We, STONEMADE GmbH, process your data exclusively on the basis of the legal provisions (DSGVO, DSG) and strive for the most transparency possible. In this data protection information, we inform you about the most important aspects of data processing within the framework of our website.
In principle, a use of the website https://stonemade.com is possible without any indication of personal data. As the repsonsible party, STONEMADE GmbH has implemented technical and organizational measures to ensure the most comprehensive protection of personal data processed through this website. Nevertheless, Internet-based data transmissions can always have security gaps, so that absolute protection cannot be guaranteed.
Name and address of the responsible party
The responsible party in the sense of the Basic Data Protection Regulation and the Data Protection Adjustment Act applicable in Austria is:
Puntigamer Straße 61, 8041 Graz
2. Rights of the person concerned
You have the right at any time to free information about your stored personal data, its origin and recipient and the purpose of data processing, as well as a right to correction, blocking or deletion of this data. Furthermore, you have the right to restriction of processing as well as to data transfer. For this purpose, you can contact us at any time at the address given under point 1.
3. Data collection and origin of data
We collect the data that you provide to us when you use our websites. In addition, we collect data in the context of a customer relationship with you as a customer.
Our store is hosted on Shopify.com ("Shopify"). Shopify is a Canadian e- commerce company headquartered in Ottawa, Ontario. It is also the name of its proprietary e-commerce platform for online stores and retail point-of-sale systems.
150 Elgin Street 8th Floor
Ottawa, ON, Canada
Shopify provides us with the online e-commerce platform that allows us to sell our products and services to you.
Your data is stored via Shopify's data store, databases, and the general Shopify application. They store your data on a secure server behind a firewall.
If you enter into a so-called "contact relationship" with us (enquiries or offers for services, newsletter registration), conclude supplier contracts with us or apply for a job with us, we collect and process this data - insofar as this is necessary or appropriate according to Art 6 lit. f) DSGVO.
In addition, we continue to collect data from publicly accessible sources (e.g. company register, your websites, press articles, etc.) and obtain data from credit agencies within the scope of permissibility according to Art. 6 lit f) DSGVO.
Personal data that we collect and store in this way may include:
- IP address and usage data when retrieving website content;
- Name and address and other contact details (telephone numbers, email address, fax number, etc.), registration numbers, names and addresses of authorised representatives, account information and the relevant data of the customer's responsible contact persons;
- Other inventory or product data as well as traffic and billing data within a customer relationship with customers, such as selected products and tariffs, payment data;
- Traffic data as well as billing data and name and address and other contact data (telephone numbers, email address, fax number, etc.), registration numbers, names and addresses of authorised representatives, account information.
- Name and contact details in the context of the establishment and handling of a contact relationship or a supplier relationship.
- Name and email address when registering for the newsletter as well as shipping information for the respective newsletters.
Information that we receive from credit agencies on the basis of Art. 6 (1) f) DSGVO.
When you choose a direct payment gateway to complete your purchase, Shopify stores your credit card information. It is encrypted by the PCI-DSS (Payment Card Industry Data Security Standard). Your purchase transaction data is only stored for as long as it takes to complete your purchase transaction. When this is complete, your purchase transaction information is deleted.
All direct payment gateways comply with PCI-DSS standards administered by the PCI Security Standards Council, a joint initiative of brands such as Visa, MasterCard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
All personal data is only collected within the scope of a legal permission or if you have given us your consent.
4. Option to contact us
On our website, we offer you the opportunity to contact us by email and/or via a contact form. In this case, the information provided by the user will be stored for the purpose of processing the contact. We will not pass the data on to third parties. We will not carry out a comparison of the data collected in this way with data that may be collected by other components of our site.
You can revoke your consent to your subscription to our email newsletter at any time. Revocation of your consent does not affect the legality of previous data processing that was carried out on the basis of your consent up to the point in time when you revoke it.
6. Use of Google Analytics
We use Google Analytics to analyze website usage. The data obtained from this is used to optimize our website and advertising measures.
Google Analytics is provided to us by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). Google processes the website usage data on our behalf and is contractually committed to measures to ensure the security and confidentiality of the processed data.
During your visit to the website, the following data, among others, is recorded:
- Pages called
- Orders incl. the turnover and the ordered products
- The achievement of "website goals" (e.g., contact inquiries and newsletter sign-ups).
- Your behavior on the pages (for example, dwell time, clicks, scrolling behavior)
- Your approximate location (country and city)
- Your IP address (in shortened form, so that no clear assignment is possible)
- Technical information such as browser, Internet provider, terminal device and screen resolution
- Source of origin of your visit (i.e. via which website or via which advertising medium you came to us)
No personal data such as name, address or contact details are ever transferred to Google Analytics.
This data is transferred to Google servers in the USA. We would like to point out that the same level of data protection cannot be guaranteed in the USA as within the EU.
Google Analytics stores cookies in your web browser for a period of two years since your last visit. These cookies contain a randomly generated user ID, with which you can be recognized on future website visits.
The recorded data is stored together with the randomly generated user ID, which enables the evaluation of pseudonymous user profiles. This user-related data is automatically deleted after 14 months. Other data remains stored in aggregated form indefinitely.