Privacy Policy - Paladin Supplies

Effective Date: June 26, 2025

Last Updated: June 26, 2025

A. Our Commitment to Your Privacy

Paladin Supplies and its affiliates (“Paladin Supplies,” “we,” “us,” or “our”) are firmly committed to protecting the privacy and security of the personal information entrusted to us by our customers, partners, and website visitors. This Privacy Policy is designed to provide a clear and comprehensive explanation of our data handling practices. Its purpose is to inform you about the types of information we collect, how that information is used and shared, the measures we take to safeguard it, and the rights and choices you have regarding your personal information.¹ We believe that transparency is the foundation of trust, and this policy serves as our pledge to handle your data responsibly and in accordance with applicable laws and regulations.⁴

The development and maintenance of this policy are guided by core principles of data protection, including purpose limitation, data minimization, and security by design. By being forthright about our practices, we aim to provide you with the necessary information to make informed decisions when interacting with our services and to feel confident that your data is being handled with the utmost care and respect.

B. Scope of This Policy

This Privacy Policy applies to all personal information collected and processed by Paladin Supplies in the course of our business operations. This includes information gathered when you engage with us through any of the following channels or activities (“Services”):

Visit, browse, or interact with our official website, located at [www.paladinsupplies.com], and any other website we own or operate that links to this Privacy Policy (collectively, the “Site”).⁴
Register for or maintain a customer account with Paladin Supplies.⁵
Request quotes, purchase products, or use any of our services.⁷
Communicate with us through any means, including email, telephone, our Site’s contact forms, or SMS text messaging.⁵
Subscribe to our newsletters, marketing communications, or other publications.⁶
Participate in our surveys, contests, promotions, or marketing events.⁵

This policy is primarily intended to cover information collected through our online channels and digital services. It does not extend to information that may be collected offline, unless such information is subsequently consolidated with data collected through our online Services.⁹ Furthermore, this policy does not apply to the data handling practices of third-party websites or services that may be linked to from our Site; we encourage you to review the privacy policies of those third parties independently.⁵

C. Your Consent

By accessing our Site, creating an account, or otherwise using our Services, you acknowledge that you have read, understood, and agree to the collection, use, disclosure, and other processing of your personal information as described in this Privacy Policy.⁶ If you do not agree with the terms and practices outlined in this document, please do not access or use our Services.¹⁴ For certain processing activities, particularly those related to marketing communications, we will seek your explicit consent as required by applicable law.

II. The Information We Collect and How We Collect It

Our approach to data collection is founded on the principle of data minimization—we strive to collect only the information that is necessary to provide you with our products and services, fulfill our contractual and legal obligations, and operate our business effectively.¹⁵ This section details both the categories of personal information we collect and the methods by which we collect it.

A. Categories of Personal Information We Collect

For the sake of clarity and transparency, we have categorized the personal information we may collect into the following groups. It is important to be overly specific rather than vague in this area, so you can make an informed decision about providing your information.¹⁵

Identifiers: This includes information that can be used to directly identify you or your business. Examples include your full name, the name of your company, postal and shipping addresses, email address, telephone number(s), online account username, and Internet Protocol (IP) address.⁶
Commercial Information: This category encompasses data related to your business transactions with us. It includes records of products or services you have purchased, obtained, or considered; your purchasing or transaction history; and financial information required for billing, such as credit card numbers, expiration dates, and billing addresses.⁵
Internet or Other Electronic Network Activity Information: When you interact with our Site, we automatically collect certain technical data. This includes log files, browser type and version, operating system, Internet Service Provider (ISP), the pages you view on our Site, the files you download, referring and exit pages, date and time stamps of your visits, and clickstream data that tracks your movement through our Site.⁹
Professional or Employment-Related Information: In the course of our B2B relationship, we may collect information related to your professional role, such as your job title and the industry in which your company operates. This information is typically provided by you during account registration or when making an inquiry.⁷

B. How We Collect Your Information

We collect the categories of information listed above through several different methods, which can be broadly classified as information you provide to us directly and information we collect automatically.

