Health warning: this website sells products containing nicotine. Nicotine is an addictive chemical.
Sale allowed only to adults 21 years of age or older. Sales to minors is strctly prohibited.
Health warning: this website sells products containing nicotine. Nicotine is an addictive chemical.
Sale allowed only to adults 21 years of age or older. Sales to minors is strctly prohibited.
0
12066 Language Way
Legal documents & agreements

Privacy Policy

Last Updated: April 8, 2025

Introduction
Smoke App LLC, D.B.A. Smoke App (“Company”, “we”, “us”, or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, share, and safeguard your personal information in connection with our high-risk e-commerce and fulfillment platform for tobacco and vape products (the “Service”). By using Smoke App’s website, mobile application, and related services, you agree to the collection and use of information as described in this Policy. We adhere to applicable data protection laws and industry regulations, and we do not allow anyone under the age of 21 to use the Service.

Information We Collect

We collect several types of information to provide and improve our Service, ensure legal compliance, and personalize your experience.

  • Personal Information You Provide: When you create an account or make a purchase, we may collect information such as your name, date of birth, government-issued identification details (for age verification), email address, phone number, shipping and billing address, and payment information. You may also provide us with a copy of your photo ID or other documents during identity verification processes.
  • Account Verification Data: Because we deal in regulated products, you must verify your age (21+) through a third-party identity verification service. In this process, we collect data needed for verification (e.g. full name, address, date of birth, and in some cases a scanned ID). We record the outcome of these checks (e.g., verified status and expiration of verification) to manage your Smoke App Pass and annual re-verification requirements.
  • Usage and Device Information: Like many online services, we automatically collect technical data when you interact with our platform. This includes your device type, browser type, IP address, device identifiers, operating system, referral URLs, and information about how you use the Service (such as page views, app features used, links clicked, and time spent). If you use our mobile app, we may request access to certain device features (with permission), such as your geolocation. For example, we may collect approximate location data from your IP address or precise location if you opt to share it, in order to suggest relevant vendors or ensure compliance with regional laws.
  • Cookies and Tracking Technologies: We use cookies, web beacons, and similar technologies to remember your preferences, keep you logged in, and gather usage analytics. Cookies help us understand how you navigate our site, which products you view, and what features you find useful. You can control cookies through your browser settings; however, note that disabling cookies may affect functionality of the Service (e.g., keeping items in your cart). For more details, please see our Cookie Policy (if applicable).

How We Use Your Information

We use the collected information for purposes necessary to operate our business and comply with the law, including:

  • To Provide and Enhance the Service: We process personal information to create and manage your account, enable purchases and payments, facilitate order fulfillment, and provide customer support. For example, we use your contact and address information to deliver products and send service-related communications (order confirmations, shipping updates, etc.). We may also use your usage data to improve platform functionality and user experience.
  • Age Verification and Legal Compliance: Your information is used to verify that you are of legal age to purchase tobacco/vape products. We maintain records of identity verification (as required by the federal PACT Act and other laws) and may perform an annual re-verification of your age (the “Smoke App Pass” program) to comply with ongoing legal obligations. We also use personal data to ensure each transaction complies with applicable laws (for example, limiting purchases to certain jurisdictions or quantities where required) and to prevent fraudulent or illegal activity.
  • Order Processing and Fulfillment: We share necessary details (like your name and delivery address) with our vetted vendors and third-party delivery partners so they can fulfill your orders. Your phone number or email may be used to arrange delivery or contact you if there is an issue. At the time of delivery, couriers will verify your ID to confirm age, as mandated by law.
  • Analytics and Business Intelligence: We may analyze purchase histories, site engagement, and geolocation-based trends to understand market demand and improve our services. This helps us generate business intelligence insights, such as popular products in certain regions or usage patterns over time. Any analytics or trend data shared outside our Company (for example, with vendors for market insights) will be aggregated or de-identified so it does not directly identify individual customers.
  • Communications: We use your contact information to send you important updates about your orders or changes to our terms and policies. With your consent where required, we may also send marketing communications such as special promotions, new product announcements, or personalized recommendations. You can opt out of marketing emails at any time. (Transactional emails about your orders or account are not optional.)
  • Fraud Prevention and Security: Information (including device identifiers and transaction history) is used to monitor for fraudulent, suspicious, or unauthorized activities. This helps us protect the security of the platform and our users. If we detect potential fraud or misuse (such as someone attempting to bypass age verification), we may use personal data to investigate and take appropriate action (e.g., account suspension).
  • Legal Obligations: We may process and retain your data as needed to comply with regulatory requirements specific to tobacco and vape sales. This includes maintaining purchase and verification records for a required time period (e.g., recordkeeping mandated by the PACT Act or state laws) and reporting certain information to government authorities. For instance, some laws require that we report aggregate sales information to state regulators or retain invoices and delivery confirmations.

