VapeSupplyHub Logo

Privacy Policy for Vape Supply Hub LLC

Effective Date: April 18, 2025 (Last Updated)

Vape Supply Hub LLC (“Company,” “we,” “us,” or “our”) is committed to protecting the privacy of our business customers. This Privacy Policy explains how we collect, use, store, and protect information when you use our U.S.-based B2B vape distribution website. It also describes your rights regarding your personal information. This Policy is intended for U.S. customers only – we only sell and ship within the United States and do not handle data of customers outside the U.S. (we are not subject to international laws like GDPR, as we do not offer services to EU or other non-U.S. individuals). By using our website or services, you agree to the practices described in this Privacy Policy. We adhere to strict U.S. privacy laws and regulations to safeguard your data.

Information We Collect

We only collect information necessary to verify your business and process orders. This includes:

  • Business and Personal Identifiers: Your name, your business’s name, business address, shipping and billing addresses, email address, and phone number. We also collect professional details like your role or title when needed.

  • Business License Information: Copies of or numbers from your business licenses or state resale/tobacco licenses, which we require to verify that you are a legally authorized business customer (e.g. for age-restricted vape product sales). This helps ensure we only sell to verified businesses in the 50 U.S. states.

  • Account Credentials: When you create an account on our site (which is powered by WooCommerce), we collect a username (often your email) and password. All customer accounts are created and stored through WooCommerce on our secure servers. Passwords are stored in encrypted form for security.

  • Order Details: We maintain records of your orders, including products purchased, dates and amounts, and associated order history. These order histories are stored under your user account for your business reference and our internal record-keeping.

  • Payment Information: If you make a purchase, you will provide payment details such as credit card information (card number, expiration date, CVV, billing address) or bank payment details. However, we do not store full credit card numbers or sensitive payment data on our servers – when entered, payment information is securely transmitted to our payment processors (Authorize.Net and BankCard USA) for authorization and processing, and not retained by us. (For more on payment processing, see Payment Processing below.)

  • Automatic Technical Data: Like most websites, our servers may automatically collect certain information when you visit our site, such as your IP address, browser type, device type, and browsing actions on our site. We use this data only for security monitoring, fraud prevention, and to improve our website’s functionality (e.g. to maintain your login session and cart). We do not use this data for advertising or to identify you personally, and we do not track you across third-party websites.

We do not collect any sensitive personal information such as Social Security numbers, driver’s license numbers, or financial account passwords. We do not knowingly collect any information from individuals under 18 or 21 (our services are intended for adult business owners/operators; see Children’s Privacy below).

How We Use Your Information

We use the collected information solely for legitimate business purposes in operating our B2B vape distribution service. These purposes include:

  • Account Creation and Verification: To verify your business credentials and eligibility (e.g., validating business licenses and that the buyer is of legal age to handle vape products) and to set up and maintain your online account.

  • Order Processing and Fulfillment: To process your orders, arrange shipping to your business address, and provide you with the products and services you’ve requested. For example, we use your contact and address information to ship goods and your email/phone to send order confirmations or contact you about any issues.

  • Communication: To communicate with you about your orders, account, and any customer service inquiries. This may include sending transactional emails (order confirmations, invoices, shipping notifications) or calling you if there’s an issue with an order. We do not use your email or phone number for unsolicited marketing or newsletters – no promotional emails or SMS will be sent. We will only contact you with information pertinent to your business transactions with us.

  • Record Keeping: To maintain order history and account records for your reference and our internal purposes. For instance, we keep a history of your purchases so that you (and we) can review past orders, facilitate re-orders, and address warranty or return issues. We also retain records for accounting, audits, and compliance with laws (such as tax regulations).

  • Legal Compliance and Prevention of Misuse: To comply with applicable U.S. laws and regulations (for example, verifying that we only sell age-restricted products to qualified businesses, or keeping records as required by state tobacco laws). Also, to enforce our Terms of Service, to prevent fraud, unauthorized access or illegal activities on our site, and to protect the security of our platform and other customers.

