shipping or other services, or other special services in addition to your applicable service fee, if any. The total shipping fees quoted may include third-party carrier fees and fees charged directly by ShipSaving Rates for services charged will be based on the rates that are available for your account and may be updated by ShipSaving at its sole discretion. ShipSaving may, at its discretion, offer substitute services for any selected services.

‍

SHIPSAVING IS AN INTERMEDIARY

ShipSaving serves only as an intermediary between you and couriers like the United States Postal Service ("USPS"), United Parcel Service ("UPS"), DHL Express, and others. We only provide you with a platform to order their postage, shipping products and services. We do not provide the courier services ourselves. We do not transport, ship, deliver, or otherwise provide any service beyond simply reselling postage, labels and the Services we list on the Website.

When we display service options on our Website offered by couriers like USPS, UPS, DHL Express, this does not mean that we recommend, approve or sponsor that courier or that courier’s service options. We also cannot guarantee the quality of those services. Your interaction with any courier accessed through the Website is at your own risk.

You agree that ShipSaving has no control over the couriers listed on the Website, and is not responsible for the accuracy, timeliness, or thoroughness of information on the Website related in any way to couriers or their Services. You acknowledge that ShipSaving will have no liability with respect to the acts, omissions, errors, representations, warranties, breaches, or negligence of any such courier or for any personal injuries, death, property damage, or other damages or expenses resulting from your interactions with the courier.

It is your responsibility to find, open, read, understand, and accept the terms, conditions, or rules of purchase of any courier you select for shipping. You are responsible for ensuring that your purchases abide by the terms and conditions of purchase imposed by any courier you select to perform shipping services, including terms and conditions of purchase set forth in a courier's terms, conditions, and rules. For instance, if a courier doesn’t permit the shipment of hazardous liquids, it is your responsibility to comply with those rules. For example, the first time you purchase UPS shipping services through the Website, in order to complete the purchase you will be required to accept certain UPS terms and conditions.

‍

CARRIERS SERVICE REGULATION

ShipSaving offers carrier-regulated shipping label services. You shall strictly adhere to all carrier service provider terms and regulations. Any fines caused by the violation of the carrier's regulations will be borne by you. All the arrears due to the fines must be paid by the user within 7 business days. ShipSaving won't be providing the original invoice due to the sensitive information contained. ShipSaving reserves the right to pursue its legal liability if it refuses to pay within the time limit.

You may only access ShipSaving’s carrier accounts through ShipSaving’s system after signing up as a ShipSaving user, and you may only purchase shipping labels through ShipSaving’s accounts for your own shipments, integrated store orders, and upload tracking information through ShipSaving’s system. You may not lend, sell, or by any means share access to ShipSaving’s accounts with an unauthorized third party.


You may request a refund for unused postage through ShipSaving but such refund is subject to the policies of the applicable Carrier. If a Carrier refuses to issue a refund, ShipSaving will not be responsible for refunding any postage amount paid to such Carrier. ShipSaving may, at its discretion, issue a refund of any fees paid in addition to the Carrier’s postage fees. If a refund is issued, it will be provided no earlier than 30 (thirty) calendar days after the order date. USPS postage fee refund claims must be filed within 23 (twenty-three) calendar days after the postage or order has been created. Any other postage or fee refund claims must be filed within 15 (fifteen) calendar days after the postage or the order has been created. ShipSaving shall not be responsible for any local customs charges, import taxes or duties fees, or any other similar charge(s) incurred through the carriage and/or delivery of any shipments and you must satisfy yourself as to whether any of these charges will become due, and if so in what amounts, before completing an order with us. If any such charges become due as a result of a carriage and/or delivery of a shipment on your behalf and are charged to us by any competent authority, you agree to reimburse us fully in respect of the same within 30 (thirty) calendar days of our demand.

‍

VOID ORDERS

In the event that the ShipSaving user would like to void their shipping label purchase under the provision of the ShipSaving software, the user must nullify their order within the specified period allotted by the integrated carrier of the order. To specify, the periods allotted by ShipSaving’s integrated carriers require the user to void their order within: i) 23 (twenty-three) calendar days from the date of purchase (USPS). ii) 15 (fifteen) calendar days from the date of purchase for all other carriers. It is within the jurisdiction of ShipSaving to deny any requests to void an order past the aforementioned periods allotted by the shipping carriers. ShipSaving is not responsible for any type of refund or reimbursement for all efforts to void an order after the aforementioned periods allotted by the shipping carriers. ShipSaving is not responsible for the user’s claims for any fiscal or legal losses past the aforementioned periods allotted by the shipping carriers.

‍

ACCOUNT SERVICES AND DURATION

ShipSaving reserves the right to suspend or terminate your account for lack of use, lack of payment, or breach of Terms. In general, all ShipSaving user accounts are maintained perpetually until terminated by the user.

  1. In the event that the ShipSaving user would like to terminate their account, the user must submit their request to billing@shipsaving.com to be processed. The request for account termination will be processed and the remaining balance of the account will be returned in its entirety back to the user after all the bills are compiled within 20 (twenty) business days. The finalization of the account termination process and all relevant details about the account will be summarized and sent to the user’s email upon the completion of the account termination.
  2. In the event that the ShipSaving user would like to withdraw their remaining balance from their account without the termination of their account, they must submit their request to billing@shipsaving.com to be processed. The balance withdrawal request will be processed and completed within 20 (twenty) business days and the user will receive the remaining account balance in its entirety.

‍

ACCOUNT CANCELLATION/TERMINATION

All visitors and all the users of ShipSaving and related partners and companies agree with the current Terms of Use as long as they are users of ShipSaving and the site you are currently located. We have the full right to suspense or even terminate the use of ShipSaving at any given moment without prior notification. ShipSaving has all the rights to terminate the accounts of the users who violate the Terms of Use. You agree that terminating the account will resolve the problem of losing the data and the ShipSaving will not be responsible for the loss, damage, or any other issue regarding your account. Under the Terms of Use, ShipSaving has no liability whatsoever.

ShipSaving strictly prohibits the promotion or distribution of content that incites harm, discrimination, or harassment towards our staff, other customers, or any associated parties. We reserve the right, at our sole discretion, to suspend or terminate accounts associated with:

  1. Threats of Physical Harm: Any content that can be perceived as advocating or inciting physical harm or violence against others.
  2. Hateful Content: Any content that may be perceived as promoting harm, harassment, intimidation, abuse, or discrimination based on race, ethnicity, national origin, sexual orientation, gender, gender identity, religious affiliation, age, disability, disease, or immigration status.

