Privacy

Privacy Policy

Last updated: May 17, 2026

This policy explains what information Eller Audit LLC collects when you visit our website, contact us, or engage us to audit your freight invoices — and how we handle, share, and protect that information.

Plain summary. We collect the contact information you submit through our forms, basic technical data from your browser, and the contracts and invoices you choose to share with us for an audit. We use that information to deliver our service and to communicate with you. We do not sell or share your personal information for cross-context behavioral advertising, and we do not allow any AI model provider we work with to train its models on your data.

1. Who we are

Eller Audit LLC, an Ohio limited liability company ("Eller Audit", "we", "us", or "our"), provides AI-assisted freight invoice audit services to shippers and the companies that represent them. Questions about this policy or about how we handle your information can be sent to hello@elleraudit.com.

2. Information we collect

2.1 Contact information you provide

When you submit our "Talk with us" form, we collect your first name, last name, work email, company name, optional phone number, and any message you choose to share. When you email us directly, we receive your email address and the contents of the message.

2.2 Engagement information

If you engage us for an audit, we receive the documents you choose to share with us — typically your master freight agreement, rate schedules, carrier invoices, bills of lading or load tenders, and related shipment records. We treat that material as your confidential business information; the confidentiality obligations that apply during an engagement are described in our Terms of Use and in the engagement letter that governs your specific engagement.

2.3 Automatically collected information

When you visit our website, our hosting provider and any analytics services we use may collect standard technical data: IP address, browser type and version, device type, referring URL, pages viewed, and timestamps. We use this information to operate the site, understand how it is used, and detect abuse.

2.4 Cookies and similar technologies

The website sets first-party cookies necessary for the site to function and small data files used by hosting, analytics, and advertising-measurement services.

Google Analytics 4 — helps us understand how visitors find and use the site. Sets cookies named _ga and _ga_*. We have disabled Google Signals and ad personalization.
Meta (Facebook) Pixel and Conversions API — helps us measure the effectiveness of advertising we may run on Meta platforms (Facebook, Instagram) and reach people who have previously interacted with our site. The Meta Pixel sets cookies named _fbp and _fbc and reports pseudonymous browser and event data (page views, content viewed, contact-button clicks, and successful form submissions) to Meta. When you submit our contact form, our server also sends a copy of the submission event to Meta's Conversions API using a one-way SHA-256 hash of your email, name, and phone number (Meta cannot reverse the hash; it is used to match you against people who saw our ads on Meta platforms). We never send your raw name, email, phone, or the contents of your message to Meta.

You can refuse or delete cookies through your browser settings; most browsers also let you install Meta-specific opt-out extensions. Blocking cookies may affect site functionality but will not block your access to the site. To opt out of Meta-based advertising specifically, you can adjust your ad preferences in your Meta account or use the Network Advertising Initiative opt-out tool.

2.5 Categories of personal information (for state-law purposes)

For purposes of U.S. state privacy laws (including the California Consumer Privacy Act / California Privacy Rights Act, the Virginia Consumer Data Protection Act, the Colorado Privacy Act, the Connecticut Data Privacy Act, and the Utah Consumer Privacy Act), the categories of personal information we collect are: identifiers (name, email, phone, IP address); commercial information (company name, role); internet or other electronic network activity (basic site usage); professional or employment-related information; and content of communications you send us. We do not knowingly collect sensitive personal information as defined by those laws. We do not sell personal information. To the extent that sharing pseudonymous identifiers with Meta for advertising measurement may be considered "sharing for cross-context behavioral advertising" under the CCPA / CPRA, California residents may opt out by emailing hello@elleraudit.com; we will honor verified requests within the timeframes required by law.

3. How we use information

We use the information we collect to:

Respond to inquiries you send through our forms or email.
Deliver audit services to clients who have engaged us.
Communicate about engagements, findings, recoveries, invoices, and related matters.
Improve our website and our internal audit methodology in a way that does not identify you, your carriers, or your commercial terms.
Protect against fraud, misuse, and other security risks.
Comply with applicable law and respond to lawful requests from authorities.

4. How we share information

We do not sell your personal information, and we do not "share" it for cross-context behavioral advertising as those terms are defined under U.S. state privacy laws. We share information only as described below.

