Privacy Policy

1. Information We Collect

We collect the following types of information:

• Account Information: When a parent or legal guardian registers, we collect basic information such as name, email address, and the child's first name.
• Purchase Information: When purchasing a physical product (such as the Stamplo World Map), we collect the name, email address, and shipping address provided during checkout. This information is shared with our payment processor (Stripe) and fulfilment partner (Gelato) solely to process payment and dispatch the order. No Stamplo account is required to make a purchase.
• Verification Data: When a parent or legal guardian completes age and identity verification, our verification partner (currently Didit Ltd) processes limited information to confirm adult and parental status. Stamplo only stores the verification status and timestamp—never ID documents or images.
• Pen Pal Information: When children add a pen pal, we collect and store the invite code and pen pal details (e.g., name, country).
• Communication Data: We store the content of letters sent between pen pals, including any media (like photos) attached to the letters. All letters are stored encrypted; status fields (e.g., flaggedByChild) are recorded to track child reporting.
• Preferences and Flags: Parent or legal guardian settings for features such as Friend Finder and image permissions, as well as any flag/reason provided when a child reports a letter.
• Manual Review: In rare cases where verification fails (for example, poor lighting, incorrect angle, or suspected under-age attempt), a Stamplo safeguarding officer may view the verification media (such as the liveness video or document image) directly within our verification provider’s secure dashboard. We never download, store, or copy this material, and all access is logged for safety and accountability.

2. How We Use Your Information

• To Provide Our Service: Facilitating pen pal connections and letter exchanges.
• Child Reporting: Enabling children to flag letters that worry them; updating letter status and notifying parents or legal guardians via email with a secure review link.
• Escalation: If a parent or legal guardian escalates a flagged letter, we temporarily decrypt its content for our support team and send an email notification to support@stamplo.kids.
• Parent Supervision: Ensuring all letters are reviewed by parents or legal guardians before final delivery.
• Order Fulfilment: When a physical product is purchased, we use the name, email address, and shipping address to process payment via Stripe and to instruct Gelato to print and dispatch the order. Purchase data is used solely for fulfilment and is not linked to any Stamplo account.
• Improvements: Using aggregated, anonymised data to improve Stamplo's services and user experience.
• Safeguarding and Verification Review: When a verification attempt fails, we may conduct a manual safety review by viewing the verification media directly inside our verification provider’s secure platform. This ensures only genuine adults create parent or legal guardian accounts. Stamplo does not store these images or videos; access is limited, audited, and used solely for safeguarding purposes.

3. Legal Basis for Data Processing

Under GDPR, we process personal data based on:

• Consent (e.g., account creation, communication, sponsored participation)
• Contractual Necessity (providing Stamplo's services, including processing and fulfilling product purchases)
• Legal Obligation (compliance with laws and regulations)
• Legitimate Interest (e.g., identity verification to protect child safety, automated cleanup of unverified accounts)

4. How We Protect Your Data

• Encryption: All personal information is encrypted during transmission and at rest.
• Access Control: Only authorised parents or legal guardians can manage their children's accounts, with double parental approval required for letter exchanges.
• Data Minimisation: We collect only the minimum information necessary to operate Stamplo.

5. Sharing Your Information

We do not sell, rent, or share your personal information except:

• Parents or Legal Guardians:The responsible adult managing a child’s account can review letter content in order to approve incoming and outgoing communication. This parental supervision is a core safety feature of the service.
• Safeguarding Review: When a letter is escalated, temporary decrypted access may be granted to authorised Stamplo safeguarding personnel for review. All access is logged in the platform’s Audit Log and handled under strict confidentiality. Queries can be directed tosupport@stamplo.kids.
• Legal Requirements: If disclosure is required by law or lawful authority.
• Service Providers: With trusted service providers under strict confidentiality agreements, only where necessary to operate Stamplo (for example identity verification, hosting infrastructure, or email delivery).

We use a small number of carefully selected service providers (including hosting, storage, email delivery, and identity verification providers). A full list of sub-processors is available here or on request at support@stamplo.kids.

6. Data Retention

We retain personal information only as long as needed to fulfil our service obligations or comply with legal requirements.

• Account deletion: When a parent or legal guardian deletes their account, all associated parent, child, letter, and media data is permanently and irreversibly deleted from active systems within 30 days.
• Unverified accounts: Parent accounts where email verification is not completed are automatically deleted after 14 days. Reminder emails are sent at day 3 and day 7 before deletion.
• Letters and media: Letters and attached images are retained for up to 12 months after creation. Families are notified 30 days before deletion so they can save any letters they wish to keep. After 12 months, letters are permanently deleted.
• Pending pen pal requests: Unanswered pen pal connection requests are automatically withdrawn after 14 days. The parent who initiated the request is notified by email when this happens. Withdrawn requests do not permanently prevent children from connecting in future.
• Audit and safety records: Audit and safeguarding records are retained for as long as necessary to fulfil our safeguarding and accountability obligations.
• Backups: Deleted data may persist in infrastructure backups for up to 30 days before backup rotation removes it permanently.

