Legal Privacy • CPRA • GDPR

Privacy Policy

This policy explains how HoplonTec Inc. collects, uses, discloses, and safeguards information when you use Armur.

Armur is owned and operated by HoplonTec Inc., a Delaware corporation (“HoplonTec,” “Company,” “we,” “us,” or “our”).

This Privacy Policy explains how we collect, use, disclose, and safeguard information when you access or use the Armur mobile application, the website located at armur.org, and related services (collectively, the “Service”).

An account is required to access the Service.
By using the Service, you consent to the practices described in this Policy.

This Policy is incorporated into and governed by our Terms of Use.

Last Updated: 15 February 2026

1. Information We Collect

We collect information necessary to operate, secure, and improve the Service.

1.1 Account Information (Required)

To create an account, we collect:

  • Email address
  • Encrypted password hash
  • Display name
  • Account identifiers
  • Subscription and billing status

This information is required for authentication and service delivery.

1.2 Collection & User Content Data

We store user-submitted content necessary to operate the Service, including:

  • Firearm entries and metadata
  • Photos and attachments
  • Notes and descriptions
  • Marketplace listings
  • Posts, comments, and interactions
  • Notifications and preferences
  • App configuration settings

You control what information you upload.

Important: We recommend that users do not include sensitive personal information (e.g., government ID numbers, home addresses, or serial numbers) in publicly visible listings or posts.

1.3 Device Storage

Certain data may be stored locally on your device for performance and limited offline functionality, including:

  • Cached records
  • Photos
  • Preferences
  • Temporary offline data

Locally stored data may not be recoverable if the App is removed or the device is reset.

1.4 Automatically Collected Information

We may automatically collect:

  • IP address
  • Device identifiers
  • App version
  • Crash logs
  • Usage metrics
  • Security event logs

This information is used for:

  • Security and fraud prevention
  • Performance monitoring
  • System reliability
  • Abuse detection

We do not use this data for behavioral advertising.

2. How We Use Information

We use collected information to:

  • Provide account authentication
  • Synchronize data across devices
  • Enable marketplace and social features
  • Moderate content and enforce policies
  • Process subscriptions
  • Provide customer support
  • Detect fraud or misuse
  • Improve system performance
  • Comply with legal obligations

We do not sell personal information.

3. Sharing of Information

We may share limited information with service providers who assist in operating the Service, including:

  • Cloud hosting providers
  • Authentication providers
  • Payment processors (Stripe)
  • Analytics providers (aggregated, non-marketing use)

All service providers are contractually required to safeguard data.

3.1 Public Visibility

Marketplace listings and social features may make certain content visible to other users.

You are responsible for the content you choose to share publicly.

3.2 Legal Disclosures

We may disclose information:

  • To comply with legal obligations
  • In response to lawful subpoenas or court orders
  • To protect rights, safety, or property
  • In connection with corporate restructuring, merger, or acquisition

We do not voluntarily share firearm records or personal collection data with advertisers.

4. Payment Processing

Payments are processed by Stripe, Inc.

HoplonTec:

  • Does not store full payment card numbers
  • Does not directly process credit card data

We may receive limited metadata such as:

  • Payment status
  • Subscription tier
  • Billing email
  • Country/region for tax compliance

Stripe Privacy Policy: https://stripe.com/privacy

5. Data Security

We implement industry-standard safeguards including:

  • Encrypted transmission (TLS)
  • Encrypted storage
  • Password hashing
  • Role-based access controls
  • Audit logging
  • Backup redundancy

No system is immune from risk. Users are responsible for maintaining credential security.

6. Data Retention

We retain personal data:

  • While your account remains active
  • As necessary to provide services
  • To comply with legal obligations
  • To resolve disputes
  • To enforce agreements

Deleted data may temporarily persist in encrypted backups before permanent removal.

7. Account Deletion & Data Requests

You may request account deletion at any time.

Upon deletion:

  • Active cloud data will be removed
  • Backup copies may persist temporarily
  • Legal retention requirements may apply

Where supported, users may export their collection data.

8. Children’s Privacy

The Service is intended for adults.

We do not knowingly collect data from individuals under 18. If we learn that a minor has provided data, we will delete it.

9. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you may have rights under the California Consumer Privacy Act (as amended), including the right to:

  • Request access to personal information
  • Request deletion
  • Request correction
  • Request disclosure of categories of data collected
  • Request disclosure of categories of third parties receiving data

We do not sell personal information.

Requests may be submitted through the contact information below.

We will not discriminate against you for exercising lawful privacy rights.

10. European Union / UK GDPR Notice

The Service is operated from the United States.

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, and applicable law applies, the following provisions govern:

10.1 Lawful Bases for Processing

We process personal data under:

  • Contractual necessity (account and service delivery)
  • Legitimate interests (security, fraud prevention, system improvement)
  • Legal compliance
  • Consent (where required)

10.2 Data Subject Rights

Subject to applicable limitations, you may request:

  • Access to personal data
  • Correction
  • Deletion
  • Restriction of processing
  • Data portability
  • Objection to processing

We may verify identity before fulfilling requests.

10.3 International Transfers

Personal data may be transferred to and processed in the United States.

Where required, we rely on appropriate safeguards, including Standard Contractual Clauses.

10.4 Supervisory Authority

If you are located in the EEA, you may lodge a complaint with your local supervisory authority.

Nothing in this section establishes HoplonTec Inc. as having an establishment in the European Union.

11. Arbitration & Dispute Resolution

Privacy-related disputes are governed by the arbitration provisions set forth in our Terms of Use.

California residents retain any non-waivable rights under applicable law.

12. DMCA & Content Removal

Content removal and copyright claims are governed by our DMCA Copyright Policy available at armur.org/dmca.

13. Changes to This Policy

We may update this Privacy Policy periodically.

Material changes will be posted within the Service. Continued use constitutes acceptance.

14. Contact Information

Email: legal@armur.org

Mailing Address:
HoplonTec Inc.
Attn: Legal Department
1111B S Governors Ave # 87194
Dover, DE - 19904