Privacy Policy

Last Updated: March 20, 2026

1. Introduction

Keach Fulfillment (“Keach,” “we,” “us,” or “our”) is committed to protecting the privacy and security of personal information we collect and process through our fulfillment, warehousing, and logistics services.

This Privacy Policy explains how we collect, use, disclose, and safeguard information when you:

• Use our website and online services
• Engage our fulfillment and logistics services
• Communicate with us through various channels
• Provide us with information for service delivery

We respect your privacy rights and are committed to transparency about our data practices. This policy applies to all personal and business information we collect in connection with our services.

Scope of Policy: This Privacy Policy applies to information collected through:

• Our website (keachfulfillment.com or applicable domain)
• Client portals and dashboard systems
• Email communications and customer service interactions
• Service delivery and operational activities
• Third-party integrations and platforms

By using our services or providing information to us, you consent to the data practices described in this policy.

2. Information We Collect

We collect various types of information to provide and improve our services.

2.1 Personal Data

Contact Information:

• Full name
• Email address
• Phone number (mobile and/or business)
• Business name and title
• Mailing address and billing address

Account Information:

• Username and password for client portals
• Account preferences and settings
• Communication preferences

Financial Information:

• Billing address
• Payment method information (processed through secure third-party payment processors)
• Purchase history and invoice records
• Bank account information for ACH payments (if applicable)

Identity Verification:

• Government-issued ID (when required for account verification or compliance)
• Business registration documents
• Tax identification numbers (EIN)

2.2 Business Data

Inventory Information:

• Product SKUs and descriptions
• Product images and specifications
• Inventory quantities and values
• Supplier information
• Warehouse location and storage data

Order Information:

• Customer names and shipping addresses (for order fulfillment)
• Order contents and quantities
• Order dates and shipping methods
• Tracking information
• Return and exchange data

Sales and Business Information:

• Sales channel data (ecommerce platform, marketplace)
• Order volume and patterns
• Business performance metrics
• Integration credentials for connected platforms

Customer Data (Provided for Fulfillment):

• End customer names and shipping addresses
• Phone numbers and email addresses for delivery coordination
• Special delivery instructions
• Gift messages or personalization details

2.3 Technical Data

Automatically Collected Information:

• IP address and general location data
• Browser type and version
• Device type and operating system
• Referring website URLs
• Pages visited and time spent on our website
• Click patterns and navigation paths

Cookies and Tracking Technologies:

• Session cookies for website functionality
• Persistent cookies for preferences
• Analytics cookies for website improvement
• Third-party cookies from integrated services

System and Usage Data:

• Log files documenting system access
• API usage and integration activity
• Portal login times and activities
• Error reports and system diagnostics

Communication Records:

• Email correspondence
• Phone call records and transcripts (when calls are recorded with notice)
• Live chat transcripts
• Customer service ticket histories

3. How We Use Information

We use collected information for legitimate business purposes supporting service delivery and business operations.

3.1 Service Delivery

Fulfillment Operations:

• Processing and shipping customer orders
• Managing inventory storage and tracking
• Coordinating with shipping carriers
• Handling returns and exchanges
• Providing prep services (labeling, inspection, packaging)

Account Management:

• Creating and maintaining client accounts
• Providing access to client portals and dashboards
• Managing user permissions and security
• Authenticating identity for account access

Order Processing:

• Receiving orders from integrated platforms
• Picking, packing, and shipping products
• Generating shipping labels and tracking information
• Updating inventory levels in real-time
• Coordinating deliveries with carriers

3.2 Communication

Service-Related Communication:

• Responding to inquiries and support requests
• Providing order status updates
• Sending shipping notifications
• Communicating about inventory levels or issues
• Providing account notifications and alerts

Business Communication:

• Sending invoices and billing statements
• Providing service reports and analytics
• Discussing service improvements or changes
• Coordinating operational activities

Marketing Communication (with consent):

• Sending newsletters about our services
• Providing industry insights and best practices
• Announcing new features or capabilities
• Sharing promotional offers (if applicable)

You may opt out of marketing communications at any time using unsubscribe links in emails or by contacting us directly.

