Privacy Policy

1. Company Information

• Legal Entity: Stonegate Systems LLC
• Website: www.stonegatescribe.com
• Contact Email: privacy@stonegatescribe.com

We are a U.S.-based company operating in the United States and the United Kingdom.

2. Scope

This Privacy Policy applies to:

• Visitors to our website
• Users who create accounts
• Organizations using tenancy-based accounts
• Customers located in the United States and United Kingdom

Our Service is not intended for individuals under the age of 18, and we do not knowingly collect personal data from minors.

3. Information We Collect

A. Account Information

When you register or use the Service, we may collect:

• Full name
• Email address
• Company name
• Billing address

B. Authentication Information

Authentication is handled through Amazon Cognito. We do not directly manage or store authentication credentials beyond what is necessary for account functionality.

C. Payment Information

All payment processing is handled by Stripe, Inc. (“Stripe”). When you make a purchase, Stripe collects and processes the information needed to complete the transaction, which may include:

• Payment card number, expiration date, and security code
• Billing name and address
• Transaction amount, currency, and history
• Device, browser, and network information (including IP address) used by Stripe for fraud prevention

Payment card details are submitted directly to Stripe over an encrypted connection and are not stored on our servers. We receive only limited information from Stripe, such as the last four digits of the card, card brand, expiration date, and transaction status, for billing and support purposes.

Stripe is certified as a PCI Service Provider Level 1, the most stringent level of certification available in the payments industry. Stripe acts both as our service provider for processing payments and as an independent controller for fraud prevention, regulatory compliance, and its own internal business purposes. Stripe’s handling of your information is governed by its own privacy policy, available at https://stripe.com/privacy.

D. User Content

Users may upload and process:

• Text
• Quotes
• Orders
• Designs
• Files and related business content

We do not collect healthcare data or sensitive financial account information.

E. Cookies & Local Storage

We use cookies and local storage technologies to:

• Maintain session functionality
• Improve performance and loading speed
• Preserve user preferences

We do not use cookies for cross-site tracking or behavioral advertising.

4. Information We Do Not Collect

We do not intentionally collect:

• IP address tracking for profiling
• Device/browser fingerprinting
• Sensitive financial data
• Healthcare data
• Biometric data

5. How We Use Information

We use collected information to:

• Provide and maintain the Service
• Authenticate users
• Process payments
• Send transactional communications
• Provide customer support
• Improve platform performance
• Maintain tenancy-based account access controls

We do not sell personal data.

We do not engage in automated decision-making or profiling.

6. Email Communications

We send:

• Account verification emails
• Billing notifications
• Product updates
• Transactional communications
• Marketing emails (if applicable)

Users may opt out of marketing emails:

• Via the unsubscribe link in emails
• Through account settings

Transactional emails related to account or billing may still be sent as necessary for service delivery.

7. Third-Party Service Providers

We use the following third-party providers:

• Amazon Web Services — Hosting & Infrastructure (US-East-2 region)
• Amazon Cognito — Authentication
• Stripe — Payment processing, billing, invoicing, and fraud prevention

These providers process data on our behalf under contractual safeguards. Stripe also acts as an independent controller for fraud prevention and regulatory compliance purposes, as described in Section 3(C) and in Stripe’s privacy policy at https://stripe.com/privacy.

8. Data Storage & Security

Data is stored in the United States (AWS US-East-2).

We implement:

• Encryption at rest
• Encryption in transit (HTTPS/TLS)
• Logical access controls tied to tenancy

No system is 100% secure, but we take commercially reasonable measures to protect data.

9. Data Retention

We retain data:

• For as long as a user account remains active
• Until the user requests deletion

When an account is deleted:

• Account data and uploaded content are removed from active systems
• Residual data may remain temporarily in secure backups before automatic deletion

10. Data Sharing

We may share information only:

• With service providers (e.g., AWS, Stripe)
• To comply with legal obligations
• To protect rights, security, or enforce agreements

We do not sell or rent personal data.

11. International Data Transfers

Because we operate in the United States and the United Kingdom, data may be transferred to and processed in the United States.

By using the Service, you acknowledge and consent to such transfers.

12. User Rights

Users may:

• Access their personal data
• Request correction of inaccurate information
• Request deletion of their account
• Request data export

To exercise these rights, contact: privacy@stonegatescribe.com

13. Tenancy & Organizational Accounts

Our platform supports tenancy-based accounts. Administrators within an organization may:

• Manage user access
• Access content within their tenancy
• Control account-level settings

Users should contact their organization administrator for tenancy-related data requests.

14. Changes to This Policy

We may update this Privacy Policy from time to time. When we do:

• The “Last Updated” date will be revised
• Material changes may be communicated via email or within the platform

Continued use of the Service constitutes acceptance of the updated policy.

15. Contact Us

If you have questions about this Privacy Policy or data practices, contact: