← Back Austin, Texas
ShieldStone Labs
Software & Product Engineering Privacy Notice
§ Privacy

Privacy Policy

This Privacy Policy for ShieldStone LLC d/b/a ShieldStone Labs describes how and why we collect, use, store, disclose, and protect personal information when you visit our website, submit an enquiry, or communicate with us about our services.

Last updated: June 03, 2026

Summary of Key Points

This summary gives the main points of the policy. The full sections below explain the details.

What we collect

Contact-form details, email communications, and ordinary technical/security records.

What we do not collect

No accounts, no payment data, no intentional collection of sensitive personal information through this website.

Tracking

We use Google Analytics to understand website usage. We do not use the website for targeted advertising.

Sharing

We use service providers such as Gmail, Postmark, Google Analytics, and hosting/security infrastructure. We do not sell personal information.

1. Scope

This policy applies to the ShieldStone Labs website at https://shieldstonelabs.com/, any website of ours that links to this policy, and related communications you send to us through the website or by email.

ShieldStone Labs provides software, product engineering, automation, and AI engineering services for firms and operating businesses. This website is a content site with a contact form. It is not an account portal, client workspace, payment system, or database-backed application.

If you become a client, additional agreements may govern project work, confidential information, data handling, intellectual property, and security expectations. Those agreements are separate from this website privacy policy.

2. Information We Collect

In short: We collect the information you provide directly and the limited technical information needed to operate and protect the website.

Personal information you disclose to us

If you submit the contact form or email us, we may collect:

  • Name.
  • Firm or company name.
  • Email address.
  • Optional phone number.
  • Optional business category or enquiry type.
  • Message content and any other information you choose to include.

Information collected automatically

Our website, hosting environment, security tools, server logs, and analytics tools may process technical information such as IP address, browser type, device information, pages requested, timestamps, referrer information, request headers, approximate location derived from IP address, analytics identifiers, delivery diagnostics, and rate-limit or anti-spam signals.

Email metadata

When we send or receive email, Gmail, Postmark, and related email systems may process delivery metadata such as sender, recipient, timestamp, delivery status, message stream, bounce information, and related diagnostic information.

Information from third parties

We do not use the website to intentionally collect personal information about you from third-party data brokers, advertising networks, or enrichment providers. If you are introduced to us by another person or business, that person may provide basic contact or project context so we can follow up.

3. Sensitive Information

In short: We do not intentionally collect sensitive personal information through this website.

Please do not send confidential client data, protected health information, financial account details, government identification numbers, passwords, precise geolocation, biometric information, or other sensitive information through the contact form.

If you send information that could be considered sensitive, you consent to our processing it only as necessary to receive, route, evaluate, respond to, and manage your enquiry, unless another legal basis applies. If a project requires sensitive or regulated data handling, that should be addressed under a separate written agreement before the information is provided.

4. How We Process Your Information

In short: We use information to respond to you, operate the website, protect the service, and manage ordinary business obligations.

We may use personal information to:

  • Receive and respond to enquiries.
  • Evaluate whether ShieldStone Labs can help with a project or business need.
  • Schedule follow-up conversations and maintain business communications.
  • Send confirmation and notification emails related to a contact-form submission.
  • Protect the website from spam, abuse, fraud, and security threats.
  • Measure website traffic, page usage, and referral patterns through Google Analytics.
  • Maintain, troubleshoot, and improve the website and related systems.
  • Preserve records needed for business administration, accounting, legal compliance, and dispute resolution.
  • Enforce our rights and comply with applicable laws, legal processes, or government requests.

6. When and With Whom We Share Personal Information

In short: We share information only in specific situations and with service providers or parties who need it for the purposes described here.

We do not sell personal information. We do not share personal information for cross-context behavioral advertising or targeted advertising.

We may disclose personal information to:

  • Postmark. We use Postmark to send transactional contact-form notification emails and confirmation messages on the outbound message stream.
  • Gmail. We use Gmail to send, receive, store, search, and respond to business email, including messages sent to salam@shieldstonelabs.com.
  • Google Analytics. We use Google Analytics to understand website traffic, page usage, referral sources, and general visitor behavior so we can maintain and improve the website.
  • Hosting, security, and infrastructure providers. These providers help serve the website, apply security controls, process logs, and maintain availability.
  • Professional advisers. We may share information with lawyers, accountants, consultants, insurers, or similar advisers when needed for business, legal, or risk-management purposes.
  • Authorities or other parties when legally required. We may disclose information if required by law, subpoena, court order, government request, or to protect rights, safety, security, or the integrity of our services.
  • Business-transfer parties. If ShieldStone Labs is involved in a merger, acquisition, financing, reorganization, sale of assets, or similar transaction, information may be disclosed as part of that transaction subject to appropriate protections.

We require service providers to use personal information only as needed to provide services to us, subject to their legal and contractual obligations.

7. Cookies and Other Tracking Technologies

In short: We use Google Analytics for website measurement, but not for targeted advertising.

ShieldStone Labs uses Google Analytics to help understand how visitors reach and use the website, including pages viewed, approximate location, device and browser information, referral source, and similar usage information. Google Analytics may use cookies, tags, or similar technologies to provide these measurements.

We do not use the website for advertising retargeting, behavioral advertising, or sale of personal information. We also do not operate user accounts or login sessions on the website.

You can learn more about how Google uses information from sites that use its services at Google’s partner-sites policy. You can also learn about Google Analytics opt-out options at Google Analytics Opt-out Browser Add-on.

8. AI and Automated Decisions

In short: We do not use this website to make automated decisions with legal or similarly significant effects.

