Q: What do I need to do to maintain my Cross-Border (Borderfree) service in 2020?
A: You need to update the URL endpoints that connect your storefronts to Pitney Bowes platforms by replacing links with new and more secure connections that are TLS 1.2 compatible before January 31, 2020 to ensure access to our services. You may also need to update SSL Certificates and Ambassador as part of this process.
Q: Why does this change need to be made so soon?
A: To ensure that your customers’ personal data is transmitted securely so that both your company and Pitney Bowes are in compliance with the California Consumer Privacy Act (CCPA), we are requiring all merchants to migrate their endpoints to the new TLS 1.2 supported URLs before January 31, 2020.
Q: Why do I need to make this upgrade and connect to the new URL endpoints?
A: Pitney Bowes plans to deprecate URL endpoints built on outdated TLS 1.1. The new connections are TLS 1.2 compatible, which is considered the safest and most reliable method of delivering encrypted content over the Internet.
Q: How do I complete this upgrade?
Complete this upgrade by updating the full list of URLs that connect your storefront to Pitney Bowes platforms. This can be done by replacing old links with new, more secure links. You may also need to update SSL Certificates as part of this process. The full list of URLs that are being updated, the parts of our platform that they impact and the SSL Certificate upgrade information can be found here. If you use Amabassador, additional instructions can be found here. Instructions for specific link cartridge clients can be found here for Salesforce and Demandware
Q: Do I need to install new SSL Certificates?
A: If you have an integration that requires our SSL Certificates, then the new ones will need to be installed when you update the URL end points. If you have any questions about using the Borderfree sandbox environment when test uploading a new SSL Certificate, please reach out to our Professional Services team at [email protected]
Q: Which URLs are changing?
A: We are changing all existing sandbox and production URLs within our platform. The full list of URLs that are being updated, along with the parts of our platform that they impact, are listed here.
Q: I have a question about changing or testing the endpoints in our sandbox environment. Can you help me?
A: Yes, our Professional Services team will be happy to assist you in using your sandbox environment. Please email your questions and requests for assistance to: [email protected]
Q: How many resources do I need?
For most clients, the update will be changing the URLs that connect your storefront to Pitney Bowes platforms. Should more resources be required, please contact [email protected] for assistance.
Q: What steps has Pitney Bowes taken to ensure compliance with the California Consumer Privacy Act (CCPA)?
A: As a global company, Pitney Bowes currently complies with privacy laws around the world, including the European Union General Data Protection Regulation (GDPR). Pitney Bowes also participates in and has certified its compliance with the EU-US Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the United States Department of Commerce regarding the collection, use, processing and retention of Personal Information transferred from the European Union and Switzerland to the United States. Just as we were ready with GDPR by the effective date, Pitney Bowes intends to comply with the provisions of the California Consumer Privacy Act (CCPA) on or before January 1, 2020, the effective date of the law.
Our global privacy and data protection team is leading the initiative to prepare for CCPA both for our internal processes and for our commercial offerings, where applicable. The team is working with Pitney Bowes’ lines of business to review practices, documentation and processes and revise as required. This includes the following actions:
- Assessment and adaptation of our existing privacy program, policies and procedures to ensure processes are in line with the CCPA, building off of our previous work to comply with the EU GDPR.
- Expansion of our existing privacy impact assessment process, used to document the personal data collected, processed and stored and related controls, to include specific requirements of the CCPA including the identification of any personal information sales as defined by the statute.
- Review of our vendor and service provider relationships and relevant agreements and addendums, as necessary.
- Expansion of our current data subject request processes to receive, track, verify and respond to requests in alignment with the requirements of the CCPA, where applicable.
- Review and updates to our privacy statements and notices in alignment with the CCPA including methods for submitting consumer requests, and other information required by the statute.