Furthermore, accounts may be suspended or terminated if associated with:

  • An organization that endorses principles or objectives promoting Hateful Content or Threats of Physical Harm.
  • An individual who has publicly expressed views or affiliations that can be perceived as endorsing Hateful Content or Threats of Physical Harm.
  • Actions that can be reasonably perceived as supporting or representing Hateful Content or Threats of Physical Harm.

Violations of these guidelines will result in the suspension or termination of your account.

‍

METHOD OF PAYMENT AND BILLING INFO

ShipSaving currently accepts major credit cards. Acceptable payment methods are subject to change at any time. You must include correct information (e.g., the address and phone number the payment credit card issuer has on file for you) when using our services. Incorrect information may cause delays in establishing service. All information received from you, including credit card and/or bank account information, will be treated in accordance with ShipSaving's Privacy Policy. Please note that ShipSaving may receive updated information regarding your payment card account, debit card account, or bank account from your financial institution and by accepting these Terms you hereby consent to such updating. For example, ShipSaving may receive updated card expiration dates or account number information. During account registration, ShipSaving may verify that your payment card is valid for the service fees associated with your account.

By providing your credit card details and agreeing to these Terms you authorize us to charge your credit card with any amounts due to us under these Terms. Without limiting this, if you incorrectly describe the dimensions and/or weight of your package, we may charge you any additional amounts we incur as a result, plus a $10 administration fee per case.

We will use reasonable efforts to keep any payment information we have about you secure and ensure that our employees or agents who have access to this information do not make any unauthorized use, modification, reproduction, or disclosure of it. We may engage a third party to provide a secure payment transaction facility that allows you to pay online and, in this case, we will not receive your payment information.

Billing – ShipSaving's service fee and any other applicable fees due, including fees for postage or shipping (if applicable), will be automatically charged to the account holder's credit card or collected via direct account withdrawal from the account holder's bank account.

The billing entity for part or all of the services provided by ShipSaving may be that of an affiliate or partner of ShipSaving and you hereby consent to any such billing, including changes to the billing entity from time to time.

‍

STARTER VERSION SUBSCRIPTION

If you have enrolled in a monthly subscription billing plan, the conclusion of each monthly billing cycle occurs after your subscription period. There will be no imposition of a 3% credit card service fee for your monthly billing plan. However, a 3% credit card service fee will be applied when you utilize a credit card to recharge the account balance or withdraw funds from the account to the credit card.

Upon registration, you have the option to select a 14-day free trial or proceed without it. For instance, if you sign up on January 1st, the initial billing cycle will commence on January 14th and the subsequent billing cycles will commence on the 14th of each month. Alternatively, if you choose to upgrade the monthly billing plan, the new billing cycle will commence anew, starting from the same designated times.

In another scenario, if the number of shipments reaches the limit of the plan during a billing cycle, a new billing cycle will automatically start. For instance, if the plan allows 100 shipments per month and it begins on March 15th, if you reach 100 shipments within 10 days, the new billing cycle will start on March 25th, and the credit card will be charged the monthly fee accordingly.

Please be aware that if you choose to downgrade or cancel your plan in the middle of a billing cycle, there will be no refund for the service fees already charged, and the account will remain available for usage for the entire month of cancellation. If you have signed up for a free offer and wish to avoid incurring the monthly service fee, please ensure that you cancel the account before the free trial period ends.

You have the freedom to terminate the monthly service plan at any time. If you decide to terminate the plan during the free trial period, no service fees will be charged.

‍

SHIPPING RESTRICTED ITEMS

ShipSaving does not allow or encourage the shipping of prohibited and restricted items. All prohibited and restricted items are listed on the carriers’ websites. The followings are the directories to the main page of the prohibited and restricted items’ list corresponding to each carrier company:

‍

The aforementioned items are prohibited from any form of shipping within the United States borders. ShipSaving is not responsible for potential users neglecting the recommended page and shipping the prohibited items.

Items that are restricted for shipping within the United States are also restricted for use alongside ShipSaving. Those items may be possessed by the officials and properly handled or destroyed. ShipSaving does not allow shipping of:

  • Aerosol
  • Alcohol beverages in any amount
  • Cigarettes or tobacco in general
  • Cremated remains
  • Dry Ice
  • Guns and firearms
  • Glues
  • Lithium-ion batteries
  • Live animals
  • Matches
  • Prescription drugs
  • Medicine
  • Nail polishes
  • Paint
  • Perfumes of any size
  • Perishable objects and items
  • Poisons, etc.

ShipSaving users must also comply with the regulations for prohibited items of the integrated carrier companies. The failure to comply with the rules and regulations of the aforementioned carrier companies regarding prohibited and restricted items may result in both monetary and legal penalties which ShipSaving is not responsible for.

‍
Users are the sole responsible for acknowledging if the content of the shipment is compliant with the law. ShipSaving is not responsible for users who ship prohibited/restricted items within or beyond the borders of the United States. All users are obligated to accept the Terms of Use which clearly state that the specific items are prohibited from shipping using any carrier and some items are restricted from shipping within and beyond the country‘s borders.

‍

API TERMS

ShipSaving may make an API (Application Program Interface) available to Customers at ShipSaving’s sole discretion. Customers may access their ShipSaving account data via an API. Any use of the API, including the use of the API through a third-party product that accesses ShipSaving, is bound by this agreement.

ShipSaving will not be liable for any direct, indirect, incidental, special, consequential, or exemplary damages, including but not limited to, damages for loss of profits, goodwill, use, data, or other intangible losses (even if ShipSaving has been advised of the possibility of such damages), resulting from your use of the API or third-party products that access data via the API; Abuse or excessively frequent requests to ShipSaving via the API may result in the temporary or permanent suspension of your account’s access to the API. We will, in our sole discretion, determine abuse or excessive usage of the API and we will make a reasonable attempt to warn you (or that account holder if that is not you) before the suspension.

We reserve the right at any time to modify or discontinue, temporarily or permanently, your access to the API (or any part thereof) with or without notice.

‍

LIABILITY LIMITATIONS

In any way, ShipSaving, its employees, and partners will not be held responsible for monetary loss, data loss, or any other loss possible. All the visitors and the users of the company have been warned of this point and by accessing the ShipSaving site they accepted the terms and agreed on all the points that were and shall be presented in the Terms of Use. Using and accessing ShipSaving is solely your responsibility and you are doing so at your own risk.

‍
Under this term, you agree that ShipSaving will not be liable for any of your damages unrelated to your shipping costs during the period when ShipSaving is found to be responsible for the malfunction of its site, services, or its software.