Information You Provide to Us Directly: A significant portion of the data we hold is information you voluntarily give us. This occurs when you perform actions such as:
- Completing a registration form to create an online account.⁵
- Placing an order for products, requesting a quote, or filling out an order form.⁵
- Contacting our customer service team or other representatives directly via email, telephone, or through the contact forms on our Site.⁵
- Subscribing to our newsletters or other marketing communications.⁶
- Choosing to participate in voluntary surveys or contests that we may offer from time to time.⁵
Information We Collect Automatically (Log Data and Tracking Technologies):
- Log Files: Our web servers follow a standard procedure of using log files. These files automatically record certain information (“Log Data”) that your browser sends whenever you visit our Site. This data, which includes your IP address, browser type, and timestamps, is used for analyzing trends, administering the site, tracking user movement, and gathering demographic information for aggregate use. This information is not linked to any data that is personally identifiable.⁹
- Cookies and Similar Technologies: We use “cookies,” which are small text files stored on your device’s hard drive, and other similar tracking technologies to enhance and personalize your experience on our Site. Cookies help us improve your access, identify repeat visitors, and track and target the interests of our users to improve our services.⁵ For instance, a cookie may be used to remember your login information, so you do not have to enter a password more than once, saving you time.⁵ It is important to note that personal information is not collected via cookies unless you have previously provided it to us voluntarily.¹² We will never use cookies to retrieve information from your computer that was not originally sent by us in a cookie.¹⁰ You have the option to control the use of cookies at the individual browser level. If you choose to refuse our cookies, you may still use our Site, but your ability to use some features or areas may be limited.⁶
Information from Third-Party Sources: On occasion, we may receive information about you from other sources, such as our trusted business partners, service providers, or data analytics firms. We may combine this information with the data we collect directly from you to enhance our records, improve the accuracy of our marketing efforts, and provide you with better service.¹⁰

III. How We Use Your Personal Information

The collection of personal information is not an end in itself; it is done for specific, explicit, and legitimate purposes. Vague justifications for data use, such as “to improve our services,” are insufficient under modern privacy standards.¹ Therefore, this section clearly maps each category of data use to a defined business function. This granular approach provides you with a transparent understanding of our processing activities and serves as our internal framework for ensuring purpose limitation, a cornerstone of data protection laws like the GDPR and a best practice under U.S. law.²⁰ By articulating these purposes, we create a defensible record that mitigates the risk of claims that data was used in an unauthorized manner.

A. To Provide and Manage Our Services

The primary use of your personal information is to deliver the products and services you request from us. This includes:

Order Fulfillment: Processing your orders from placement to delivery, which involves using your contact and commercial information to process payments, manage billing, and arrange for shipping with our logistics partners.⁵
Account Management: Creating and maintaining your online account, authenticating your identity for secure access, and managing your account settings and preferences.⁵
Customer Support: Using your identifiers and commercial information to respond to your inquiries, provide technical support, troubleshoot issues, and deliver essential customer service.⁵

B. For Communication and Marketing

We use your contact information to communicate with you for both transactional and marketing purposes, with a strict separation between the two:

Transactional Communications: Sending you essential, non-promotional messages related to your business with us. These include order confirmations, payment receipts, shipping notifications, and service-related announcements.⁵
Marketing and Promotional Communications: Subject to your explicit consent where required by law, we may send you communications about our products, services, special offers, industry news, and other information we believe will be of interest to you. This includes newsletters and promotional emails. You will always have the ability to opt-out of these communications.⁵ This category of communication is governed by the stringent consent requirements detailed in Section V of this policy.

