Black Business Credit & Capital
Privacy Policy
Effective date: May 2, 2026
Controller
Black Business Credit & Capital
76 Winnet Drive, Dayton, Ohio 45415
Phone: 323-452-5225
Email: info@blackstock.exchange
Scope
This Privacy Policy explains how we collect, use, disclose, and protect personal information when you visit blackcorporations.online and when you use our business formation and related services.
Categories of Personal Data We Collect
- Account and identity: name, email, phone number, address, date of birth (if provided), government identifiers (e.g., SSN/EIN) when required for filings.
- Payment and billing: payment method tokens, billing address, transaction records. We do not store full card numbers; payments are processed by Square and Cash App.
- Service and transaction: company formation details, registered agent data, uploaded documents.
- Communications: support emails, messages, and call records (if recorded).
- Usage and technical: IP address, device identifiers, browser type, pages visited, cookies, and log data.
Sources of Data
We collect data directly from you, from third-party service providers (e.g., payment processors), and from public/business registries as required to complete filings.
Purposes of Processing
- To provide and operate services and complete business filings.
- To process payments and maintain billing records.
- To communicate about your account and provide customer support.
- For security, fraud prevention, and legal compliance.
- For internal analytics and product improvement (with consent where required).
- For marketing communications where you have opted in (in-house marketing only).
Legal Bases (EU/UK)
Where applicable, we process personal data on the following bases:
- Performance of a contract — to provide services you request.
- Legal obligation — to comply with laws and regulatory filing requirements.
- Legitimate interests — fraud prevention, platform operation, analytics; we balance these interests against your rights.
- Consent — for cookies, marketing, and other optional processing.
Third-Party Recipients and Subprocessors
We use third-party services to provide our services. Current vendors include:
| Vendor | Role | Data Processed |
|---|---|---|
| Square | Payment processor | Payment tokens, billing address, transaction data |
| Cash App | Payment processor | Payment tokens, billing address, transaction data |
| Vercel | Hosting & infrastructure | IP address, request logs, technical data |
| In-house marketing | Marketing | Email, name (opt-in only; no external ad networks) |
We maintain Data Processing Addenda with subprocessors where required. See our Data Processing Addendum for more details.
International Transfers
Data may be processed in the United States and other jurisdictions. Where transfers outside your jurisdiction occur, we rely on appropriate safeguards such as standard contractual clauses, adequacy decisions, or your consent. Our primary operations are based in Dayton, Ohio, USA.
Data Retention
We retain account and transaction records necessary to provide services and meet legal and tax obligations (generally up to 7 years for billing/tax records under Ohio and federal law). Other personal data are retained only as long as needed for stated purposes or as required by applicable law.
Your Rights
Depending on your jurisdiction, you may have rights to access, correct, delete, restrict or object to processing, request portability, and withdraw consent at any time. To exercise your rights:
- Use our Data Subject Access Request (DSAR) form.
- Email info@blackstock.exchange.
- Call 323-452-5225.
We will verify requests using reasonable steps and respond within applicable timeframes (45 days for GDPR; 45 days for CCPA/CPRA with a possible 45-day extension).
CCPA/CPRA Disclosures (California Residents)
We disclose categories of personal information collected and the purposes for which they are used throughout this Policy. We do not knowingly sell personal information. If we share or sell personal information in the future, a “Do Not Sell or Share My Personal Information” option will be provided. To exercise your California rights, use the Do Not Sell or Share link in the footer or submit a DSAR request.
Security
We implement administrative, technical, and physical safeguards designed to protect personal data appropriate to the risk. Payments are processed by PCI-compliant processors (Square, Cash App); we do not store full card data on our servers. For more details, see our Security Statement.
Breach Notification
We will notify affected individuals and regulators as required by applicable law (including Ohio data breach notification law, ORC § 1349.19, and other applicable state and federal requirements) in the event of a data breach, within legally required timelines.
Children's Data
Our services are for businesses and adults (18+). We do not knowingly collect personal information from children under 13. If we learn we have collected such information, we will take steps to delete it promptly. Contact us at info@blackstock.exchange if you believe we have collected data from a minor.
Automated Decision-Making
We do not use automated decision-making that produces legal or similarly significant effects without human review, except automated validations required for filings or payment processing (e.g., address verification, fraud detection by our payment processors).
Changes to This Policy
We will post updates with a revised effective date. Significant changes will be communicated via prominent notice on our website or by direct communication. We encourage you to review this Policy periodically.
Contact
Black Business Credit & Capital
76 Winnet Drive, Dayton, Ohio 45415
Phone: 323-452-5225
Email: info@blackstock.exchange