Privacy Policy

Enshield Inc. Privacy Policy

Effective Date: April 24, 2026
Last Updated: April 24, 2026

1. Introduction

Enshield Inc. ("Enshield," "we," "our," or "us") respects the privacy and security of merchant, consumer, claimant, and visitor information. This Privacy Policy explains how we collect, use, disclose, store, process, and protect information obtained through our websites, applications, integrations, APIs, merchant onboarding systems, claims administration systems, ACH billing processes, shipment protection platform, and related services (collectively, the “Services”).

Because Enshield operates in industries involving e-commerce, payment processing, shipment protection administration, ACH transactions, and regulated insurance-related activities, we maintain privacy and information handling practices designed to support compliance with applicable laws, regulations, contractual obligations, industry standards, and network requirements.

By accessing or using the Services, users acknowledge and agree to the practices described in this Privacy Policy.

2. Scope

This Privacy Policy applies to information collected, processed, stored, transmitted, or maintained by Enshield in connection with:

• The Enshield website, merchant portal, APIs, applications, integrations, and software platform;
• Merchant onboarding, underwriting support, account administration, and billing processes;
• Shipment protection program administration and related customer support activities;
• Claims intake, investigation, review, reimbursement, and resolution workflows;
• ACH authorization, billing, payment processing coordination, and transaction administration;
• Communications between Enshield, merchants, customers, carriers, financial institutions, service providers, and claimants;
• Fraud prevention, compliance reviews, identity verification, and risk monitoring activities;
• Marketing, business development, and support interactions;
• Any other services provided by Enshield in connection with its shipment protection administration and merchant services platform.

This Privacy Policy applies to:

• Merchants and businesses using the Enshield platform;
• Customers purchasing shipment or package protection through merchants utilizing Enshield services;
• Claimants submitting claims or reimbursement requests;
• Website visitors and platform users;
• Vendors, partners, and service providers interacting with Enshield;
• Individuals communicating with Enshield regarding support, claims, billing, compliance, or business inquiries.

This Privacy Policy does not apply to:

• Third-party websites or services not controlled by Enshield;
• Banks, payment processors, or financial institutions operating under their own privacy policies;
• Insurance carriers or regulated entities maintaining separate legal obligations;
• E-commerce platforms or merchant storefronts operating independently of Enshield;
• Shipping carriers or logistics providers subject to separate privacy practices.

Users should review the privacy policies of applicable third parties separately.

3. Information We Collect

A. Information Provided Directly

We may collect information voluntarily provided by merchants, customers, claimants, vendors, or other users, including:

• Name
• Business name
• Employer identification number (EIN)
• Business ownership and beneficial ownership information
• Email address
• Phone number
• Billing address and shipping address
• Consumer order information provided during checkout with participating merchants
• Payment and billing information
• Limited ACH authorization and payment-related information necessary to facilitate billing and payment processing through third-party payment processors
• Claim-related documentation and communications
• Government-issued identification where legally required
• Tax and compliance documentation
• Account credentials and authentication information
• Customer support communications
• Call recordings and communications where permitted by applicable law
• AI-generated meeting notes, summaries, and meeting transcripts
• Carrier tracking and shipment information
• Product, transaction, and order details related to package protection purchases

B. Information Collected Automatically

When users interact with the Services, we may automatically collect:

• IP address
• Browser type and device identifiers
• Operating system
• Access timestamps and activity logs
• Session analytics and usage metrics
• Cookies and similar tracking technologies
• Fraud and risk indicators
• Geolocation information derived from IP address
• Transaction metadata
• Referral URLs and interaction history

Enshield may also use communication, conferencing, support, or AI-assistance technologies that generate call recordings, voicemail records, automated meeting summaries, transcripts, chat logs, or AI-generated notes in connection with customer support, merchant onboarding, sales discussions, compliance reviews, claims handling, operational meetings, training, quality assurance, and business communications.

Where required by applicable law, Enshield will seek appropriate consent or provide notice regarding call recording practices.

