Privacy policy

See the shop

Legal

Privacy Policy

Last updated: 26 April 2026. Pre-launch version — we may revise it as our processors and tooling firm up. The date at the top changes when we do.

For details on cookies and tracking, see our Cookie Policy.

Who we are

RockSolid Innovations is a small 3D-printing studio based in Ireland. The data controller for the personal data described in this policy is:

  • Trader / data controller: Fabio Pierotti, trading as RockSolid Innovations
  • Business Name registration (CRO RBN): [Business Name registration — pending]
  • Place of business: [Registered place of business — Ireland; pending]
  • Contact: hello@rocksolidinnovations.store

What we collect

When you place an order: your name, delivery address, email, and payment confirmation data. Card details are entered into a secure hosted form provided by our payment processor and are never stored on our servers. When you subscribe to the newsletter: your email address only, with a double opt-in confirmation.

Why we collect it, and on what legal basis

We hold each piece of data for a specific reason. GDPR calls these "lawful bases" — here's the plain version, with the article reference in brackets for anyone who wants it.

  • To process your order, ship it, handle returns and refunds, and answer your questions about it — this is part of the contract between us when you buy something (Art. 6(1)(b)).
  • To send you marketing emails about new products — only with your consent, which you give at sign-up and can withdraw at any time (Art. 6(1)(a)). We don't have an email tool wired up yet; we will request your consent before sending any marketing emails.
  • To prevent fraud, secure the site, and protect the business — we have a legitimate interest in not being defrauded and in keeping the site running safely (Art. 6(1)(f)).
  • To keep tax and accounting records — Irish Revenue requires us to retain invoice and order records, so this is a legal obligation (Art. 6(1)(c)).
  • Cookies — strictly necessary cookies (cart, session) run on legitimate interest (Art. 6(1)(f)); analytics and marketing cookies only run with your consent (Art. 6(1)(a)). See the Cookie Policy for the detail.

We don't sell or share your data with third parties for marketing.

How long we keep it

  • Order records, invoices, and tax-relevant data — 6 years, as required by Irish Revenue.
  • Customer service and support emails — 2 years from the last contact, then deleted.
  • Newsletter subscribers — until you unsubscribe, or after 3 years of inactivity, whichever comes first.
  • Website analytics and cookie data — 14 months (the GA4 default; we'll lower it if we move to a different tool).
  • Account data — if and when we add customer accounts, we'll keep them until closure plus 30 days.
  • Marketing consent records — for as long as we hold the data they relate to, plus 2 years, as proof of the consent.

Payment processors

We use two processors at checkout. Both are independent data controllers for the payment data they receive, and each has its own privacy policy linked below.

PayPal (card payments and PayPal wallet)

Card and wallet payments are handled by PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg. Their full privacy statement is here: paypal.com/ie/legalhub/privacy-full.

What we share with PayPal when you pay: the transaction amount and currency, your name, email, and billing address, and the order reference. Card details (number, expiry, CVV) are entered directly into PayPal's hosted iframe on the checkout page — they pass to PayPal, never to us. We never see, store, or process raw card data.

What PayPal may share with us: a tokenised reference for the transaction, the result (approved/declined), and risk signals PayPal uses to flag fraud.

Credit and financial checks on RockSolid. As part of operating the merchant account, PayPal may obtain credit history and financial information about RockSolid Innovations from credit reference agencies and other third parties. This concerns us as the merchant, not you as a customer.

Account Updater Service. PayPal offers an optional service that automatically refreshes saved card details (new expiry date, replaced card number) via the Visa and Mastercard networks. We have this disabled at launch. If we ever enable it, this section will be the disclosure: while active, PayPal may automatically update saved card details on file so that subscriptions or repeat purchases keep working.

Cross-border transfers. PayPal is a global business and may process your data outside the European Economic Area. Where that happens, transfers are protected by the European Commission's Standard Contractual Clauses or an equivalent legal mechanism. Details are in PayPal's privacy statement linked above.

Shopify Payments (Stripe-backed)

Some card transactions are routed through Shopify Payments, which is operated by Shopify International Limited (Ireland) and processed on Stripe infrastructure. Their privacy policy: shopify.com/legal/privacy.

What we share: the same order data as above (name, email, billing address, transaction amount, order reference). Card data is captured by Shopify's PCI-compliant checkout, not by us.

Shopify Payments may transfer data outside the EEA under Standard Contractual Clauses. Shopify is the data controller for the payment data it receives.

Your rights (GDPR)

You can ask us at any time to access, correct, or delete the personal data we hold about you. You also have the right to object to processing, to restrict it, and to receive your data in a portable format. Email hello@rocksolidinnovations.store. We respond within 30 days.

If you're not happy with how we've handled your data, you have the right to lodge a complaint with the Irish Data Protection Commission:

Cookies and tracking

This site uses essential cookies to keep your cart and session working. Analytics and marketing cookies run only if you opt in. Full breakdown — what each cookie does, how long it lives, and how to change your choice — is in the Cookie Policy.

Where your data lives

On Shopify's EU-region servers once we go live. Currently, this site is a local preview and no data is collected from visitors.

Changes to this policy

We'll update the date at the top when we change anything meaningful.

The missing part.

Get an email when we release a new design.

Subscribe

© 2026 RockSolid Innovations. Printed in Ireland.

hello@rocksolidinnovations.store

EU customers can also use the European Commission's Online Dispute Resolution platform: ec.europa.eu/consumers/odr.