layers

LandedCost.io

Get Free Access
Homechevron_rightPrivacy Policy

Privacy Policy

Last updated: March 2026

1. Introduction

LandedCost.io ("we", "us", "our") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store, and share your personal data when you use our platform and services.

We are the data controller for the purposes of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. Our registered address is [Company Address, United Kingdom]. If you have any questions about this policy, please reach out via our Contact page.

2. Information We Collect

We collect the following categories of personal data:

Account Information

Name, email address, and password (hashed) when you create an account. We may also collect your company name and job title if provided.

Business Data

Shipment details, product information, cost data, supplier information, and other data you enter while using the platform. This data belongs to you and is processed solely to provide the service.

Usage Data

IP address, browser type, device information, pages visited, and feature usage patterns. This data helps us improve the platform and diagnose technical issues.

Cookies & Local Storage

Authentication tokens, session data, and theme preferences stored in your browser. See our Cookie Policy for full details.

3. Legal Basis for Processing

We process your personal data on the following legal bases under UK GDPR:

  • Contract performance — Processing necessary to provide the platform services you have signed up for, including account management, cost calculations, and data storage.
  • Legitimate interests — Improving and securing our platform, analysing usage patterns, preventing fraud, and communicating service updates.
  • Legal obligation — Complying with applicable laws, regulations, and lawful requests from authorities.
  • Consent — Where required, such as for marketing communications. You may withdraw consent at any time.

4. How We Use Your Information

  • Providing and maintaining the platform, including landed cost calculations, exchange rate lookups, and report generation.
  • Authenticating your identity and managing your account.
  • Sending transactional emails (account verification, password resets, security alerts).
  • Improving platform features, fixing bugs, and optimising performance.
  • Protecting against unauthorised access, fraud, and abuse.
  • Complying with legal obligations and responding to lawful requests.

We do not sell, rent, or share your personal data or business data with third parties for marketing purposes.

5. Third-Party Service Providers

We use the following third-party services to operate the platform. These providers process data on our behalf under data processing agreements:

ProviderPurposeData Processed
SupabaseAuthentication & database hostingAccount credentials, all platform data
VercelApplication hosting & CDNIP address, request logs
European Central BankExchange rate data (public API)No personal data sent

6. Data Storage & Security

Your data is stored securely using industry-standard measures:

  • All data transmitted between your browser and our servers is encrypted using TLS (HTTPS).
  • Database storage is encrypted at rest and hosted by Supabase on secure cloud infrastructure.
  • Passwords are hashed using industry-standard algorithms and are never stored in plaintext.
  • Database access is restricted to a dedicated application role with minimum required privileges.
  • API endpoints are protected by rate limiting and input validation.

7. Your Rights

Under UK GDPR, you have the following rights regarding your personal data:

  • Right of access — Request a copy of the personal data we hold about you.
  • Right to rectification — Request correction of inaccurate personal data. You can update most information directly from your Settings page.
  • Right to erasure — Request deletion of your personal data. Account deletion permanently removes your data within 30 days.
  • Right to data portability — Request your data in a structured, machine-readable format. You can export your shipment and product data as CSV at any time.
  • Right to restrict processing — Request that we limit how we process your data in certain circumstances.
  • Right to object — Object to processing based on legitimate interests or for direct marketing purposes.

To exercise any of these rights, please reach out via our Contact page. We will respond to your request within one month, as required by law.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk if you believe we have not handled your data appropriately.

8. Data Retention

  • Active accounts — We retain your data for as long as your account remains active and as necessary to provide the platform services.
  • Deleted accounts — When you delete your account, all personal data and business data is permanently removed from our systems within 30 days.
  • Server logs — Automatically collected usage data is retained for up to 90 days for security and diagnostic purposes, then permanently deleted.
  • Legal obligations — We may retain certain data for longer periods where required by law (e.g., financial records for tax or regulatory compliance).

9. International Data Transfers

Our infrastructure providers may process data outside the United Kingdom. Where data is transferred internationally, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the UK Information Commissioner, or transfers to countries with an adequacy decision.

10. Children's Privacy

Our platform is designed for business use and is not directed at individuals under 18 years of age. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will promptly delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. We will notify you of any material changes by email or by posting a prominent notice on the platform. The "Last updated" date at the top of this policy indicates when it was last revised.

12. Contact Us

If you have any questions about this Privacy Policy, wish to exercise your data rights, or have a concern about how we handle your data, please reach out via our Contact page.

See also: Terms of Service · Cookie Policy