C. Information Received From Third Parties

We may receive information from:

• E-commerce platforms and integrations
• Shipping carriers and logistics providers
• Payment processors and ACH processors
• Financial institutions
• Fraud prevention and identity verification providers
• Insurance carriers and regulated program partners
• Analytics and security providers
• Merchants and storefront systems
• Government agencies or regulatory authorities when legally required

D. Sensitive and Regulated Information

Certain information processed in connection with Enshield services may be subject to heightened legal, financial, insurance, or payment network requirements, including:

• Payment transaction records;
• ACH authorization confirmations;
• Claim documentation;
• Insurance or risk administration records;
• Fraud prevention data;
• Identity verification records;
• Transaction and reimbursement histories.

Enshield is designed to minimize the direct collection and storage of sensitive financial account information. Bank account credentials, full account numbers, and certain ACH authorization data are intended to be collected and processed through secure third-party payment processors and financial service providers, including Stripe and its affiliated services, using their hosted or embedded payment interfaces and security controls.

In connection with package protection services, Enshield may collect and store basic consumer transaction and order information provided by consumers at the time of purchase through participating merchant checkout systems. This information may include:

• Consumer name;
• Shipping and billing address;
• Email address and contact information;
• Order number and transaction details;
• Shipment and carrier tracking information;
• Product and purchase information associated with the protected order.

This information is used to administer package protection services, verify coverage eligibility, process claims, communicate with consumers and merchants, investigate fraud, and maintain operational records.

Enshield does not intentionally store full bank account credentials or sensitive payment authentication information on Enshield-operated systems except as reasonably necessary for transaction verification, reconciliation, compliance, dispute handling, or legal obligations.

Enshield limits access to regulated or sensitive information to authorized personnel and service providers with a legitimate business need.

4. How We Use Information

We use collected information for legitimate business, contractual, legal, operational, and regulatory purposes, including:

• Providing and administering the Services;
• Operating shipment protection and related administrative programs;
• Processing claims, reimbursements, and customer support requests;
• Facilitating merchant onboarding, account verification, and risk assessment;
• Managing ACH billing and payment transactions;
• Maintaining compliance with NACHA Operating Rules and payment network requirements;
• Conducting fraud prevention, risk monitoring, and security reviews;
• Verifying merchant identity and business legitimacy;
• Maintaining insurance and regulatory compliance obligations;
• Communicating with merchants, customers, carriers, and financial institutions;
• Improving platform functionality and user experience;
• Conducting analytics, audits, and internal reporting;
• Enforcing agreements and protecting legal rights;
• Complying with applicable laws, regulations, court orders, subpoenas, and governmental requests.

Enshield may use aggregated or de-identified information for lawful business analytics and operational improvement purposes.

5. Legal Basis for Processing

Where applicable under data protection laws, Enshield processes information based on:

• Performance of a contract;
• Legitimate business interests;
• Legal compliance obligations;
• User consent where required.

6. Information Sharing and Disclosure

Enshield does not sell personal information.

We may disclose information under the following circumstances:

A. Service Providers and Processors

We may share information with trusted vendors and service providers assisting with:

• Cloud hosting and infrastructure;
• Payment processing and ACH transactions;
• Merchant billing administration;
• Claims administration;
• Fraud prevention and identity verification;
• Customer support operations;
• Data analytics and monitoring;
• Security and compliance services;
• Email, SMS, and communication systems.

Service providers are contractually required to maintain reasonable confidentiality and security protections.

B. Financial Institutions and Payment Networks

To facilitate ACH processing and related payment activities, Enshield may share necessary information with:

• Banks and financial institutions;
• Payment processors;
• Stripe and affiliated payment processing services;
• NACHA participants;
• Risk monitoring providers;
• Payment verification vendors.

Where possible, sensitive banking and ACH information is collected directly by third-party payment processors through secure hosted interfaces or embedded payment tools rather than directly through Enshield systems.

Enshield maintains commercially reasonable procedures intended to support compliance with applicable NACHA Operating Rules, payment security obligations, and commercially reasonable data minimization practices.

C. Insurance and Regulatory Partners

Where required for regulatory compliance, underwriting, claims administration, program management, or lawful operation of shipment protection programs, Enshield may share relevant information with:

• Licensed insurance carriers;
• Risk administrators;
• Claims administrators;
• Legal counsel;
• Regulatory authorities.

D. Merchants and Platform Partners

We may share information with the applicable merchant or platform partner necessary to administer shipment protection services, claims handling, reimbursement workflows, customer communications, fraud review, and account management.

