Privacy Policy
Last updated: 10 June 2026 · ShipSense (Muhammad Arsh Khan, sole proprietor, Mumbai, India)
What we collect
When you request an audit: your work email, brand name, shipment volume, and optional WhatsApp number. When you send a shipment CSV: order references, AWBs, courier names, pincodes, addresses, order values, statuses, dates, and — if you include them — customer phone numbers. You may hash phone numbers before sending; the engine works identically.
What we use it for
One purpose: producing your RTO/NDR audit and, if you become a customer, running ShipSense on your shipments. We do not sell data, share it with couriers or aggregators, or use one merchant's raw data to benefit another. Cross-brand risk signals, when active, use only irreversible hashed tokens — never readable identifiers.
What we never ask for
Bank details, card numbers, UPI IDs, passwords, courier or store login credentials, GST/PAN. If these appear in your export, delete those columns before sending.
Storage
Data is stored on Supabase infrastructure in the Mumbai (India) region, access-controlled per merchant with row-level security.
Retention and deletion
Audit data for non-customers is deleted within 60 days of audit delivery. Customers' data is retained while the account is active. Email arsh9khan@gmail.com for deletion at any time — completed within 7 days, confirmed in writing.
Your rights
Under India's Digital Personal Data Protection Act you may request access, correction, or erasure of personal data we hold. Same email; same 7-day commitment.
Questions / grievances
arsh9khan@gmail.com