‍

COPYRIGHT ACT

ShipSaving respects the physical and intellectual properties of the users and asks you to do the same. We have full rights for removing and reporting problematic links, posts, data, or similar online sources that violate the Terms of Use and are banned by civil or local law. If you know, suspect, or have been in touch with a user that violates the Terms of Use and uses content that is prohibited by the ShipSaving Terms of Use, you agree and you are obligated to report it through ShipSaving’s customer support email or call. In those cases, a user or a visitor is obligated to provide all of the following.

A written statement in which you suspect the distribution, posting, or cooperating with harmful data or physical items.

A written statement in which you provide actual facts and honest claims of the issue in question.

Note that all false accusations will result in you being subjected to the layer cost, fees, and potential loss of the accused user. ShipSaving does not hold any responsibility for the matter and doesn’t have any connections with both parties.

‍

GENERAL POINTS OF THE SHIPSAVING TERMS OF USE

The Terms of Use you are reading at the moment have the full right to be changed only by ShipSaving at any given moment. We may notify you using the email address provided as soon as the changes take place and as soon as all the revisions are made. All the users are obligated to provide a precise, accurate, and latest email address for this purpose and for other purposes the Terms of Use may require. The changes, updates, or revisions to the Terms of Use will take place immediately for all new users and visitors of the ShipSaving site. All current and registered users will be properly notified within 30 (thirty) days of the update. The new updates will take place immediately after the notification and posting to the Terms of Use. Continuing to use the ShipSaving site will result in you, a user, or a visitor accepting the new updates and changes to the site. Please, take your time and read all the points of the Terms of Use and the arbitrary agreement to the full comprehension level. The mandatory binding arbitration and action waiver are all presented in the content in question.

‍

NO UNLAWFUL OR PROHIBITED USE

As a condition of your use of this Site, you are contractually obligated to ShipSaving that you will not use the Site for any purpose that is unlawful or prohibited by these Terms, or the laws and regulations of the jurisdiction in which you are located or to which your envelope/parcel was sent. You may not use the Site in any manner that could damage, disable, overburden, or impair the Site or ShipSaving. You may not obtain or attempt to obtain any materials or information through any means not intentionally made available or provided through the Site. ShipSaving reserves the right at all times to disclose any information as necessary to enforce any applicable law, regulation, legal process, or governmental request.

‍

DISPUTE RESOLUTION AND AGREEMENT TO ARBITRATE

PLEASE READ THIS CLAUSE CAREFULLY AS IT REQUIRES YOU TO ARBITRATE ANY AND ALL DISPUTES AGAINST SHIPSAVING ON AN INDIVIDUAL BASIS AND LIMITS THE MANNER IN WHICH YOU CAN SEEK RELIEF FROM SHIPSAVING.

This clause (Dispute Resolution and Agreement to Arbitrate) shall be construed under and be subject to the Federal Arbitration Act.

By agreeing to ShipSaving’s Terms and Conditions, you agree that any and all past, present and future disputes, claims or causes of action between you and ShipSaving or any of its affiliates, subsidiaries, ultimate parent and parent companies, partners, officers, directors, employees, contractors, shareholders, agents, licensors, subcontractors or suppliers, which arise out of or are related in any way to ShipSaving’s Terms and Conditions, the formation of ShipSaving’s Terms and Conditions, the validity or scope of this clause 26 (Dispute Resolution and Agreement to Arbitrate), your Participation in or other access to or use of the Games or the Platform, or any other dispute between you and ShipSaving or any of its affiliates, subsidiaries, ultimate parent and parent companies, partners, officers, directors, employees, contractors, shareholders, agents, licensors, subcontractors or suppliers, including as to the arbitrability of any of the foregoing, and whether arising prior to or after your agreement to this clause  (Dispute Resolution and Agreement to Arbitrate) (all of the foregoing, collectively “Disputes”), will be governed by the procedures set out below:

Whether to agree to arbitration is an important decision. It is your decision to make, and you ARE NOT REQUIRED TO rely solely on the information provided in these Terms and Conditions. You should take reasonable steps to conduct further research and, if you wish, consult with counsel of your choice.'

‍

INFORMAL COMPLAINT RESOLUTION

We want to address any concerns or Disputes you may have without the need for formal dispute resolution. Therefore, before filing any arbitration demand or other claim of any kind against ShipSaving or any of its affiliates, subsidiaries, ultimate parent and parent companies, partners, officers, directors, employees, contractors, shareholders, agents, licensors, subcontractors or suppliers, you agree to notify us in writing of the nature of your concern and/or Dispute and to try in good faith using best efforts to resolve any such Dispute using informal resolution.  Specifically, you agree to contact info@shipsaving.com by emailing a short summary and description of your complaint(s).  

In the event that any such complaint(s) are unable to be resolved by the informal dispute resolution process above, either party may, but no sooner than 30 (thirty) days from the commencement of said process, initiate an arbitration in accordance with the procedures and terms as follows:

‍

ARBITRATION

Both You and ShipSaving agree that any and all Disputes, including without limitation any question regarding the existence, validity, enforceability, or termination of these Terms and Conditions and/or this clause (Dispute Resolution and Agreement to Arbitrate), shall be referred to and finally resolved by arbitration administered by the American Arbitration Association (AAA), the Rules of which are deemed to be incorporated by reference into this clause.

The parties further agree that any unresolved controversy or claim arising out of or relating to this contract, or the breach thereof, shall be settled by arbitration administered by the American Arbitration Association (AAA) in accordance with its Commercial Arbitration Rules and judgment on the award rendered by the arbitrator(s) may be entered in any court having jurisdiction thereof.

The arbitration shall be governed by the laws of the State of California. The arbitrator(s) shall award to the prevailing party, if any, as determined by the arbitrators, all of their costs and fees. "Costs and fees" mean all reasonable pre-award expenses of the arbitration, including the arbitrators' fees, administrative fees, travel expenses, out-of-pocket expenses such as copying and telephone, court costs, witness fees, and attorneys' fees.

In agreeing to this binding commitment to arbitrate your Disputes, you agree that you waive any right to proceed in a court of law or to have your claims heard by a jury. The arbitration shall:

  1. be conducted by a single, neutral arbitrator in the English language;
  2. be held virtually and not in person for all proceedings related to the arbitration, except by mutual agreement of all parties;
  3. be limited to one deposition per party, except by mutual agreement of all parties.

Furthermore, in cases where neither party’s claim(s) or counterclaim(s) exceed $25,000, both parties agree to waive an arbitration hearing and resolve the dispute solely through submission of documents to the arbitrator. No award or procedural order made in the arbitration shall be published.

The AAA rules, as well as instructions on how to file an arbitration proceeding with the AAA, appear at adr.org, or you may call the AAA at 1-800-778-7879.