  • Site Functionality and Improvements: To operate, evaluate, and improve our website and services. This can include using cookies or similar technologies to remember your login session or preferences, to monitor website performance, and to analyze usage of our site (e.g., to see which pages or products are of most interest to our customers). These analyses are only for our internal understanding and are not used for advertising or shared with third-party marketing entities.

We do not use personal information for any kind of third-party marketing or advertising purposes. We do not profile your browsing or purchasing behavior beyond what is needed to serve you in the context of our own site (and we do not serve targeted ads). Additionally, we do not send out newsletters or mass marketing emails – since we have no mailing list, you will not receive promotional content from us.

Cookies and Tracking Technologies

Our website uses cookies and similar technologies to ensure functionality and a smooth user experience:

  • Essential Cookies: We use cookies that are necessary for the operation of our site and online store. For example, when you log in or add items to your cart, cookies allow these actions to persist as you navigate the site. These cookies also help remember your preferences and keep you logged in during your session.

  • Analytics and Performance: We may use first-party analytics cookies or tools to collect basic information about site traffic and usage (such as which pages are visited, and how users navigate our site). This information is used only to improve our website and user experience. It does not include personally identifying data in reports, and we do not use any third-party analytics service that would receive your personal information (if we use an analytics tool, we ensure no personal data like your name or email is shared with it).

  • No Third-Party Advertising Cookies: We do not use advertising networks or tracking cookies from third-party advertisers. This means we are not tracking your activities on other sites and no outside parties are collecting your data for advertising through our site.

You have the ability to disable or delete cookies through your browser settings. However, please note that if you block essential cookies, our site’s shopping cart, login, and other features may not function properly. Since we do not use cookies for advertising, using a “Do Not Track” (DNT) signal or similar mechanism from your browser does not significantly change your experience on our site – we do not alter what we collect or how we use data based on DNT, as we already limit our data collection to essential purposes.

How We Share or Disclose Information

Your privacy is extremely important to us. We do not sell, rent, or trade your personal information to third parties for their own marketing or other purposes. In fact, we do not disclose your personal data to any third parties except in the limited cases described below:

  • Service Providers (Processors): We may share necessary information with trusted service providers who help us run our business. This includes payment processing companies (like Authorize.Net and BankCard USA, discussed in the next section) that handle payment transactions, and shipping carriers (e.g., UPS, FedEx, USPS) that deliver your orders. In these cases, we only provide the information required (for example, giving the shipping carrier your business address and contact name for delivery). These service providers are contractually obligated to use your information solely to provide the requested services and to protect it. We do **not allow them to use your data for anything beyond the necessary service.

  • Legal Requirements: We may disclose personal information if required to do so by law or legal process. For example, if a law, subpoena, court order, or government regulation compels us to share data, or if a regulatory authority (such as a state agency overseeing tobacco or vape distribution) requests data as part of an audit or compliance check, we will comply as required. We would only share the information that is necessary and only with proper authority. Additionally, we may disclose information in the good-faith belief that such action is necessary to protect our rights, safety of our customers or the public, or to enforce our site’s terms and policies.

  • Business Transfers: If we ever consider or undergo a business transaction such as a merger, acquisition, reorganization, or sale of all or part of our assets, your information (which is one of our business assets) may be disclosed to the parties involved (for example, to lawyers, accountants, or prospective buyers) as part of due diligence or transferred to the successor entity. In any such event, we would ensure the recipient of the data commits to privacy measures at least as protective as those described in this Policy. If the ownership of Vape Supply Hub LLC changes, we will provide notice to you (for example, via email or a notice on our website) about the change and any choices you may have regarding your personal information.

Aside from the circumstances above, no other third parties receive any personal data from us. We do not share your information with advertisers, data brokers, or unrelated third parties. In summary, your data stays within our organization and with service partners who help fulfill your orders, under strict protections. We also never “sell” personal information for monetary gain or other valuable consideration, as defined under California law. In the past 12 months (and since our inception), we have not sold or rented any customer’s personal information to anyone.