E. Legal Compliance and Protection

We may disclose information when reasonably necessary to:

• Comply with legal obligations or regulatory requirements;
• Respond to lawful subpoenas, court orders, or governmental requests;
• Protect the rights, property, safety, and security of Enshield, merchants, customers, or others;
• Detect, investigate, or prevent fraud, unauthorized activity, money laundering, or unlawful conduct;
• Enforce agreements and platform policies.

F. Corporate Transactions

Information may be transferred in connection with a merger, acquisition, financing transaction, restructuring, or sale of assets, subject to applicable confidentiality obligations.

7. Data Retention

Enshield retains information for periods reasonably necessary to:

• Provide and administer the Services;
• Maintain merchant account records;
• Process claims and reimbursement requests;
• Satisfy legal, tax, accounting, insurance, and regulatory obligations;
• Maintain ACH authorization and transaction records;
• Resolve disputes and enforce agreements;
• Detect and investigate fraud or security incidents.

Certain financial, payment, insurance, and claims-related records may be retained for extended periods where required by law, regulation, contractual obligations, or industry standards.

When information is no longer reasonably necessary, Enshield may securely delete, anonymize, or aggregate the information.

8. Cookies and Tracking Technologies

Enshield may use cookies, pixels, and similar technologies to:

• Maintain platform functionality;
• Authenticate users;
• Analyze traffic and usage trends;
• Improve performance and user experience.

Users may adjust browser settings to limit cookies; however, certain features of the Services may not function properly if cookies are disabled.

9. Data Security

Enshield implements commercially reasonable administrative, technical, organizational, and physical safeguards designed to protect information against unauthorized access, disclosure, misuse, alteration, or destruction.

Security measures may include:

• Access controls and authentication requirements;
• Encryption technologies where appropriate;
• Role-based access restrictions;
• Logging and monitoring systems;
• Vendor security reviews;
• Employee confidentiality obligations;
• Incident response procedures;
• Fraud monitoring and risk detection tools.

Enshield also maintains policies and procedures intended to support compliance with applicable payment processing obligations, ACH security requirements, insurance-related confidentiality obligations, and commercially reasonable information security practices.

Despite these safeguards, no electronic transmission or storage system can be guaranteed completely secure.

10. International Data Transfers

Information may be processed and stored in the United States or other jurisdictions where Enshield or its service providers operate.

By using the Services, users acknowledge that information may be transferred to jurisdictions with different data protection laws than their own.

11. User Rights and Choices

Depending on applicable law, users may have rights to:

• Access personal information;
• Correct inaccurate information;
• Request deletion of certain information;
• Object to or restrict certain processing activities;
• Withdraw consent where processing is based on consent;
• Request portability of certain information.

Enshield may decline requests where permitted or required by law, including where information must be retained for:

• Fraud prevention;
• Claims administration;
• Insurance compliance;
• ACH transaction verification;
• Financial recordkeeping;
• Legal and regulatory obligations;
• Enforcement of agreements.

Requests may be submitted using the contact information provided below. Enshield may require verification of identity before responding to requests.

12. California Privacy Rights

If applicable, California residents may have additional rights under the California Consumer Privacy Act (“CCPA”) or California Privacy Rights Act (“CPRA”), including the right to:

• Know what personal information is collected;
• Request deletion of personal information;
• Correct inaccurate information;
• Limit certain uses of sensitive personal information;
• Receive equal service and pricing regardless of exercising privacy rights.

Enshield does not sell or share personal information for cross-context behavioral advertising.

13. Children’s Privacy

The Services are not directed to children under 13 years of age, and Enshield does not knowingly collect personal information from children.

If Enshield becomes aware that information has been collected from a child in violation of applicable law, we will take reasonable steps to delete such information.

14. Third-Party Services

The Services may contain links or integrations to third-party websites, applications, or services. Enshield is not responsible for the privacy practices or content of third parties.

Users should review the privacy policies of those third parties separately.

15. Changes to This Privacy Policy

Enshield may update this Privacy Policy periodically. Updated versions will be posted with a revised “Last Updated” date.

Continued use of the Services following publication of changes constitutes acceptance of the updated Privacy Policy.

16. Contact Information

If you have questions regarding this Privacy Policy or Enshield’s privacy practices, please contact:

Enshield Inc.
P.O. Box 502

Rexburg, ID 83440
Phone: 208-317-1160
Email: CS@enshield.com