Privacy Policy – 3PLNext Warehousing System

 

Effective Date: April 1, 2016
Last Updated: August 8, 2025

 

1. Introduction

3PLNext is committed to protecting the privacy, confidentiality, and security of the personal and business information you provide to us.

This Privacy Policy describes how we collect, use, store, process, and share your data when you use the 3PLNext Warehousing System (the “Platform”) and related services.
It is designed to comply with the General Data Protection Regulation (EU & UK GDPR), California Consumer Privacy Act (CCPA/CPRA), and other applicable data protection laws.

By using our Platform, you acknowledge and agree to the practices described in this Policy.

2. Roles & Responsibilities

Depending on the context, we may act as:

  • Data Processor – when processing data on behalf of our customers (e.g., warehouse records, client contacts, shipping data).
  • Data Controller – when processing data for our own purposes (e.g., billing, support, security monitoring).

3. Information We Collect

We may collect and process the following types of information:

a. Account Information

  • Full name, email, phone number
  • Company name, billing address
  • Login credentials and preferences

b. Operational Data

  • Inventory, orders, shipments, and tracking records
  • Client, vendor, and carrier contact details provided by you
  • Warehouse location details

c. Usage & Technical Data

  • IP address, browser type, device identifiers
  • Login timestamps, activity logs, and feature usage
  • System performance metrics

d. Integrated & Imported Data

  • Data you upload or sync from other systems (EDI, CSV, API)
  • Information received from connected platforms (e-commerce, ERP, courier APIs)

4. Legal Bases for Processing (GDPR)

We process personal data under the following legal bases:

  • Contractual necessity – to provide and maintain the Platform
  • Legitimate interests – improving security, performance, and user experience
  • Legal obligation – compliance with laws and regulations
  • Consent – where required for optional features (e.g., marketing communications)

5. How We Use Your Information

We use collected information for purposes including:

  • Service Delivery – to operate and provide the Platform
  • Account Management – authentication, user preferences, and support
  • Warehouse Operations – inventory, order fulfillment, and reporting
  • Security – fraud prevention, access control, and incident monitoring
  • Improvements – analytics and feature enhancements
  • Compliance – meeting tax, legal, and regulatory requirements

6. Sharing & Disclosure of Data

We do not sell your data.
We may share it only in these cases:

  1. With Sub-Processors – trusted vendors that perform services for us (e.g., hosting, cloud storage, email delivery, payment processing).
    • A full list of sub-processors is available on request.
  2. At Your Direction – integrations you choose to enable.
  3. For Legal Reasons – when required by law or legal process.
  4. Business Transfers – during mergers, acquisitions, or restructuring.

7. Sub-Processors & International Transfers

  • We ensure all sub-processors sign Data Processing Agreements (DPAs) with equivalent protection standards.
  • Where data is transferred outside the EEA/UK, we use Standard Contractual Clauses (SCCs) or other approved safeguards.
  • US transfers comply with the EU-US Data Privacy Framework (where applicable).

8. Data Retention

We retain your data only as long as necessary for:

  • Service provision
  • Legal compliance
  • Contractual obligations

Upon account closure, we securely delete or anonymize your data within 90 days, unless otherwise required by law.

9. Data Security

  • Encryption in transit (TLS) and at rest (AES-256)
  • Role-based access control and multi-factor authentication
  • Regular security audits and vulnerability assessments
  • 24/7 monitoring for unauthorized access attempts

10. Data Breach Notification

In the event of a data breach affecting personal data:

  • We will notify affected customers without undue delay and, where required, within 72 hours (GDPR requirement).
  • Notifications will include the nature of the breach, affected data, mitigation steps, and recommended actions.

11. Your Rights (GDPR, CCPA/CPRA)

Depending on your location, you may have the right to:

  • Access – obtain a copy of your personal data
  • Rectification – correct inaccurate or incomplete data
  • Erasure – request deletion of your data (“right to be forgotten”)
  • Restriction – limit processing of your data
  • Portability – receive data in a machine-readable format
  • Opt-out – prevent sale or sharing of your personal information (CCPA)
  • Non-Discrimination – equal service regardless of exercising privacy rights

Requests can be made by contacting [Insert Contact Email].

12. Cookies & Tracking

We use cookies and similar technologies for:

  • Session management and login persistence
  • User preferences
  • Analytics and performance monitoring

You can disable cookies in your browser settings, though some features may be unavailable.

13. Children’s Privacy

Our Platform is not intended for use by individuals under 16 years of age, and we do not knowingly collect personal data from minors.

14. Third-Party Services

Our Platform may link to or integrate with external services. We are not responsible for their privacy practices — please review their policies.

15. Changes to This Policy

We may update this Privacy Policy periodically. Changes will be posted here with an updated Effective Date.
Continued use of our Platform after changes constitutes acceptance.