Except as may be required by law, neither a party nor an arbitrator may disclose the existence, content, or results of any arbitration hereunder without the prior written consent of both parties. All documents and information disclosed during the arbitration proceedings shall be kept strictly confidential by the recipient and shall not be used by the recipient for any purpose other than for purposes of the arbitration or the enforcement of the arbitrator’s decision and award and shall not be disclosed except in confidence to persons who need to know for such purposes or as required by applicable law.

Both you and ShipSaving agree not to make any argument that the AAA is an inconvenient forum or otherwise incompetent or without authority or jurisdiction to hear any Dispute, and hereby expressly waive any and all such arguments thereto.

‍

INDIVIDUAL ARBITRATION ONLY AND WAIVER OF COLLECTIVE ACTION

You and ShipSaving agree that an arbitration or any other proceeding to resolve a Dispute shall proceed in an individual capacity only, and neither you nor ShipSaving may bring a Dispute as a Collective Action. UNLESS BOTH YOU AND SHIPSAVING AGREE, NO ARBITRATOR OR JUDGE MAY CONSOLIDATE MORE THAN ONE PERSON’S CLAIMS OR ENGAGE IN ANY COLLECTIVE ACTION.

Without limiting the generality of this clause (Individual Arbitration Only and Waiver of Collective Action) and as an example only, a claim to resolve a Dispute against ShipSaving will be deemed a Collective Action if:

  1. claims are filed or pursued concurrently by or on behalf of two or more persons or entities; and
  2. counsel for the two or more persons is the same, or share fees, or coordinate in any way.

For the purposes of this clause, the term ‘concurrently’ means that the claims are pending (filed but not resolved) at the same time.

‍

SURVIVAL OF OBLIGATIONS

THIS CLAUSE (DISPUTE RESOLUTION AND AGREEMENT TO ARBITRATE) SURVIVES THE TERMINATION OF THESE TERMS AND CONDITIONS FOR ANY REASON.

‍

JURY OR WAIVER TRIAL TERMS AND REGULATIONS

If both parties are unable to find a disclosure of the dispute, they agree to skip the court of law according to their constitution and statutory rights. Therefore, the dispute will be ended using the Arbitration Agreement. The procedure is selected due to the following reasons. It is quicker, more affordable, and generally less time-consuming than using the court of law. A user or the visitor of the ShipSaving site waives the jury-based court of law and agrees on using the Arbitration Agreement. If the Arbitration Agreement is unable to find the solution, a judge will be selected, once again without a jury. All the claims and disputes must be discussed, treated, and solved on an individual basis. According to the Terms of Use, you agree with the aforementioned point. The disputes also cannot be merged with claims or disputes of other users and must be treated independently.

‍

CONFIDENTIALITY TERMS

All the points of the claims or disputes and arbitrary agreements are strictly confidential and will not be shared with third parties in any form. The only exception is when a court of law is used. According to the law, one can share private and sensitive information with officials. The Terms of Use of ShipSaving will not prevent you from sharing the information and details with the court of law and lawyers. All other sharing, submitting, or providing the specifics is strictly forbidden and in serious cases when the user has shared the specifics, ShipSaving has the full right to reject the dispute without the use of a court of law or the use of Arbitrary Agreement. If the parts of the Arbitrary agreement are invalid under civil law or constitution, those sections will be removed from the agreement. Every user has the full right to waive all the points and sections of the arbitrary agreement and this action will not affect the end result of the dispute. The arbitration agreement will continue to be used after your relationship with ShipSaving is officially terminated. The company, ShipSaving, or the user has the right to bring a separate, individual action or according to the law in the small claim court.

‍

EMERGENCY EQUITABLE RELIEF

According to the arbitrary agreement, both parties in a dispute have the right to request emergency equitable relief. The sole purpose of this request is to maintain the status quo and can be used in the federal or state court of law. This request will not be considered as a waiver of any obligations or rights of a party.

‍

DISPUTES THAT ARE NOT ELIGIBLE FOR ARBITRATION

All computer frauds, forging of the data, abuse act, copyright violation, trade, or any use of the other party’s patent are not eligible for the arbitration agreement. In the aforementioned circumstances, both parties agree on seeking professional legal help to understand specific actions that are needed to resolve this at the local court. ShipSaving may be eligible for arbitration for the import and export laws from the United States and the same rules in other countries, based on the user location and the local law. ShipSaving is an online located company available for users globally.

‍

INDEMNIFICATION

You agree to defend, hold harmless and indemnify ShipSaving, its officers, directors, employees, and agents, from and against all claims, damages, obligations, losses, liabilities, costs or debt, and expenses (including but not limited to attorney’s and administrative fees) arising from:

  1. your use of and access to the Site, Services, and Software;
  2. your violation of any term of these Terms;
  3. your violation of any third-party right, including without limitation any copyright, property, or privacy right;
  4. any claim that one of your submissions caused damage to a third-party.

This defense and indemnification obligation will survive these Terms and your use of the Site.

‍

COMMUNICATION

In a case of dispute or a potential dispute, both parties, ShipSaving, and you must use proper means of communication. They are telephone, email or letters if possible. A user visiting the site and using the consents of ShipSaving service to: accept emails and letters from the company in the use of notifications; accept emails and telephone calls in the formal updates regarding the new or completed dispute; accept email communication, written communication, and telephone calls. ShipSaving has the full right to contact the user using any form of the aforementioned means. If the formal writing medium is unable to reach the user, other mediums will be used in a specific order, email and telephone calls.

‍

MISCELLANEOUS

Account Access——All transactions originating from your account are your responsibility, the account holder is responsible for all charges incurred.

Account Delinquency——If the attempt to deposit any balance into the user’s account becomes void, ShipSaving will automatically deduct that specific amount from the user’s account. Until the account is updated with a sufficient balance, your ShipSaving account will be suspended or terminated when reached a negative balance. If you fail to pay your service fee multiple times or you maintain a negative account balance, ShipSaving may elect, in its sole and absolute discretion, to terminate your account and pursue any legal actions to collect a remaining debt. In this event, along with all other arrearages, ShipSaving may charge a $25 processing fee.

Authority——By completing the registration process, you agree to pay all fees incurred on your account under the terms of the service plan selected by you. If a ShipSaving account is established for a business or other entity, the person establishing the account represents that he or she has all necessary authority to establish an account with ShipSaving on behalf of the business or other entity that is the responsible account holder.

Collection——Each party agrees that if any amount due is not made on time, the aggrieved party may pursue the past due amounts directly or assign a collection agency to pursue the collection of the past due amounts and any interest or cost of collection permitted by law.

