Privacy Policy

Last Updated: March 5, 2026

StilFresh operates as independent companies in Cameroon, United Kingdom, and South Africa under collaboration agreements.

1. Introduction and Company Structure

StilFresh ("we," "us," "our," or "Company") is committed to protecting your privacy. StilFresh operates as independent legal entities in Cameroon, the United Kingdom, and South Africa, each subject to the data protection laws of their respective jurisdictions. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our services. Your data may be processed by one or more of these entities depending on your location and the services you use. Please read this Privacy Policy carefully. If you do not agree with our policies and practices, please do not use our Services.

2. Information We Collect

We collect information in the following ways:

2.1 Information You Provide Directly

  • Contact Information: Name, email address, phone number, company name, job title, and mailing address when you contact us or request services.
  • Account Information: Username, password, and account preferences when you create an account.
  • Service Data: Cargo details, shipment information, temperature records, inspection photos/videos, damage documentation, carrier communications, and insurance claim details when you submit claims or request inspections.
  • Payment Information: Credit card, bank account, or other payment details when you pay for services. Payment processing is handled by secure third-party payment processors.
  • Communications: Messages, emails, and other communications you send to us.

2.2 Information Collected Automatically

  • Device Information: Device type, operating system, browser type, IP address, and unique device identifiers.
  • Usage Information: Pages visited, time spent on pages, links clicked, search queries, and other browsing behavior.
  • Location Information: General location data derived from IP address (not precise GPS location).
  • Cookies and Tracking Technologies: We use cookies, web beacons, and similar technologies to track your activity and preferences.

2.3 Information from Third Parties

We may receive information about you from third parties, including:

  • Carriers, freight forwarders, and logistics partners
  • Insurance companies and brokers
  • Port authorities and customs agencies
  • Payment processors and financial institutions
  • Public records and business databases

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Providing, maintaining, and improving our Services
  • Processing claims and conducting investigations
  • Communicating with you about your account and services
  • Sending marketing communications (with your consent)
  • Analyzing usage patterns to improve user experience
  • Detecting and preventing fraud and security incidents
  • Complying with legal obligations and court orders
  • Enforcing our Terms and Conditions
  • Protecting our legal rights and the rights of our users

4. Legal Basis for Processing (GDPR)

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds:

  • Contract: Processing necessary to perform our services agreement with you.
  • Consent: Your explicit consent for marketing communications and non-essential processing.
  • Legal Obligation: Compliance with applicable laws, regulations, and court orders.
  • Legitimate Interests: Our business interests in fraud prevention, security, and service improvement, balanced against your privacy rights.

5. Data Sharing and Disclosure

We may share your information with:

  • Service Providers: Third-party vendors who assist us in providing Services (payment processors, cloud storage, analytics providers).
  • Business Partners: Carriers, insurers, surveyors, and other partners necessary to fulfill your service requests.
  • Legal Requirements: Law enforcement, government agencies, or courts when required by law or legal process.
  • Business Transfers: In the event of merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.
  • Your Consent: Any other third parties with your explicit consent.

We do not sell your personal data to third parties for marketing purposes. We require all third-party service providers to maintain strict confidentiality and use your information only for the purposes we specify.

6. Data Retention

We retain your personal data for as long as necessary to provide Services, comply with legal obligations, and resolve disputes. Specific retention periods include:

  • Account Information: Retained for the duration of your account plus 3 years after account closure.
  • Service Data: Retained for 7 years to comply with cargo insurance and international maritime regulations.
  • Payment Information: Retained for 7 years for accounting and tax purposes.
  • Marketing Communications: Retained until you unsubscribe or request deletion.

After the retention period, data is securely deleted or anonymized. You may request deletion of your data at any time, subject to legal retention requirements.

7. Data Security

We implement comprehensive security measures to protect your personal data:

  • SSL/TLS encryption for data in transit
  • AES-256 encryption for data at rest
  • Secure password hashing and salting
  • Multi-factor authentication for account access
  • Regular security audits and penetration testing
  • Restricted access to personal data (need-to-know basis)
  • Employee confidentiality agreements and training
  • Incident response procedures for data breaches

While we implement robust security measures, no system is completely secure. We cannot guarantee absolute security of your data. If a data breach occurs, we will notify affected individuals and relevant authorities as required by law.

8. Your Privacy Rights

Under GDPR and UK data protection laws, you have the following rights:

  • Right to Access: You can request a copy of your personal data we hold.
  • Right to Rectification: You can request correction of inaccurate personal data.
  • Right to Erasure: You can request deletion of your personal data (subject to legal retention requirements).
  • Right to Restrict Processing: You can request that we limit how we process your data.
  • Right to Data Portability: You can request your data in a machine-readable format.
  • Right to Object: You can object to processing of your data for marketing or legitimate interest purposes.
  • Right to Withdraw Consent: You can withdraw consent for processing at any time.
  • Right to Lodge a Complaint: You can file a complaint with the UK Information Commissioner's Office (ICO).

To exercise these rights, contact us using the information in Section 11 below. We will respond to requests within 30 days.

9. International Data Transfers

StilFresh operates across Cameroon, the United Kingdom, and South Africa. Your personal data may be transferred to, stored in, and processed in any of these jurisdictions or other countries as necessary to provide Services. By using our Services, you consent to the transfer of your information across these jurisdictions. We implement appropriate safeguards for international transfers, including Standard Contractual Clauses, Binding Corporate Rules, and adequacy decisions recognized by relevant authorities. Each StilFresh entity complies with data protection laws in its respective jurisdiction.

10. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience:

  • Essential Cookies: Required for website functionality (login, security, preferences).
  • Analytics Cookies: Track usage patterns to improve our Services.
  • Marketing Cookies: Used to deliver personalized content and advertisements (with your consent).

You can control cookies through your browser settings. Disabling cookies may affect website functionality. We do not respond to Do Not Track signals, but you can opt out of marketing communications at any time.

11. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of third-party sites. We encourage you to review the privacy policies of any third-party sites before providing personal information.

12. Children's Privacy

Our Services are not directed to children under 18 years of age. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child, we will delete it immediately. If you believe we have collected data from a child, please contact us immediately.

13. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal data we collect and how we use it
  • Right to delete personal data (with exceptions)
  • Right to opt-out of the sale or sharing of personal data
  • Right to non-discrimination for exercising your privacy rights

To exercise these rights, contact us using the information in Section 14 below.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. We will notify you of material changes by posting the updated policy on our website and updating the "Last Updated" date. Your continued use of our Services following notification of changes constitutes your acceptance of the updated Privacy Policy.

15. Contact Information

If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact:

For complaints regarding our data practices in the United Kingdom, you can contact the UK Information Commissioner's Office (ICO) at ico.org.uk.

16. Data Protection Impact Assessment

We conduct Data Protection Impact Assessments (DPIA) for high-risk processing activities to ensure compliance with GDPR requirements and to identify and mitigate privacy risks.

17. Processor Agreements

All third-party data processors we engage have signed Data Processing Agreements (DPA) that ensure they process personal data only on our instructions and maintain appropriate security measures.