Stampresso is a digital loyalty card: instead of a paper card with stamps, you collect stamps on your phone. For the card to work, we have to store a few pieces of your data. This page explains what data we keep, why, and everything you can ask for regarding it. We tried to write it plainly, with no fine print.
What data we collect
When you sign up, we store:
- The name you enter; on the card we show only your first name.
- Your phone number; it lets you sign in and recover your card if you change phones or clear your browser data.
- Stamps, a record of when staff added a stamp and when a reward was used. That is what lets the card count at all.
Your card is also remembered locally, on your own phone (in the browser's storage), so you don't have to sign in every time you open it.
We do not ask for or store: an email address, a home address, a date of birth, card or payment details, and we do not track your location.
Why we collect this data
Solely so the loyalty card works: so we know how many stamps you have, when a free coffee is due, and so you can recover your account. We do not use it for any advertising or process it for any other purpose.
The basis on which we process it
On the basis of your consent, which you give when you tick the relevant box at sign-up. You can withdraw your consent at any time (see "Your rights").
Notifications on your phone
At venues on the Pro plan, the card can send you notifications, for example when a coupon is waiting for you or when your reward is ready. Your browser will first ask you whether you allow this; without your permission no notifications arrive.
For a notification to reach you, we store a technical send address for your device (a so-called push subscription). It does not reveal your name, phone number or location. You turn notifications off whenever you like: in the card menu (tap the circle with your initial) or in your browser settings, and we then delete the subscription.
Who we share data with
We do not sell it or pass it on for marketing to anyone.
- The venue where you collect stamps does not see your name or phone number. At most the venue has access to aggregate figures, for example how many people in total use the card and how many are active. Those figures cannot reveal who you are.
- We store data technically with a database service provider (Supabase), on servers in the European Union (Ireland). They keep the data on our behalf and do not use it for their own purposes.
- We would disclose your data to a third party only if legally required to by a competent authority.
Cookies and measuring site visits
On our website, where we present the service to venues, we may use tools to measure visits and how our ads perform, for example a Meta (Facebook) pixel or similar visit analytics. Such tools record visits to the site's pages (e.g. which pages you opened and from which device) and may use cookies. They serve us solely to see how many people visit the site and whether our ads have an effect. You can delete or block cookies in your browser settings whenever you like.
The card app itself is exempt: on the card, sign-up and scanner screens there are no marketing tools, pixels or visit analytics. We do not track your stamp collecting or link it to any ads.
How long we keep data
We keep data while you use the card, that is, while the venue is part of the Stampresso program. You can also delete your card yourself, instantly: in the card menu (the circle with your initial) choose "Delete my card". This permanently deletes your name, phone number, all stamps and notification subscriptions. You can also contact us by email at any time.
Your rights
At any time you have the right to:
- get access to the data we keep about you,
- correct an inaccurate piece of data,
- delete your data ("the right to be forgotten"); you can do this instantly yourself, through "Delete my card" in the card menu,
- withdraw consent, after which the card stops working,
- object to the processing of your data.
For any of the above, contact us at the address below. If you believe we are not handling your data properly, you also have the right to contact the competent data protection authority in your country.
Security
Data is transmitted and stored over a secure (HTTPS) connection. Only people authorized to run the service have access to the database.
Changes to this policy
If we change anything, we will update this page and the date at the top. Where possible, we will specifically flag larger changes.
Contact
For any privacy questions and to exercise your rights, email us at: hello@stampresso.com