3.3 Improvement and Analytics

Service Improvement:

• Analyzing operational performance and efficiency
• Identifying areas for process optimization
• Developing new features and capabilities
• Enhancing user experience on our website and portals

Business Analytics:

• Understanding service utilization patterns
• Evaluating website traffic and engagement
• Assessing customer satisfaction
• Conducting internal research and analysis

Quality Assurance:

• Monitoring service quality and accuracy
• Identifying and resolving operational issues
• Training staff on service delivery
• Ensuring compliance with service standards

3.4 Legal Compliance

Regulatory Obligations:

• Complying with applicable laws and regulations
• Responding to legal requests and court orders
• Maintaining records as required by law
• Fulfilling tax and financial reporting requirements

Security and Fraud Prevention:

• Protecting against unauthorized access
• Detecting and preventing fraudulent activity
• Investigating security incidents
• Maintaining system integrity

Contract Enforcement:

• Enforcing our Terms & Conditions
• Protecting our legal rights
• Resolving disputes
• Collecting outstanding payments

4. Legal Basis for Data Processing

We process personal data based on multiple legal grounds depending on the nature of the information and context of collection.

4.1 Contractual Necessity

We process data necessary to perform our contractual obligations to clients including:

• Fulfilling orders and providing warehousing services
• Managing inventory and coordinating shipments
• Providing account access and reporting
• Delivering services outlined in service agreements

4.2 Consent

We process certain data based on explicit consent including:

• Marketing communications (email newsletters, promotional offers)
• Optional data collection for enhanced services
• Cookies and tracking technologies (where consent is required)
• Sharing data with third parties beyond service delivery

You may withdraw consent at any time by contacting us or using provided opt-out mechanisms.

4.3 Legitimate Interests

We process data for legitimate business interests including:

• Operating and improving our services
• Ensuring network and information security
• Preventing fraud and unauthorized access
• Analyzing service usage and performance
• Conducting business development activities

We balance these interests against individual privacy rights and do not process data in ways that override fundamental rights and freedoms.

4.4 Legal Obligation

We process data to comply with legal obligations including:

• Maintaining financial records for tax purposes
• Responding to lawful requests from authorities
• Complying with industry regulations
• Fulfilling reporting requirements

5. Data Sharing and Disclosure

We share information with third parties only as necessary for service delivery, legal compliance, or with explicit consent.

5.1 Service Providers

We share information with trusted service providers assisting in business operations:

Shipping Carriers:

• UPS, FedEx, USPS, and other delivery services receive customer names, addresses, and order information for delivery purposes.

Payment Processors:

• Third-party payment processors handle financial transactions securely. We do not store complete credit card information on our systems.

Technology Providers:

• Cloud hosting services for data storage and system operation
• Email and communication services for business correspondence
• Analytics platforms for website and service analysis
• Security services for fraud prevention and system protection

Business Service Providers:

• Accounting and financial services
• Legal and professional advisors
• Insurance providers
• IT support and maintenance services

All service providers are contractually obligated to protect information confidentiality and use data only for specified purposes.

5.2 Platform Integrations

With client authorization, we integrate with ecommerce platforms and marketplaces:

Ecommerce Platforms:

• Shopify, WooCommerce, BigCommerce, Magento
• Integration enables automatic order receipt and inventory synchronization

Marketplaces:

• Amazon, eBay, Walmart, Etsy
• Integration facilitates order fulfillment and inventory management

Business Tools:

• Accounting software (QuickBooks, Xero)
• Customer relationship management (CRM) systems
• Inventory management platforms

These integrations operate through secure APIs with data exchange limited to service delivery requirements.

5.3 Legal Requirements

We disclose information when required by law or to protect legal rights:

Legal Obligations:

• Compliance with court orders, subpoenas, or legal processes
• Response to lawful requests from government authorities
• Fulfillment of regulatory reporting requirements

Rights Protection:

• Enforcing our Terms & Conditions
• Protecting against fraud or security threats
• Defending legal claims or litigation
• Protecting the safety and rights of Keach Fulfillment, clients, or others

5.4 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, personal information may be transferred to the acquiring entity. Affected individuals will be notified, and information will remain subject to this Privacy Policy or an equivalent policy.

