STERDΛM
Build Innovate Empower
Privacy
Legal

Privacy & Cookies.

Your data is yours. This policy explains what we collect, why we collect it, and the controls you have , written to scale with leading privacy law (GDPR, POPIA, CCPA, NDPR and successors).

Last updated: 2026-05-24

1. Who we are

Sterdam Inc. ("Sterdam", "we", "us") operates sterdaminc.com and provides AI-powered IT operations, cloud engineering, and digital products. Questions about this policy: info@sterdaminc.com.

2. What we collect

  • Account data: name, email, password hash, membership tier.
  • Contact data: anything you send via our contact form or email.
  • Payment metadata: PayPal transaction ID, status, and timestamp, we never see your card.
  • Usage data: device, browser, pages visited (only with your analytics consent).
  • Cookies: see section 6.

3. Why we use it (lawful bases)

  • To provide and secure the service (contract).
  • To respond to enquiries (legitimate interest).
  • To process membership and billing (contract).
  • For analytics and product improvement (consent).
  • To comply with tax, accounting, and legal obligations (legal obligation).

4. Who we share data with

Only the processors required to run the service: authentication & database (Lovable Cloud / Supabase), payments (PayPal), email delivery (Outlook / FormSubmit). We do not sell personal data. We do not share data for cross-context behavioural advertising.

5. Where data lives & international transfers

Data may be processed in the EU, US, and partner regions. Transfers rely on Standard Contractual Clauses or equivalent safeguards under GDPR / UK GDPR / POPIA.

6. Cookies

We use a small number of cookies:

  • Essential, session, security, consent record. Cannot be disabled.
  • Analytics, anonymous usage stats. Off until you accept.
  • Marketing, only set if you opt in. Off by default.

Manage choices any time by clearing your browser storage for this site, or via the banner.

7. Your rights

Depending on your jurisdiction you may have rights to access, correct, delete, restrict, port, or object to processing of your data, and to lodge a complaint with your local regulator (e.g. ICO, Information Regulator SA, CNIL, NDPC). Email us to exercise any right; we respond within 30 days.

8. Retention

We keep account data while your account is active and up to 24 months after closure, unless law requires longer (e.g. invoices for tax). Anonymous analytics are kept up to 26 months.

9. Security

Encryption in transit (TLS), hashed credentials, role-based access, least-privilege service accounts, audit logging, and regular reviews.

10. Children

The service is not directed to children under 16. We do not knowingly collect their data.

11. Changes

We may update this policy as the product, law, or our processors change. Material changes are announced on this page and, where required, by email.