Stampt | Send & Spend Money Globally, Instantly & Free

Overview

Stampt ("we," "us," or "our") is committed to protecting your privacy and ensuring the security of your personal and financial information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our remittance and virtual card services, or when you interact with our website, including joining our waitlist.

This policy complies with the General Data Protection Regulation (GDPR) and other applicable data protection laws. By using Stampt or providing your information to us, you acknowledge that you have read and understood this Privacy Policy and agree to the collection and use of your information as described herein.

7th Street Research, Co. (brand name "Stampt") together with its subsidiaries, collects and uses personal data that you submit in connection with Stampt products and services. This includes your use of (a) the Stampt website located at www.stampt.com; and (b) the payment and remittance service owned and operated by Stampt. This Privacy Policy explains our practices.

In this policy, we refer to the website and the payment/remittance service (and any related software or services) collectively as the "Products". Any computer, smartphone, or other device you use to access the Products is referred to as a "Device". This policy also describes choices available to you regarding the use of your personal data, how you may access and update it, and, where applicable, how to request deletion. The Products may include services that we operate directly as well as services we market or provide on behalf of third parties.

If you access the Products or a Device as an individual user under a contract or similar arrangement between Stampt and a third party, that agreement may also govern data collected in connection with your use of the Products and Devices. Please review that agreement for additional details. By continuing to use the Products or Devices, you agree to the data-related terms contained in that agreement, if any.

Although Stampt operates the payment and remittance service, other companies may contribute input or services to support it. Where disclosed to you, your use of those components may also be subject to separate privacy terms published by those companies. Please review those terms for more information about how they use, store, and transfer your data.

Questions about this Privacy Policy can be directed to privacy@stampt.com. By using any Product, you agree to this policy. If you do not accept its terms, do not provide personal information and do not use the Products.

The Products are intended for a general audience. We do not knowingly collect personal information from children under 18. If we later determine that we have collected personal information from someone under 18, we will delete it. If you are a parent or guardian and believe a child under 18 has provided us personal information, please contact us at privacy@stampt.com.

The Products are delivered to users from systems located in the United States. If you are located outside the United States and use the Products, you should be aware that U.S. data protection laws may differ from the laws in your country. Your personal information may be subject to lawful requests for access by governments, courts, or law enforcement in the United States. Information may also be stored on servers outside your jurisdiction of residence, including in jurisdictions with privacy practices that may be less stringent than those in your location. By using the Products or providing information to us, you consent to the transfer, processing, use, sharing, and storage of your information, including personal information, in the United States as described in this Privacy Policy.

1. Information Collected Through Products

1.1Stampt may collect or receive different categories of personal data about users of the Products or Devices, as well as website visitors who are not customers. This may include:

•Contact information (such as name, address, telephone number, and email address).

•Details about products ordered or provided.

•Data collected through Internet and e-commerce activity, including information from log files, cookies, clear gifs (web beacons), images, scripts, and similar technologies.

•Customer service and demographic information (for example, gender, income level, and information about prior experiences with Stampt products).

•Information we receive from our third-party service providers.

•Information required to meet legal obligations related to processing financial transactions (including "know your customer" information).

•Biometric Data: If you choose to use biometric authentication or undergo identity verification, our third-party providers may collect and process biometric identifiers (such as facial geometry) to verify your identity and prevent fraud. Stampt does not store your raw biometric data; we receive only the result of the verification.

•Other transaction-related information.

1.2We may also use the tracking technologies described in this policy to collect, store, or aggregate certain non-personally identifiable data about how you use the Products, including browsing history, preferences, internet addresses, unique identifiers, Device types, Device location, and similar information.

1.3Exclusion of Cryptographic Credentials. Stampt does not collect, receive, or store your private cryptographic keys, seed phrases, or any credentials that would allow us to move assets on your behalf. These credentials remain on your personal device at all times.

1.4Regulatory Compliance (MiCA/TFR Travel Rule). To comply with the EU Transfer of Funds Regulation (TFR), we may collect and verify identifying information for both the sender and recipient of crypto transactions, including name, address, and wallet address. This information is collected solely for anti-money laundering (AML) compliance and does not grant Stampt custodial rights over your assets.

1.5Beneficiary Data Sharing (Travel Rule). In accordance with the EU Transfer of Funds Regulation (TFR), when you initiate a transfer of digital assets, Stampt is required to share certain personal information (such as your name and wallet address) with the provider of the recipient's wallet to ensure the security and legality of the transaction. This data sharing is necessary to comply with AML laws and helps prevent money laundering and terrorist financing.

2. Information Collected Through Software and Services

2.1In connection with providing the Products, we may collect information about your Devices, including:

•Device details (for example, operating system version, processor type, available memory, and similar technical attributes).