5.5 No Selling of Data

We do not sell personal information to third parties for their marketing purposes. Information is shared only as described in this policy for service delivery, legal compliance, or with explicit consent.

5.6 Aggregated and De-Identified Data

We may share aggregated or de-identified information that cannot reasonably identify individuals for:

• Industry research and benchmarking
• Service improvement insights
• Business development purposes

6. Data Security

We implement reasonable security measures to protect information from unauthorized access, disclosure, alteration, or destruction.

6.1 Technical Safeguards

Access Controls:

• User authentication and password requirements
• Role-based access limiting data access to authorized personnel
• Multi-factor authentication for sensitive systems
• Regular access reviews and permission updates

Encryption:

• SSL/TLS encryption for data in transit over networks
• Encryption of sensitive data at rest in databases
• Secure protocols for API communications
• Encrypted backups of critical data

Network Security:

• Firewalls protecting network perimeters
• Intrusion detection and prevention systems
• Regular security monitoring and logging
• Network segmentation isolating sensitive systems

System Security:

• Regular software updates and security patches
• Antivirus and anti-malware protection
• Vulnerability scanning and penetration testing
• Secure development practices for custom software

6.2 Physical Security

Facility Access:

• Restricted access to warehouse and office areas
• Electronic access control systems
• Security cameras and surveillance
• Visitor sign-in and escort procedures

Equipment Security:

• Locked server rooms and data centers
• Secure storage for physical documents
• Equipment disposal procedures ensuring data destruction
• Clean desk policies for sensitive information

6.3 Organizational Measures

Personnel Training:

• Regular employee training on data privacy and security
• Confidentiality agreements for all staff
• Background checks for employees with data access
• Clear data handling policies and procedures

Incident Response:

• Documented procedures for security breach response
• Incident investigation and root cause analysis
• Notification procedures for affected individuals
• Remediation and prevention measures

Vendor Management:

• Due diligence on service provider security practices
• Contractual data protection requirements
• Regular vendor security assessments
• Limited data access based on service needs

6.4 Limitations

No Absolute Security: While we implement reasonable security measures, no system is completely secure. We cannot guarantee absolute security of information.

User Responsibility: Users are responsible for:

• Maintaining password confidentiality
• Using secure internet connections
• Protecting account access credentials
• Reporting suspected security incidents promptly

6.5 Data Breach Notification

In the event of a data breach affecting personal information, we will:

• Investigate the incident promptly
• Notify affected individuals without unreasonable delay
• Report to applicable regulatory authorities as required by law
• Take steps to remediate the breach and prevent recurrence

Notifications will include information about the nature of the breach, data potentially affected, steps we’re taking, and recommended actions for affected individuals.

7. Data Retention

We retain personal information for as long as necessary to fulfill purposes outlined in this Privacy Policy or as required by law.

7.1 Retention Periods

Active Client Data: Information for active clients is retained throughout the service relationship and for a reasonable period thereafter to:

• Support ongoing service delivery
• Maintain business records
• Address potential disputes or claims
• Fulfill contractual obligations

Former Client Data: After service termination, we retain information for:

• 7 years for financial and tax records (as required by law)
• 3 years for operational data and communications
• Ongoing for aggregated/de-identified data used in analytics

Technical Data:

• Website logs and analytics: 2 years
• Security logs: 1-3 years depending on type
• System backups: 30-90 days

7.2 Legal Requirements

Certain information is retained longer when required by law including:

• Financial records (7 years for tax purposes)
• Employment records (varies by type)
• Litigation-related information (until disputes resolve)
• Regulatory compliance records (as specified by regulations)

7.3 Deletion Procedures

After retention periods expire, information is securely deleted or anonymized through:

• Permanent deletion from active systems
• Secure overwriting of storage media
• Physical destruction of documents
• Removal from backup systems during regular cycles

8. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to improve functionality and user experience.

8.1 Types of Cookies

Essential Cookies: Necessary for website operation including:

• Session management for logged-in users
• Security and authentication
• Load balancing
• Basic functionality

These cookies are required for the website to function and cannot be disabled.

Analytics Cookies: Help us understand website usage including:

• Visitor counts and traffic sources
• Page views and navigation patterns
• Time spent on pages
• Device and browser information

We use Google Analytics and similar tools for website analytics.