C. For Analytics, Security, and Improvement

To ensure our Services remain effective, secure, and user-friendly, we use certain information for internal analysis and operational enhancement:

Service Improvement: Analyzing how you and other users interact with our Site to improve, personalize, and expand our offerings, as well as to develop new products, services, and features.⁶
Trend Analysis: Monitoring and analyzing usage trends and activities to understand the effectiveness of our content, marketing campaigns, and Site functionality.⁶
Security and Fraud Prevention: Using technical data and transaction information to find and prevent fraudulent transactions, protect the security and integrity of our Site and systems, and investigate potential violations of our terms and conditions.⁹

D. To Comply with Legal Obligations

We may be required to use and retain your personal information to comply with our legal and regulatory obligations. This includes responding to lawful requests from public authorities, such as court orders or subpoenas, and fulfilling our obligations under tax, accounting, and corporate law.⁷

IV. How and Why We Share Your Personal Information

Transparency regarding data sharing is a legal requirement and a critical component of building and maintaining trust with our business customers.¹ Our policy is to not sell your personal information for monetary consideration. However, to operate our business and provide our Services, we must share information with trusted third parties who perform essential functions on our behalf.

The language used in this section is intentionally precise. Under privacy laws like the California Privacy Rights Act (CPRA), the terms “sell” and “share” have specific legal definitions that can extend beyond a simple monetary exchange to include disclosures for cross-context behavioral advertising.²³ By clearly stating that we do not sell data and then detailing the specific, limited, and operationally necessary circumstances under which we disclose it to service providers, we provide clarity to our B2B clients and avoid triggering legal obligations that are not relevant to our business model, while remaining fully transparent about our practices.⁵

A. With Third-Party Service Providers

We engage a variety of third-party companies and individuals to act as our service providers, who process personal information on our behalf to help us operate our business. We only share the information necessary for them to perform their designated functions and contractually require them to protect the confidentiality and security of this information. They are strictly prohibited from using your personal information for any purpose other than to provide the services we have requested.⁶

Examples of such service providers include:

Payment Processors: To securely process your credit card and other payment information when you make a purchase.⁵
Shipping and Logistics Partners: To facilitate the delivery of your orders to your specified address.⁵
Technology and Cloud Hosting Providers: To host our website, store our data, and maintain the underlying technology infrastructure that supports our Services.⁵
Marketing and Communications Platforms: To manage our email newsletters and, as detailed in Section V, to facilitate our SMS text messaging programs (e.g., Dialpad).⁷
Data Analytics Providers: To assist us in analyzing website traffic and user behavior to improve our Services.⁶

B. For Legal Reasons and to Protect Our Rights

We may be required to disclose your personal information in certain circumstances to comply with the law or to protect our legal rights. These situations include:

In response to a subpoena, court order, civil discovery request, or other lawful legal process from governmental or law enforcement agencies.⁷
When we believe in good faith that disclosure is necessary to prevent or investigate actual or potential fraud, or to protect against unauthorized transactions.¹²
To enforce our terms and conditions, protect our rights, property, or safety, and the rights, property, and safety of our customers or the public.⁷

C. In Connection with a Business Transfer

If Paladin Supplies is involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, or sale of all or a portion of its assets, your personal information may be transferred to the successor or acquiring entity as part of that transaction. In such an event, we will provide notice to you, for example, via email or a prominent notice on our Site, and any successor entity will be bound by the commitments made in this Privacy Policy with respect to your previously collected information.¹

D. With Your Consent

Beyond the circumstances described above, we may share your personal information with other third parties if we have obtained your explicit and affirmative consent to do so.

