Privacy Policy

Effective Date: February 2026

This Privacy Policy explains how we collect, use, share, and protect personal information when you visit or use the Site.

1. Scope

This policy applies to information collected through:

  • Our Site and customer portal
  • Account registration and communications
  • Customer support interactions

Our services are intended for business use; however, we still process personal information about individuals (e.g., employees, purchasers, accounts payable contacts).

2. Information We Collect

We collect information you provide and information collected automatically.

A) Information You Provide

  • Account and contact info: name, business email, business phone
  • Business info: business name, DBA, entity type, industry (if provided), EIN (optional)
  • Billing and shipping info: business addresses, delivery instructions, receiving preferences
  • Role contacts: purchasing contact, accounts payable contact, additional order-confirmation emails
  • Tax/compliance info: resale or exemption status, certificate metadata (state, expiration), and uploaded business documents such as resale/exemption certificates (if provided)
  • Messages: inquiries, comments, support requests

B) Information Collected Automatically

  • Device and usage data: IP address, browser type, pages viewed, timestamps, referral URLs
  • Cookies and similar technologies: session cookies, preference cookies, analytics (as configured)

3. How We Use Information

We use information to:

  • Create and manage accounts
  • Verify and administer business eligibility, resale/exempt status, and documentation
  • Process orders and fulfill shipments (including drop-ship fulfillment)
  • Provide customer support and send operational communications
  • Improve Site performance, security, and user experience
  • Detect and prevent fraud, abuse, and security incidents
  • Comply with legal obligations and enforce our Terms

4. How We Share Information

We may share information with:

  • Service providers (hosting, IT, analytics, customer support tools) who process data on our behalf
  • Suppliers/wholesalers and fulfillment partners to fulfill orders (including drop-ships)
  • Carriers/logistics providers to deliver shipments
  • Professional advisors (legal, accounting) as needed
  • Authorities if required by law or to protect rights, safety, and security
  • Business transfers (merger/acquisition) subject to standard protections

We do not "sell" personal information in the traditional sense. If we ever engage in data sharing that is legally defined as a "sale" or "sharing" in certain jurisdictions, we will provide required notices and choices.

5. Cookies and Analytics

We use cookies to:

  • Keep you logged in (session management)
  • Remember preferences
  • Understand Site usage and performance

You can control cookies through browser settings. Disabling cookies may limit functionality.

6. Data Retention

We retain information for as long as needed to:

  • Provide services and maintain your account
  • Meet legal, tax, and accounting requirements
  • Resolve disputes and enforce agreements

Tax/exemption documents are retained while your account is active and as required by applicable law or audit/recordkeeping needs, then securely deleted or archived per our retention schedule.

7. Security

We implement administrative, technical, and physical safeguards designed to protect information. No system is 100% secure; please use strong passwords and protect your login credentials.

8. Your Privacy Rights (Location-Dependent)

Depending on where you live, you may have rights to access, correct, delete, or obtain a copy of certain data, and to opt out of certain processing in some cases.

Texas (TDPSA)

Texas has a consumer privacy law (TDPSA) granting certain rights to Texas residents and requiring privacy safeguards in covered scenarios.

California (CCPA/CPRA)

California residents may have rights to know/access, delete, correct, and other protections in certain cases.

EU/UK (GDPR-style notice elements)

If we process personal data subject to GDPR-like rules, privacy notices typically include categories such as the controller identity, purposes, retention, and rights.

Important note: Some privacy laws include exemptions or different treatment for information collected in a business-to-business context; applicability depends on your facts and legal thresholds.

9. How to Exercise Rights

To submit a request, contact us with:

  • Your name and business email used on the account
  • The type of request (access/correction/deletion/copy)

We may need to verify your identity and authority to act for the business account before responding.

10. Children's Privacy

Our Site is not directed to children, and we do not knowingly collect personal information from children.

11. Changes to This Privacy Policy

We may update this policy. We will post the updated version with a new effective date. Material changes may be communicated via email or portal notice.

12. Contact

For privacy questions, please contact us through our support channels.

Terms & Conditions | Return to Home