Functional Cookies: Remember user preferences including:

• Language and region settings
• Display preferences
• Previously entered information

Marketing Cookies (if applicable): Track visitors across websites for advertising purposes. These are used only with consent where required by law.

8.2 Third-Party Cookies

Some cookies are placed by third-party services including:

• Google Analytics for website analytics
• Social media plugins (if applicable)
• Payment processors for transaction security
• Customer support chat tools

Third-party cookies are governed by respective third-party privacy policies.

8.3 User Control

Browser Settings: Most browsers allow you to:

• View and delete cookies
• Block all cookies
• Block third-party cookies only
• Receive warnings before cookies are placed

Note that blocking cookies may affect website functionality.

Opt-Out Tools: You may opt out of certain tracking through:

• Google Analytics opt-out browser addon
• Network Advertising Initiative opt-out page
• Digital Advertising Alliance opt-out tools
• Cookie preference centers on our website (if applicable)

8.4 Do Not Track

Some browsers support “Do Not Track” signals. Our website does not currently respond to Do Not Track signals, though you can control cookies through browser settings as described above.

9. Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information.

9.1 Access Rights

Right to Access: You may request information about:

• What personal data we hold about you
• How we use your data
• Who we share data with
• How long we retain data

We will provide this information in a readable format, typically within 30 days of verified requests.

9.2 Correction and Update

Right to Correct: You may request correction of inaccurate or incomplete personal information. We will update records promptly upon verification of requested changes.

Self-Service Updates: Many updates can be made directly through client portals including contact information, preferences, and account settings.

9.3 Deletion Rights

Right to Deletion: You may request deletion of personal information in certain circumstances including:

• Information no longer needed for original purposes
• Consent withdrawal (where consent was the legal basis)
• Objection to processing for legitimate interests
• Unlawful processing of data

Deletion Limitations: We may retain information when necessary for:

• Legal compliance and obligations
• Establishment, exercise, or defense of legal claims
• Legitimate business purposes (e.g., fraud prevention)
• Contractual obligations

9.4 Data Portability

Right to Portability: You may request a copy of your data in a structured, machine-readable format for transfer to another service provider where technically feasible.

9.5 Objection and Restriction

Right to Object: You may object to processing based on legitimate interests or for direct marketing purposes.

Right to Restrict: You may request restriction of processing in certain circumstances including during dispute resolution about data accuracy or lawfulness of processing.

9.6 Withdrawal of Consent

Consent Withdrawal: Where processing is based on consent, you may withdraw consent at any time without affecting the lawfulness of processing before withdrawal.

Marketing Opt-Out: You may opt out of marketing communications using:

• Unsubscribe links in emails
• Email requests to our contact address
• Account settings in client portals

9.7 Exercising Rights

How to Request: Submit requests by:

• Emailing privacy@keachfulfillment.com (or designated privacy contact)
• Using contact forms on our website
• Writing to our physical address

Verification: We may request information to verify your identity before processing requests to protect against unauthorized access.

Response Time: We respond to verified requests within 30 days, with possible extensions for complex requests communicated in advance.

No Fee: Requests are processed free of charge unless requests are manifestly unfounded, excessive, or repetitive, in which case reasonable fees may apply.

10. International Data Transfers

Keach Fulfillment is based in the United States. Information collected may be transferred to, stored, and processed in the United States or other countries.

10.1 Cross-Border Transfers

U.S. Processing: Our primary operations and data storage are in the United States. By using our services, you consent to transfer of information to the United States.

Third-Country Transfers: Some service providers may process data in countries outside your residence. We ensure appropriate safeguards protect information during such transfers.

10.2 International Clients

Non-U.S. Clients: If you are located outside the United States, please be aware that:

• U.S. privacy laws may differ from laws in your country
• Information transferred to the U.S. is subject to U.S. law
• You have rights under applicable data protection laws

European Economic Area (EEA): For clients in the EEA, transfers comply with GDPR requirements through:

• Standard contractual clauses
• Adequacy decisions
• Other approved transfer mechanisms

10.3 Safeguards

We implement appropriate safeguards for international transfers including:

• Contractual protections with service providers
• Security measures protecting data regardless of location
• Compliance with applicable international data transfer regulations

11. Children’s Privacy

Keach Fulfillment services are designed for businesses and are not directed to children under 13 (or 16 in the EEA).