V. SMS Messaging: Communications, Consent, and Your Choices

This section provides exhaustive detail regarding our Short Message Service (SMS) text messaging programs. SMS communication is subject to stringent legal and regulatory requirements, most notably the Telephone Consumer Protection Act (TCPA) and the guidelines established by CTIA – The Wireless Association.²⁵ We treat these obligations with the utmost seriousness, as failure to comply can result in severe penalties, including fines ranging from $500 to $1,500

for each non-compliant message sent.²⁶

A critical aspect of TCPA compliance is the legal distinction between “informational” messages and “marketing” messages. The standard of consent required for marketing texts is significantly higher than for purely informational ones.²⁶ A message that combines both (e.g., a shipping notification that also includes a promotional offer) can be legally classified as marketing, potentially invalidating the consent under which it was sent. To mitigate this substantial risk, our policy and operational practice is to maintain a strict separation between these communication streams. Transactional alerts will contain only transactional information, while marketing alerts will be part of a separate program requiring a distinct and compliant opt-in. This structural separation is our primary defense against misclassification claims.

Furthermore, while the CTIA’s guidelines are technically “voluntary,” mobile carriers enforce them by blocking traffic from non-compliant senders.²⁹ Therefore, these best practices are operationally mandatory for any successful SMS program. Our policies, including the use of clear language and summary tables, are designed to comply with both the letter of the TCPA law and the practical requirements of the CTIA.

A. Overview of Our SMS Programs

Paladin Supplies offers several types of SMS communications to provide timely information and enhance your customer experience. We clearly distinguish between the following programs:

Transactional & Informational Messages: These are automated alerts directly related to your business transactions and account activity with us. Examples include order confirmations, payment reminders, shipping status updates, delivery notifications, and appointment reminders for service calls.²⁶
Marketing & Promotional Messages: These messages are intended to provide you with information about our products, services, special offers, sales events, and other company news. These are purely promotional in nature.²⁵
Conversational Messages: This refers to two-way text message conversations initiated by you for the purpose of seeking customer support or asking questions about your account or our products.³⁶

B. The Legal Standard: Your Consent is Required

We will not send you any SMS text messages without first obtaining the proper level of consent required by law.

Prior Express Written Consent for Marketing Messages: This is the highest standard of consent and is legally required before we can send you any marketing or promotional text messages using an automated system. To be valid, your consent must be:
- In Writing: This can be obtained through electronic means, such as an online form where you check a box or a text message you send to us from your mobile device.²⁵
- Affirmative and Unambiguous: You must take a clear, positive step to opt-in. For this reason, we do not use pre-checked boxes for SMS marketing consent.²⁵
- Accompanied by Clear Disclosures: At the point where we ask for your consent, we will provide a clear and conspicuous disclosure that informs you of the following:
  1. You are agreeing to receive automated marketing text messages from Paladin Supplies.³⁴
  2. Your consent to receive these messages is not a condition of making any purchase from us.²⁶
  3. The messages will be sent to the specific phone number you provide.³⁴
Consent for Informational Messages: For purely informational (non-marketing) messages, such as order updates, consent may be established when you provide us with your mobile phone number in the context of a specific transaction or service request (e.g., by entering it on an order form).²⁶ By providing your number for this purpose, you agree to receive automated transactional texts related to that specific context.

C. The Opt-In and Opt-Out Process

How to Opt-In: You can provide your prior express written consent to receive marketing messages by, for example, checking an unchecked box on our website’s checkout or account registration page. The language next to the checkbox will be clear, such as: “I agree to receive automated marketing text messages from Paladin Supplies at the phone number provided. I understand that consent is not a condition of purchase. Msg & Data rates may apply. Approx. 4 msgs/month. Reply HELP for help, STOP to cancel.”
Confirmation Message (Double Opt-In): As a best practice recommended by the CTIA, after you opt-in to our marketing program, you will receive an immediate confirmation text message from us. This message serves as a double opt-in and will reiterate the key terms of the program, including ²⁵:
- Our business name: Paladin Supplies
- The program description: e.g., “Marketing Alerts”
- The expected message frequency: e.g., “Approx. 4 msgs/month”
- The disclosure that “Msg & Data rates may apply”
- Clear instructions on how to get help (Text HELP for help) and how to opt-out (Text STOP to cancel).
How to Opt-Out: You have the right to revoke your consent and opt-out of our SMS programs at any time and for any reason. The process is designed to be simple and immediate. To opt-out, simply reply STOP to any text message you receive from us. Upon receiving your request, we will send you one final confirmation message to verify that you have been unsubscribed. You will not receive any further messages from that program unless you choose to opt-in again in the future.²⁵ You can also request to be opted out by contacting our customer service.