Credit Verification——ShipSaving reserves the right to verify the credentials of all personnel or companies applying for services.

No Minors——You may not register for Services if you are under 18 years of age. By registering for Services you represent to ShipSaving that you are 18 years of age or older.

Order Acceptance/Rejection——ShipSaving reserves the right at any time after receipt of an order for products or services to accept or decline the order for any reason.

Relocation——You agree to provide an updated and valid address and registration information to ShipSaving in the event of relocation or other changes.

Risk of Loss——ShipSaving is not responsible for any risk of loss. Please refer to the carrier’s policy for further information.

Service Changes——ShipSaving reserves the right, periodically and at any time, to modify or discontinue, temporarily or permanently, any functions and features of its services, in its sole discretion, with or without notice, except otherwise prohibited by law. ShipSaving reserves the right, in its sole discretion, to offer selected products from its third-party partners, to each customer and does not warrant or represent that a full complement of services from each partner will be available through ShipSaving’s services. ShipSaving may, at its discretion, offer substitute services for any selected services.

‍

SEVERABILITY

If any provision of these Terms is held to be invalid or unenforceable, such provision will be deemed to be restated to reflect as nearly as possible the original intention in accordance with applicable law, and the remainder of the Terms will remain in full force and effect. These Terms constitute the entire agreement between the parties with respect to the subject matter hereof and supersede and replace all prior or contemporaneous understandings or agreements, written or oral, regarding such subject matter. Any waiver of any provision of the Terms will be effective only if in writing and signed by ShipSaving. The failure to enforce any right under these Terms shall not be a waiver of the provision or the right to enforce it at a later time.

‍

SITE ERROR

Although we make reasonable efforts to provide accurate pricing information and product descriptions, errors regarding product availability may occur. We reserve the right to be held responsible for any of your damages unrelated to shipping costs.

‍

THIRD-PARTY TERMS AND CONDITIONS

You are responsible for following the terms and conditions of all carriers and partners accessed through the Site. Please visit each individual site to obtain and review their terms and conditions. Use of carrier services via the ShipSaving platform is at your own risk. ShipSaving is not responsible for your use of carrier services. Your use of carrier services is as a direct customer relationship to the specific carrier of your choosing and you agree to be bound by the terms and conditions of that carrier for the use of services, including the payment of any fees associated and a carrier’s right to open, inspect and assess your package before and after collection.

‍

VIOLATIONS OF LAW

ShipSaving services may not be used in violation of any law or in any way that unduly interferes with others' use of the services.

‍

FINAL TERMS

These terms are the private property of ShipSaving and thereby can be used for the official site of the company. If any possible failure to cover a point of fact is detected, users do not have the right to use the lack of data for waiving the order or a claim. All users are independent contractors to ShipSaving and they are not partners with each other. The Terms of Use cannot be shared, used, copied, or sent to other parties without the written, full consent of ShipSaving. We have the full right to share and to change the Terms of Use at any given moment without prior notification. All the logos, sections, images, and other marks present in the Terms of Use loaded here are the property of ShipSaving and thereby forbidden for sharing and use on other sites and by other users. The only exclusion is with ShipSaving written consent which must be included in the copy of our property.

‍

—-----------

UPS, the UPS brandmark, UPS ReadyÂŽ, and the color brown are trademarks of United Parcel Service of America, Inc. All Rights Reserved.

Discounts off UPS daily rates. Rates are limited to shipping from the U.S. only. Rates and any applicable discounts are subject to change at any time without notice.

NOTICE: The UPS package tracking systems accessed via this service (the “Tracking Systems”) and tracking information obtained through this service (the “Information”) is the private property of UPS. UPS authorizes you to use the Tracking Systems solely to track shipments tendered by or for you to UPS for delivery and for no other purpose. Without limitation, you are not authorized to make the Information available on any web site or otherwise reproduce, distribute, copy, store, use or sell the Information for commercial gain without the express written consent of UPS. This is a personal service, thus your right to use the Tracking Systems or Information is non-assignable. Any access or use that is inconsistent with these terms is unauthorized and strictly prohibited.

‍

Latest Version Posted: May, 2023

AGREEMENT BETWEEN USERS AND SHIPSAVING.COM

ShipSaving.com reserves the right, in its sole discretion, to change the Terms and Privacy Policy under which ShipSaving.com is offered. The most current version of the will supersede all previous versions. ShipSaving.com encourages you to periodically review all information to stay up to date.

‍

PRIVACY POLICY

Users of ShipSaving.com are subjected to ShipSaving.com’s Privacy Policy which includes our data collection practices. ShipSaving.com reserves the right to change their Privacy Policy at all times. All modifications, edits, deletes and additions are effective immediately. Please read the Privacy Policy carefully and periodically review to stay up to date. Your continuous use of ShipSaving.com after updates to Privacy Policy means that you agreed to be bound by the modified and updated . As permitted by applicable law and regulations, we will retain your information as long as necessary to serve and maintain your account for as long as your account is active, or as otherwise needed to operate our business.

‍

PERSONAL INFORMATION COLLECTED

In order to access the features provided by ShipSaving.com, it is necessary for Users to provide us with Personal Information. It is the User’s voluntary decision whether or not to provide the request information to use ShipSaving.com. If no information or data is provided then use of ShipSaving.com would be severely limited as a result. ShipSaving.com collects personal information such as name, address, telephone numbers, email addresses, shipping information and payment details as part of your registration and use of ShipSaving.com’s products and services.

‍

NON-PERSONAL INFORMATION COLLECTED

ShipSaving.com may collect information on User based on use of ShipSaving.com. ShipSaving.com may store “cookies” in your computer to better serve you. Cookies can gather non-personal information such as the internet site that you have previously visited before ShipSaving.com, the website you visited after ShipSaving.com, the browser you are viewing ShipSaving.com from your IP address, location tracking and more. The purpose is to improve the quality of ShipSaving.com and increase ShipSaving.com’s marketing initiatives. You may limit the usage of cookies from your browser settings.

