Privacy Policy for StoneLoot
1. Introduction
At StoneLoot (“we”, “us”, or “our”), accessible via stoneloot.com, your privacy is of paramount importance to us. We are committed to protecting the personal data of our users and visitors in accordance with applicable privacy regulations, including the European Union General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). This Privacy Policy outlines how we collect, use, disclose, and protect your personal information, and the rights you have in connection with that information.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all personal data that may be collected through or in connection with your use of the StoneLoot website and related services. StoneLoot acts as the data controller for the processing of your personal data, determining the purposes and means of such processing in compliance with applicable data protection laws.
3. Categories of Data Processed
We may collect and process the following categories of personal data:
a. Usage Data
This includes information such as your browser type and version, IP address, login times, page views, time spent on pages, and similar analytical data when you interact with stoneloot.com.
b. Account Data
Information you provide when creating an account, such as your full name, postal address, email address, and phone number.
c. Profile Data
Details relating to your user preferences, order history, cart behavior, wishlist items, product reviews, and browsing patterns.
d. Communication Data
Records of your communications with us, including contact forms, email exchanges, or support requests.
e. Technical Data
Data regarding the device you use to access our services, including device identifiers, operating system, screen resolution, browser configurations, and system settings.
f. Transaction Data
Information related to your purchase history, selected payment methods, billing and delivery addresses, order confirmations, and transaction identifiers.
g. Preference Data
Marketing communication preferences, interests in product categories, language selections, and your opt-in or opt-out consent for direct marketing.
4. Legal Bases for Processing
We rely on the following lawful bases for the collection and processing of your personal data:
– Performance of a contract: To fulfill our obligations when you use or purchase services from stoneloot.com.
– Consent: When you voluntarily submit information or agree to receive marketing communications.
– Legitimate interests: For operational and cybersecurity purposes, statistical analysis, and service improvement.
– Legal obligation: When required to comply with legal and regulatory responsibilities.
5. Your Rights
Under GDPR and CCPA, you have several important rights, including:
– Right to Access: You may request confirmation as to whether we process your personal data and request access to that data.
– Right to Rectification: You may correct inaccurate or incomplete personal data.
– Right to Erasure: Under certain circumstances, you may request that your data be deleted.
– Right to Restriction: You may request the restriction of processing under specific conditions.
– Right to Data Portability: Where applicable, you may receive your data in a structured, commonly used format and request its transfer to another controller.
– Right to Object: You may object to processing based on our legitimate interests or for direct marketing.
– Right to Non-Discrimination (CCPA): You will not be discriminated against for exercising your privacy rights.
To exercise any of these rights, please contact us at [email protected]. We may require identity verification before fulfilling your request.
6. Security Measures
We implement robust technical and organizational security measures to safeguard your personal data. These include:
– Encryption of data-in-transit and data-at-rest.
– Role-based access controls and administrative privileges.
– Secure backups and regular audits to ensure data integrity.
– Security awareness training for personnel handling data.
Despite these measures, no system can be guaranteed to be 100% secure. You are responsible for safeguarding your account credentials.
7. International Transfers
Your personal data may be transferred and processed outside your jurisdiction in countries that may not have the same level of data protection. In such cases, we ensure the adequacy of protections by incorporating Standard Contractual Clauses or using other legally acceptable mechanisms to provide appropriate safeguards.
8. Data Retention
We retain your personal data only for as long as necessary for the purposes for which it was collected, in accordance with applicable laws. The specific retention periods include:
– Account Data: Retained for as long as your account is active or as required for auditing or legal compliance.
– Transaction Data: Retained for at least seven years for financial and tax purposes.
– Communication Data: Retained for five years following the last contact.
– Technical and Usage Data: Retained for up to two years for analytics purposes.
– Marketing Preferences: Retained until you withdraw consent or up to five years under our legitimate interest.
9. Cookie Policy
Cookies are small text files placed on your device to help us understand site usage patterns and improve your experience. We use the following categories of cookies:
– Essential Cookies: Necessary for the operation of stoneloot.com, such as enabling basic navigation and purchase functionality.
– Functional Cookies: Enable enhanced personalization such as remembering login details and language preferences.
– Analytics Cookies: We use tools like Google Analytics to gather anonymous statistics on website usage and performance.
– Performance Cookies: Help us understand and optimize site speed and interface usability.
10. Cookie Management and Compliance
You can manage cookie preferences directly from your browser settings or through the cookie banner interface provided on stoneloot.com. Where required by law, we obtain your consent before placing non-essential cookies. You may withdraw your consent at any time by updating your preferences.
Residents of the EEA and California are provided with mechanisms to opt-out of cookie-based tracking in compliance with GDPR and CCPA regulations.
11. Special Protections for Children
Our services are not directed to children under the age of 13. We do not knowingly collect personal data from children. If it is discovered that we have inadvertently collected such data, it will be permanently deleted from all our systems. Parents or legal guardians who believe their child has provided personal data may contact us to request its deletion at [email protected].
12. Policy Updates and Notifications
StoneLoot reserves the right to amend this Privacy Policy. Any material changes to how we process your personal information will be communicated via stoneloot.com or through direct notification, when appropriate. Continued use of our site after such updates constitutes acceptance of the revised policy.
13. Contact
If you have any questions, concerns, or requests relating to your privacy or this Privacy Policy, please contact us at:
We are committed to privacy compliance and safeguarding your data. Reach out to us at any time with your concerns or to exercise your data protection rights.