Privacy Policy
Last Updated: April 19, 2026 Effective Date: April 19, 2026
This Privacy Policy explains how Legalize Freedom LLC (dba PlatformDTC) ("PlatformDTC", "we", "our", or "us") collects, uses, and protects information about you when you use our website and platform at PlatformDTC.com (the "Service").
By using the Service, you agree to the practices described in this Privacy Policy.
1. Information We Collect
1.1 Information You Provide
We collect information you provide directly when you create an account, use our services, or contact us. This includes:
- Account information: name, email address, password, business name, business address
- Payment information: billing details, processed securely via Stripe (we do not store full card numbers)
- Identity verification information: for Brand Owners using payment features, we collect government-issued ID, tax identification numbers (SSN/EIN/ITIN), date of birth, and other Know Your Customer (KYC) information required by our payment processor and applicable law
- Content: any text, images, videos, product information, customer lists, or other content you upload, generate, or process through the platform
- Communications: support tickets, emails, and feedback you send us
1.2 Information Collected Automatically
- IP address, browser type and version, device identifiers
- Pages visited, features used, actions taken within the app
- Referring URLs, timestamps, session duration
- Cookies and similar tracking technologies (see Section 5)
1.3 Information from Third Parties
- Payment and identity verification data from Stripe
- Authentication data if you sign in via Google, Facebook, or other providers
- Marketing performance data from connected ad platforms (Meta, Google, TikTok) that you authorize
2. How We Use Your Information
We use your information to:
- Provide, operate, and improve the PlatformDTC platform
- Process payments and prevent fraud
- Perform identity verification (KYC) and anti-money laundering (AML) screening
- Send transactional emails (receipts, security alerts, service notifications)
- With your consent, send product updates and marketing communications
- Analyze usage to improve features and user experience
- Detect, investigate, and prevent fraudulent, unauthorized, or illegal activity
- Comply with legal obligations, including tax reporting (e.g., IRS Form 1099-K)
- Enforce our Terms of Service and other policies
We do not sell your personal data to third parties. Ever.
3. Data Sharing
We share data only with trusted service providers who help us operate the platform, and only as necessary to deliver our services. Categories of recipients include:
| Category | Purpose |
|---|---|
| Payment processors | Process payments, payouts, KYC/AML (Stripe) |
| Cloud infrastructure providers | Hosting, storage, content delivery |
| Analytics providers | Product analytics and usage measurement |
| Email and communications providers | Transactional and marketing email delivery |
| AI service providers | Power AI features within the Service |
| Customer support tools | Help desk and ticket management |
| Fraud prevention and identity verification providers | KYC, sanctions screening, fraud detection |
All third-party processors are bound by data processing agreements consistent with applicable law (GDPR, CCPA). A current list of sub-processors is available on request at privacy@platformdtc.com.
We may also disclose information when required by law, court order, or government request, or to protect our rights, property, safety, or that of our users or the public.
In the event of a merger, acquisition, or sale of assets, your information may be transferred to the successor entity, subject to this Privacy Policy.
4. Data Retention
We retain your account data for as long as your account is active or as needed to provide you with services.
- Account data: retained until account deletion
- Transaction records: retained for at least 7 years to comply with US tax and financial regulations
- KYC and identity verification records: retained for at least 5 years after account closure, as required by anti-money laundering laws
- Marketing data: retained until you unsubscribe
- Backups: residual copies may persist in backups for up to 90 days after deletion
You may request deletion of your account and associated data at any time by contacting privacy@platformdtc.com. We will process your request within 30 days, subject to legal retention requirements above.
5. Cookies and Tracking
We use:
- Essential cookies: to keep you logged in and remember your preferences (cannot be disabled)
- Analytics cookies (with your consent): to understand how you use our platform
- Marketing cookies (with your consent): to measure ad performance and remarketing
You can manage cookie preferences at any time through the "Manage Cookies" option in the footer. EU/UK users will see a consent banner on first visit per GDPR/ePrivacy requirements.
6. Security
We implement industry-standard security measures including:
- Encryption in transit: TLS 1.2+ for all data transmission
- Encryption at rest: AES-256 for sensitive credentials and personal data
- Access controls: role-based permissions, MFA for administrative accounts
- Regular security audits and penetration testing
- PCI-DSS compliance via Stripe (we do not store full payment card data)
- Incident response plan for security breaches
No system is 100% secure. If you discover a vulnerability, please report it responsibly to security@platformdtc.com. We aim to acknowledge reports within 48 hours.
7. Your Rights
Depending on your location, you may have the right to:
- Access: request a copy of personal data we hold about you
- Correct: update inaccurate or incomplete information
- Delete: request deletion of your data (subject to legal retention)
- Export: receive your data in a portable, machine-readable format
- Object/Restrict: object to or restrict certain processing
- Withdraw consent: where processing is based on consent
- Non-discrimination (California residents): we will not discriminate against you for exercising CCPA rights
To exercise these rights, contact privacy@platformdtc.com. We may require identity verification before processing requests.
7.1 EU/UK Users (GDPR)
The legal bases we rely on are: contract performance, legitimate interests, legal obligation, and consent. You have the right to lodge a complaint with your local data protection authority.
7.2 California Users (CCPA/CPRA)
You have the right to know what personal information we collect, to delete it, to opt-out of "sales" (we do not sell), and to non-discrimination.
8. International Data Transfers
PlatformDTC operates from the United States. If you access our Service from outside the US, your information will be transferred to, stored, and processed in the US. We rely on Standard Contractual Clauses (SCCs) and other approved transfer mechanisms for EU/UK data transfers.
9. Children's Privacy
PlatformDTC is not intended for use by individuals under 18 years of age. We do not knowingly collect data from minors. If you believe we have collected data from a minor, contact privacy@platformdtc.com and we will delete it promptly.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes via email or a prominent notice in the platform at least 14 days before the change takes effect.
11. Contact
For any privacy-related questions or requests, contact us at:
- Email: privacy@platformdtc.com
- Security issues: security@platformdtc.com
- Postal mail: Legalize Freedom LLC (dba PlatformDTC), Privacy Team 16192 Coastal Highway Lewes, Delaware 19958 United States
Data Protection Officer (for EU/UK matters): not appointed at this time; privacy-related EU/UK inquiries may be directed to privacy@platformdtc.com