•Information about software installed on your Device, such as version information and installation and/or update dates.

•Data obtained from logs, configuration files, and other system-level or software-level sources.

2.2We retain your information for as long as your account remains active and as needed to provide the Products. We also retain and use information as reasonably necessary to operate our business, comply with legal obligations, resolve disputes, and enforce our agreements.

3. Use of Information

3.1You agree that Stampt may use the personal data you provide for the following purposes:

•Business purposes, including providing and delivering the Products; establishing and maintaining relationships with customers and businesses; improving the Products; enabling Internet-based activities and electronic commerce; performing accounting activities; processing payments you request through the Products; and carrying out other activities that are necessary or appropriate in connection with the Products.

•Marketing and promotion of Stampt products and services, and the products and services of third-party partners, including by sending information about products, services, or promotions.

3.2Opt out: You may opt out of promotional messages by following the instructions in each message, or by contacting us at privacy@stampt.com.

•Service communications, such as updates, announcements, and alerts related to the Products, including notifications about security incidents, downtime, or scheduled maintenance. You cannot opt out of these service communications. If you prefer not to receive them, you may deactivate your account and stop using the Products.

3.3Stampt may transfer or disclose personal data to service providers and business partners under written agreements where necessary for them to perform services on our behalf, including to meet our obligations to you. Service providers and partners who receive data under this section may not use personal data for any purpose other than providing services to Stampt. If Stampt becomes aware that a business partner or service provider is handling your personal data in a way that conflicts with this Privacy Policy, we will take reasonable measures to prevent or stop that processing. In that situation, you agree that Stampt will not be liable for the misuse of your data.

3.4At Stampt's sole discretion, we may also disclose your personal data to third parties in limited additional circumstances: (1) where we have reason to believe disclosure is necessary to identify, contact, or take legal action against someone who may be harming or interfering with the rights of Stampt or its customers or suppliers; (2) where we believe in good faith that disclosure is required by law; (3) to a subsequent owner, co-owner, or operator of a website or product, or in connection with a merger, consolidation, restructuring, sale of substantially all of our assets or interests, or other corporate change (including as part of a due diligence process); and (4) where disclosure is needed in situations involving threats to the physical security of any person.

4. Information Security

4.1We treat your data as highly important. We use encryption in transit (including Secure Sockets Layer (SSL) and other technologies) so that your personal data cannot be read while being transmitted. We also use secure technologies, privacy controls, and limits on employee access to help protect your personal information while stored.

4.2Even with these measures, information transmitted over the Internet cannot be guaranteed fully secure. For that reason, we cannot guarantee absolute security of any data you send to us. You provide information and use the Products at your own risk.

5. Tracking Technologies

5.1Stampt and our marketing partners, affiliates, and analytics or service providers may use technologies such as cookies, beacons, tags, browser and device fingerprints, network traffic monitoring, active scripting, recognition technologies, and scripts to analyze trends, administer Products, track movement across Products, and compile demographic information about our user base. We may receive reports from these companies about the use of these technologies, both in aggregate and on an individual basis.

5.2We may not control certain third-party tracking technologies and are not responsible for them. You acknowledge that, when using our Products, you may encounter tracking technologies operated by third parties, and that statements in this Privacy Policy do not apply to those third parties' practices or technologies.

5.3Additional tracking methods may be introduced in the future. Third parties may also use tracking technologies in connection with our Products, including to collect and store information about your online activities over time and across third-party websites or online services.

5.4We may work with one or more third parties to display advertising on the Products or to manage our advertising on other websites. Those third parties may use tracking technologies to collect information about your use of the Products and other sites in order to provide targeted advertising based on your activities and interests. If you prefer that this information not be used for interest-based advertising, you may be able to opt out at their respective websites.

5.5Our descriptions of our practices do not apply to how these third parties collect information or to how they use the information they collect. While we make efforts to work with third parties to help provide information about their practices and available choices, we make no representations about the policies or practices of third-party advertisers, ad networks, exchanges, or other related third parties.

5.6Blockchain Data and Immutability. By using our services, you acknowledge that transaction data (including wallet addresses and amounts) are permanently recorded on public blockchains. Due to the immutable nature of distributed ledger technology, Stampt cannot delete or modify data once it has been broadcasted to the blockchain. This represents a technical limitation to the GDPR "Right to Erasure" for any data contained within on-chain transaction records.

6. Electronic Transfers of Funds

Stampt may work with financial services software providers to offer electronic transfers of funds. To support your account, you may need to authorize us to share your identity and banking information with these companies, and you may be asked to agree to their privacy policies. You are responsible for ensuring that the information you provide to us is accurate and complete, which our partners need to process electronic transfers on your behalf. Our partners' terms may change from time to time, and the applicable versions are incorporated into this Privacy Policy by reference. It is your responsibility to read and understand those terms, including any terms addressing how your personal information is used.