‍

HOW INFORMATION IS SHARED

We will not use your Personal and Non-Personal Information for any reason beyond the legitimate business purposes defined by the law nor to act as a Amazon Competitor Seller against you. ShipSaving.com reserves the right to share your information to guarantee the fulfillment of ShipSaving.com’s services which can include third-party companies that work with us to provide our Services such as couriers, insurance companies, and payment providers. ShipSaving.com uses the collected personal and non-personal information for reasons such as but not limited to:

  1. Allow Users to register as members of ShipSaving.com
  2. Contact User about products and services offered by ShipSaving.com and ShipSaving.com’s partners.
  3. Contact User pertaining to administrative notices and updates relevant to accounts/services maintained with ShipSaving.com
  4. Follow up on service calls, questions, requests and complaints submitted by User.
  5. Provide Tracking and Shipping Services to Users. Allows User to operate and use ShipSaving.com
  6. To gather and analyze data in respect to the use of ShipSaving.com and for ShipSaving.com’s internal use
  7. Solve disputes, troubleshoot problems, and enforce any agreements with ShipSaving.com including and not limited to ShipSaving.com’s Terms of Use and Privacy Policy.
  8. Share information with ShipSaving.com’s partner in the event that a partner of ShipSaving.com is investigating or enforcing a violation of its policies, procedures, terms of agreement. ShipSaving.com will share information with ShipSaving.com’s partner to conduct in its investigation of a possible problem, issue or concern.
  9. In the event that all or part of ShipSaving.com becomes part of a sale, merger or transfer, ShipSaving.com reserves the right to transfer any and all information that it collects to third parties.
  10. In the event of a court order or cooperate with a law enforcement investigation, ShipSaving.com will disclose all requested information and reserve the right to report to law enforcement any activities that ShipSaving.com suspects to be unlawful.

‍

THIRD PARTY PRIVACY POLICIES AND DATE COLLECTION

ShipSaving.com’s Terms and Privacy Policy only addresses the collection, use and disclosure of information by ShipSaving.com and does not cover third party practices. ShipSaving.com is not responsible for the policies or practices of any third party.

‍

OTHER TERMS AND USAGE AGREEMENTS

Account Information: Information provided during registration becomes part of ShipSaving.com’s business records. ShipSaving.com may retain past information as part of our business records. Minors: This website is directed to adults and not for children under 13. ShipSaving.com does not knowingly collect or use personally identifiable information from anyone under the age of 13. Children under 18 may use ShipSaving.com with guardian or parent permission. If you have any questions about this Privacy Policy, please contact ShipSaving.com.

‍

ELECTRONIC COMMUNICATIONS

User consent to receive electronic communications and user agree that all agreements, notices, disclosures and other communications that we provide to you electronically, via email and on the Site, satisfy any legal requirement that such communications be in writing upon visiting ShipSaving.com

‍

ACCOUNT SECURITY

ShipSaving.com follows industry standards to protect the personal information and data submitted by Users to the Website. However, no method of security is 100% secure. User is responsible for maintaining the confidentiality of User’s account or password and accepting responsibility for all activities that occur under User’s account or password. User acknowledges that ShipSaving.com is not responsible for third party access to accounts that results from theft or misappropriation of User’s account. ShipSaving.com and its associates reserve the right to refuse or cancel service, terminate accounts, or remove or edit content at our sole discretion.

‍

CANCELLATION/REFUND POLICY

You may close your account at any time, upon the fact that your account has no pending or negative balance. When you terminate or stop using your account, we may continue to communicate with you about our services, updates, and products. We may also continue to use some of your information for business purposes and to improve our business. We will retain and use your information as required by applicable law. ShipSaving.com’s information management policies will comply with legal and reporting obligations, resolve disputes, and enforce our agreements.

‍

LINKS TO THIRD PARTY SITES/THIRD PARTY SERVICES

ShipSaving.com may contain links to other websites ("Linked Sites"). The Linked Sites are not under the control of ShipSaving.com and ShipSaving.com is not responsible for the contents, links, terms of usage or services of any Linked Site. Certain services made available via ShipSaving.com are delivered by third party sites and organizations. By using any product, service or functionality originating from the ShipSaving.com domain, you hereby acknowledge and consent that ShipSaving.com may share such information and data with any third party with whom ShipSaving.com has a business relationship to provide the requested service on behalf of ShipSaving.com users and customers. By using any services or functionality of ShipSaving.com, you hereby acknowledge and comply with terms and conditions from any other third Party Businesses/Services/Websites/Companies/Organizations, including but not limited to: FedEx, UPS, USPS, eBay and Amazon.

‍

INTERNATIONAL USERS

The Service is controlled, operated and administered by ShipSaving.com from our offices within the USA. If you access ShipSaving.com outside the USA, you are responsible for compliance with all local laws. You agree that you will not use the ShipSaving.com in any country or in any manner prohibited by any applicable laws, restrictions or regulations.

‍

INDEMNIFICATION

You agree to indemnify, defend and hold harmless ShipSaving.com, its officers, directors, employees, agents and third parties, for any losses, costs, liabilities and expenses (including reasonable attorneys' fees) relating to or arising out of your use of or inability to use the Site or services. Any actions committed by User in violation of any terms of this ShipSaving.com’s, terms of a third party, any applicable laws, rules or regulations will result in ShipSaving.com the right, at its own cost, to assume the exclusive defense and control of any matter otherwise subject to indemnification by you, in which event you will fully cooperate with ShipSaving.com in asserting any available defenses.

‍

THIRD PARTY ACCOUNTS

In the event that You will be able to connect your ShipSaving.com account using a third party accounts, you acknowledge and agree that you are consenting to the continuous release of information about you to others (in accordance with your privacy settings on those third party sites). If you do not want information about you to be shared in this manner, do not connect your ShipSaving.com account using a third-party account.

LIABILITY DISCLAIMER

The information, software, products, and services included in or available through the site may include inaccuracies or typographical errors. Changes are periodically added to the information herein. ShipSaving.com and associates may make improvements and/or changes in the site at any time. ShipSaving.com and it’s partners make no representations about the reliability, usefulness, accuracy of the information, services, software and graphics contained on this site for any purpose. To the maximum extent permitted by applicable law, ShipSaving.com operates “as is” without warranty or condition of any kind for ShipSaving.com’s contents. This “as is” without warranty extends to all implied warranties or conditions of merchantability, fitness for a particular purpose, title and non-infringement. To the maximum extent permitted by applicable law, in no event shall ShipSaving.com and it’s partners be liable for any direct, indirect, punitive, incidental, special, consequential damages or any damages whatsoever including, without limitation, for loss of use, data or profits, arising out of or in any way connected with the use or performance of the site, with the delay or inability to use the site or related services, the provision of or failure to provide services, or for any information, software, services and contents obtained through the site, or otherwise arising out of the use of the site, whether based on contract, tort, negligence, strict liability or otherwise, even if ShipSaving.com and it’s partners has been advised of the possibility of damages. If you are dissatisfied with ShipSaving.com in any way, please discontinue using the site.

