Privacy Policy

1. Introduction

Keystone ("we," "our," or "us") is operated by Pim Steijns Eenmanszaak, a sole proprietorship registered in the Netherlands. We are committed to protecting your privacy and ensuring the security of your personal data.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our equipment management software and services.

2. Data Controller

Pim Steijns Eenmanszaak
Netherlands
Email: pimsteijns9@gmail.com
KVK: 83464115
BTW: NL003825922B29

3. Information We Collect

3.1 Personal Information

• Name and contact information (email, phone number)
• Company information and business details
• Payment information (processed securely through our payment providers)
• Account credentials and preferences
• Equipment inventory and business data you upload

3.2 Technical Information

• IP address and device information
• Browser type and version
• Usage data and analytics
• Cookies and similar technologies

4. How We Use Your Information

We use your information for the following purposes:

• Providing and maintaining our software services
• Processing payments and managing subscriptions
• Communicating with you about your account and services
• Providing customer support and technical assistance
• Improving our services and developing new features
• Complying with legal obligations
• Sending marketing communications (with your consent)

5. Legal Basis for Processing (GDPR)

We process your personal data based on the following legal grounds:

• Contract: To provide our services and fulfill our obligations
• Legitimate Interest: To improve our services and prevent fraud
• Consent: For marketing communications and optional features
• Legal Obligation: To comply with applicable laws and regulations

6. Data Sharing and Disclosure

We may share your information with:

• Payment processors (Paddle, Stripe) for payment processing
• Cloud service providers (Supabase, Vercel) for hosting and infrastructure
• Analytics providers (Google Analytics, Vercel Analytics) for usage insights
• Legal authorities when required by law
• Service providers who assist in our operations

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

7. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction.

• Encryption of data in transit and at rest
• Regular security assessments and updates
• Access controls and authentication measures
• Employee training on data protection

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required by law.

• Account data: Until account deletion or 7 years after last activity
• Payment records: 7 years (legal requirement)
• Analytics data: 26 months
• Support communications: 3 years

9. Your Rights (GDPR)

Under GDPR, you have the following rights:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate or incomplete data
• Erasure: Request deletion of your personal data
• Portability: Receive your data in a structured format
• Restriction: Limit how we process your data
• Objection: Object to certain types of processing
• Withdraw Consent: Withdraw consent for marketing communications

To exercise these rights, contact us at privacy@keystone.com

10. Cookies and Tracking

We use cookies and similar technologies to enhance your experience, analyze usage, and provide personalized content.

For detailed information about our use of cookies, please see our Cookie Policy.

11. International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA). We ensure appropriate safeguards are in place through standard contractual clauses and adequacy decisions.

12. Children's Privacy

Our services are not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by email or through our website.

14. Contact Information

If you have any questions about this Privacy Policy or our data practices, please contact us:

15. Complaints

If you believe we have not handled your personal data in accordance with this policy, you have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens):