1. Information We Collect
We may collect information you provide (such as name, email), information from your use of our services (such as device and log data), and information from third parties where permitted.
Privacy Policy
Your privacy matters. Here’s how we handle your data.
This Privacy Policy explains what information we collect, how we use it, and your rights. By using Stone’s services, you consent to this policy. If you disagree, please discontinue use.
2. How We Use Information
We use information to provide and improve services, personalize experiences, communicate with you, ensure security, and comply with legal obligations.
3. Sharing & Disclosure
We do not sell your personal information. We may share data with service providers, for legal reasons, or as part of a business transfer consistent with this policy.
4. Data Retention
We retain personal data only as long as necessary for the purposes outlined, or as required by law or contract.
5. Security
We implement administrative, technical, and organizational measures designed to protect your data. However, no method of transmission or storage is 100% secure.
6. Your Rights
Depending on your location, you may have rights to access, correct, delete, or restrict processing of your personal data, and to object or request portability.
7. International Transfers
Your information may be transferred to and processed in countries outside your own. We take steps to ensure appropriate safeguards are in place.
8. Children’s Privacy
Our services are not directed to children under 13. If we learn we have collected data from a child, we will delete it promptly.
9. Changes to This Policy
We may update this policy from time to time. If changes are material, we will provide notice as appropriate.
10. Contact
Questions or requests? Email privacy@stone.so.
11. Controller; Scope
Stone Platforms Inc. is the controller of your personal information unless otherwise stated in an applicable agreement. This policy covers our websites, products, and services (collectively, the “Services”).
12. Categories of Data
We may process identifiers (name, email), commercial information (purchase history), internet activity (device, IP, logs), geolocation (coarse), and professional information as applicable.
13. Legal Bases (EEA/UK)
Where required, we rely on consent, contract necessity, legitimate interests (such as product improvement and security), legal obligations, and vital interests.
14. Cookies & Similar Technologies
We use cookies, pixels, and local storage for authentication, preferences, analytics, and marketing where permitted. You can manage cookies via your browser settings or applicable consent tools.
15. Analytics & Advertising
We may use analytics providers to understand usage and improve the Services. Where we use advertising technologies, you can opt out as described by the provider or via device settings where available.
16. Data Subject Requests
To exercise rights such as access, deletion, correction, objection, or portability, contact privacy@stone.so. We will verify your request as required by law and respond within the applicable timeframe.
17. International Transfers
Where data is transferred across borders, we implement appropriate safeguards, such as Standard Contractual Clauses, adequacy decisions, or other lawful mechanisms.
18. Security Measures
We employ safeguards such as encryption in transit, access controls, and regular security reviews. No system is perfectly secure; please use caution and strong passwords.
19. Retention
We retain personal data for as long as necessary to fulfill the purposes described or as required by law, accounting, or reporting requirements. We may anonymize data for research and product improvement.
20. Children’s Data
We do not knowingly collect personal information from children under 13. If you believe a child provided personal information, contact us to request deletion.
21. California Privacy (CCPA/CPRA)
California residents have specific rights regarding personal information. We do not sell or share personal information as defined by the CPRA. You may exercise rights as described in Data Subject Requests.
22. EEA/UK Residents
If you are in the EEA/UK, you have additional rights under GDPR, including the right to lodge a complaint with your local supervisory authority.
23. Third‑Party Links
The Services may link to third-party sites. We are not responsible for their privacy practices. Review their policies before providing personal data.
24. Changes to This Policy
We may update this Privacy Policy to reflect changes in law or our practices. If changes are material, we will provide notice as appropriate. Continued use indicates acceptance of the updates.
25. Contact
For privacy inquiries or to submit a request, email privacy@stone.so. For security issues, contact security@stone.so.