Effective: April 30, 2026 · Last Updated: April 30, 2026
ArmedStrong, Inc. (“ArmedStrong,” “we,” “us,” or “our”) operates a compliance-native B2B platform connecting licensed buyers and sellers in the U.S. defense and firearms commerce ecosystem. This Privacy Policy explains how we collect, use, store, share, and protect information about you and your business in connection with our website, platform, mobile and web applications, customer support, email and SMS communications, and other related services (collectively, the “Services”).
By accessing or using the Services, you agree to the practices described in this Policy. If you do not agree, please do not use the Services.
1.Scope and Who We Serve
ArmedStrong is a business-to-business platform. The Services are designed for and made available to verified business participants — including holders of Federal Firearms Licenses (FFLs), licensed importers and exporters, agency and government buyers, manufacturers, distributors, and qualified institutional users. We do not knowingly market to or collect information from individual consumers seeking to purchase regulated goods.
This Policy applies to information we collect through:
–our website at armedstrong.com and any subdomains we operate;
–our buyer and seller platform, including the dashboard, listings, ordering, escrow, and shipment-tracking interfaces;
–our mobile applications, if and when made available;
–email, SMS, in-platform messaging, and customer support interactions;
–investor relations, marketing, and recruiting channels operated by ArmedStrong.
2.Information We Collect
2.1Account and Identity Information
–Business name, EIN or tax identification, principal contact name, role and title, business email address, mobile and landline numbers, business mailing and shipping addresses.
–Authentication credentials, including hashed passwords and multi-factor authentication tokens.
–Beneficial ownership and authorized-user information necessary for compliance verification.
2.2License and Compliance Information
–Federal Firearms License (FFL) number, type, and expiration; ITAR/DDTC registration; BIS export license details; state-level permits and dealer licenses; supporting documentation you upload.
–Sanctions and watchlist screening results derived from third-party and government data sources.
–End-user statements, end-use certificates, and other documents required by federal or state law for specific transactions.
2.3Transaction and Commercial Information
–Listings, inventory data, purchase orders, invoices, line-item product information, pricing, escrow status, payment records, and refund or dispute records.
–Shipment routing, carrier, tracking, delivery confirmation, and exception data.
–In-platform messaging between counterparties relating to a transaction.
2.4Payment Information
Bank account and payment-instrument information used for ACH, wire, or other transfers is collected and processed by our banking, escrow, and payment partners. ArmedStrong receives only the data necessary to operate the platform (e.g., status, masked identifiers, transaction references) and does not store full bank account numbers in plaintext.
2.5Communications and Support Information
–Messages you send through the platform, support tickets, survey responses, feedback, and call recordings (where lawful and disclosed at the time of the call).
–Email and SMS opt-in records, consent timestamps, and opt-out events.
2.6Device, Usage, and Technical Information
–IP address, browser type and version, operating system, device identifiers, language preferences, time zone.
–Pages viewed, features used, time spent, referring URLs, clickstream data, and platform interaction events.
–Server logs related to authentication, transactions, security monitoring, and error diagnostics.
2.7Marketing and Recruiting Information
If you contact us regarding investment, partnership, employment, or media inquiries, we collect the information you provide (name, organization, role, contact details, content of your message) and may retain it for follow-up and recordkeeping.
3.Sources of Information
We collect information from the following sources:
–Directly from you, when you create an account, submit license documentation, place or accept orders, communicate with us, or otherwise interact with the Services.
–Automatically, through cookies, pixels, server logs, and similar technologies as described in Section 9.
–From third-party partners, including license-verification services (such as ATF FFL eZ Check), state regulatory databases, sanctions and watchlist providers (including OFAC, BIS Denied Persons, and Entity List data), banking and payment processors, shipping and logistics carriers, identity-verification vendors, and analytics providers.
–From publicly available sources, including federal and state regulator publications, business registries, and public filings.
4.How We Use Information
We use the information we collect to:
–operate, maintain, secure, and improve the Services;
–verify the identity, license status, and eligibility of buyers and sellers, and re-verify on a periodic basis;
–facilitate, route, document, and settle transactions between licensed counterparties;
–process payments, escrow, refunds, and disputes through our financial partners;
–screen counterparties and transactions against applicable sanctions, export-control, and watchlist requirements;
–provide customer support and respond to your inquiries;
–send transactional, security, compliance, and program-related communications by email, SMS, or in-platform notification;
–send marketing and product-update communications to opted-in recipients, with the ability to opt out at any time;
–monitor for fraud, abuse, prohibited transactions, and security threats, and to enforce our terms;
–comply with our legal, regulatory, recordkeeping, and reporting obligations under federal and state law, including ATF, ITAR, DDTC, BIS, and state-level requirements;
–conduct internal analytics, research, and product development;
–evaluate corporate transactions, financings, and investor relationships.
5.Legal Bases for Processing
We process information on the following bases, as applicable under U.S. federal and state law and, where relevant, under the laws of other jurisdictions:
–Contractual necessity — to provide the Services you have requested and to fulfill our agreements with you.
–Legal obligation — to comply with statutes, regulations, court orders, and recordkeeping requirements applicable to firearms commerce, export controls, and financial transactions.
–Legitimate interests — to operate, secure, and improve our Services; to detect and prevent fraud and abuse; and to support our business operations, where such interests are not overridden by your rights.
–Consent — for marketing email, SMS messaging, and other activities where consent is required and has been provided. You may withdraw consent at any time.
6.How We Share Information
We share information only as described below. We do not sell personal or business information.
6.1Counterparties to a Transaction
When you initiate, accept, or participate in a transaction on the platform, we share the information necessary to complete it — including, where applicable, business name, FFL details required by federal law, shipping destination, and transaction terms. Buyer business names are not printed on external shipping labels except where required by carrier or regulator; see our blind-shipping policy in the platform documentation.
6.2Service Providers
We share information with vendors that perform services on our behalf, each bound by contractual confidentiality and data-protection obligations. Categories include:
–cloud hosting and infrastructure providers;
–banking, escrow, and payment processors;
–identity, license, and sanctions verification vendors;
–shipping and logistics partners and carriers;
–email, SMS, and customer-support communications providers;
–analytics, error-monitoring, and security providers;
–professional advisors, including legal, accounting, and audit firms.
6.3Regulators, Law Enforcement, and Legal Process
We disclose information when required by subpoena, court order, search warrant, or applicable law, or when we reasonably believe disclosure is necessary to comply with regulatory obligations, respond to lawful requests by public authorities, or protect the rights, property, or safety of ArmedStrong, our users, or the public.
6.4Corporate Transactions
In connection with a merger, acquisition, financing, reorganization, or sale of all or part of our assets, information may be transferred or disclosed to involved parties, subject to confidentiality protections and continued application of this Policy or a successor policy with materially similar protections.
6.5With Your Consent
We share information for any other purpose with your consent or at your direction.
SMS and Mobile Data — ImportantMobile numbers and SMS opt-in consent data are not shared with any third party or affiliate for marketing purposes. We share mobile data only with the SMS aggregators and carriers necessary to deliver the messages you have requested. See Section 8 for details.
7.Email Communications
We send email for transactional, security, compliance, and operational purposes (such as account verification, transaction confirmations, license-renewal reminders, and security alerts). These messages are not subject to opt-out because they relate to your use of the Services and our regulatory obligations.
We also send marketing and product-update emails to recipients who have opted in or who fall within an established business relationship as permitted by law. You can unsubscribe from marketing email at any time by clicking the unsubscribe link in any marketing message or by contacting privacy@armedstrong.com.
8.SMS and Mobile Messaging
ArmedStrong operates an SMS messaging program governed by the provisions set out in this section.
8.1Consent
Mobile numbers are collected only with your express consent — captured at signup, through a documented opt-in flow, or by your reply to a confirmation message. By providing your mobile number and consenting, you authorize ArmedStrong to send recurring SMS and MMS messages to that number using an automatic telephone dialing system or similar technology. Consent is not a condition of using the platform.
8.2Categories of Messages
–account verification codes and authentication;
–transaction status, escrow release, and shipment notifications;
–compliance and license-renewal reminders;
–security alerts and fraud notifications;
–periodic program updates and platform announcements relevant to your account.
8.3Frequency
Message frequency varies by account activity. Transactional messages are sent as events occur. Marketing and program-update messages are sent no more than 4 messages per month, unless you have opted into a higher-frequency notification tier.
8.4Message and Data Rates
Message and data rates may apply. ArmedStrong does not charge for SMS, but your wireless carrier’s standard rates apply.
8.5Opt-Out and Help
To stop receiving messages, reply STOP, END, CANCEL, UNSUBSCRIBE, or QUIT to any message. You will receive a confirmation message and will not receive further SMS from the program. Reply HELP for assistance, or contact support@armedstrong.com.
Opting out of SMS does not opt you out of email, in-platform notifications, or required regulatory communications. Carriers are not liable for delayed or undelivered messages.
8.6Mobile Data Sharing
Mobile numbers and SMS opt-in consent data are not shared with any third party or affiliate for marketing purposes. Mobile data is shared only with the SMS aggregators and carriers necessary to deliver the messages you have requested.
9.Cookies and Tracking Technologies
We use cookies, pixels, local storage, and similar technologies to:
–operate the Services and maintain authenticated sessions;
–remember preferences and settings;
–measure and improve performance, security, and usability;
–detect fraud and abuse.
