Privacy Policy

1. Who we are

ParcelPilot is owned and operated by InsideOut Ideas Limited. For the purposes of UK data protection law, InsideOut Ideas Limited is the data controller for personal data collected through our website, sales process, support process, and SaaS billing relationship.

Company number: 07066298. Address: 72a Windsor Street, Beeston, Nottingham, NG9 2BW, UK.

2. Scope of this policy

This policy applies to:

• visitors to the ParcelPilot website
• people who contact us for demos, sales conversations, or support
• users of the ParcelPilot platform
• billing contacts for subscriptions or invoices
• personal data processed within customer operational workflows in the platform, including order, shipment, inventory, receipt, return, and integration records

3. Controller and processor roles

ParcelPilot operates in different privacy roles depending on the context:

• For website enquiries, marketing communications, support interactions, account administration, and SaaS billing, we usually act as a data controller.
• For operational data our customers put into the platform, such as customer names, delivery addresses, contact details, order contents, shipment information, and returns data, we usually act as a data processor on behalf of the customer using ParcelPilot.
• Our customers remain responsible for ensuring they have an appropriate lawful basis for the personal data they upload to or connect into the platform.

4. Personal data we collect

Depending on how you interact with ParcelPilot, we may collect and process:

• identity and contact data, such as name, email address, phone number, company name, and job title
• account and user data, such as login details, role/permission information, audit activity, and profile information
• customer operational data, such as order numbers, customer names, shipping and billing addresses, phone numbers, email addresses, order item details, delivery references, shipment tracking, returns, and warehouse movement history
• inventory and fulfilment data, including serial numbers, stock allocation records, collection and receipt records, and shipping events
• integration data from connected systems such as ecommerce, marketplace, carrier, and accounting platforms
• commercial and billing data, including subscription information, invoice records, payment status, and limited payment-method metadata provided by payment processors such as Stripe
• technical and usage data, such as IP address, browser/device information, session data, and website analytics where consent has been given
• communications data, including support tickets, contact-form messages, implementation notes, and other correspondence

5. How we collect personal data

We collect personal data:

• directly from you when you submit forms, request a demo, contact us, or use the platform
• from your employer or organisation if they set up your ParcelPilot access
• from your connected systems and integrations, such as ecommerce platforms, carriers, or billing systems
• from customer data imported or synchronised into the platform as part of operational workflows
• from cookies and similar technologies, subject to your preferences where required

6. How we use personal data

We use personal data to:

• operate, secure, and improve the ParcelPilot website and platform
• provide warehousing, fulfilment, order management, shipping, billing, reporting, and integration functionality
• create and manage user accounts, roles, permissions, and tenancy access
• process orders, shipments, receipts, returns, collections, stock movements, and related workflow events
• push data to and receive data from third-party integrations at the direction of our customers
• respond to sales enquiries, provide demonstrations, onboard customers, and deliver support
• administer subscriptions, invoices, card setup, and payment workflows
• maintain audit logs, investigate incidents, detect abuse, and meet security obligations
• comply with legal, regulatory, tax, and accounting requirements
• measure website performance and usage where analytics consent has been given

7. Legal bases

Where we act as controller, we rely on one or more of the following legal bases:

• performance of a contract, including providing the ParcelPilot platform and related services
• legitimate interests, such as running and securing our platform, responding to business enquiries, improving our services, and preventing misuse
• compliance with a legal obligation, including accounting, tax, fraud prevention, and regulatory requirements
• consent, where required, such as for optional analytics cookies

Where we act as processor, our customer is responsible for identifying the relevant lawful basis for the personal data they instruct us to process.

8. Sharing personal data

We may share personal data with trusted service providers and subprocessors where needed to operate the service, including providers of hosting, infrastructure, email delivery, analytics, customer support, and payment processing.

In the normal course of operating ParcelPilot, personal data may also be transmitted to third-party systems that customers choose to connect, such as ecommerce platforms, marketplaces, carriers, accounting platforms, or warehouse-related services. We do this as part of the service and generally under the customer’s instructions.

We may also disclose personal data where required by law, regulation, court order, or to protect our legal rights, users, systems, or business.

9. Payments and billing

We use Stripe and related billing services for certain SaaS subscription and payment workflows. We do not store full card numbers in ParcelPilot. Payment data is processed by the relevant payment provider in accordance with its own privacy and security practices.

ParcelPilot may store limited billing-related information such as customer identifiers, payment-method status, subscription identifiers, invoice records, and payment event metadata needed to manage subscriptions and invoices.

10. Cookies and analytics

We use cookies for site functionality and, where you accept them, analytics. Our website currently uses a consent mechanism for optional Google Analytics cookies. You can accept or reject analytics cookies and revisit your choice using the Cookie settings link in the footer.

For more detail, please see our Cookie Policy.

11. International transfers

Some of our service providers or customer-selected integrations may process personal data outside the UK. Where this happens and we are responsible for the transfer, we take reasonable steps to ensure appropriate safeguards are in place, such as contractual protections or reliance on an adequacy decision where available.

12. Retention

We retain personal data for as long as reasonably necessary for the purposes described in this policy, including to provide the service, maintain auditability, resolve disputes, meet legal obligations, and enforce agreements.

Retention periods may differ depending on the type of data. For example, support and sales correspondence may be retained for relationship management and audit purposes, while billing and financial records may be retained for tax and accounting compliance. Operational platform data is typically retained in line with customer instructions, contractual commitments, and legal requirements.

13. Security

We take reasonable technical and organisational measures designed to protect personal data against unauthorised access, loss, misuse, or disclosure. These measures may include access controls, tenant separation, authentication, audit logging, encrypted transport, and operational monitoring. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.

14. Your rights

Depending on the circumstances and applicable law, you may have rights to access, correct, delete, restrict, object to, or port personal data, and to withdraw consent where processing is based on consent.

If your personal data is being processed within ParcelPilot on behalf of one of our customers, you should normally contact that customer first, because they are usually the controller for that data and are best placed to respond to your request.

15. Customer responsibilities

Customers using ParcelPilot are responsible for ensuring that personal data they collect and upload to the platform is lawful, accurate, and appropriately disclosed to the individuals concerned. This includes customer records, consignee details, employee/user details, and personal data received from connected channels and integrations.

16. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or operational practices. We will update the “Last updated” date when we do.

17. Contact us

If you have questions about this Privacy Policy or would like to make a privacy-related request, please contact us at support@parcelpilot.co.uk.

Postal address: 72a Windsor Street, Beeston, Nottingham, NG9 2BW, UK.