Skip to content

Privacy Policy

How Deliver WMS LLC collects, uses, and protects information about visitors to this site and customers of the Deliver WMS platform. Built for transparency.

Effective:
Last updated:
Version:
1.0

1. Who we are and what this policy covers

Deliver WMS LLC (“Deliver WMS,” “we,” “us,” or “our”) is a Delaware limited liability company that builds and operates the Deliver WMS warehouse management and last-mile delivery platform.

This Privacy Policy explains what information we collect, how we use it, who we share it with, and the choices you have. It applies to:

  • This website (deliverwms.com) and any subdomains we operate
  • The Deliver WMS platform application (the “Service”) accessible at app.deliverwms.com
  • Any related products, integrations, or communications

It does not apply to third-party websites, services, or products that link to or from our Service, even when they appear within our app.

If you do not agree with this Privacy Policy, do not use the Service.

2. Information we collect

We collect three categories of information.

2.1 Information you give us directly

  • Account information. When you create an account: name, work email, company name, password (hashed), role, and (if you provide it) phone number.
  • Customer warehouse data. When you use the Service to operate a warehouse, the operational data you enter or import: client (tenant) records, products and SKUs, inventory levels and movements, orders, shipments, billable events, driver and delivery information, and any other data you choose to upload. This is your data; we process it on your behalf under the terms of our Master Services Agreement and Data Processing Agreement.
  • Billing information. If you purchase a paid plan: billing contact name, billing address, and the last four digits of your payment card (full card numbers are handled by our payment processor — see § 4.2).
  • Communications. When you contact us (sales inquiries, support tickets, the contact form, email): the content of your message, the email address you used, and any other information you choose to share.
  • Marketing preferences. If you subscribe to updates or newsletters: your email and your subscription state.

2.2 Information we collect automatically

When you use the website or the Service, we and our infrastructure providers automatically collect:

  • Log and usage data. IP address, browser type and version, operating system, referring URLs, pages viewed, links clicked, timestamps, session duration, and error logs.
  • Device information. Device type, screen resolution, and (for mobile worker/driver apps) approximate location when location services are enabled by the user.
  • Cookies and similar technologies. See § 5 below.

2.3 Information from third parties

  • Authentication providers. If you sign in via a third-party identity provider, we receive the basic profile information that provider shares (name, email).
  • Payment processor. Our payment processor sends us transaction confirmations, billing events, and card-on-file status.

3. How we use information

We use the information described above to:

  • Provide, operate, secure, and improve the Service
  • Authenticate you and protect your account
  • Process payments and manage billing
  • Respond to support requests and communicate about the Service
  • Send service-related announcements (downtime, security notices, policy changes)
  • Detect, prevent, and respond to fraud, abuse, and security incidents
  • Comply with applicable law and enforce our Terms of Service
  • (With your separate consent) send marketing communications you can opt out of at any time

We do not sell personal information. We do not use customer warehouse data to train machine learning or AI models without explicit, separate, written authorization from the customer.

4. How we share information

We share information only in the limited circumstances below.

4.1 With our sub-processors

We use a small set of vetted third-party service providers (“sub-processors”) to operate the Service. Each is contractually required to handle data consistently with this policy and our Data Processing Agreement.

Sub-processorPurposeData categories
Vercel Inc.Web hosting, CDN, edge functions, privacy-friendly web analytics, and Core Web Vitals (Speed Insights)Site/app traffic, request logs, IP addresses, aggregated page-view counts, performance timing metrics. Vercel Analytics and Speed Insights are cookieless and do not collect personally identifiable information.
Supabase (or successor PostgreSQL provider)Application database, authenticationAll Service data including customer warehouse data
Stripe, Inc.Payment processingBilling contact info, payment card data (handled directly by Stripe)
Postmark (or successor email service)Transactional and account email deliveryRecipient email, message content
Tawk.toLive chat widget and ticketing on the marketing siteChat transcripts, IP addresses of chat participants, optional name/email provided by the visitor

A current sub-processor list is maintained at this page; we will update it when sub-processors change. If we add a new sub-processor that materially expands the scope of processing, we will notify customers in advance via in-app notice or email.

4.2 With payment processors

Payment card information is collected and processed directly by Stripe, Inc. under their own privacy policy. We never receive or store full payment card numbers.

We may disclose information when we believe in good faith that disclosure is necessary to:

  • Comply with a subpoena, court order, or other valid legal process
  • Enforce our Terms of Service or other agreements
  • Investigate, prevent, or respond to suspected fraud, security incidents, or illegal activity
  • Protect the rights, property, or safety of Deliver WMS, our customers, our personnel, or the public

When permitted by law, we will give the affected customer notice before responding to a government request for their data.