‍

TERMINATION/ACCESS RESTRICTION

ShipSaving.com reserves the right, in its sole discretion, to terminate your access to the Site and the related services without notice. You are not allowed to ship items that are prohibited by Carriers or by law or regulation of any federal, state or local government in the origin or destination countries. To the maximum extent permitted by law, this agreement is governed by the laws of the State of California and you hereby consent to the exclusive jurisdiction and venue of courts in California in all disputes arising out of or relating to the use of the Site. Use of the Site is unauthorized in any jurisdiction that does not give effect to all provisions of these Terms, including, without limitation, this section. Usage of ShipSaving.com does not have a partnership or employment relationship between ShipSaving.com and User. ShipSaving.com is subject to existing laws and is in compliance with governmental, court and law enforcement requests relating to the Site and information by ShipSaving.com in respect to legal use. If any part of these Terms and Privacy Policy is determined to be invalid then the invalid provision will be deemed superseded by a valid, enforceable provision that most closely matches the intent of the original provision and the rest of the Terms and Privacy Policy shall continue in effect. Unless otherwise specified herein, this Terms and Privacy Policy constitutes the entire agreement between the user and ShipSaving.com and it voids all prior communications and agreements between the user and ShipSaving.com. These Terms and Privacy Policy and any additional Terms and Privacy Policies in English shall be admissible in judicial or administrative proceedings based upon or relating to this agreement to the same extent and subject to the same conditions as other business documents and records originally generated and maintained in printed form.

‍

Latest Version Posted: May, 2023

DATA SECURITY

ShipSaving works diligently to ensure the confidentiality, integrity, and availability of your data.

  • Encryption in transit protects the confidentiality, integrity, and authenticity of your data. As an industry best-practice, we use HTTPS to encrypt customer data sent and received by our servers. This includes, but is not limited to, all data transmitted over the RESTful JSON API that communicates with our backend microservice architecture. This protects your information from tampering and unauthorized disclosure. We also implement AES-GCM (an authenticated encryption algorithm based on a pre-shared key) to protect both the confidentiality and integrity of data transmissions.
  • Database access controls restrict access to authorized users and IP addresses. Developers undergo strict account management. Auditing and robust log records provide relevant insights to personnel who regularly review database access for signs of malicious operation. Database passwords must adhere to internal standards for complexity. Database contents are encrypted both at rest and in transit.
  • Field-level encryption with the AES-GCM algorithm protects sensitive database entries from unauthorized tampering or disclosure. When the application writes data to the database, sensitive fields are encrypted with an additional key. When the contents of an encrypted database field are retrieved, the results cannot be deciphered without the respective key. This second line of defense significantly reduces the potential impact of leaked data. Our software developers and database administrators (DBAs) operate by default on encrypted fields. Access to the original contents of encrypted fields is granted to staff only on a "need-to-know" basis.
  • Data desensitization protects sensitive customer data such as phone numbers, email addresses, and payment card information. Predefined rules tokenize, hide, or mask this data. For extremely sensitive data such as payment card information, we only persist a subset of the original, significantly increasing customer safety.

‍

ACCESS CONTROL

Role-based access control (RBAC) assigns functional and data permissions to designated roles, and one or more roles to individual user accounts. A "super administrator," for instance, not only possesses global access to all actions and data, but will also typically customize other roles as needed and assign them to users. Our system administrators apply specific role assignments to customers. This ensures that customers possess functional authority and data authority over only their own data. Malicious actions may attempt to tamper with input parameters to conceal executable commands or cross trust boundaries. This can lead to the unauthorized acquisition of server permissions and the unauthorized disclosure of customer data. The system addresses these concerns as follows:

  • Cross-site scripting (XSS) occurs when untrusted JavaScript or other scripting code is supplied from one source and rendered in an unexpected location, such as another user's browsing session. An XSS attack can tamper with or expose data, opening up customer accounts to compromise and endangering their normal operation. To prevent this class of attack, the system is designed to refuse unsafe inbound content. The system will check, filter, and escape any customer input with whitelists of trusted character sets and HTML tags. As an additional layer of defense, the system will filter and/or sanitize output before rendering HTML content to users.
  • Buffer overflows occur when a system receives input of a length that overflows the memory area designated for its storage. A malicious user who succeeds at this attack may tamper with or expose data, or possibly gain system root access. To avoid receiving data that exceeds system capacity, we treat external data as untrusted input and perform boundary checks before committing to our systems.
  • Cross-site request forgery (CSRF) can occur when an attacker causes a victim's browser to automatically submit a request. This attack is similar to, but different from, a cross-site scripting (XSS) attack. In the case of CSRF, the attacker crafts a malicious request directed at a particular website. If the customer has an active browsing session on that website, the request can be executed to create, read, update, or delete data as the customer themselves. This is equivalent to the attacker logging in with the customer's own credentials to carry out harmful actions within the scope of the customer's authority. To prevent CSRF attacks and protect customer accounts, the system validates CSRF tokens, HTTP referer headers, and CAPTCHA responses.
  • Path traversal can occur when query parameters and server paths are not properly sanitized or validated before use in accessing a server-side file system location. An attacker may supply a string with directory navigation operators, possibly escaped (e.g., "../" or "%2E%2E%2F"), to gain unauthorized access to information systems. To prevent this, all customer input is validated and/or escaped after transmission.
  • A web shell is a type of remote access trojan (RAT) that exploits a script upload vulnerability to create a command execution environment. An attacker will often use this shell environment through a web browser. This can lead to a series of hazards such as unauthorized information disclosure and tampering. To avoid receiving a web shell, we strictly limit and verify uploaded files. Customers may upload only static files and the system does not trust original filenames. In addition to restricting the upload of malicious code files, the system restricts the execution permissions of related directories.
  • Unexpected data disclosure may occur when access logs record sensitive query parameters. To prevent this, the HTTP GET method is not used to transmit sensitive data into the system. When sensitive data must be transmitted into the system, the HTTP POST method is used, and sensitive data placed in the body of the request. The HTTP GET method may be used to transmit non-sensitive data to the system, and to retrieve both sensitive and non-sensitive data from the system.

