Privacy Policy

Effective Date: 16.06.2025
Last Updated: 16.06.2025

This Privacy Policy describes how Stoneless ApS, located at Søgade 26, kl., 8600 Silkeborg, Denmark ("Stoneless", "we", "us", or "our") collects, uses, and protects your personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and applicable Danish data protection laws.

1. Important Information and Who We Are

This Privacy Policy explains how we process your personal data when you visit our website, use our services, purchase our products, or otherwise interact with us.

This website and our services are not intended for children, and we do not knowingly collect personal data relating to children.

Controller

Stoneless ApS
Søgade 26, kl.
8600 Silkeborg
Denmark

CVR: 40613218

Phone: +45 5357 1837
Email: [email protected]

2. Types of Personal Data We Collect

We may collect, use, store, and transfer different kinds of personal data about you, including:

Identity Data
Name, surname, username, company name

Contact Data
Billing address, delivery address, email address, phone number

Financial Data
Payment card or bank account details (processed through secure payment providers)

Transaction Data
Details about orders, purchases, payments, deliveries, and related communications

Technical Data
IP address, browser type and version, device identifiers, operating system, and other technology used to access our website

Usage Data
Information about how you use our website, products, and services

Profile Data
Account login details, preferences, feedback, and responses to surveys

Marketing and Communications Data
Your preferences in receiving marketing communications from us

We may also collect aggregated or anonymized data, such as statistical or demographic data, which does not identify you personally.

3. How We Collect Your Data

We collect personal data through the following methods:

Direct interactions

You may provide personal data when you:

Request information or a quote

Purchase products or services

Submit forms on our website

Provide feedback or participate in surveys

Automated technologies

When you visit our website, we may automatically collect certain technical data using cookies or similar technologies.

Third-party sources

We may receive personal data from third-party platforms such as:

Website analytics providers

Advertising platforms (such as Meta or Google)

Payment service providers

Integration tools used to operate our online services

We may also collect publicly available information, such as company registration details.

4. How We Use Your Personal Data

We will only use your personal data when permitted by law.

Most commonly, we process personal data in the following situations:

To process and deliver orders

Including managing payments, deliveries, invoices, and customer support.

To manage our relationship with you

Including responding to inquiries, providing updates, or notifying you about changes to our services, policies, or terms.

To operate and improve our website and services

Including analyzing website usage to improve functionality and user experience.

To send relevant information and marketing

Where you have given consent or where we have a legitimate business interest to communicate with you.

To comply with legal obligations

Including tax, accounting, fraud prevention, and regulatory compliance.

To protect our systems and services

Including ensuring security, preventing unauthorized access, and maintaining system performance.

To conduct surveys or research

To better understand customer needs and improve our products and services.

We rely on several legal bases under GDPR, including:

Performance of a contract

Legitimate business interests

Legal obligations

Consent (where required)

5. Direct Marketing

You may receive marketing communications from us if:

You have purchased products or services from us

You have requested information from us

You have opted in to receive marketing communications

You have not opted out of receiving communications

You may unsubscribe at any time by using the unsubscribe link in our emails or by contacting:

[email protected]

We will not share your personal data with third parties for their own marketing purposes without your explicit consent.

6. Disclosures of Your Personal Data

We may share personal data with trusted third parties where necessary for business operations, including:

Website hosting and technical service providers

Payment processors and financial institutions

Shipping and logistics providers

Analytics and marketing service providers

Professional advisors (legal, accounting, etc.)

Government or regulatory authorities when required by law

All third parties are required to process personal data in accordance with GDPR and under strict confidentiality obligations.

No mobile information will be shared with third parties or affiliates for marketing or promotional purposes.

Information may be shared with subcontractors supporting services such as customer service or order fulfillment.

Text messaging originator opt-in data and consent will not be shared with third parties.

7. International Transfers

Some of our service providers may process personal data outside the European Economic Area (EEA).

Whenever we transfer personal data internationally, we ensure that appropriate safeguards are in place, such as:

Transfers to countries approved by the European Commission as having adequate protection

Standard Contractual Clauses (SCCs) approved by the European Commission

Other legally recognized transfer mechanisms under GDPR

8. Data Security

We implement appropriate technical and organizational security measures to protect personal data from unauthorized access, loss, misuse, or disclosure.

These measures include:

Encrypted data transmission (HTTPS)

Secure hosting infrastructure

Access control and authentication systems

Regular data backups and system monitoring

Access to personal data is limited to employees, contractors, or partners who have a legitimate business need to access it.

9. Data Retention

We retain personal data only as long as necessary for the purposes for which it was collected, including:

Fulfilling orders and providing services

Customer support and warranty obligations

Legal, tax, and accounting requirements

In many cases, business records must be retained for up to 6 years in accordance with legal obligations.

You may request deletion of your personal data where legally permissible.

10. Your Legal Rights

Under GDPR, you have several rights regarding your personal data:

Right of access
Request a copy of the personal data we hold about you.

Right to rectification
Request correction of inaccurate or incomplete data.

Right to erasure ("right to be forgotten")
Request deletion of your personal data where applicable.

Right to restrict processing
Request limitation of how we process your data.

Right to object
Object to certain processing activities, including direct marketing.

Right to data portability
Receive your data in a structured, commonly used format.

Right to withdraw consent
Withdraw consent at any time if processing is based on consent.

To exercise any of these rights, contact:

[email protected]

We may need to verify your identity before responding to a request. We aim to respond within one month.

11. Complaints

If you believe your privacy rights have been violated, you may contact the Danish Data Protection Authority:

Datatilsynet
Website: https://www.datatilsynet.dk
Phone: +45 33 19 32 00

You may also contact us first at:

[email protected]

We will do our best to resolve any concerns promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time.

Any updates will be published on our website, and the latest version will always be available online.

We encourage you to review this policy periodically.

13. Third-Party Links

Our website may contain links to third-party websites or services.

We are not responsible for the privacy practices of those websites. We recommend reviewing their privacy policies before submitting personal data.