Privacy Policy
Last Updated: February 3, 2026
Your Privacy Matters
Lodestone is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your information in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.
1. Who We Are
Lodestone is a specialized recruitment and employer branding agency operating in the RWA (Real World Assets), Fintech, AI, and Cybersecurity sectors.
Data Controller: Lodestone
Contact: hello@lodestone.io
2. Information We Collect
2.1 Information You Provide to Us
- Contact Forms: Name, email address, company name, phone number, message content
- Partnership Applications: Company information, contact details, partnership proposals
- Recruitment Services: CV/Resume, work history, skills, education, references
- Event Registrations: Name, email, company, job title, dietary preferences
2.2 Information We Collect Automatically
- Technical Data: IP address, browser type, device information, operating system
- Usage Data: Pages visited, time spent on pages, click patterns, referral sources
- Cookies: Session cookies, preference cookies, analytics cookies (see Cookie Policy)
3. How We Use Your Information
| Purpose | Legal Basis (GDPR) |
|---|---|
| Responding to inquiries and requests | Legitimate Interest / Contract |
| Recruitment and candidate matching | Consent / Contract |
| Organizing and managing events | Legitimate Interest / Consent |
| Partnership evaluation and communication | Legitimate Interest |
| Website improvement and analytics | Legitimate Interest / Consent |
| Marketing communications (with consent) | Consent |
| Legal compliance and fraud prevention | Legal Obligation |
4. Data Sharing and Disclosure
4.1 We May Share Your Data With:
- Client Companies: When you apply for positions (with your explicit consent)
- Service Providers: Email hosting, analytics tools, CRM systems (under strict data processing agreements)
- Event Partners: Co-hosts for events you register to attend
- Legal Authorities: When required by law or to protect our legal rights
4.2 We Will NOT:
- ❌ Sell your personal data to third parties
- ❌ Share your data for marketing purposes without consent
- ❌ Transfer data outside the EU/EEA without adequate safeguards
5. Data Retention
We retain your personal data only for as long as necessary:
- Contact Inquiries: 2 years from last contact
- Recruitment Candidates: 3 years from last application (with consent)
- Partner Applications: 5 years for business records
- Event Registrations: 1 year after event completion
- Marketing Consent: Until consent is withdrawn
6. Your Rights Under GDPR
You Have the Right To:
- Access: Request a copy of your personal data
- Rectification: Correct inaccurate or incomplete data
- Erasure: Request deletion of your data ("right to be forgotten")
- Restriction: Limit how we process your data
- Portability: Receive your data in a machine-readable format
- Object: Object to processing based on legitimate interests
- Withdraw Consent: Withdraw consent at any time
- Complain: Lodge a complaint with your data protection authority
To exercise your rights, contact us at: privacy@lodestone.io
7. Data Security
We implement appropriate technical and organizational measures to protect your data:
- 🔒 SSL/TLS encryption for data transmission
- 🔐 Encrypted data storage
- 🛡️ Access controls and authentication
- 📊 Regular security audits and updates
- 👥 Staff training on data protection
- 📝 Data breach notification procedures
8. International Data Transfers
If we transfer your data outside the EU/EEA, we ensure adequate protection through:
- Standard Contractual Clauses (SCCs) approved by the European Commission
- Adequacy decisions for countries with equivalent data protection
- Binding Corporate Rules for group companies
9. Cookies and Tracking Technologies
We use cookies to improve your experience. See our Cookie Policy for details.
Cookie Categories:
- Essential Cookies: Required for website functionality (always active)
- Analytics Cookies: Help us understand website usage (requires consent)
- Marketing Cookies: Deliver relevant content and ads (requires consent)
10. Children's Privacy
Our services are not directed at individuals under 16 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.
11. Changes to This Privacy Policy
We may update this Privacy Policy periodically. We will notify you of material changes by:
- Email notification (if you have an account)
- Prominent notice on our website
- Updated "Last Updated" date at the top of this policy
12. Contact Us
For questions about this Privacy Policy or to exercise your data protection rights:
Email: privacy@lodestone.io
General Inquiries: hello@lodestone.io
Data Protection Officer: dpo@lodestone.io
13. Supervisory Authority
You have the right to lodge a complaint with your local data protection authority. For EU residents, find your authority at: https://edpb.europa.eu
This Privacy Policy is part of our commitment to transparency and data protection. By using our services, you acknowledge that you have read and understood this policy.