GDPR compliant for safe handling of personal & delivery data.

Customer data is processed within the European Economic Area. Limited cross-border transfers rely on Standard Contractual Clauses.

Carrier credentials are encrypted at rest using AES-256-GCM, an authenticated symmetric algorithm. Per NIST guidance (SP 800-131A and NIST's post-quantum cryptography programme), AES-256 retains adequate effective security against known quantum attacks and does not require migration.

One-time password verification for enhanced account security and multi-factor authentication protection.

If a personal data breach affects Customer data, we notify the affected Customer within 72 hours of becoming aware of it.

All data encrypted in-transit with TLS 1.2 and at-rest using AES 256-bit encryption for maximum security.