Payment Processing

All payments on our site are handled securely by our third-party payment processors: Authorize.Net and BankCard USA. These are reputable payment processing companies that specialize in protecting payment information. Here’s how we handle payment data:

  • Payment Information Collection: When you enter credit card or payment details at checkout, that information is collected through our website’s payment form. However, for security, the sensitive payment details (such as credit card number, CVV, expiration date) are transmitted directly to Authorize.Net/BankCard USA over encrypted connections. We do not store your full credit card information on our servers.

  • Authorize.Net & BankCard USA: Authorize.Net is our payment gateway provider, and BankCard USA is our merchant services provider. They work together to process your credit card transaction. These companies are PCI-DSS compliant and adhere to strict industry security standards (including robust encryption and fraud prevention measures) to protect your payment data. For example, Authorize.Net uses SSL encryption for all transaction information. Your card details are processed and stored by these payment processors on their secure systems, not by Vape Supply Hub​.

  • What We Store: We may store a record of the transaction (e.g., transaction ID, amount, date, card type, and the last four digits of your card) for reference and accounting, but not the full card number or CVV. This limited information helps us identify transactions and handle refunds or chargebacks if needed, without exposing sensitive data.

  • Processor Privacy Policies: For more details on how Authorize.Net or BankCard USA handle your information, you can refer to their privacy policies​. (Links: Authorize.Net Privacy Statement and BankCard USA Privacy Statement.)

  • Other Payment Methods: If we ever offer alternative payment methods (such as ACH transfers or PayPal, etc.), similar practices will apply – a third-party specialized service will handle the data under their privacy protections. We will update this Policy if a new payment method introduces any new data handling practices.

By using our site to make payments, you consent to the use of your payment information by these processors for the purpose of processing your transactions. We want to reassure you that your financial information’s security is a top priority – by not storing sensitive payment data ourselves and partnering with trusted processors, we greatly reduce the risk of unauthorized access. (In plain terms: your credit card info is safe and never kept on our site.)

Data Storage and Security

We take strong measures to safeguard your personal information. Some of the key aspects of our data security practices include:

  • Secure Hosting: All data is stored on secure servers that are located on-site or in a secure U.S. data center under our control (i.e., your data is stored locally/internal to our company, not on a public cloud). We maintain firewalls and access controls to prevent unauthorized electronic access to our systems. Physical access to the servers or facility is also restricted to authorized personnel.

  • Encryption: Our website is protected with industry-standard SSL/TLS encryption. When you enter personal information (like during account registration or checkout), that data is encrypted in transit so that it cannot be intercepted by attackers. You will see the padlock icon in your browser indicating a secure HTTPS connection on our site. We also ensure that sensitive data (such as passwords) is encrypted at rest. For example, passwords are hashed and not stored in plain text.

  • PCI Compliance for Payments: As noted in the Payment Processing section, we use PCI-compliant third-party processors for handling payment data. This means our payment processes meet the stringent security standards of the payment card industry. We do not store credit card details on our site, which adds an extra layer of security for your financial data.

  • Access Controls: Internally, personal information is only accessible to a limited number of authorized staff who need it to perform their duties (such as customer service or order fulfillment). Each such person is trained on confidentiality and privacy. We employ administrative safeguards such as user authentication, role-based access, and regular password updates for our staff systems.

  • Monitoring and Maintenance: We regularly update our software (including our WooCommerce platform and any plugins) to apply security patches promptly. Our systems are monitored for suspicious activity. We also have backup procedures in place to ensure data integrity. In the unlikely event of a security incident, we have a response plan to contain and address it.

  • No Guarantee: While we strive to protect your information with high standards, it’s important to note that no method of transmission over the internet or electronic storage is 100% secure​. We cannot guarantee absolute security. However, we continually evaluate and enhance our security measures to meet or exceed industry best practices. Rest assured we are committed to preventing data breaches and unauthorized access to the best of our ability.

By using our service, you acknowledge that you understand these security measures and their limitations. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel your account has been compromised), please contact us immediately using the contact information in this Policy.

Data Retention

We retain personal information only for as long as necessary to fulfill the purposes for which we collected it, or to comply with legal and business obligations. Here is how we approach retention:

  • Account Information: If you have an account with us, we will keep your account profile information (like your name, business details, email, etc.) active until you request deletion or until our business no longer requires it. If you decide to close your account or cease doing business with us, you can request that we delete your account data (see Your Rights below). Upon such a request, we will delete or anonymize your personal information in our active databases, except for information we are required or permitted to retain by law.

