Stampifi is operated by the Stampifi project operator.
1. Introduction
Stampifi provides a digital loyalty platform that lets you earn stamps and redeem rewards at participating businesses. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you use our mobile application and related services.
If you have questions about this policy, please contact us at [email protected].
2. What We Collect
We collect information you provide directly to us:
- Phone number — required to create and verify your account
- Name and profile information — optional display name and photo
- Business information — for merchant account holders: business name, address, tax ID, and contact details
We also collect certain information automatically:
- Device information — model, operating system version, app version, and push notification tokens
- Usage data — stamps earned, rewards redeemed, visits checked in, and interactions with merchants
- Location data — approximate location for nearby place discovery (with your permission only)
Information from third parties:
- Google / Apple Sign-In — if you choose to use social sign-in, we receive basic profile information from the provider
- Google Places API — we use Google Places data to help merchants set up their business location
3. How We Use Your Data
We use your personal data for the following purposes:
- Account management — create and maintain your account, verify your identity
- Loyalty features — issue stamps, track rewards, and process redemptions
- Merchant operations — allow businesses to manage their loyalty programs, view analytics, and communicate with customers
- Notifications — send functional notifications (stamps earned, rewards available, account activity) and, with your separate consent, promotional messages
- Location-based discovery — show nearby participating places when you opt in
- Analytics and improvement — understand usage patterns, diagnose issues, and improve the app
We do not use your data for advertising, sell your personal information, or engage in automated decision-making that produces legal effects concerning you.
4. Service Providers
We share data with trusted service providers who help us operate the platform:
- Expo — push notifications and over-the-air updates
- cloud hosting and database service providers
- Sentry — error monitoring and crash reporting (anonymized, no personally identifiable information)
- Stripe, Cardcom, or local payment processors — payment processing for merchant subscriptions and feature purchases, depending on region
We may also share information if required by law, to protect our rights or the safety of others, or in connection with a business transfer (merger, acquisition, or sale of assets). We never sell your personal data.
5. International Data Processing
Some of our service providers may process data outside the State of Israel. When we transfer personal data across borders, we take steps to ensure appropriate safeguards are in place, including Standard Contractual Clauses where applicable.
6. Security
We implement reasonable technical and organizational measures to protect your personal data, including encryption in transit, access controls, and secure storage. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.
7. Data Retention
- Active accounts — we retain your data while your account is active and for a reasonable period thereafter
- Post-deletion grace period — after you request deletion, a 30-day grace period allows you to cancel and restore your account
- Stamp requests — records related to stamp issuance are retained for 12 months
- Audit logs — privileged actions and security events are retained for up to 24 months
- Billing records — retained as required by applicable tax law
8. Your Rights
Depending on your jurisdiction, you may have the right to:
- Access — request a copy of the personal data we hold about you
- Correction — update or correct inaccurate data
- Deletion — request deletion of your account and associated data
- Export — receive your data in a portable, machine-readable format
- Withdraw consent — revoke permissions (e.g., location) at any time via device settings
- Opt out — unsubscribe from promotional messages at any time
To exercise your rights, contact us at [email protected] or use the in-app deletion option under Settings > Privacy.
9. Children
The service is intended for users aged 13 and older. We do not intentionally collect or solicit personal data from children under 13. If you believe that a child under 13 has provided us with personal data, please contact us immediately at [email protected].
10. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be posted with a new "Last updated" date. We encourage you to review this policy periodically. Continued use of the app after changes take effect constitutes your acceptance of the updated policy.
11. Contact
If you have any questions, concerns, or requests regarding this Privacy Policy, please reach out to us at [email protected].