PortalPuff Privacy Policy

Privacy Policy & Compliance

1. Introduction

PortalPuff, Inc. (“PortalPuff,” “we,” “us,” or “our”) operates the website and services at portalpuff.com (the “Service”). We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, create an account, place orders, or otherwise use our Service, including via SMS notifications (A2P messaging).

2. Information We Collect

  • Account Information: Name, email address, password, date of birth, shipping/delivery address, and phone number.
  • Order & Usage Data: Products viewed, items in cart, order history, delivery tracking details.
  • Device & Log Data: IP address, browser type, operating system, pages visited, referral URL, date/time stamps.
  • Payment Data: Credit card information and billing address (collected via our PCI-compliant payment processor).
  • Age Verification Data: Photo of government-issued ID and birthdate for age-restricted products.

3. How We Use Your Information

We use the information we collect to:

  1. Provide, maintain, and improve our Service;
  2. Process transactions and send order confirmations, delivery updates, and receipts;
  3. Send SMS alerts (A2P) via Twilio or another SMS provider;
  4. Verify your identity and age for compliance with tobacco and age-restricted product laws;
  5. Detect and prevent fraud, abuse, or illegal activity;
  6. Communicate with you about features, promotions, and changes to our policies;
  7. Personalize and optimize your shopping experience; and
  8. Comply with legal obligations.

4. Third-Party Service Providers

We engage trusted third-party service providers to perform functions on our behalf, including but not limited to:

  • SMS Delivery & A2P Messaging: For sending SMS notifications and two-factor authentication.
  • Payment Processing: For secure handling of payment card data.
  • Age Verification: To protect our youth and prevent fraudulent charges.
  • Analytics & Performance: To improve product and offerings.
These vendors are contractually prohibited from using your personal information for any purpose other than to provide the services we request.

5. Data Sharing and No Sale

  • No Sale of Personal Data: We do not sell your personal information to any third parties for monetary or other valuable consideration.
  • Aggregated & De-identified Data: We may share aggregated or de-identified data that cannot reasonably identify you for research, benchmarking, or analytics purposes.
  • Legal & Safety Disclosures: We may disclose personal information when required by law, regulation, legal process, or government request; to enforce our Terms of Service; or to protect the rights, property, or safety of PortalPuff, our users, or others.

6. Your Choices and Opt-Out Rights

  • Marketing Communications: You may opt out of promotional emails or SMS at any time by following the unsubscribe instructions or emailing [email protected].
  • Essential Service Messages: We will continue to send transactional or service-related messages even if you opt out of marketing communications.
  • Access & Correction: You may review, correct, or delete your personal information by logging into your account or contacting us.

7. Cookies & Tracking Technologies

We and our service providers use cookies, web beacons, and similar technologies to collect usage information, remember your preferences, and enable certain features. You can control cookie settings via your browser, but disabling cookies may limit functionality.

8. Data Retention

We keep your personal information only as long as necessary to fulfill the purposes described in this policy, comply with legal obligations, resolve disputes, and enforce our agreements. When we delete data, we do so in a secure manner.

9. Security

We implement administrative, technical, and physical safeguards designed to protect your personal information against unauthorized access, use, or disclosure. These measures include HTTPS/TLS encryption, encryption at rest, firewalls, and access controls. However, no system is 100% secure.

10. International Transfers

Your information may be processed and stored in the United States or other countries. When transferring data internationally, we rely on appropriate safeguards such as Standard Contractual Clauses.

11. Children’s Privacy

Our Service is not intended for individuals under the age of 21. We do not knowingly collect or solicit personal information from anyone under 21. If you are under 21, please do not attempt to register for the Service.

12. Changes to This Privacy Policy

We may update this policy periodically. Continued use of the Service after changes indicates your acceptance of the updated policy.

13. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:
Email: [email protected]