Privacy Policy
SpawnStone (“we”, “our”, “us”) is fully committed to protecting your privacy and safeguarding the personal data that you share with us. This Privacy Policy explains how your personal information is collected, used, shared, and protected when you interact with our website located at spawnstone.com (the “Website”). We take our responsibilities under applicable privacy laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), seriously and have implemented measures to ensure your data is handled securely and lawfully.
1. Introduction – Our Commitment to Privacy
At SpawnStone, your privacy is of paramount importance. We are dedicated to creating an online environment that respects and upholds individual rights to data protection. Whether you are browsing our Website, creating an account, or contacting us for support, this policy outlines how we handle, store, and protect your information in accordance with global standards.
2. Scope of This Policy & Data Controller Role
This Privacy Policy applies to all personal data collected by SpawnStone via our Website, spawnstone.com, and any related tools or services. For the purposes of GDPR and other data protection laws, SpawnStone is considered the “data controller” in respect of your personal data. If you have any questions or concerns regarding our data handling practices, you may contact us at [email protected].
3. Categories of Personal Data We Process
We may collect, store, and process the following categories of personal data:
a. Usage Data
Includes your IP address, browser type and version, device category, operating system, time zone setting, pages viewed, session duration, referring URLs, and interaction with site elements. This data helps us understand user behavior and improve Website performance.
b. Account Data
Collected when you register an account on spawnstone.com. This includes your full name, postal address, email address, and telephone number.
c. Profile Data
Derived from your activity and choices on the Website, including your preferences, purchase history, interaction data, and customer behavior patterns.
d. Communication Data
Includes your communications with us via support forms, email correspondence, and community or feedback tools. This data typically includes inquiry content, timestamps, and our correspondence log with you.
e. Technical Data
Information related to the device and system used to access the Website, such as device type, network settings, language preference, mobile network provider, and diagnostic data.
f. Transaction Data
Includes record of purchases, billing address, payment method (last four digits of payment card), and shipping details where applicable.
g. Preference Data
Captured through explicit actions or expressed interests—for example, whether you’ve opted in to receive marketing communications, your product interest categories, and notification choices.
4. Legal Bases for Processing Personal Data
Under the GDPR, we rely on the following legal bases to process your personal data:
– Consent: When you voluntarily provide data (e.g., subscribing to newsletters or consenting to cookies).
– Contract: Where processing is necessary to fulfill a contract or actions leading to one (e.g., processing an order).
– Legal Obligation: To comply with legal and regulatory requirements.
– Legitimate Interest: Where we have a legitimate interest to process your data and your rights and freedoms are not overridden (e.g., security enhancement, fraud prevention, Website analytics).
5. Your Rights – Exercising Control Over Your Data
Subject to applicable laws, you have the following rights:
– Right of Access: You may request a copy of personal data held about you.
– Right to Rectification: Request correction of your personal data if it is inaccurate or incomplete.
– Right to Erasure: Ask us to delete your data, where applicable.
– Right to Restriction: Ask us to limit the processing of your data under certain circumstances.
– Right to Portability: Receive a copy of your data in a structured, commonly used, and machine-readable format and request transmission to another controller.
To exercise these rights, please email us at [email protected]. We may require you to verify your identity before fulfilling your request.
6. Security Measures
We implement a robust framework of technical and organizational security controls, including but not limited to:
– End-to-end data encryption.
– Multi-factor authentication and strict access controls for system and data access.
– Regular backups and integrity checks to ensure data resilience.
– Employee training programs focused on privacy best practices and data handling.
7. International Data Transfers
Where it is necessary to transfer personal data outside the European Economic Area (EEA) or other jurisdictions with comprehensive privacy laws, we rely on appropriate safeguards such as Standard Contractual Clauses approved by the European Commission, or equivalent frameworks to ensure proper data protection.
8. Data Retention
We retain personal data only as long as necessary for the purposes for which it was collected, including for legal, regulatory, tax, or reporting obligations.
Retention periods include:
– Account Data: Active for the duration of user account + 24 months.
– Communication Data: Held for up to 36 months for support quality tracking.
– Transaction Data: Retained for 7 years in compliance with financial regulations.
– Preference and Profile Data: Regularly reviewed; deleted after 24 months of inactivity.
9. Cookie Policy
spawnstone.com uses cookies and similar tracking technologies to enhance your experience. We use the following types:
– Essential Cookies: Required for navigating and using features on the Website.
– Functional Cookies: Store preferences such as language or location.
– Analytics Cookies: Help us understand website usage patterns (e.g., Google Analytics).
– Performance Cookies: Improve site speed, responsiveness, and content delivery.
10. Cookie Management & Compliance
You can control cookie preferences via the cookie banner provided upon first visit and through your browser’s settings. We honor “Do Not Track” browser requests and provide mechanisms to withdraw consent for non-essential cookies at any time in accordance with GDPR and CCPA guidelines.
For California residents: You have the right to opt out of the sale of your personal information. SpawnStone does not sell users’ personal data.
11. Children’s Privacy
spawnstone.com does not knowingly collect or process personal data from children under 13 years of age. If we discover such data has been inadvertently collected, we will promptly delete it. Parents or guardians who believe their child has provided us with personal data may contact us at [email protected].
12. Policy Updates and Notifications
SpawnStone may update this Privacy Policy from time to time to reflect changes in our practices or legal obligations. Material updates will be clearly communicated via notifications within the Website or through direct communications to affected users, where required.
13. Contacting Us
If you have questions, concerns, or requests regarding this Privacy Policy or how your personal data is handled, please contact us at:
Email: [email protected]
SpawnStone is committed to upholding your privacy rights and ensuring full compliance with all applicable data protection laws. Please do not hesitate to contact us with any privacy-related inquiries or feedback.
– End of Privacy Policy –