Privacy Policy
Last updated: 18 May 2026
Who we are
BorderLens is a cross-border duty and tax intelligence platform for ecommerce businesses. We are operated as a sole trader business trading as BorderLens, based in England. A registered or correspondence address will be added here before live merchant onboarding. If you have any questions about this policy or how we handle your data, contact us at [email protected].
Who this policy covers
BorderLens is a business-to-business (B2B) service. Our customers are ecommerce businesses ("Merchants"), not individual consumers. This policy explains how we handle data in two distinct contexts:
- Platform data — information about your business account (contact details, usage, billing). For this data, BorderLens is the data controller.
- Merchant trade data — carrier invoices, order data, and customs declarations that you upload or connect to the platform. For the personal data of your end-customers contained within this data, you are the data controller and BorderLens acts as your data processor, processing it only on your instructions to provide the service.
If you are an individual whose personal data appears in a carrier invoice or order uploaded by a BorderLens merchant, you should contact that merchant directly to exercise your data rights. We will assist merchants in responding to such requests.
What we collect and why
Account data
When you sign up we collect your name, email address, company name, and billing contact details. We use this to provide and administer your account. Legal basis: performance of contract.
Carrier invoice data
You upload carrier invoices (DHL, FedEx, UPS, and others) containing shipment charge records, airway bill (AWB) numbers, consignee/consignor names, and limited address signals such as country and postcode. We process this data to perform duty and tax reconciliation — the core function of the service. Legal basis: performance of contract.
Order data from Shopify
When you connect your Shopify store, we ingest order values, destination countries, line items, and customer name fingerprints. Customer names are normalised and hashed using SHA-256 for matching; BorderLens does not store readable Shopify customer names as order identifiers. We do not ingest full Shopify delivery addresses for reconciliation. Legal basis: performance of contract.
HMRC CDS declaration data
Where you authorise us to connect to HMRC's Customs Declaration Service (CDS) via OAuth, we retrieve customs entry numbers, duty amounts, and declaration metadata to support reconciliation and C285 claim identification. This connection is optional and initiated only at your request. Legal basis: performance of contract.
Usage and analytics
We collect basic usage data (page views, feature usage) to understand how the platform is used and to improve it. We do not use analytics for advertising or behavioural profiling. Legal basis: legitimate interest in improving the service.
How we handle end-customer personal data
Carrier invoices for business-to-consumer shipments may contain personal names. Our ingestion pipeline is designed to minimise exposure of this data:
- Unconfirmed uploads waiting for shipper confirmation are deleted after 30 days.
- Source carrier invoice files needed for evidence review are retained only for a limited operational window, currently up to 6 months.
- When a shipment is classified as a customer order or customer return, readable customer-name fields on the shipment are hashed (SHA-256) and nulled.
- A restricted raw extraction payload may retain parsed names for classification replay and audit while the merchant account is active.
- Full street addresses are not displayed in merchant-facing views; address handling is limited to the route and matching signals needed for reconciliation.
- Stored files and database records are encrypted at rest by the hosting/storage provider.
Data retention
| Data type | Retention period |
|---|---|
| Unconfirmed upload files | 30 days, then deleted |
| Source carrier invoice files retained for evidence review | Up to 6 months, unless deleted earlier on account closure |
| Carrier invoice charge records, shipment, order, and reconciliation data | Duration of the active subscription, then deleted on account closure unless legal retention is required |
| Account data | Duration of the subscription, then deleted on closure unless legal retention is required |
| All merchant data on account closure | Deleted within 30 days of closure request, subject to backups and legal retention obligations |
Subprocessors
We use a small number of third-party service providers to deliver the platform — covering areas such as authentication, encrypted file storage, document processing, and AI-assisted analysis. Each is bound by appropriate data processing agreements. All file storage and core processing is intended to be hosted within the UK or EU where available. Where providers outside the UK or EU are used, transfers are covered by appropriate safeguards such as Standard Contractual Clauses or UK International Data Transfer Addenda.
You may request our full subprocessor list at any time by emailing [email protected]. We will notify you by email at least 30 days before adding a new subprocessor that processes your trade data.
Your rights
As a business customer (and as an individual whose data we control as part of your account), you have the following rights under UK GDPR:
- Access — request a copy of the personal data we hold about you
- Rectification — ask us to correct inaccurate data
- Erasure — ask us to delete your data (subject to our legal retention obligations)
- Portability — receive your data in a machine-readable format
- Restriction — ask us to restrict processing in certain circumstances
- Objection — object to processing based on legitimate interests
To exercise any of these rights, email [email protected]. We will respond within one calendar month. You also have the right to lodge a complaint with the Information Commissioner's Office at ico.org.uk.
Cookies
This website uses functional browser storage for preferences such as dark mode, session technology for account access, and privacy-preserving analytics. We do not use advertising cookies or share data with ad networks.
Changes to this policy
We may update this policy as the platform evolves. For material changes we will notify you by email at least 14 days before the change takes effect. The "last updated" date at the top of this page always reflects the current version.
Contact
For privacy questions, data subject requests, or to report a concern: [email protected].