← Back to Home

Privacy Policy

Last Updated: December 10, 2025

1. Introduction

Welcome to Stamply.in ("we", "us", or "our"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our loyalty card platform.

By using Stamply.in, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our Service.

2. Information We Collect

2.1 Business Information

When you register as a business, we collect:

  • Business Details: Business name, category, description
  • Contact Information: Email address, phone number, physical address
  • Account Credentials: Email and password (encrypted)
  • Loyalty Program Settings: Stamp requirements, reward descriptions
  • Business Logo: Images you upload for branding

2.2 Customer Information

When customers register with a business, we collect:

  • Basic Information: Name, phone number
  • Security Information: PIN or security question answers (encrypted)
  • Loyalty Data: Stamps collected, rewards earned, redemption history
  • Card ID: Unique identifier for each loyalty card

2.3 Automatically Collected Information

  • Usage Data: Pages visited, features used, time spent on platform
  • Device Information: Browser type, device type, IP address
  • Cookies: Session cookies for authentication and user preferences
  • Analytics: Aggregated usage statistics

3. How We Use Your Information

We use the collected information for:

3.1 Service Provision

  • Creating and managing business and customer accounts
  • Processing stamp collection and reward redemption
  • Generating QR codes for customer registration and stamp requests
  • Displaying loyalty cards and program information
  • Sending notifications about stamp requests and rewards

3.2 Communication

  • Sending account-related emails (verification, password reset)
  • Notifying businesses of customer activity
  • Providing customer support
  • Sending important service updates (with opt-out option)

3.3 Analytics and Improvement

  • Analyzing usage patterns to improve the platform
  • Providing businesses with customer insights and analytics
  • Identifying and fixing technical issues
  • Developing new features based on user behavior

3.4 Security and Fraud Prevention

  • Protecting against unauthorized access
  • Detecting and preventing fraudulent activities
  • Enforcing our Terms of Service
  • Complying with legal obligations

4. Data Sharing and Disclosure

4.1 With Businesses

Customer data is shared only with the specific business the customer registered with. Businesses can access:

  • Customer names and phone numbers
  • Stamp collection and reward history for their business only
  • Aggregated customer statistics

4.2 With Service Providers

We share data with trusted third-party service providers:

  • Supabase: Database and authentication services
  • Vercel: Hosting and deployment
  • Email Service Providers: For transactional emails (if applicable)

These providers are contractually obligated to protect your data and use it only for specified purposes.

4.3 Legal Requirements

We may disclose your information if required to:

  • Comply with legal obligations, court orders, or government requests
  • Enforce our Terms of Service
  • Protect our rights, property, or safety
  • Investigate potential violations or fraud

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your information becomes subject to a different privacy policy.

4.5 What We Don't Do

  • ❌ We do NOT sell your personal information to third parties
  • ❌ We do NOT share customer data between different businesses
  • ❌ We do NOT use your data for advertising purposes
  • ❌ We do NOT share your email with marketing companies

5. Data Security

We implement industry-standard security measures:

  • Encryption: All data transmitted over HTTPS/TLS
  • Password Security: Passwords are hashed and never stored in plain text
  • Row-Level Security: Database policies prevent unauthorized data access
  • Authentication: Secure session management with HTTP-only cookies
  • Regular Updates: We keep our software up to date with security patches
  • Access Controls: Limited employee access to personal data

However, no method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

6. Data Retention

  • Active Accounts: We retain data while your account is active
  • Inactive Accounts: After 24 months of inactivity, we may archive or delete data
  • Deleted Accounts: Upon deletion request, data is removed within 30 days
  • Legal Compliance: Some data may be retained longer if required by law
  • Backups: Data in backups is deleted according to our backup retention schedule

7. Your Privacy Rights

7.1 Access and Portability

You have the right to:

  • Access your personal data
  • Request a copy of your data in a portable format
  • View all data associated with your account

7.2 Correction and Update

  • Update your profile information through your dashboard
  • Correct inaccurate information
  • Contact us for help with data corrections

7.3 Deletion

  • Request deletion of your account and associated data
  • Customers: Contact the business to delete your loyalty card
  • Businesses: Delete your account from settings (customer data is also deleted)

7.4 Object and Restrict

  • Object to certain data processing activities
  • Restrict how your data is used
  • Opt-out of non-essential communications

7.5 How to Exercise Your Rights

To exercise any of these rights, please contact us at support@stamply.in or through your account settings. We will respond within 30 days.

8. Cookies and Tracking

We use cookies for:

  • Essential Cookies: Session management and authentication (required)
  • Preference Cookies: Language selection, display preferences
  • Analytics Cookies: Understanding how users interact with our platform

For more information, see our Cookie Policy.

9. Children's Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

10. International Data Transfers

Your information may be transferred to and maintained on servers located outside of your state, province, country, or other governmental jurisdiction where data protection laws may differ.

By using our Service, you consent to the transfer of your information to India and other countries where our service providers operate.

11. GDPR Compliance (EU Users)

If you are in the European Economic Area (EEA), you have additional rights under GDPR:

  • Right to access your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent at any time
  • Right to lodge a complaint with a supervisory authority

Our legal basis for processing your data:

  • Contract: Processing necessary to provide the Service
  • Consent: You have given clear consent
  • Legitimate Interests: Improving our Service, security, fraud prevention
  • Legal Obligation: Compliance with applicable laws

12. CCPA Compliance (California Users)

If you are a California resident, you have the right to:

  • Know what personal information is collected, used, shared, or sold
  • Delete personal information held by us
  • Opt-out of the sale of personal information (we don't sell your data)
  • Non-discrimination for exercising your CCPA rights

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

  • Posting the new Privacy Policy on this page
  • Updating the "Last Updated" date
  • Sending an email notification to registered users
  • Displaying a prominent notice on the platform

You are advised to review this Privacy Policy periodically for any changes.

14. Contact Us

If you have any questions about this Privacy Policy, please contact us:

Email: support@stamply.in

Website: https://stamply.in

Terms of ServiceCookie PolicyBack to Home