7. Other Services

7.1If you follow a link to a third-party website, you will leave the current site and be redirected to the destination you choose. Because Stampt does not control third parties' actions, we are not responsible for their use of your personal data and do not guarantee that they follow privacy practices similar to ours. We encourage you to review the privacy policies of any third party from whom you request services. If you visit a third-party website through a link in a Product, read that site's privacy statement before providing any personal data.

7.2The Products may include social media features such as a "Share" button that lets you like us on Facebook or share content on Twitter. These features may collect your IP address and details about how you use the Products. Social media features may be hosted by third parties or directly on our systems. Your interactions with these features are governed by the privacy statement of the company providing the feature.

8. GDPR

8.1The General Data Protection Regulation (GDPR) is a European Union law that governs how organizations handle personal data of EU residents.

8.2We collect (i) personal data you give us and (ii) data collected automatically when you use our website. This includes data you provide through forms (such as identification and contact information, message content and attachments, and financial details related to our services), technical and usage data collected through analytics and logs (such as IP address, device and browser details, and usage data), and cookie/identifier data depending on your cookie selections.

8.3We process personal data to respond to inquiries and manage communications with clients. The legal basis for this processing is our legitimate interest in taking steps prior to entering into a contract.

8.4We also process personal data to provide our services and manage client relationships (including onboarding, delivering services, account administration, and support). The legal basis for this processing is performance of a contract.

8.5We further process personal data to comply with legal and regulatory requirements (for example, accounting, audit, and financial services compliance, including AML/CFT, fraud prevention, and reporting). The legal basis is that we are legally required to do so.

8.6We process personal data to help secure and improve our website and prevent misuse (including security monitoring, troubleshooting, and maintaining system logs). The legal basis is our legitimate interest.

8.7We use cookies and related technologies. Strictly necessary cookies may be used to operate the website. Where required by applicable rules, analytics cookies and trackers are used only if you consent through our cookie banner or settings.

8.8We disclose personal data only as needed to hosting and infrastructure providers, analytics providers, customer support providers, professional advisers (legal, audit, and accounting), and regulated service partners (including payment processors, banking partners, and verification providers).

8.9When we transfer personal data outside the EEA/UK, we rely on appropriate safeguards such as adequacy decisions and/or Standard Contractual Clauses (SCCs), as applicable.

8.10We retain personal data only for as long as needed for the purposes described above, including:

•Inquiries: up to 6 months.

•Client/service data (including financial details): for the duration of the relationship, and then for 3 years as required for regulatory purposes.

•Analytics data: up to 6 months.

8.11Subject to conditions and exceptions under the GDPR, you may request access, rectification, and erasure, and you may also request restriction and portability, as well as object to processing and withdraw consent where applicable.

8.12Right to Human Intervention. Where we use automated systems to monitor for fraud or determine eligibility for an Account, you have the right to request human intervention, to express your point of view, and to contest the decision. If an automated decision results in account rejection or restriction, you may contact us to request a review by a human decision-maker.

8.13To exercise these rights, contact privacy@stampt.com.

8.14EU/UK Representative. As Stampt does not have an establishment in the European Union or the United Kingdom, we have appointed representatives in the EU and UK as required under Article 27 of the GDPR. EU residents may contact our EU representative, and UK residents may contact our UK representative, for matters related to data protection. Contact information for our representatives is available upon request by emailing privacy@stampt.com.

8.15You may file a complaint with your local data protection authority.

8.16We use technical and organizational measures designed to protect personal data (such as access controls, encryption where appropriate, logging, and monitoring). Please note that no method of transmission or storage is completely secure.

9. California Privacy Rights

If you are a California resident, you have certain rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), as amended. These rights include:

Right to Know: You have the right to request that we disclose what personal information we collect, use, disclose, and sell (if applicable).

Right to Delete: You have the right to request that we delete your personal information, subject to certain exceptions.

Right to Opt-Out of Sale/Sharing: You have the right to opt-out of the sale or sharing of your personal information. Stampt does not sell your personal information. We may share certain information with service providers and business partners as described in this Privacy Policy, but we do not sell personal information for monetary or other valuable consideration.

Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.

Right to Correct: You have the right to request correction of inaccurate personal information.

Right to Limit Use of Sensitive Personal Information: You have the right to limit our use of sensitive personal information to that which is necessary to provide our services.

To exercise any of these rights, please contact us at privacy@stampt.com. We will respond to your request within the timeframes required by applicable law.

10. Changes to This Privacy Policy

We may revise this Privacy Policy from time to time to reflect changes in our information practices. When changes are made, we will update the "Effective Date" at the beginning of the policy. If a change is material, we will provide notice within the Products or, if we have your email address on file, by email.