Legal

Privacy Policy

Effective date: March 13, 2026  ·  Last updated: March 13, 2026

Introduction

Stoneline Data LLC ("Stoneline Data," "we," "our," or "us") operates this website and the managed data custody services described on it. This Privacy Policy explains what personal information we collect, how we use it, with whom we share it, and what rights you have in relation to it.

By using this website or our services, you acknowledge and accept the practices described in this policy.

Information We Collect

Information you provide directly. When you submit a quote request, fill out a contact form, or communicate with us by email, we collect the information you voluntarily provide, which may include your name, email address, organization name, estimated data volume, use case description, and any other information you choose to include.

Information collected automatically. When you visit our website, our hosting infrastructure and server logs may collect standard technical information including IP address, browser type, referring URL, pages visited, and timestamps. We do not use cookies for tracking or advertising purposes. We do not deploy third-party analytics scripts.

Client account information. Clients who engage our storage services share additional information necessary to provision their accounts, including billing information processed by our payment processor (Stripe). We do not store payment card numbers. Client data stored under custody agreements is described in the Data Processing Agreement, not this policy.

How We Use Your Information

  • To respond to your inquiry or quote request
  • To provision and manage your storage account
  • To send monthly verification reports and account notices
  • To process payments via Stripe
  • To fulfill legal and regulatory obligations
  • To investigate and respond to security incidents

We do not use your personal information for advertising, profiling, or marketing to third parties. We do not sell your personal information.

Information Sharing and Disclosure

We share your information only in the following limited circumstances:

  • Service providers. We use Amazon Web Services (cloud storage), Google Cloud Platform (cloud storage), and Stripe (payment processing) as service providers. Each is contractually bound to use your information only to provide the services we have engaged them for. AWS and GCP are disclosed in our Data Processing Agreement.
  • Legal requirements. We may disclose information when required by law, subpoena, court order, or governmental authority, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
  • Business transfers. If Stoneline Data is involved in a merger, acquisition, or sale of all or substantially all of its assets, your information may be transferred as part of that transaction. We will notify affected clients before any transfer and before information becomes subject to a different privacy policy.

Data Retention

We retain your contact and account information for as long as your account is active plus three years, or as required by applicable law. Monthly verification reports are retained for the duration of the service relationship plus two years. Client data held under custody agreements is retained according to the retention schedule defined in the custody agreement.

You may request deletion of your personal information at any time subject to legal retention requirements. See "Your Rights" below.

Security

We implement administrative, technical, and physical safeguards to protect your personal information. These include encrypted communications over TLS, access controls limiting who within our organization can view account information, and secure credential storage. Our full technical security controls are described on the Infrastructure page.

No transmission of data over the internet is guaranteed to be completely secure. We implement reasonable protections and will notify affected clients promptly if a breach involving your personal information occurs.

Your Rights

Depending on your jurisdiction, you may have the following rights with respect to your personal information:

  • Access. You may request a copy of the personal information we hold about you.
  • Correction. You may request correction of inaccurate or incomplete personal information.
  • Deletion. You may request deletion of your personal information, subject to legal retention requirements.
  • Portability. You may request your personal information in a structured, commonly used, machine-readable format.
  • Objection and restriction. You may object to certain processing or request that we restrict processing in certain circumstances.
  • California residents. Under the California Consumer Privacy Act (CCPA), California residents have additional rights including the right to know what personal information is collected, sold, or disclosed, and the right to opt out of the sale of personal information. We do not sell personal information.

To exercise any of these rights, contact us using the information on our Contact page. We will respond within 30 days.

Children's Privacy

Our services are directed to businesses and adults aged 18 and over. We do not knowingly collect personal information from individuals under the age of 18. If we learn that we have collected such information, we will delete it promptly.

Changes to This Policy

We may update this Privacy Policy from time to time. We will post the updated policy on this page with a new effective date. For material changes, we will notify active clients by email at least 30 days before the change takes effect.

Contact Us

Questions or requests regarding this Privacy Policy should be directed to us via the Contact page. We respond to privacy inquiries within 30 days.