This Privacy Policy explains how NEXAvapes.com ("we," "us," "NEXA Vape") collects, uses, stores, and protects your personal information when you visit the Site or place an order. We wrote this in plain language — if anything is unclear, email us at [email protected].
1. What We Collect & Why
We only collect information that is necessary to process your order, verify your age, and operate our store. Here's the full breakdown:
| Data | When Collected | Purpose | Retention |
|---|---|---|---|
| Name & email | Account or checkout | Ship orders, send tracking, handle support | Until account deletion or 7 yrs (tax records) |
| Phone number | Checkout (optional) | Carrier delivery alerts, support callbacks | Same as above |
| Shipping & billing address | Checkout | Fulfill orders from Florence, NJ warehouse | 7 years (tax compliance) |
| Payment details | Checkout | Routed to Stripe / PayPal — never touches our server | We don't store it |
| Date of birth / ID | Age gate or manual review | Verify 21+ per PACT Act | 3 years after last purchase |
| Support messages / photos | When you contact us | Evaluate and resolve warranty or quality claims | 1 year after case closed |
| Email (marketing) | Newsletter sign-up | Product launches, deals, restock alerts — opt-in only | Until you unsubscribe |
| IP address & device info | Automatically on visit | Fraud screening, analytics, shipping eligibility | 26 months |
| Browsing behavior | Automatically via cookies | Understand which pages and products get attention | 26 months, then anonymized |
2. Third-Party Service Providers
Running an online store requires a small number of external services. Each one receives only the minimum data needed to perform its function:
| Service | Data Shared | Purpose |
|---|---|---|
| Stripe / PayPal | Encrypted payment info | Secure transaction processing |
| USPS / UPS | Recipient name, address, phone | Package delivery & tracking |
| Age verification provider | Name, DOB, address | 21+ verification per PACT Act |
| Google Analytics | Anonymized browsing data | Site traffic & page performance |
| Email service | Email address | Order confirmations & marketing (if opted in) |
We may also disclose data when legally required — such as a court order, subpoena, or government investigation — or to protect the safety of our customers and staff.
3. How We Protect Your Data
SSL Encryption — Every page on NEXAvapes.com loads over HTTPS. Data in transit is encrypted and cannot be intercepted.
PCI-DSS Compliant Payments — Your card number goes directly to Stripe or PayPal. It never touches our database.
Access Controls — Customer records are restricted to team members who need access to fulfill orders or resolve support tickets.
Monitoring & Patching — Our hosting environment is actively monitored and security-patched on a regular schedule.
No system is 100% secure. We take reasonable precautions, but we also recommend using a strong, unique password for your account.
4. Cookies
NEXAvapes.com uses three types of cookies:
| Essential | Keep your cart alive, maintain your login session, remember age verification. The store doesn't work without these. |
| Analytics | Google Analytics collects anonymized traffic data so we know which pages work and which don't. |
| Marketing | Power retargeting ads on other platforms. You can block these with any ad-blocker or browser settings without affecting checkout. |
5. Your Rights
Email [email protected] with the subject line "Privacy Request" and we'll respond within 30 days. Here's what you can ask for:
✅ Access — Get a full copy of all personal data we hold on you.
✅ Correction — Fix any inaccurate information in your account.
✅ Deletion — Request removal of your data (we may retain order records for tax compliance).
✅ Portability — Receive your data in a portable format (CSV).
✅ Opt-Out of Marketing — Unsubscribe link is in every email, or just email us.
6. California Residents (CCPA)
If you are a California resident, the California Consumer Privacy Act (CCPA) provides additional rights:
• Right to Know — Request the specific categories of data we've collected in the past 12 months.
• Right to Delete — Same process as Section 5 above, with the same legal-hold exceptions.
• Right to Opt Out of Data Sales — Not applicable, because we do not sell your data.
• Right to Equal Service — Exercising your privacy rights will not change how we process your orders or treat your account.
Use subject line "CCPA Request" when emailing us. We will respond within 45 days as required by law.
7. Age Restriction
NEXAvapes.com is restricted to adults aged 21 and older. We do not knowingly collect personal data from anyone under 21. All visitors must pass age verification before browsing or purchasing. If we learn that data was collected from a minor, we delete it immediately — no exceptions.
8. External Links
Our Site may contain links to third-party websites (payment providers, shipping carriers, social media). NEXA Vape does not control and is not responsible for the privacy practices or content of any external site. We encourage you to review their privacy policies before submitting personal information.
9. Changes to This Policy
We may update this Privacy Policy from time to time. The "Effective" date at the top always reflects the latest version. For significant changes, we will send a notification email to registered accounts. Continued use of NEXAvapes.com after an update constitutes acceptance of the revised policy.
10. Contact Us
Questions about your privacy or this policy?
📧 Email: [email protected]
📍 Address: 309 Cedar Ln, Florence, NJ 08518
This policy applies solely to data collected through NEXAvapes.com.
Related Policies & Pages
WARNING: This product contains nicotine. Nicotine is an addictive chemical. Must be 21+ to purchase. All products ship in accordance with the PACT Act.