FREE 2-DAY SHIPPING ON ORDERS $99+100% FEDERALLY LEGAL
Level Up Logo

Privacy Policy – Level Up

Effective Date: 04/05/2026

Website: https://levelupshop.io

App: Level Up (iOS)

We respect your privacy and are committed to protecting your personal information. This Privacy Policy explains how we collect, use, and safeguard your information across our website and mobile application.

By using our website or app, you agree to this Privacy Policy.

Data Controller

Personal data collected through levelupshop.io and the Level Up mobile app is processed by LevelUp Brands Inc ("Level Up," "we," "us," or "our").

Products offered on this website and app are manufactured by DD ROYALTY SALES CORP and distributed by LevelUp Brands Inc.

1. Age Restriction

Our website and app are intended for individuals 21 years of age or older.

Before creating an account, users must complete a mandatory identity and age verification process through our third-party KYC provider (Didit). We do not knowingly collect data from individuals under 21 or children under the age of 13.

If we become aware that such data has been collected, we will delete it promptly.

2. Information We Collect

Personal Information

  • Full name
  • Email address
  • Phone number
  • Billing and shipping address
  • Order history
  • Government-issued ID (collected during KYC verification by Didit — not stored by Level Up)
  • Profile photo (optional)

Payment Information

  • Payments are processed securely by Stripe (online checkout, subscriptions, Apple Pay)
  • In-person payments are processed via Stripe Terminal (Tap to Pay)
  • We do not store full credit card details

Identity Verification Data (KYC)

  • Collected and processed by Didit during mandatory registration
  • Includes: photo of government-issued ID, selfie/liveness check, and approximate location (for country detection)
  • Level Up does not store biometric data — this is handled exclusively by Didit under their own privacy policy

Authentication Data

  • Email and password
  • Google account (for Sign in with Google)
  • Apple ID (for Sign in with Apple)
  • Email OTP codes (one-time passwords sent to your email for passwordless login)
  • Face ID / Touch ID biometric data is processed entirely on your device by iOS — Level Up never accesses or stores this data

Automatically Collected Data

  • IP address
  • Device type, operating system, and browser information
  • Pages and screens visited, interactions within the app
  • Approximate location (for country detection during KYC)
  • Push notification tokens (via OneSignal)
  • Cookies and tracking technologies

3. Device Permissions (Mobile App)

The Level Up iOS app may request the following permissions:

PermissionPurpose
LocationCountry detection during identity verification (Didit KYC)
CameraIdentity document scanning and selfie (Didit KYC), profile photo, support attachments (Intercom)
MicrophoneLiveness verification (Didit KYC), voice messages in customer support (Intercom)
Photos / GalleryUpload identity document (Didit KYC), profile photo, support attachments
Push NotificationsOrder updates, promotions, and app notifications (OneSignal)
Face ID / Touch IDOptional biometric login after initial sign-in — processed entirely on-device by iOS
NFC / BluetoothIn-person payments via Stripe Terminal (Tap to Pay) — only used in applicable flows

You can manage these permissions at any time in your iPhone Settings.

4. How We Use Your Information

We use your information to:

  • Verify your identity and age before account creation
  • Process and fulfill orders
  • Manage subscriptions and club memberships
  • Provide customer support via chat (Intercom)
  • Send push notifications and order updates (OneSignal)
  • Enable secure login via email, Google, or Apple
  • Improve app functionality and performance
  • Detect and prevent fraud or unauthorized activity
  • Send marketing communications (only if you opt in)
  • Comply with legal obligations

5. Third-Party Services

We work with the following trusted third-party providers:

ServicePurpose
StripeOnline payments, subscriptions, Apple Pay
Stripe TerminalIn-person / Tap to Pay payments
DiditIdentity and age verification (KYC)
IntercomCustomer support chat
OneSignalPush notifications
Google Sign-InAuthentication only (no analytics)
Apple Sign InAuthentication only

Each provider operates under their own privacy policy and is required to protect your data. We do not use Facebook SDK, Firebase, Mixpanel, or Sentry.

6. Cookies & Tracking Technologies

We use cookies and similar technologies to:

  • Maintain your session and preferences
  • Analyze traffic and usage behavior
  • Personalize your experience
  • Deliver relevant content

You can control cookies through your browser settings. Disabling cookies may affect site functionality.

We currently do not respond to "Do Not Track" signals.

7. How We Share Your Information

We do not sell your personal information.

We may share your information with:

  • Payment processors (Stripe) to complete transactions
  • Shipping providers to deliver orders
  • KYC provider (Didit) to verify your identity and age
  • Support platform (Intercom) to assist you
  • Notification services (OneSignal) to send push notifications
  • Legal authorities, when required by law
  • Business transfers, including mergers or acquisitions

All third parties are contractually required to protect your data.

8. Data Retention

We retain your information only as long as necessary:

  • Order and transaction data: up to 5 years for legal and tax purposes
  • Customer service communications: up to 2 years
  • Analytics and usage data: up to 12 months
  • KYC verification data: retained by Didit per their own policy

9. Data Security

We implement industry-standard security measures including SSL/TLS encryption for all data in transit.

However, no system is completely secure. By using our website or app, you acknowledge that transmission of information carries inherent risk.

10. Data Breach Notification

In the event of a data breach affecting your personal information, we will notify affected users as required by applicable laws.

11. Your Privacy Rights

U.S. (California – CCPA)

If you are a California resident, you have the right to:

  • Request access to the personal data we collect
  • Request deletion of your data
  • Request information about how your data is used

We do not sell personal data.

European Users (GDPR)

If you are located in the European Economic Area (EEA), you have the right to:

  • Access your personal data
  • Request correction or deletion
  • Restrict or object to processing
  • Request data portability

We process data based on:

  • Your consent
  • Fulfillment of contracts
  • Legitimate business interests

12. Third-Party Links

Our website and app may contain links to third-party websites. We are not responsible for their privacy practices.

13. Sensitive Data

Level Up does not directly collect or store:

  • Biometric data (processed on-device by iOS for Face ID/Touch ID, or by Didit for liveness checks)
  • Government ID numbers (collected and processed by Didit during KYC only)
  • Health information

14. International Users

Your information is processed in the United States. By using our website or app, you consent to such processing.

15. Changes to This Policy

We may update this Privacy Policy at any time. We will notify users of significant changes via email or in-app notification. Continued use of the website or app constitutes acceptance of any changes.

16. Contact Information

If you have questions or requests regarding your data:

Data Controller: LevelUp Brands Inc

Email: support@levelupshop.io

Website: https://levelupshop.io

17. Consent

By using our website or app, you consent to the collection and use of your information as described in this Privacy Policy.

At Level Up, we strive to provide the best possible experience. If you have any questions, we're happy to help!