Privacy Policy

This privacy policy covers Chrome extensions and tools published by the ShipHero Forward Deployed Engineering (FDE) Team. Our extensions serve both internal teams within ShipHero and external customers, supporting workflows such as warehouse operations, sales tooling, and platform integrations.

In this policy, “we,” “our,” and “us” refer to the ShipHero Forward Deployed Engineering (FDE) Team. This page is the complete and self-contained privacy policy for our Chrome extensions and tools — it does not rely on any external policy.

General Principles

• Our extensions are designed to assist teams within ShipHero and external customers with workflows such as sales demonstrations, warehouse operations, and platform integrations.
• Extensions only request the minimum permissions necessary for their stated functionality.
• We do not collect, sell, or share personal information through any of our extensions.
• When an extension transfers data to external systems, it is done only with the explicit permission of the customer and is documented in the applicable statement of work or contract.
• No analytics, telemetry, or third-party tracking is included in any extension.

Information We Collect

Our extensions are designed to operate without collecting personal information from end users. The only data we handle falls into the following narrow categories:

Extension Settings & Preferences

Configuration data such as feature toggles and user preferences, stored on-device via Chrome’s built-in storage API or, where sync is needed, in a cloud-hosted database (Supabase). Only extension configuration is stored — no personal information, browsing data, or page content.

Support Communications

If you contact us at support@wms.dev, we receive your name, email address, and the contents of your message. We use this information solely to respond to your inquiry.

Customer-Authorized Data Transfers

Some extensions are deployed for specific customer workflows that involve transferring operational data (e.g. orders, products, shipments) to external systems. These transfers occur only with the explicit permission of the customer and only as documented in the applicable statement of work or contract.

Permissions & Data Access

The permissions below are commonly used across our extensions. Each extension only requests the subset it needs. Refer to the extension’s Chrome Web Store listing for its specific permissions.

Active Tab & Scripting

Used to interact with the content of the currently active browser tab when explicitly triggered by the user. No page content is collected or transmitted.

Storage

Extensions store preferences and settings using Chrome’s built-in storage API (on-device) or a cloud-hosted database (Supabase) to sync settings across devices. Only extension configuration data is stored — no personal information, browsing data, or page content. Cloud-stored data is secured via row-level access controls and is not shared with third parties.

Host Permissions

When required, host permissions allow extensions to operate on specific websites or across multiple sites relevant to the workflows we support. No browsing history is accessed or recorded.

External APIs

Some extensions communicate with third-party APIs to provide their core functionality (e.g. generating barcodes or retrieving reference data). No personal user data is sent to these services.

Data Collection Summary

None of our Chrome extensions collect the following categories of data:

How We Use Information

We use the limited information described above only for the following purposes:

• To provide, maintain, and improve our Chrome extensions and tools.
• To respond to your support inquiries and other communications.
• To deliver functionality you have explicitly requested (such as syncing settings across devices).
• To comply with legal obligations.

We do not use any information collected by our extensions for marketing, advertising, profiling, or automated decision-making, and we do not sell or rent personal information.

How We Share Information

We do not share extension data with advertising, analytics, or marketing partners. The only circumstances in which information is disclosed are:

• Customer-authorized transfers. When an extension is deployed for a specific customer workflow that requires sending operational data to external systems, the transfer occurs only with the explicit permission of the customer and as documented in the applicable statement of work or contract.
• Service providers. Limited infrastructure providers (such as Supabase for cloud storage) process settings data on our behalf under contractual obligations and only for the purpose of providing the underlying service.
• Legal compliance. We may disclose information where required by law, valid legal process, or to protect the rights, property, or safety of our users, the FDE Team, or others.
• Corporate transactions. If our team or its parent organization is involved in a merger, acquisition, sale of assets, or similar transaction, information may be transferred as part of that transaction subject to standard confidentiality protections.

Data Retention & Security

We retain information only for as long as it is needed for the purposes described in this policy or to meet our legal obligations. Extension settings remain in your browser’s storage or in your synced cloud storage until you delete them or uninstall the extension. Support communications are retained only as long as needed to handle your inquiry and any follow-up.

We use reasonable administrative, technical, and physical safeguards to protect information from unauthorized access, disclosure, alteration, and destruction. However, no method of transmission over the internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

Children’s Privacy

Our extensions are not intended for children under 16. We do not knowingly collect personal information from children under 16. If you believe a child has provided personal information through one of our extensions, please contact us at support@wms.dev so we can take appropriate action.

Your Rights (United States)

Depending on your state of residence, U.S. users may have the following rights with respect to their personal information:

• The right to access, correct, or delete personal information we hold about you.
• The right to obtain a portable copy of your personal information.
• The right to opt out of targeted advertising, the “sale” of personal information, and profiling for legally significant decisions. (We do none of these by default.)
• The right not to be discriminated against for exercising any of the rights above.
• The right to appeal a decision regarding your request.

To exercise these rights, email support@wms.dev. We may need to verify your identity before fulfilling a request and will respond within the timeframes required by applicable law.

EU, UK, and EEA Residents (GDPR)

If you are located in the European Union, the European Economic Area, the United Kingdom, or Switzerland, the following additional terms apply to our processing of your personal data.

Legal Bases for Processing

We process personal data on one or more of the following legal bases:

• Contract: processing necessary to provide the extension functionality you have requested or to perform a contract with a customer.
• Legitimate interests: processing necessary for our legitimate interests in operating, securing, and improving our extensions, where those interests are not overridden by your rights and freedoms.
• Consent: where required by law, processing based on your consent — which you may withdraw at any time without affecting prior processing.
• Legal obligation: processing necessary to comply with applicable law.

Your Rights

Subject to applicable law, you have the right to:

• Access the personal data we hold about you and obtain a portable copy.
• Request rectification of inaccurate or incomplete data.
• Request erasure (the “right to be forgotten”).
• Restrict or object to our processing.
• Withdraw consent at any time, where processing is based on consent.
• Lodge a complaint with the supervisory authority in your country of residence, country of work, or place of the alleged infringement.

To exercise any of these rights, contact support@wms.dev. We will respond within the timeframes required by applicable law.

International Data Transfers

Our extensions and supporting infrastructure are operated from the United States. If you access our extensions from outside the U.S., your information will be transferred to, stored in, and processed in the United States. Where required, such transfers are made under appropriate safeguards (such as European Commission adequacy decisions or standard contractual clauses).

EU and UK Representatives & Data Protection Officer

The FDE Team operates as part of ShipHero LLC. For formal data-protection requests, the following ShipHero LLC representatives are available:

EU Representative

Osano International Compliance Services Limited
ATTN: TZ7M
3 Dublin Landings
North Wall Quay
Dublin 1, D01C4E0

UK Representative

Osano UK Compliance LTD
ATTN: TZ7M
42–46 Fountain Street
Belfast, Antrim BT1 5EF

Data Protection Officer

dataprotection@shiphero.com

Changes to This Policy

We may update this policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. When we do, we will revise the “Last updated” date at the top of this page. Material changes will be communicated through the extensions or other reasonable means where required by law.

Contact

For questions about this policy or about data practices in any of our Chrome extensions, contact us at support@wms.dev.

Formal data-protection requests may also be directed to ShipHero LLC at dataprivacy@shiphero.com or, for GDPR/UK matters, to the Data Protection Officer at dataprotection@shiphero.com.