PLAIDRY (accessible at plaidry.com) is a digital marketplace platform operated by HSU HOLDING LLC, a Wyoming limited liability company. This Privacy Policy describes how we collect, use, store, share, and protect your personal data when you access or use the PLAIDRY platform, including our website, applications, and all related services.
We are committed to protecting your privacy and ensuring that your personal data is handled responsibly and in compliance with applicable data protection laws, including but not limited to:
By accessing or using PLAIDRY, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with the practices described herein, you should discontinue use of the platform immediately.
The data controller responsible for the processing of your personal data is:
| Entity | HSU HOLDING LLC |
|---|---|
| Address | 30 N Gould St, Ste N, Sheridan, WY 82801, United States |
| EIN | 35-2903221 |
| Sole Member | Erik Cenador Hsu |
| Contact Email | soporte@plaidry.com |
For all inquiries related to data protection, privacy rights, or this policy, please contact us at soporte@plaidry.com. We will respond to your request within 30 days in accordance with applicable law.
We process personal data for the following purposes:
We collect and process the following categories of personal data:
| Category | Data Types | Purpose |
|---|---|---|
| Identification Data | Full name, date of birth, government-issued ID (when required for verification), taxpayer identification number | Account creation, identity verification, legal compliance (KYC/AML) |
| Online Profile Data | Username, profile picture, bio/description, portfolio links, social media handles, skills and categories | Public profile display, marketplace functionality, search and discovery |
| Contact Data | Email address, phone number, physical address (when required for invoicing or shipping) | Communications, invoicing, customer support, account recovery |
| Technical Data | IP address, browser type and version, operating system, device identifiers, screen resolution, referral URLs, session duration | Platform security, analytics, performance optimization, fraud detection |
| Transaction Data | Order history, payment amounts, payment method details (tokenized), billing information, refund records, payout history | Payment processing, financial record-keeping, dispute resolution, tax compliance |
| Usage Statistics | Pages visited, features used, click patterns, search queries, time spent on pages, interaction frequency | Product improvement, UX optimization, analytics, personalized recommendations |
| Preferences | Language settings, notification preferences, communication opt-ins, display settings, saved searches and favorites | Personalization, user experience customization, marketing preferences |
| Security Records | Login timestamps, authentication logs, password change history (hashed), two-factor authentication status, suspicious activity flags | Account security, fraud prevention, audit trails, incident investigation |
Your personal data may be shared with the following categories of recipients:
We engage third-party service providers who process personal data on our behalf, under our instructions and in accordance with written data processing agreements. These processors include infrastructure providers, payment processors, email service providers, analytics platforms, and customer support tools.
In certain circumstances, your data may be shared with entities that act as independent data controllers, including:
If you choose to link your PLAIDRY account to social media platforms (such as connecting your Instagram, TikTok, YouTube, or X/Twitter account for profile verification or portfolio display), limited profile data may be shared with or received from those platforms in accordance with their respective privacy policies and your authorization settings.
When we share personal data with third parties, we ensure appropriate safeguards are in place, including:
We process your personal data on the following legal bases under the GDPR:
| Legal Basis | GDPR Article | Application |
|---|---|---|
| Performance of a Contract | Art. 6(1)(b) | Processing necessary for the performance of the contract between you and PLAIDRY, including account creation, transaction facilitation, payment processing, and service delivery. |
| Legal Obligation | Art. 6(1)(c) | Processing necessary for compliance with legal obligations to which HSU HOLDING LLC is subject, including tax reporting, financial record-keeping, anti-money laundering (AML) regulations, and responses to lawful requests from governmental authorities. |
| Legitimate Interests | Art. 6(1)(f) | Processing necessary for our legitimate interests, including platform security, fraud prevention, service improvement, analytics, and the enforcement of our Terms of Service. We conduct balancing tests to ensure our interests do not override your fundamental rights and freedoms. |
| Consent | Art. 6(1)(a) | Processing based on your freely given, specific, informed, and unambiguous consent, including marketing communications, non-essential cookies, and optional data sharing with third parties. You may withdraw your consent at any time without affecting the lawfulness of processing prior to withdrawal. |
PLAIDRY is operated by HSU HOLDING LLC from the United States. If you are accessing our platform from outside the United States, including from the European Economic Area (EEA), the United Kingdom, or other jurisdictions, please be aware that your personal data will be transferred to, stored, and processed in the United States.
The United States may not provide the same level of data protection as your home jurisdiction. To ensure adequate protection of your personal data when transferred internationally, we implement the following safeguards:
By using PLAIDRY, you acknowledge and consent to the transfer of your personal data to the United States, subject to the safeguards described above.
We take the security of your personal data seriously and implement appropriate technical and organizational measures to protect it against unauthorized access, alteration, disclosure, or destruction.
PLAIDRY relies on the following trusted infrastructure and service providers:
| Provider | Service | Security Standards |
|---|---|---|
| Supabase | Database, authentication, and backend services | SOC 2 Type II compliant, data encryption at rest (AES-256) and in transit (TLS 1.2+), row-level security, regular security audits |
| Vercel | Frontend hosting and edge network | SOC 2 Type II compliant, global CDN with DDoS protection, automatic HTTPS, isolated build environments |
| Resend | Transactional email delivery | TLS encryption, SPF/DKIM/DMARC authentication, SOC 2 compliant, minimal data retention |
| Sentry | Error monitoring and performance tracking | SOC 2 Type II compliant, data scrubbing for PII, encryption at rest and in transit, configurable data retention |
We implement the following security measures across the PLAIDRY platform:
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable law. We apply the principle of data minimization throughout the data lifecycle.
While your PLAIDRY account remains active, we retain all personal data necessary for the operation of your account and the provision of our services. You may request deletion of specific non-essential data at any time by contacting us at soporte@plaidry.com.
Upon account closure or deletion, we follow these retention practices:
After the applicable retention period expires, personal data is securely deleted or irreversibly anonymized so that it can no longer be associated with an identified or identifiable individual.
Depending on your jurisdiction, you have the following rights regarding your personal data. We are committed to facilitating the exercise of these rights in a timely and transparent manner.
If you are located in the European Economic Area (EEA) or the United Kingdom, you have the following rights under the GDPR:
If you are a California resident, you have the following rights under the CCPA as amended by the CPRA:
To exercise any of the rights described above, please contact us at:
Email: soporte@plaidry.com
When submitting a request, please include sufficient information to verify your identity (such as your account email address and full name). We may request additional information to verify your identity before processing your request.
We will respond to your request within 30 days (or within 45 days for CCPA requests, with the possibility of a 45-day extension upon notice). If we cannot fulfill your request, we will provide an explanation of the reasons and inform you of your right to lodge a complaint with a supervisory authority.
We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our data processing practices, legal requirements, or platform functionality.
When we make material changes to this policy, we will:
Your continued use of PLAIDRY after the effective date of any changes constitutes your acceptance of the revised Privacy Policy. If you do not agree with the updated policy, you should discontinue use of the platform and request the deletion of your account and personal data.
We encourage you to review this Privacy Policy periodically to stay informed about how we protect your personal data.
If you believe that our processing of your personal data violates applicable data protection laws, you have the right to lodge a complaint with a competent supervisory authority.
If you are located in the EEA, you may lodge a complaint with the data protection supervisory authority of your Member State of habitual residence, place of work, or place of the alleged infringement. For users in Spain, the competent authority is:
Agencia Espanola de Proteccion de Datos (AEPD)
C/ Jorge Juan 6, 28001 Madrid, Spain
Website: www.aepd.es
Phone: +34 901 100 099
A full list of EEA supervisory authorities is available on the European Data Protection Board website at edpb.europa.eu.
If you are located in the United States, you may file a complaint with:
Federal Trade Commission (FTC)
600 Pennsylvania Avenue, NW, Washington, DC 20580
Website: www.ftc.gov
Phone: 1-877-FTC-HELP (1-877-382-4357)
California residents may also file a complaint with the California Attorney General's Office or the California Privacy Protection Agency (CPPA).
PLAIDRY · HSU HOLDING LLC · 30 N Gould St, Ste N, Sheridan, WY 82801 · soporte@plaidry.com