4.4 In a business transfer

If Deliver WMS is involved in a merger, acquisition, asset sale, financing, or similar transaction, your information may be transferred as part of that transaction. We will notify customers if the transaction would materially change how information is processed.

4.5 With your authorization

We share information with other parties when you instruct us to (for example, integrations you connect, or data you choose to make available to your warehouse clients via the B2B portal).

5. Cookies and tracking technologies

We use first-party cookies and similar technologies to operate the website and Service. Cookies fall into three categories:

  • Strictly necessary. Required for authentication, security, and core functionality. Cannot be disabled.
  • Performance and analytics. Help us understand how the Service is used so we can improve it. Aggregated and not used to identify individuals.
  • Preferences. Remember choices like theme (light/dark) and language.

We do not use cookies for cross-site advertising tracking. Most browsers let you control cookies through their settings; disabling cookies may impair Service functionality.

6. Data retention

We retain information for as long as needed to provide the Service and for the periods required by law.

  • Account information is retained while the account is active and for up to 90 days after termination, after which it is deleted or anonymized unless we are required to retain it longer.
  • Customer warehouse data is retained according to the active subscription. Upon termination, it is exported on request and then deleted within 30 days unless a longer retention is required by contract or law.
  • Billing records are retained for 7 years to comply with tax and accounting requirements.
  • Communications and support tickets are retained for up to 3 years.
  • Log and security data are retained for up to 12 months.

7. Security

We implement administrative, technical, and physical safeguards designed to protect information against unauthorized access, alteration, disclosure, or destruction. These include encryption in transit (TLS) and at rest, role-based access controls, multi-tenant isolation enforced at the database level via row-level security, regular access reviews, and an incident response process.

No system is perfectly secure. We will notify affected customers and individuals of a confirmed security incident involving their personal information without undue delay, consistent with applicable law.

8. Your choices and rights

8.1 Account and communication preferences

You can update your account information at any time from within the Service or by contacting us. You can opt out of marketing emails by clicking the unsubscribe link in any marketing message. Service-related messages (security alerts, billing notices, policy changes) cannot be opted out of while you maintain an account.

8.2 Rights of California residents (CCPA / CPRA)

If you are a California resident, you have the right to:

  • Know what personal information we collect, use, and share about you.
  • Access a copy of the personal information we hold about you.
  • Delete personal information we hold about you, subject to legal exceptions.
  • Correct inaccurate personal information.
  • Limit the use of sensitive personal information (we do not currently process sensitive personal information for inferring characteristics).
  • Opt out of sale or sharing of personal information. We do not sell or share personal information as those terms are defined under the CCPA.
  • Non-discrimination. We will not discriminate against you for exercising any of these rights.

To exercise these rights, email privacy@deliverwms.com from the email associated with your account. We will respond within 45 days. We may need to verify your identity before fulfilling a request.

You may designate an authorized agent to make a request on your behalf, subject to verification.

8.3 Rights of other US residents

Several other US states (including Virginia, Colorado, Connecticut, Utah, and Texas) have enacted consumer privacy laws granting similar rights to access, delete, correct, and opt out of certain processing. We honor these rights for residents of any US state where they apply. Use the same contact method as § 8.2.

8.4 If you are an end customer of a Deliver WMS customer (warehouse client)

If a 3PL or other Deliver WMS customer uses the Service to process information about you, that customer is the data controller of your information for purposes of the Service. Please contact them directly to exercise your rights. We will assist the customer in responding to your request.

9. International users

The Service is provided from the United States. If you access the Service from outside the United States, you understand that your information will be processed in the United States, where data protection laws may differ from those in your jurisdiction.

This Privacy Policy does not currently include the specific disclosures and rights required by the EU General Data Protection Regulation (GDPR), the UK GDPR, or other non-US privacy regimes. If you are a resident of those jurisdictions and have questions about how your information is handled, contact us at privacy@deliverwms.com before using the Service.

10. Children’s privacy

The Service is not directed to individuals under 18, and we do not knowingly collect personal information from anyone under 18. If we learn we have collected personal information from a child under 18, we will delete it.

11. Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the “Last updated” date at the top of this policy and, for material changes, notify customers via email or in-app notice at least 30 days before the change takes effect. Your continued use of the Service after the effective date of an updated policy means you accept the changes.

Historical versions of this policy are available on request.

12. Contact us

For questions about this Privacy Policy or our privacy practices, contact us:

  • Email: privacy@deliverwms.com
  • General contact: hello@deliverwms.com or our contact form
  • Mailing address: Deliver WMS LLC, [TODO: registered Delaware office address]

For California-specific privacy requests, please mark your message “California Privacy Request.”

Questions about this document? Email legal@deliverwms.com or contact us.