ShieldStone Labs provides AI engineering services, but this website’s contact form does not automatically determine eligibility for services, set prices, approve or reject work, or make decisions that produce legal or similarly significant effects about you.

We may manually review enquiry information to understand your request and decide whether to respond, schedule a conversation, or decline work.

9. How Long We Keep Information

In short: We keep information only as long as reasonably needed for the purposes described in this policy.

We keep enquiry records and related email communications for as long as reasonably needed to respond to you, manage a business relationship, keep ordinary business records, resolve disputes, and comply with legal obligations.

Operational logs, analytics records, and security records are retained for limited periods appropriate to measurement, troubleshooting, security, and abuse prevention. Retention periods may vary depending on the provider, legal requirements, and operational needs.

When we no longer have a legitimate business or legal need to process personal information, we will delete it, anonymize it, or, if deletion is not immediately practical, isolate it from further active use until deletion is possible.

10. How We Keep Information Safe

In short: We use reasonable safeguards, but no internet service can be guaranteed completely secure.

We use reasonable administrative, technical, and organizational measures designed to protect personal information. These include server-side form validation, body-size limits, secure headers, rate limiting, anti-spam controls, and keeping email credentials out of browser-served code.

Personal information submitted through the contact form is routed server-side to email; the browser never communicates directly with Postmark and is never given the Postmark API token.

No website, email service, or internet transmission can be guaranteed to be completely secure. Please use care when deciding what information to send online.

11. Your Privacy Rights

In short: Depending on where you live, you may have rights to access, correct, delete, or control certain uses of your personal information.

Depending on your location and the law that applies, you may have the right to:

  • Request access to personal information we hold about you.
  • Request correction of inaccurate or incomplete information.
  • Request deletion of personal information.
  • Request a copy of personal information in a portable format.
  • Object to, restrict, or withdraw consent for certain processing.
  • Opt out of certain uses, such as sale, sharing, targeted advertising, or profiling, where applicable.
  • Appeal a decision we make about a privacy request, where applicable.
  • Not be discriminated against for exercising privacy rights.

Some rights may be limited by law, identity-verification requirements, business record needs, legal obligations, privileged communications, security requirements, or other recognized exceptions.

12. US State Privacy Rights

In short: State privacy laws may give residents additional rights. We honor applicable requests as required by law.

Residents of states with comprehensive privacy laws may have rights to know or confirm whether we process personal information, access that information, correct inaccuracies, delete information, receive a portable copy, and opt out of certain processing such as sale, sharing, targeted advertising, or profiling that produces legal or similarly significant effects.

ShieldStone Labs does not sell personal information, does not share personal information for targeted advertising, and does not use the website to profile users for decisions with legal or similarly significant effects.

California disclosures

If California law applies, the categories of personal information we may collect through this website include identifiers, professional or employment-related information you provide, internet or electronic network activity information, and inferences only to the limited extent they are reasonably derived from your enquiry for ordinary business follow-up.

We collect these categories for the purposes described in this policy. We disclose them to service providers and other parties described in the section "When and With Whom We Share Personal Information." We do not sell or share these categories for cross-context behavioral advertising.

California Civil Code Section 1798.83, sometimes called the "Shine The Light" law, permits California residents to request information about disclosures of personal information to third parties for their direct marketing purposes. ShieldStone Labs does not disclose personal information to third parties for their independent direct marketing purposes through this website.

13. How to Exercise Rights, Verification, and Appeals

In short: Email us and we will review the request under applicable law.

To exercise a privacy right, email salam@shieldstonelabs.com. Please describe the request clearly and include enough information for us to locate the relevant records.

Verification

We may need to verify your identity before acting on a request. We will use information provided in the request only to verify identity, authority, and the scope of the request. If we cannot verify your identity from information already available to us, we may request additional information.

Authorized agents

You may be able to designate an authorized agent to make a request on your behalf. We may require proof that the agent has authority to act for you and may still require you to verify your identity directly, where permitted by law.

Appeals

If applicable law gives you an appeal right and we decline to take action on your request, you may appeal by emailing salam@shieldstonelabs.com. We will respond with the result of the appeal and any explanation required by law.

14. Children

In short: The website is not directed to children.

The website and services are intended for adults and business users. They are not directed to children under 18, and we do not knowingly collect personal information from children through this website.

If you believe a child has provided personal information to us through the website, please contact us so we can review and delete it if appropriate.

15. Do Not Track Signals

Some browsers provide "Do Not Track" signals. Because there is no uniform legal or technical standard for responding to those signals, the website does not currently respond to them.

We use Google Analytics for website measurement, but we do not use the website for behavioral advertising, ad retargeting, or sale of personal information regardless of whether a browser sends a Do Not Track signal.

16. Updates to This Policy

We may update this Privacy Policy from time to time. The updated version will be identified by the "Last updated" date above.

If we make material changes, we may post a notice on the website or contact you directly when appropriate. We encourage you to review this policy periodically.

17. Contact

If you have questions or comments about this Privacy Policy, contact us at:

ShieldStone LLC d/b/a ShieldStone Labs
706 W 34TH ST APT 101
Austin, TX 78705
United States
salam@shieldstonelabs.com

18. How to Review, Update, or Delete Information

Based on the applicable law of your country, state, or place of residence, you may request access to the personal information we collect from you, details about how we have processed it, correction of inaccuracies, or deletion of your personal information.

You may also have the right to withdraw consent to our processing of your personal information where consent is the legal basis. To make a request, email salam@shieldstonelabs.com.