4.1 Service providers and AI processing

We work with a small set of third-party vendors that help us operate our business. As of the date of this policy, those vendors include:

Hosting and web infrastructure providers
Email delivery and customer-communication providers
Web and product analytics providers (currently Google Analytics 4)
Document-extraction and AI model providers used to process the documents you share with us, including providers of large language models

Our agreements and the published enterprise terms of those vendors require them to safeguard the information they receive and to use it only as directed by us. We do not permit any AI model provider to train its models on the documents you share with us as part of the Services. AI providers may briefly retain prompts and outputs for abuse monitoring or trust-and-safety purposes consistent with their published enterprise data terms; that retention is short and does not result in model training on your data.

4.2 Carriers and third parties during an audit

When you engage us to dispute an overcharge on your behalf, we may share relevant invoice and contract excerpts with the carrier or its representatives as part of the recovery process. We do so only with your authorization and only to the extent reasonably needed to pursue the recovery.

4.3 Legal compliance

We may disclose information when we believe in good faith that disclosure is required by law, regulation, court order, or to protect our rights, your safety, or the safety of others. When permitted by law, we will give you notice before complying with a legal demand for your information.

4.4 Business transfers

If we are involved in a merger, acquisition, financing, or sale of assets, information may be transferred as part of that transaction, subject to ongoing protections substantially similar to those in this policy.

5. Data retention

We retain personal information only as long as reasonably necessary to provide our services, comply with our legal obligations, resolve disputes, and enforce our agreements. Inquiry data submitted through the contact form is generally retained for up to twenty-four (24) months from the last interaction unless an engagement begins, in which case it is retained for the duration of the engagement and a reasonable period thereafter. Engagement-related documents are retained per the engagement letter and any longer period required by law or by audit best practice. When personal information is no longer needed, we delete or de-identify it.

6. Your choices and rights

6.1 U.S. state privacy rights

If you live in California, Virginia, Colorado, Connecticut, Utah, or another U.S. state that has enacted a comprehensive consumer privacy law, you may have rights to:

Know what personal information we have collected about you and how it is used.
Access or receive a copy of that information.
Correct inaccurate personal information we hold.
Delete personal information, subject to legal exceptions.
Opt out of any "sale" or "sharing" of personal information for cross-context behavioral advertising (we do not engage in either).
Appeal a denial of any of the foregoing requests, where state law provides an appeal right.

We will respond within the timeframes required by applicable state law (generally within 45 days, with one extension permitted where reasonably necessary). We do not discriminate against anyone for exercising these rights.

6.2 EEA, UK, and Swiss rights

If you are in the European Economic Area, the United Kingdom, or Switzerland, you may have additional rights under applicable data protection law, including the right to portability, to restrict processing, to object to processing, to withdraw consent (where processing is based on consent), and to lodge a complaint with your local supervisory authority.

6.3 How to make a request

Email hello@elleraudit.com from the email address associated with the personal information at issue, and include the type of request and enough detail for us to identify the records. We may need to verify your identity (typically by confirming basic information we already have on file) before fulfilling a request.

6.4 Authorized agents

You may use an authorized agent to submit a request on your behalf. We will require proof of the agent's authority (such as a signed permission or a power of attorney) and may verify your identity directly.

6.5 Marketing opt-out

You can opt out of any marketing email we send by using the unsubscribe link in that email or by contacting us directly. Transactional communications about an active engagement are not considered marketing.

7. Security

We use commercially reasonable administrative, technical, and physical safeguards to protect the information we handle, including transport-layer encryption, restricted access controls, and vendor security assessments for our subprocessors. No method of transmission or storage is perfectly secure, however, and we cannot guarantee absolute security. If we become aware of a security incident affecting your personal information, we will notify you promptly and in accordance with applicable law.

8. International transfers

We operate from the United States and our Services are directed primarily to U.S. customers. If you access our website or engage our services from outside the United States, you understand that your information will be transferred to and processed in the United States, which may have different data protection rules than your jurisdiction. To the extent we receive personal information covered by EEA, UK, or Swiss data protection law, we will process it consistent with applicable legal requirements, including by relying on Standard Contractual Clauses or another lawful transfer mechanism where required.

9. Children

Our services are intended for businesses and the professionals representing them. We do not knowingly collect personal information from anyone under the age of 18. If you believe a child has provided us information, please contact us and we will take steps to delete it.

10. Third-party links

Our website may link to third-party sites. We are not responsible for the privacy practices or content of those sites. Please review the privacy policies of any third-party site you visit.

11. Changes to this policy

We may update this policy from time to time. When we make material changes, we will update the "Last updated" date above and, where appropriate, notify you by another reasonable means.

12. Contact us

Questions about this policy or how we handle your information:
Eller Audit LLC
hello@elleraudit.com