Who we are?
Stampuno Limited is a London-based startup specialised in loyalty systems.
We want you to know that Stampuno is not in the business of selling, renting or trading email lists with other companies and businesses for marketing purposes. We just don't do that sort of thing. But just in case you don't believe us, in this Privacy Notice, we've provided lots of detailed information on when and why we collect your personal information, how we use it and how we keep it secure.
Types of Data Collection
We collect data in many ways, here is how and why:
Web and Mobile Forms
We collect user data through our web forms and mobile app forms. The information is collected for:
- Giving the user an account so that their cards and rewards can be accessed and used with this account on any device.
- We ask for the first name in case we wanted to contact the user, we want to address him/her by their first name.
- We ask for email confirmation to mitigate a mistyped email. This helps the users to recover their account, if needed. Also, to send non-marketing emails to the users regarding any change in our policies or services that might affect them.
Stampuno collects data through the usage of Stampuno app. We collect:
- Anonymous error reports so that we can improve the apps
- Anonymous usage reports so that we know what features to improve, add or remove.
- Anonymous cards usage reports so that we understand the cards usage statistics (with no user identifying data).
Any data that is supplied directly to us through our forms or through our apps are stored in the cloud in our Microsoft Azure infrastructure in UK. If manual (human) processing is needed, we process data via selected and authorised Stampuno employees who might be located in and outside the EU. We do not process this data through any third-party.
We take the following measures to protect user data:
- Train all the employees on IT security, data breaches and on GDPR (EU's General Data Protection Regulation)
- We hash user passwords
- We encrypt users sensitive data, on our servers, with high grade encryption
- We use SSL (secure sockets layer) to encrypt data passed back and forth between the user and our servers. We do this on our apps and on our websites
In general and when possible and where relevant, we delete relevant data, rather than storing it. We also take the following measures:
- We use physical delete (also known as hard delete) for any data that our users delete to wipe it from our database so that it is not recoverable.
- We retain our database backups for up to 40 days. In other words, it will take any data change up to 40 days to disappear from our backups.
- We retain any brand submission (user submitting a card for its brand to be added to Stampuno) for up to 10 days to give the submitter a chance to raise any problem in adding the card.
We tried to make this privacy notice transparent and short. For any query please email us on