D. SMS Program Details Table

To provide maximum clarity and serve as a quick-reference guide, the key details of our primary SMS programs are summarized below. This format enhances transparency and ensures you can easily understand the nature of the communications you are consenting to receive.

Paladin Supplies SMS Program	Description of Messages	Message Frequency	How to Opt-Out
Order & Shipping Alerts	Receive transactional updates on order confirmation, processing status, shipping, and delivery.	Varies based on order activity.	Reply STOP
Marketing & Promotions	Receive alerts about new products, exclusive offers, industry news, and company updates.	Approximately 2-4 messages per month.	Reply STOP
Customer Support	Engage in two-way text conversations with our support team for help with your account or orders.	Varies based on your inquiry.	Reply STOP

E. Data Sharing and Privacy for SMS

We are committed to protecting the privacy of the information you provide for our SMS programs. We explicitly state that your mobile information, including your phone number and your opt-in consent data, will not be shared with or sold to any third parties or affiliates for their own marketing or promotional purposes.²² This information will only be shared with our trusted technology partners (e.g., our SMS platform provider) for the sole purpose of administering our SMS programs on our behalf.

VI. Your Privacy Rights and How to Exercise Them

The landscape of data privacy law in the United States is a complex patchwork of state-level regulations. Laws in states like California (CPRA), Virginia (VCDPA), Colorado (CPA), and Utah (UCPA) grant consumers similar but distinct rights regarding their personal information.²⁴ Attempting to manage different sets of rights for customers based on their location is operationally complex and prone to error. Therefore, to ensure robust compliance and demonstrate a company-wide commitment to privacy that exceeds the minimum legal requirements, Paladin Supplies has adopted a “highest common denominator” approach. We extend the core privacy rights provided under these major state laws to all our customers, regardless of their location.²³

A. Your Rights Regarding Your Personal Information

Depending on applicable law, you may have the following rights concerning the personal information we hold about you:

The Right to Know and Access: You have the right to request confirmation as to whether we are processing your personal information and to access that information. This includes the right to request the specific pieces of personal data we have collected, the categories of sources from which it was collected, our business purposes for collecting it, and the categories of third parties with whom we have shared it.²
The Right to Deletion: You have the right to request that we delete the personal information that we have collected from you. Please note that this right is subject to certain exceptions. For example, we may need to retain your information to complete the transaction for which it was collected, detect security incidents, comply with a legal obligation, or for other internal and lawful uses.²
The Right to Correction: You have the right to request that we correct any inaccurate personal information that we maintain about you.¹⁵
The Right to Data Portability: You have the right to request a copy of your personal information in a portable and, to the extent technically feasible, readily usable format that allows you to transmit the data to another entity without hindrance.⁴²
The Right to Opt-Out of the “Sale” or “Sharing” of Personal Information: As stated previously, we do not sell your personal information for monetary consideration. However, some state laws define “sale” or “sharing” broadly to include disclosures for targeted advertising. You have the right to opt-out of such activities. You can exercise this right by clicking the “Do Not Sell or Share My Personal Information” link in the footer of our website.⁷
The Right to Non-Discrimination: We will not discriminate or retaliate against you for exercising any of your privacy rights. This means we will not deny you goods or services, charge you different prices or rates, or provide you with a different level or quality of services for exercising your rights.⁷

B. How to Exercise Your Rights

To submit a request to exercise any of the rights described above, please contact us using one of the following methods:

By Email: [[email protected]]

Upon receiving your request, we will take steps to verify your identity to protect your privacy and security. The verification process may require you to provide certain information to match with the information we have on file. We will only use the personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request. We will respond to your request within the time frame required by applicable law, which is typically 45 days, with a possible extension where necessary.