  • Order and Transaction Records: We keep order histories and transaction records for a period that meets our business and legal requirements. This typically means we retain order data indefinitely for internal reference, unless you request deletion, in which case we will evaluate what can be deleted. Even after account deletion, we might retain certain information about your transactions for purposes such as tax documentation, accounting, audits, and compliance with regulations (for example, maintaining sales records as required by law). If records contain personal information, we will continue to protect that information per this Policy and applicable law​.

  • Communications: If you contact us via email or phone, we may retain those communications (e.g., emails, support tickets) as long as necessary to address your inquiry and for our reference, again subject to legal retention requirements.

  • Backup and Archival Copies: Due to the nature of backups, your data might remain in encrypted backups for a certain period even after deletion in our live database. We have retention schedules for backups, after which they are securely deleted or overwritten. We ensure that any data in backups is stored securely and used only if needed for disaster recovery.

  • Website Logs: Our server logs and security logs (which may include IP addresses and visit timestamps) are typically kept for a short period (e.g., a few weeks or months) for security monitoring and then routinely purged, unless longer retention is required to investigate an incident.

When we no longer have a legitimate business need or legal requirement to keep your personal information, we will securely dispose of it. This could involve deleting it from our systems or anonymizing it so that it no longer can be associated with you.

Your Privacy Rights and Choices

We respect your rights to control your personal information. Depending on the U.S. state in which you reside (such as California or others with privacy laws), you may have certain rights regarding your personal data. Vape Supply Hub LLC is committed to honoring applicable privacy rights for all of our customers. These rights may include:

  • Right to Know/Access: You have the right to request that we disclose what personal information we have collected about you, and how we have used and shared it​. This includes the categories of information, the sources of that information, and the purposes for which we use it. You also have the right to obtain a copy of the specific pieces of personal data we hold about you.

  • Right to Delete: You have the right to request that we delete personal information we collected from you, subject to certain exceptions​. Once we receive and confirm a verifiable deletion request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies. For example, we may retain information needed to complete a transaction, detect fraud, exercise our rights, or comply with a legal obligation.

  • Right to Correct: If you believe that any personal information we maintain about you is inaccurate or outdated, you have the right to request a correction or update. Upon verification, we will correct any inaccurate information as required​.

  • Right to Opt-Out of Sale/Sharing: You have the right to opt out of the sale of your personal information or the sharing of your data for cross-context behavioral advertising purposes​ However, as noted above, we do not sell personal information to third parties​, nor do we share it for targeted advertising. Therefore, your data is not being sold or shared in a way that would require an opt-out. We treat all user requests equally and never exchange data for profit.

  • Right to Non-Discrimination: If you exercise any of your privacy rights, we will not discriminate against you for doing so​. This means we won’t deny you our services, charge you different prices, or provide a lesser quality of service just because you made a privacy request. Your business relationship with us remains the same regardless of privacy choices.

  • Right to Limit Use of Sensitive Information: (California-specific) In the event we ever collect any information deemed “sensitive” under applicable law, California residents have the right to limit our use and disclosure of that information​. Currently, we do not collect sensitive personal information like government ID numbers or precise geolocation aside from your business license details (which we use only for verification and do not disclose). If this right applies, we will honor any valid requests to limit use of sensitive data to only what is necessary.

  • Other State Rights: If you are a resident of certain states (such as Virginia, Colorado, Connecticut, Utah, etc.) that have enacted their own privacy laws, you may have similar rights such as the right to access your data, delete it, correct it, or opt out of certain processing (like targeted advertising or profiling). We intend to extend fundamentally the same core privacy rights to all our customers, regardless of state, in line with these laws. If you have any questions about specific rights in your state, feel free to contact us.

