stack-brands.comLegalLast updated: April 2026

Privacy Policy

STACK BRANDS ("we," "us," or "our") is committed to protecting your personal information. This Privacy Policy explains how we collect, use, and safeguard data in connection with our platform, tools, and services accessible via this domain.

1. Who We Are

STACK BRANDS is a privately held e-commerce operations company. This domain hosts internal operational tools and serves as our corporate web presence. For inquiries regarding this policy, contact us at info@stack-brands.com.

2. What We Collect

We may collect the following categories of personal information:

  • Identity data: name, email address, job title (for team members and authorized users).
  • Usage data: IP address, browser type, pages visited, time and date of access, and navigation paths.
  • Authentication data: login credentials managed via Google OAuth, scoped to authorized company accounts.
  • Technical data: device information, operating system, and network connection details collected automatically via server logs.

We do not collect payment card data, financial account details, or sensitive personal data through this domain.

3. How We Use Your Data

We use collected data exclusively for the following purposes:

  • To operate, maintain, and secure our internal platform and tools.
  • To authenticate and authorize access for team members.
  • To monitor platform performance and diagnose technical issues.
  • To comply with applicable legal obligations.

We do not sell, rent, or share personal data with third parties for marketing purposes.

4. Legal Basis for Processing (GDPR)

Where the General Data Protection Regulation (GDPR) applies, we process personal data on the following legal bases:

  • Legitimate interests (Art. 6(1)(f) GDPR): to operate and secure our internal tools and infrastructure.
  • Contractual necessity (Art. 6(1)(b) GDPR): to provide access and services to authorized team members.
  • Legal obligation (Art. 6(1)(c) GDPR): where required by applicable law.

5. Data Retention

We retain personal data only as long as necessary for the purposes described in this policy, or as required by law. Server log data is retained for a maximum of 90 days. Authentication session data is retained for the duration of the active session.

6. Third-Party Services

This platform integrates with the following third-party services, which may process data on our behalf:

  • Google (OAuth): for authentication. Governed by Google's Privacy Policy.
  • Supabase: for database and authentication infrastructure. Data is processed within the EU.
  • Vercel / hosting infrastructure: for platform deployment and delivery.

All third-party processors are bound by data processing agreements where required under GDPR.

7. Your Rights

Under applicable data protection law, you have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate data.
  • Request deletion of your data, subject to legal retention obligations.
  • Object to or restrict processing in certain circumstances.
  • Lodge a complaint with your local data protection authority.

To exercise any of these rights, contact us at info@stack-brands.com.

8. Security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, loss, or disclosure. Access to this platform is restricted to authorized personnel via authenticated sessions. All data in transit is encrypted using TLS.

9. Changes to This Policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top of this page reflects the most recent revision. Continued use of this platform following any changes constitutes acceptance of the revised policy.