Most browsers allow you to refuse, restrict, or delete cookies through browser settings. Certain features of the Services may not function properly without them. We do not use cookies to facilitate cross-site behavioral advertising on consumer media properties.
10.Analytics and Product Improvement
We use analytics tools to understand how the Services are used, diagnose errors, measure feature adoption, and improve the platform. Analytics data is generally aggregated or pseudonymized and is used for internal purposes. We do not enable analytics partners to use platform data to build profiles for their own advertising purposes.
11.How We Store and Protect Information
ArmedStrong stores information on cloud infrastructure operated by reputable U.S.-based providers. We implement administrative, technical, and physical safeguards designed to protect information against unauthorized access, alteration, disclosure, and destruction, including:
–encryption in transit using TLS;
–encryption at rest for sensitive fields, including license data and payment-related identifiers;
–role-based access controls and the principle of least privilege;
–multi-factor authentication for administrative and platform access;
–logging, monitoring, and intrusion detection on production systems;
–vendor due diligence, security questionnaires, and contractual data-protection requirements;
–secure software development practices, code review, and periodic security testing;
–incident response procedures and breach notification consistent with applicable law.
No system is perfectly secure. While we work to protect your information, we cannot guarantee absolute security and recommend that you use strong, unique credentials, enable multi-factor authentication, and promptly notify us of any suspected unauthorized access.
12.Data Retention
We retain information for as long as necessary to provide the Services, comply with our legal and regulatory obligations, resolve disputes, and enforce our agreements. Specific retention periods vary by data type:
–Transaction records, license documentation, and compliance logs are retained for the periods required by federal and state firearms, export-control, and financial recordkeeping laws, which may extend beyond the life of your account.
–Account information is retained while your account is active and for a reasonable period thereafter for legal and operational purposes.
–SMS consent and opt-out records are retained for compliance and audit purposes for the period required by applicable telecommunications and consumer-protection law.
–Marketing and analytics data is retained for the period necessary to support the purposes for which it was collected.
When information is no longer needed, we delete, archive, or de-identify it in accordance with our retention schedule.
13.Your Rights and Choices
13.1Account Information
You may review and update your account and business information through your account settings or by contacting support@armedstrong.com. Some information — such as license records associated with completed transactions — cannot be modified or deleted because of regulatory recordkeeping requirements.
13.2Communication Preferences
You can opt out of marketing email by clicking the unsubscribe link in any marketing message. You can opt out of SMS by replying STOP. Even after opting out, you may continue to receive transactional, security, and required regulatory communications.
13.3Cookies
You can manage cookies through your browser settings. Disabling cookies may affect Service functionality.
13.4Access, Correction, and Deletion
Subject to applicable law and regulatory recordkeeping requirements, you may request access to, correction of, or deletion of personal information we hold about you. Submit requests to privacy@armedstrong.com. We will verify your identity before responding and will respond within the timeframes required by applicable law. We will not discriminate against you for exercising these rights.
14.State-Specific Privacy Disclosures
Depending on your state of residence, additional rights may apply. These include, where applicable, rights to:
–know what personal information we collect, use, and disclose;
–access a copy of your personal information;
–correct inaccurate personal information;
–request deletion of personal information;
–opt out of certain processing activities, including the “sale” or “sharing” of personal information as defined under California law (we do not sell or share personal information for cross-context behavioral advertising);
–limit the use and disclosure of sensitive personal information;
–appeal a denial of your request, where required.
These rights are subject to verification and to exemptions under applicable state law. Many state privacy laws contain B2B exemptions and exemptions for information processed for federal compliance and recordkeeping purposes that may apply to data we hold about you. To exercise your rights, contact privacy@armedstrong.com.
15.International Users
The Services are intended for use in the United States. Information you provide is processed and stored in the United States. If you access the Services from outside the United States, you consent to the transfer and processing of your information in the United States, which may have different data-protection laws than your home jurisdiction.
16.Children’s Privacy
The Services are intended for business users and are not directed to children. We do not knowingly collect information from anyone under 18. If you believe a child has provided us information, please contact us and we will take appropriate steps to delete it.
17.Third-Party Sites and Services
The Services may contain links to third-party websites, applications, or services that are not operated by ArmedStrong. This Policy does not apply to those third parties, and we are not responsible for their privacy practices. We encourage you to review the privacy policies of any third party before providing information.
18.Changes to This Policy
We may update this Policy from time to time. The “Last Updated” date at the top of the page reflects the most recent revision. Material changes will be communicated through the platform, by email, or by other reasonable means. Continued use of the Services after the effective date of an updated Policy constitutes acceptance of the changes.
19.Contact
Questions, requests, or complaints about this Policy or our data practices?