Exercising Your Rights: To exercise any of the applicable rights above, please contact us using the information in the Contact section below. Specify which right you wish to exercise and provide enough information for us to verify your identity (for example, your name, email, or an order number – information that we would have on file). For access or deletion requests, we will need to ensure you are the person (or an authorized representative) associated with the data, in order to protect your privacy​. We will confirm receipt of your request and respond within the timeframe required by law (such as within 45 days for California residents, unless an extension is needed). If necessary, we may ask for additional information to verify your identity or clarify your request.

For requests made by an authorized agent on your behalf, we will require proof of authorization (for example, a written permission from you or a power of attorney) and still take steps to verify your identity directly​.

Please note that certain information may be exempt from such requests under applicable law. If we cannot comply with a portion of your request (due to an exemption or conflict with legal requirements), we will inform you of the specific reason in our response. For example, if you request deletion, we might retain data that we must keep for legal tax records; or if you request access to specific pieces of information that involve another individual’s privacy, we may not be able to provide those pieces.

No Fees: You will not be charged a fee for exercising your rights. However, repetitive or excessive requests may be declined or charged as permitted by law, but we will inform you in such cases.

Do Not Track Signals: As mentioned in the Cookies section, we do not engage in cross-site tracking of personal data, so we do not respond to Do Not Track (DNT) browser signals in any special way. We already limit our data collection and usage to what is described in this Policy.

If you have any questions about your privacy rights or how to exercise them, you can always reach out to us for clarification.

Children’s Privacy

Our website and services are not intended for minors. We do not knowingly collect personal information from individuals under the age of 18 (or 21, in jurisdictions where 21 is the minimum age for handling vape products). Vape Supply Hub LLC exclusively serves business customers in the vape industry, and those customers must be adults who are legally able to enter into business contracts and possess any required tobacco sales licenses.

If you are a parent or guardian and believe that a minor has provided us with personal information, please contact us immediately. If we discover that we have inadvertently collected personal data from someone under the applicable age (18 or 21), we will promptly delete that information from our records in accordance with the Children’s Online Privacy Protection Act (COPPA) and other applicable laws. We do not sell products to consumers, and certainly not to children, so any minor’s data submission would be unintentional and without our knowledge.

Changes to This Privacy Policy

We may update or revise this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. If we make material changes, we will provide prominent notice, such as by posting a notice on our website or contacting you via email (if appropriate), prior to the change becoming effective. The “Last Updated” date at the top of this Policy indicates when the latest changes were made.

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Continued use of our website or services after a Policy update constitutes your acknowledgment of the changes and your agreement to the updated terms, to the extent permitted by law.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal information, please do not hesitate to contact us:

Vape Supply Hub LLC
407 Dauphin Island Pkwy
Mobile, AL 36606 USA
Email: help@vapesupplyhub.com

You may also reach out via the contact form on our website or any customer service channels provided. Please include “Privacy Inquiry” in the subject line of any written request, so we can route it to the appropriate team. We will respond as promptly as possible to address your concerns.

Your privacy is important to us, and we want you to feel secure doing business with Vape Supply Hub LLC. We are committed to handling your personal information with care and integrity, in compliance with all applicable U.S. privacy laws and our own high standards of privacy. Thank you for trusting us with your business and information.

VapeSupplyHub Logo Shite

B2B Vape Distribution

Store
Account
Legal

Disclaimer:
These statements have not been evaluated by the Food and Drug Administration. These products are not intended to diagnose, treat, cure or prevent any disease or ailment. Vape Supply Hub LLC assumes no responsibility for the improper use of these products. We recommend consulting with a qualified medical doctor or physician when preparing a treatment plan for any and all diseases or ailments. Vape Supply Hub LLC does not make any health claims about our products and recommend consulting with a qualified medical doctor or physician prior to consuming our products or preparing a treatment plan. It is especially important for those who are pregnant, nursing, chronically ill, elderly or under the age of 18 to discuss the use of these products with a physician prior to consuming. You must be 21 years or older to visit this website and/or purchase Vape Supply Hub LLC products. The information on our website is intended to provide general information regarding our products and is not to be construed as medical advice or instruction. All products ship in accordance with the PACT Act.

California Proposition 65 – WARNING: These products can expose you to chemicals including nicotine, which is known to the State of California to cause birth defects or other reproductive harm. For more information, go to the Proposition 65 Warnings Website..