How We Share Your Information

We share personal information only as necessary to provide our Service, for legal compliance, and as described below. We do not sell your personal data to third-party marketers.

  • Vendors and Fulfillment Partners: When you purchase a product, the order is fulfilled by a licensed third-party vendor in our network. We provide the vendor only the information needed to process and ship your order (such as your first name or initials for anonymous packing, shipping address, and product ordered). Vendors are contractually required to keep customer information confidential, use it solely for fulfilling orders, and abide by all laws (including not contacting you for unrelated marketing without consent).
  • Delivery Service Providers: We use specialized delivery companies that are authorized to handle tobacco/vape shipments and perform adult ID verification at handoff. We share your delivery address, contact info, and any necessary delivery instructions with these couriers. They are required to safeguard your data and use it only for the purpose of delivering your package and confirming age upon delivery.
  • Identity Verification Services: As part of our age verification (KYC) process, we securely transmit your identification details to a trusted third-party verification service. This service verifies your age and identity by checking against authoritative databases or records. The third-party service is permitted to use this information only for verification and is contractually obligated to protect it. We receive a confirmation (pass/fail result, and an ID confirmation number or similar) but do not store your actual ID image long-term on our servers (unless required for audit trail).
  • Payment Processors: Your payment information (e.g., credit card details) is processed by compliant payment gateways/merchant-of-record partners. These processors specialize in high-risk transactions and are certified to handle sensitive financial data. We do not store full credit card numbers on our systems; any stored payment tokens are maintained securely by the payment processor.
  • Analytics and Service Providers: We may use third-party analytics tools (e.g., for website traffic analysis or app crash reporting) that collect usage data through cookies or SDKs. This data helps us understand user engagement and improve our platform. These third parties may process usage data on our behalf, but they are not permitted to use it for their own purposes.
  • Legal and Regulatory Disclosures: We may disclose personal information to government authorities or law enforcement when required by law or necessary to comply with regulations. For example, under the PACT Act we must report certain sales information to state tax administrators, which could include your name and address and details of products purchased. We may also disclose information if we believe in good faith that such action is necessary to (a) comply with a legal obligation (such as a court order or subpoena), (b) protect our rights or property, (c) investigate fraud or safety issues, or (d) prevent illegal activities including the purchase of products on behalf of minors.
  • Business Transfers: If Smoke App is involved in a merger, acquisition, asset sale, or financing, your information may be transferred to a successor or affiliated entity as part of that transaction. If such a transfer occurs, we will ensure the new owner respects your rights and this Privacy Policy (or provides notice of any changes).

Data Security

We take data security seriously and implement appropriate technical and organizational measures to protect your personal information. All sensitive data (such as passwords, ID verification data, and payment information) is encrypted during transmission (using HTTPS/SSL encryption) and at rest. We store personal data on secure servers with access controls, and we limit access to employees or contractors who need the information to perform their duties (e.g., support personnel or compliance officers). Our staff receive regular training on privacy and security protocols for handling regulated data.

