Stoneone

Legal

Privacy Policy

Last updated: 1 April 2025

1. Who We Are

Stoneone Ltd ("Stoneone", "we", "us", or "our") is a UK-registered company operating as a premium stone worktop supplier and installer. We are the data controller for the personal information we collect through our website and services.

Contact: info@stoneone.co.uk

2. What Information We Collect

We may collect the following types of personal information:

  • Contact details — name, email address, phone number, postcode
  • Project information — kitchen dimensions, surface preferences, uploaded plans or photos
  • Quote and order data — quote numbers, order history, payment status (we do not store full card details)
  • Communication records — messages sent through our quote form, live chat, or email
  • Technical data — IP address, browser type, pages visited, referring URL (collected via cookies and analytics)

3. How We Use Your Information

We use your personal data to:

  • Respond to quote requests and enquiries
  • Process and manage orders
  • Book and confirm templating and installation appointments
  • Send transactional emails (quotes, order confirmations, appointment reminders)
  • Improve our website and services through analytics
  • Comply with our legal obligations
  • Send marketing communications where you have given consent or where we have a legitimate interest

4. Legal Basis for Processing

We process your personal data under the following lawful bases:

  • Contract performance — to deliver services you have requested
  • Legitimate interests — to improve our services and communicate with customers
  • Legal obligation — to comply with applicable law
  • Consent — for marketing communications and non-essential cookies

5. Sharing Your Data

We do not sell your personal data. We may share it with trusted third-party service providers who assist us in operating our business, including:

  • Email delivery services (e.g. Resend)
  • Database and cloud infrastructure providers (e.g. Supabase)
  • Payment processors (e.g. Stripe) — who operate under their own privacy policies
  • Analytics providers

All third-party processors are contractually bound to handle your data securely and only for the purposes we specify.

6. Data Retention

We retain your personal data for as long as necessary to fulfil the purposes described in this policy. Quote and order records are typically retained for 7 years in accordance with financial record-keeping requirements. You may request deletion of your data at any time (subject to legal obligations).

7. Your Rights

Under UK GDPR, you have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate or incomplete data
  • Request deletion of your data ("right to be forgotten")
  • Object to or restrict how we process your data
  • Receive your data in a portable format
  • Withdraw consent at any time (where processing is based on consent)

To exercise any of these rights, email us at info@stoneone.co.uk. We will respond within 30 days.

8. Cookies

We use cookies to improve your experience on our website. For full details of how we use cookies, please see our Cookie Policy.

9. Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or disclosure. All data is transmitted over HTTPS and stored in secure, access-controlled environments.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via our website. The "Last updated" date at the top of this page reflects the most recent revision.

11. Complaints

If you are unhappy with how we handle your data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.