No Intentional Collection: We do not knowingly collect personal information from children. Our services target business clients and professionals.

Parental Discovery: If we learn we have collected information from a child without parental consent, we will delete it promptly. Parents who believe we may have collected child information should contact us immediately.

Age Verification: By using our services, you represent that you are at least 18 years old or the age of majority in your jurisdiction.

12. California Privacy Rights (CCPA)

California residents have specific rights under the California Consumer Privacy Act (CCPA).

12.1 Information Categories

We collect the following categories of personal information from California residents:

• Identifiers (name, email, phone, address)
• Commercial information (purchase history, transactions)
• Internet activity (website usage, log data)
• Professional information (business data, employment)
• Inferences (preferences, characteristics)

12.2 California Rights

Right to Know: Request disclosure of:

• Categories of personal information collected
• Sources of information
• Business purposes for collection
• Categories of third parties with whom information is shared
• Specific pieces of information collected

Right to Delete: Request deletion of personal information subject to certain exceptions.

Right to Opt-Out: California residents have the right to opt out of “sale” of personal information. We do not sell personal information as defined by CCPA.

Right to Non-Discrimination: You will not receive discriminatory treatment for exercising CCPA rights.

12.3 Exercising California Rights

California residents may exercise rights by:

• Emailing privacy@keachfulfillment.com
• Calling [phone number]
• Submitting requests through our website

We verify identity before processing requests and respond within 45 days.

Authorized Agents: California residents may designate authorized agents to submit requests on their behalf with proper documentation of authorization.

12.4 Shine the Light

California residents may request information about disclosure of personal information to third parties for direct marketing purposes. We do not disclose personal information for others’ direct marketing without consent.

13. European Privacy Rights (GDPR)

Individuals in the European Economic Area (EEA), UK, and Switzerland have rights under the General Data Protection Regulation (GDPR) and similar laws.

13.1 Legal Basis

We process personal data under GDPR based on:

• Performance of contract
• Legitimate interests
• Legal obligations
• Consent (where applicable)

13.2 GDPR Rights

Rights Include:

• Right of access to personal data
• Right to rectification of inaccurate data
• Right to erasure (“right to be forgotten”)
• Right to restrict processing
• Right to data portability
• Right to object to processing
• Rights related to automated decision-making

13.3 Data Protection Officer

For GDPR-related inquiries, contact: [Data Protection Officer name/title if applicable]
Email: dpo@keachfulfillment.com (or designated contact)

13.4 Supervisory Authority

EEA residents have the right to lodge complaints with supervisory authorities in their country of residence.

14. Policy Updates and Changes

14.1 Policy Modifications

We may update this Privacy Policy periodically to reflect:

• Changes in our practices
• Legal or regulatory requirements
• New features or services
• Feedback and improvements

14.2 Notification of Changes

Material Changes: For significant changes affecting data use or rights, we will notify you through:

• Email to addresses on file
• Prominent website notices
• Notifications in client portals

Minor Changes: Non-material updates may be posted without additional notice beyond updating the “Last Updated” date.

14.3 Review Recommendation

We encourage periodic review of this Privacy Policy to stay informed about data practices. The “Last Updated” date indicates when changes were made.

14.4 Continued Use

Continued use of services after policy updates constitutes acceptance of modified terms. If you disagree with changes, discontinue service use and contact us about account closure.

15. Contact Information

For questions, concerns, or requests regarding this Privacy Policy or our data practices:

Keach Fulfillment: 5906 Jessamine St, Suite B4, Houston, Texas 77081

Privacy Inquiries:
Email: info@keachfulfillment.com
Phone: +1 (281) 380-2907

Business Hours:
Monday – Friday: 8:00 AM – 5:00 PM CST

Response Time: We respond to privacy inquiries within 2 business days for acknowledgment and within 30 days for complete responses to requests.

This Privacy Policy is effective as of the date listed above. By using Keach Fulfillment services, you acknowledge that you have read and understood this Privacy Policy.