Privacy policy

Last Updated: [01-12-2024]

1. Introduction

At STOVIO, protecting your personal data is our priority. This privacy policy explains how we collect, use, and manage your information, ensuring compliance with international data protection laws such as the GDPR and CCPA.

2. Who We Are

STOVIO is a Belgian company offering sustainable and innovative lunchbox solutions.

Contact Information:

• Email: [email protected]
• Address: [Stillhastoberegistered]
• Data Protection Officer: [email protected]

3. Data We Collect

A. Automatically Collected Information

When you visit our website, we automatically gather:

• IP address
• Browser type and version
• Device and operating system information
• Time zone
• Pages viewed and interactions
• Approximate geolocation

---

B. Manually Provided Information

When interacting with us, you may provide:

• Name and contact details
• Email address
• Phone number
• Billing and shipping addresses
• Payment details (via secure processors)
• Account registration information
• Communication history with our customer support team

---

C. Cookies and Tracking Technologies

We use cookies to improve user experience and website functionality.

Types of Cookies We Use:

1. Necessary Cookies:

• Enable core website functionality.
• Cannot be disabled.

2. Performance Cookies:

• Analyze how users interact with the site.
• Help improve the website.

3. Functional Cookies:

• Remember user preferences and settings.

4. Marketing Cookies:

• Enable personalized advertising.
• Track ad performance and user interactions.

---

Managing Cookies:

• Most browsers automatically accept cookies, but you can modify cookie settings in your browser preferences.
• Disabling cookies may limit certain website features.

Opt-Out Options:

• Google Ads Settings
• Facebook Ad Preferences
• Digital Advertising Alliance Opt-Out

---

4. How We Use Your Data

We process your data for the following purposes:

• Fulfilling orders and transactions
• Communicating updates and promotions (with your consent)
• Improving website functionality and user experience
• Preventing fraud
• Complying with legal obligations

Legal Bases for Processing:

• Contractual necessity (e.g., processing orders)
• Consent (e.g., sending marketing emails)
• Legitimate interests (e.g., analytics to improve services)
• Compliance with laws and regulations

5. Data Sharing We may share your data with trusted third parties:

• Payment Processors:
  • Stripe: PCI-DSS compliant payment processing
  • PayPal: Secure transaction management
• Hosting and Cloud Services:
  • WooCommerce-approved hosting providers
  • Secure cloud storage solutions
• Analytics and Marketing:
  • Google Analytics (anonymized data)
  • Mailchimp for email communications
  • Jetpack for website performance tracking
• WordPress Plugins:
  • Akismet: Spam protection
  • Rank Math SEO: Website optimization
  • Yoast SEO: Content and metadata management

Data Retention Periods We retain personal data only for as long as necessary for the purposes outlined in this policy:

• Transactional Data:
  • Order details: 7 years (legal and tax compliance)
  • Payment information: Immediately deleted after transaction processing
  • Shipping details: 3 years after order completion
• Communication Records:
  • Customer support interactions: 2 years
  • Marketing consent records: Until consent withdrawal
  • Newsletter subscription: Until unsubscribed
• Website Analytics:
  • Anonymous usage data: 26 months
  • IP addresses: Immediately anonymized
  • Cookie data: Maximum 13 months

Automatic Data Deletion Our systems automatically purge or anonymize data after these retention periods. You can also request immediate deletion of your personal data at any time.

6. Your Data Rights

Under GDPR and CCPA, you have the right to:

• Access your personal data
• Correct inaccurate data
• Request deletion of data (where legally permissible)
• Object to certain data processing activities
• Transfer data to another service provider (data portability)
• Withdraw consent at any time
• Lodge complaints with a supervisory authority

How to Exercise Your Rights:

• Email: [email protected]
• Phone: [Your Support Number]
• Postal Address: [Registered Address]

7. Data Security

We use advanced security measures to protect your data:

• Secure SSL encryption for all transactions
• End-to-end encryption for sensitive data
• Regular security audits and monitoring
• Controlled access to personal data
• Employee training on data protection best practices

8. Automated Decision-Making

STOVIO employs limited automated data processing, such as analytics and order management tools. However, no significant legal or financial decisions are made without human involvement. You can request a review of any automated decision by contacting us.

9. Children’s Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect data from minors. Parents can contact us at [email protected] to request data deletion if their child has provided personal information.

10. Policy Updates

We may periodically update this policy. Significant changes will be communicated via our website or email. Your continued use of our services indicates acceptance of the updated policy.

11. Complaint Resolution

If you have concerns about how we handle your data, you can file a complaint with the Belgian Data Protection Authority:

• Website: Belgian Data Protection Authority
• Address: Rue de la Presse 35, 1000 Brussels

12. Consent

By using STOVIO’s website and services, you agree to the terms of this privacy policy. If you have questions or concerns, feel free to reach out to us anytime at [email protected].

Effective Date: [01-12-2024]