‍

LOGIN SECURITY

Customer password security promotes not only the security of customer information on our platform but also the stability of the system as a whole. Some customers may use the same password on multiple platforms; once this password is cracked, the risk of data leakage exists on any other platforms with which it is shared. We mitigate the potential for damage as follows:

  • The system assigns an authentication token to customers at login. This token accompanies the customer throughout their session and grants the ability to access assigned functions and data. The system reduces the potential for unauthorized disclosure or tampering by requiring a valid token with requests for privileged functions and data.
  • User authentication checks occur with every request. We encourage customers to log out manually when they are finished with the system. As a protection against abandoned sessions, if authentication credentials expire or the authentication process fails, the customer will be required to log in again to minimize the potential for data leakage.
  • Cookies are protected from unauthorized disclosure and tampering with the HttpOnly and Secure attributes. The HttpOnly flag prevents customer information in cookies from being read by malicious JavaScript files. The Secure flag ensures that a client browser will submit the cookie only with HTTPS requests.
  • The AES-GCM encryption algorithm promotes authenticity in the system with authentication codes and authenticated encryption with associated data (AEAD). If system decryption functions note authenticity issues during the decryption process, an exception will be thrown to prevent further processing of corrupted or tampered customer data.
  • Customer password length and complexity requirements mitigate the likelihood of brute-force password cracking. We guarantee that customer passwords are not stored in plaintext. Customer passwords are salted and hashed on the frontend with a slow hash operation. Sensitive data, including authentication credentials, will be transmitted to the backend only over a connection encrypted with HTTPS.
  • Two-factor verification validates customer ownership of email addresses used for website authentication. When we detect a customer account at risk of misappropriation, the affected customer must correctly supply both their password and a one-time code that the system will send to their email address. CAPTCHA affords an additional layer of protection for this process.

‍

AUDIT LOGS

We are continuously strengthening our product security controls to ensure the maximum confidentiality, integrity, and availability of customer accounts and data.

The vast majority of customer operations trigger the creation of audit logs. This provides customers the ability to trace events when necessary. We provide operation logs for each event that include a timestamp, customer ID, the object being operated on, and the contents of the operation. To facilitate unified management, system administrators have the ability to view the operation logs of all customers.

  • We record operations performed by customers on their own data. If an operation involves sensitive data, such as password or payment card information, metadata attached to log entries will be encrypted to minimize the potential for data leakage.
  • Customer requests for data will be approved or denied based upon credentials and additional security considerations. The results of these decisions will be recorded.
  • Multiple customer user accounts may collaborate as a team. In these cases, a team administrator may be designated as an approver for purchase orders placed by other team members. For example, a warehouse manager who wishes to create a purchase order will submit an application to their administrator for approval. The administrator can then choose to deny or approve the application. If the application is approved, the purchase order will be created. The system records these decisions with per-application granularity.
  • Potentially risky operations trigger alarms to be handled by dedicated personnel.
  • Logs are retained for 180 days.

‍

Developers are subject to sound auditing and log management. We mitigate the potential for developer credential misuse by logging the following events:

  • Login and logout timestamps;
  • Database and server access attempts;
  • Data, file, and network access attempts;
  • Changes to customer data, such as deletion or modification of sensitive info;
  • Exceptions or other signs of abnormal activity, which may trigger alarms.

‍

SERVER SECURITY

Firewalls and network security policies deny or redirect data flow to reduce the efficacy of malicious network-based attacks. Security rules are optimized to establish a proper security perimeter for system components.

Network Access Control (NAC) restricts server access to authorized developers, originating from whitelisted IP addresses, who comply with pertinent security policies.

When network bandwidth becomes saturated it can exhaust server processing capacity, preventing legitimate users from being able to access resources. A distributed denial-of-service (DDoS) is one sort of malicious attack that can produce this result. To address this risk, we:

  • Limit the frequency of requests from individual IP addresses;
  • Apply load-balancing to shunt traffic toward available servers;
  • Disable ICMP on security devices such as firewalls;
  • Deny or redirect abnormal traffic with a hardware firewall that mitigates the potential for DDoS with rule-based packet-filtering, deep packet introspection (DPI), and Web Application Firewall (WAF) filtering based on request contents and disposition;
  • Apply ISP near-source cleaning and operator traffic suppression to minimize the potential for incidents that could adversely affect service availability to customers;
  • Strictly limit, at the application layer, the number of connections and CPU usage time from individual IP addresses;
  • Reduce unnecessary dynamic database queries.

A competent patch management process regularly reviews and addresses operating system vulnerabilities. Timely application of patches minimizes the potential for malicious attacks.

Unnecessary service ports are closed as part of the system hardening process.

Audit logs record every server operation. Designated security personnel regularly review these logs and respond immediately when an incident is noted.

‍

PAYMENT SECURITY

To protect customer financial information, we do not store data from payment cards.

A third-party vendor, Stripe, acts as our payment processor. Please refer to Stripe for more information on their security policies and procedures.

‍

DEVELOPER SECURITY

Developers regularly undergo training to improve security and privacy awareness.

The use of external storage media (USB disks, portable hard drives, thumb drives, etc.) is prohibited on company computers.

The use of unsecured public cloud applications, including file synchronization tools such as Dropbox and Google Drive, is also prohibited on company computers.

‍

DATA BACKUPS

Our customers fulfill orders with the aid of transactional and other data ("Platform Data") synchronized into our system from third-party e-commerce platforms ("Marketplaces"). To ensure the availability of Platform Data when it is needed, we perform regular backups. Each Marketplace imposes its own policies on the use, protection, and retention of Platform Data.

ShipSaving treats Platform Data, and backups thereof, in strict accordance with the requirements of each Marketplace. We do not maintain Platform Data beyond the retention periods mandated by Marketplaces. We do not sell, share, or otherwise disclose customer data in any manner that would violate our agreements with Marketplaces.

‍

Backup frequency

  • Full database backups occur weekly at 23:59 on Sunday.
  • Incremental database backups occur daily at 03:00, 09:00, 15:00, and 21:00.

‍

Backup plan

  • The database currently utilizes master-slave synchronization to promote data redundancy. Binary logging on the slave database is enabled for off-site backup.
  • Future plans include database read-write separation ("master write, slave read") to promote scalability and high-availability. This master-slave synchronization architecture, with backups in accordance with the original backup scheme, may entail a split into separate databases and additional tables to further improve the ShipSaving recovery time objective (RTO) and recovery point objective (RPO) metrics.

‍

SECURITY INCIDENT RESPONSE PLAN(SIRP)

We maintain a security incident response plan (SIRP) and we review and verify this plan every six months and after any major infrastructure or system change. When our backend engineering managers investigate security incidents, or when automation mechanisms trigger an alarm.

  • We identify the type and extent of any associated events.
  • We disconnect any relevant systems from the network.
  • We gather evidence. System logs may be viewed without shutting down associated servers, which promotes forensic analysis of potential evidence in memory, if required.
  • In the event that a breach may affect passwords, we will lock down sensitive information and rotate any relevant passwords.
  • The impact of a data breach will be assessed based upon logs and other available evidence. Once a root cause analysis is performed, remedial measures will be taken. These may include, but are not limited to, cryptographic erasure of affected systems, patching of relevant software or operating systems, reconfiguration of firewalls, isolation of subnets, malware scanning, and recalibration of automated alarm thresholds.

‍

Latest Version Posted: May, 2023