VII. Data Security, Retention, and International Transfers

A. Our Commitment to Data Security

We take the security of your personal information seriously and have implemented a program of reasonable administrative, technical, and physical safeguards designed to protect the data we collect from unauthorized access, use, disclosure, alteration, or destruction. This public statement reflects our internal commitment to a written information security program as required by regulations such as the Federal Trade Commission’s (FTC) Safeguards Rule.¹⁶ By describing these measures, we are not only reassuring you but also publicly affirming our compliance with these important legal obligations.

Our security measures include:

Technical Safeguards: Using Secure Sockets Layer (SSL) or other encryption technologies to protect sensitive information (such as credit card data) transmitted online. We also employ firewalls and other network security measures to prevent unauthorized access to our systems.⁵
Administrative and Physical Safeguards: Implementing the “principle of least privilege,” which means that our employees are only granted access to the personal information that is necessary for them to perform their specific job functions.⁵ We provide training to our employees on data privacy and security, and we maintain physical security measures to protect the servers and computers where we store personally identifiable information in a secure environment.⁵

Despite our efforts, it is important to remember that no method of transmission over the Internet or method of electronic storage is 100% secure and reliable. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.²

B. Data Retention

Our policy is to retain personal information only for as long as is necessary to fulfill the purposes for which it was collected.¹ The retention period for specific types of data depends on the context in which it was collected and our ongoing business needs. We determine appropriate retention periods by considering:

The duration of our business relationship with you and the time required to maintain your active account.
The purposes for which we collected the information.
Our legal and regulatory obligations, such as requirements under tax, corporate, and accounting laws that may compel us to keep transaction records for a specific number of years.¹

Once the retention period expires, personal information is securely deleted or anonymized so that it can no longer be associated with you.

C. International Data Transfers

Paladin Supplies is headquartered in the United States, and our Services are primarily directed to customers within the U.S. market. Any personal information we collect will be processed and stored in the United States. If you are accessing our Services from outside the United States, please be aware that your information will be transferred to, stored, and processed in the U.S., where data protection laws may differ from those in your jurisdiction. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy.⁴

VIII. Additional Policy Information

A. Children’s Privacy

Our Site and Services are intended for a business-to-business audience and are not directed to or intended for use by children. We do not knowingly collect personal information from individuals under the age of 16. This age threshold is set to align with the requirements of the Children’s Online Privacy Protection Act (COPPA) as well as the higher age limits specified in certain state privacy laws like the CPRA.¹ If we become aware that we have inadvertently collected personal information from a child under 16 without verifiable parental consent, we will take immediate steps to delete that information from our records.

B. Links to Other Websites

Our Site may contain links to other websites that are not operated or controlled by Paladin Supplies. This Privacy Policy does not apply to the practices of these third-party sites. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.⁵ We strongly encourage you to be aware when you leave our Site and to read the privacy statements of any other site that collects personally identifiable information.

C. Changes to This Privacy Policy

We reserve the right to amend or update this Privacy Policy from time to time to reflect changes in our data practices, our services, or applicable law. When we make changes to this policy, we will post the updated version on this page and revise the “Last Updated” date at the top of the policy.¹ For any material changes, we will provide more prominent notice, such as by sending an email notification to our registered users or by posting a notice on the homepage of our Site prior to the change becoming effective.² We encourage you to review this page periodically to stay informed about our privacy practices.

IX. Contact Us

If you have any questions, concerns, or complaints about this Privacy Policy or our data handling practices, or if you wish to exercise your privacy rights, please do not hesitate to contact us. We have established clear channels of communication to ensure your inquiries are addressed promptly and effectively.

You can reach our privacy team through the following methods:

Dedicated Privacy Email:

[[email protected]]

Paladin Supplies

Attn: Privacy Compliance Officer

⁴⁷

Live Chat

Same-Day Delivery