48BY40.io
Sales

Legal

Privacy Policy

Effective: [DATE_OF_LAUNCH] · Last updated: [DATE_OF_LAUNCH]

1. Information we collect

  • Account information: name, email, phone number, role/class.
  • Business information: company name, DOT and MC numbers (where applicable), address, asset inventory, and operating data.
  • Verification data: FMCSA / CarrierOK lookup results, document uploads, and standing signals.
  • Form submissions: the information you enter when you contact us via any form on this site (intake form, “Talk to Sales”, persona-specific inquiries) — including the fields you fill in plus automatic metadata (IP address, user agent, referring page). Form submissions are stored in AWS DynamoDB in the us-east-1 region; AWS acts as our data processor.
  • Scheduling data: if you book a discovery call via our embedded Calendly widget on /contact, the booking information you provide is processed by Calendly under their privacy policy; we receive the booking details to facilitate the meeting.
  • Usage data: pages visited, features used, error logs.
  • Cookies: see our Cookie Policy for full detail.

2. How we use information

  • To provide, operate, and improve the Service.
  • To verify identity, registration status, and carrier standing.
  • To communicate with you about transactional events and, with your consent, marketing.
  • To comply with applicable law and respond to lawful requests.

3. Sharing information

We share information only as needed to operate the Service:

  • Service providers (hosting, analytics, email, payment processors) under written data-processing terms. Our current service providers include Amazon Web Services (AWS) for hosting and form-submission storage (DynamoDB in us-east-1), and Calendly for discovery-call scheduling.
  • Verification authorities (FMCSA, CarrierOK, and similar) for TOS-compliant lookups only.
  • Marketplace counterparties: shippers see verified carrier standing when reviewing offers; carriers see shipper basics when accepting work. We do not share asset counts to outside parties without consent.
  • Legal compliance: in response to lawful requests, court orders, or to protect rights and safety.

4. Your rights

  • Access the personal information we hold about you.
  • Correct inaccurate information.
  • Delete your information, subject to retention obligations.
  • Export your information in a portable format.
  • Opt out of marketing communications at any time.

5. Data retention

We retain account information for as long as your account is active, plus a reasonable period thereafter to comply with legal, audit, and dispute-resolution obligations. Verification logs and operating data are retained for the period required to demonstrate compliance and serve historical reporting.

6. Security

We use industry-standard safeguards to protect your information, including TLS in transit, AES-256 at rest, role-based access controls, and audit logging. No system is perfectly secure; you also play a role by keeping your credentials confidential.

7. Analytics, advertising, and tag management

We use Google Tag Manager (GTM container GTM-MLC37KST) to deploy analytics and advertising tags on this site. The current tag stack includes:

  • Google Analytics 4 (measurement ID G-7VTP8V97L6) — site-usage analytics. Sets _ga and _ga_* cookies when you grant Analytics consent via the cookie banner.
  • Google Ads (account AW-17881455731) — advertising attribution and conversion tracking. Sets _gcl_au and related _gcl_* cookies when you grant Marketing consent.
  • Calendly — third-party scheduling widget on /contact. Sets its own session cookies under Calendly's privacy notice.

Consent default. Before you make a choice in the cookie banner, we operate Google's Consent Mode v2 in default-deny: Google receives cookieless “ping” events for measurement modeling but does not set advertising or analytics cookies. After you grant consent (per category), Google's tags activate cookies and full measurement.

Lead-form data sent to advertising partners. When you submit a contact form on this site and you have granted Marketing consent, we may use Google's “Enhanced Conversions” feature to improve attribution: a hashed (SHA-256) version of identifiers you provided (such as email address) may be transmitted to Google alongside the conversion event. Google uses the hashed identifier to match the conversion to a prior ad click without exposing your raw email. Hashing is one-way; Google cannot recover the original value. We send Enhanced Conversion data only when consent is granted.

How to control this. You can opt out of Analytics or Advertising cookies at any time using the “Cookie preferences” link in the page footer (or by clearing cookies for this site). For specific cookies set by these providers, their lifetimes, and how to clear them in your browser, see our Cookie Policy. You can also opt out of Google's use of cookies generally at Google Ads Settings.

8. Children's privacy

The Service is not directed to individuals under 18, and we do not knowingly collect personal information from minors. If you believe we have collected information from a minor, please contact us so we can promptly delete it.

9. Changes

We may update this Privacy Policy from time to time. Material changes will be communicated to affected users via the Service or by email. Continued use of the Service after such updates constitutes acceptance of the updated policy.

10. Contact

For privacy questions or to exercise your rights, contact privacy@48by40.io.