While we strive to use commercially acceptable means to protect your information, no method of transmission over the internet or electronic storage is 100% secure. Therefore, although we continuously monitor for potential threats and follow best practices (including periodic security audits and compliance reviews), we cannot guarantee absolute security. In the event of a data breach or security incident affecting your personal information, we will notify you and the appropriate authorities as required by law.

Data Retention

We retain your personal information only as long as necessary to fulfill the purposes outlined in this Policy or as required by law. In particular, because tobacco-related transactions are heavily regulated, we keep certain purchase and verification records for a minimum period (for example, five years as mandated by the PACT Act for remote sales records) or longer if required by state law. We also retain information for as long as you maintain an account with us to streamline your experience (for instance, keeping your verification status so you don’t have to re-verify more often than annually). If you close your account or request deletion of your data, we will delete or anonymize your personal information, except for information we are required to keep for legal compliance, dispute resolution, or enforcement of our agreements. Such retained data remains subject to privacy safeguards and is only used for the purposes just described.

Your Rights and Choices

Depending on your jurisdiction, you may have certain rights regarding your personal information:

  • Access and Correction: You can access and update some of your account information by logging into your Smoke App account. If you need assistance accessing, correcting, or updating any personal data we hold about you, please contact us using the information below.
  • Deletion and Restriction: You may request that we delete your personal information or restrict processing in certain circumstances. Note that we may be unable to delete certain records that we are legally required to maintain (e.g., age verification and sales records) for the retention periods mentioned above. We will inform you if this is the case and will securely isolate that data from active use.
  • Opt-Out of Marketing: If you have subscribed to marketing communications, you can opt out at any time by clicking the unsubscribe link in the email or adjusting your account settings. Even if you opt out of marketing messages, you will still receive transactional and service-related communications (such as order notifications and policy updates).
  • California Residents: If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), such as the right to request a list of the categories of personal information we have collected and the categories of third parties with whom we share information. You also have the right to opt out of the “sale” of personal information; however, Smoke App does not sell your personal data to third parties for profit. To exercise your California privacy rights, you can contact us as described below.
  • EU/UK Residents: If you are in the European Union or United Kingdom (though our Service is intended for the U.S. market), you have rights under the General Data Protection Regulation (GDPR) or UK GDPR, including the right to access, rectify, or erase your data, and to object to or restrict certain processing. You also have the right to lodge a complaint with your supervisory authority. We only process your data in the EU/UK if you choose to use our Service from those locations, and in such case, the legal basis for processing is typically your consent (when you sign up and agree to this Policy) and our necessity to comply with legal obligations (age verification laws).

To exercise any of your rights, please contact us at the contact information provided in the “Contact Us” section. We will verify your identity (for example, by asking you to provide information associated with your account) before fulfilling your request, to protect your privacy.

Children and Minors

Our Service is strictly not intended for anyone under the legal smoking age (21 in the U.S.). We do not knowingly solicit or collect personal information from minors. If you are under 21, you are not allowed to use Smoke App or provide any personal information to us, including on our website or through the mobile app. If we learn that we have inadvertently collected information from an individual under 21, we will promptly delete that information. Parents or guardians who become aware that a minor has attempted to or has provided personal data to Smoke App should contact us immediately so we can remove the data and terminate any account if applicable.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or for other operational reasons. When we make material changes, we will notify you by updating the “Last Updated” date at the top of this Policy and, if the changes are significant, by providing a prominent notice (such as via email notification or an in-app alert). We encourage you to review this Policy periodically for the latest information on our privacy practices.

Your continued use of Smoke App after any changes to this Privacy Policy constitutes your acceptance of the updated terms.

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or how we handle your personal information, please contact us at:

Smoke App Privacy Team
Email: privacy@smoke.app
Mailing Address: Smoke App LLC, 6900 Tavistock Lakes Blvd Suite 400, Orlando, FL 32827, USA

We will do our best to address your inquiry and resolve any concerns.