At EzyStamp, we take your privacy seriously. This Privacy Policy explains what data we collect, how we use it, and the choices you have. It applies to both Merchants (business owners using our platform) and Customers (end users collecting stamps).
1. Information We Collect
From Merchants: Business name, contact name, email address, phone number, billing address, payment method details (processed securely by our payment provider โ we never store full card numbers), business logo and branding assets, and usage data about how you interact with the platform.
From Customers: Phone number or email (used to identify the customer's stamp card), stamp history and redemption records, notification preferences, and device/browser information for technical purposes.
2. How We Use Your Information
We use the information we collect to: provide and improve the EzyStamp service; process payments and send billing communications; send transactional emails (stamp confirmations, reward notifications); provide customer support; detect and prevent fraud; and comply with legal obligations.
We do not sell your personal data to third parties. We do not use customer data for advertising purposes.
3. Data Sharing
We share data with trusted third parties only where necessary to operate the service: payment processors (Razorpay), cloud hosting providers (AWS), and email delivery services. All third parties are bound by strict data processing agreements. We may disclose data to law enforcement if required by a valid legal process.
4. Merchant Responsibilities
As a Merchant, you act as a data controller for your customers' data. You are responsible for obtaining any required consents from your customers and for handling their data in accordance with applicable law. EzyStamp acts as a data processor on your behalf for this data.
5. Data Retention
We retain Merchant account data for as long as your account is active and for up to 3 years after account closure for legal and accounting purposes. Customer stamp data is retained for the duration of the associated Merchant account. You can request deletion at any time.
6. Security
All data is encrypted in transit using TLS and at rest using AES-256 encryption. We perform regular security audits and penetration tests. Access to production data is strictly limited and logged. We will notify you promptly in the event of a data breach affecting your account.
7. Your Rights
You have the right to: access the personal data we hold about you; request correction of inaccurate data; request deletion of your data; withdraw consent where processing is based on consent; and lodge a complaint with a data protection authority. To exercise any of these rights, contact us at privacy@ezystamp.com.
8. Cookies
We use essential cookies to operate the platform (session management, security). We use analytics cookies to understand how the platform is used and improve it. You can disable non-essential cookies in your browser settings, though this may affect some functionality.
9. Children's Privacy
EzyStamp is not directed at children under 13. We do not knowingly collect personal data from anyone under 13. If we become aware that we have collected such data, we will delete it promptly.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes via email or in-app notice at least 14 days before changes take effect.
11. Contact
For any privacy-related questions or requests, contact our Privacy Officer at privacy@ezystamp.com.