7. Your Rights Under GDPR

As a user, you have the right to:

• Access: Download your personal and family data via your account settings.
• Rectification: Correct inaccuracies in your data.
• Erasure: Delete your account and all related data (“Right to be Forgotten”).
• Restriction of Processing: Request limits on data use.
• Data Portability: Obtain your data in a machine-readable format.
• Object: Object to certain types of processing, including marketing communications.

8. How to Exercise Your Rights

To exercise any rights, please contact us at support@stamplo.kids. We will respond within 30 days and may request verification of identity to protect your privacy.

9. Parent or Legal Guardian Control and Child Safety

The adult creating and managing a child account must be the child's parent or legal guardian.

Parents or legal guardians have full control over their child's account settings, including:

• Managing Friend Finder visibility
• Enabling or disabling image sending and receiving
• Approving or rejecting every pen pal letter

Stamplo staff do not access child messages except where a letter is escalated for safeguarding review, in which case temporary access is strictly limited and audited.

To maintain match quality and protect children from unanswered connection requests, Stamplo limits visibility in Friend Finder. Newly created child accounts may appear in Friend Finder for a short introductory period (typically up to 7 days). After this period, visibility depends on recent family activity so that children are more likely to connect with active pen pals.

10. Organisations and Community Networks

Stamplo may be used by organisations such as schools, community groups, charities, or companies to invite families to participate in a shared pen-pal network.

When families join Stamplo through an organisation invitation, their children may be able to discover and connect with other children whose families have joined the same organisation network. These networks are designed to allow communities to connect while maintaining Stamplo’s existing safety and parental supervision protections.

• Families join organisation networks using invitation links or codes provided by the organisation.
• Each family account remains privately managed by the child’s parent or legal guardian.
• Children in organisation networks can only discover other children whose families have joined the same organisation.
• Organisations do not have access to children’s letters, images, or private communications.
• Organisations may only see limited administrative information such as the number of participating families.

All safeguarding protections described in this Privacy Policy — including parental approval of letters, reporting tools, and restricted staff access — apply equally to organisation networks.

11. Cookies and Tracking Technologies

Stamplo uses only essential cookies required for secure login and basic functionality. We do not use analytics, third-party trackers, or personalised advertising cookies. Fonts are hosted locally to protect your privacy, and no external resources are loaded from tracking domains.

We are committed to data minimisation and comply fully with the ICO Children's Code.

12. Data Transfers

Personal data relating to Stamplo's core pen-pal platform (accounts, letters, identity verification) is stored and processed exclusively within the UK or EU.

For purchases of the Stamplo World Map, name, email address, shipping address, and payment details are processed by Stripe, Inc., a US-based company. This transfer is protected by Standard Contractual Clauses and Stripe's UK GDPR Addendum. Shipping address and contact details are also passed to Gelato AS (Norway, EEA), which is covered by the UK Government's adequacy decision for EEA countries and requires no additional transfer mechanism.

A full list of sub-processors and their locations is available at stamplo.kids/legal/sub-processors.

13. Automated Decision-Making

Stamplo does not use automated decision-making or profiling that affects users' legal rights or significant matters. All approvals and key decisions involve human review.

14. U.S. Families and COPPA Compliance

Stamplo is operated by Stamplo Limited, a UK company regulated under UK GDPR and the ICO Children's Code (Age Appropriate Design Code). These standards provide strong protections for children's privacy and data.

Important Note for U.S. Families: Stamplo requires a one-time age and identity verification for all parent or legal guardian accounts. Verification is conducted by an independent provider (Didit Ltd) and may involve presentation of government-issued identification directly to that provider. Stamplo receives only a verification status and does not store identity documents. While Stamplo is governed under UK GDPR and the ICO Children’s Code, these safeguards are designed to provide safeguards comparable to COPPA parental consent expectations.

• Parental Control: Parents or legal guardians must create accounts, verify their email, and approve every pen pal connection and letter before children can send or receive communications.
• Data Minimisation: We collect only limited information necessary to operate the service (family code, child's first name, country, and letters). We do not use behavioral advertising, analytics tracking, or third-party cookies.
• Rights and Deletion: Parents or legal guardians can access, correct, or delete their child's account and data at any time by contacting support@stamplo.kids.
• Notice to Schools: Stamplo is not intended to replace school district parental consent obligations. Teachers introducing Stamplo in U.S. classrooms must ensure parental consent is obtained consistent with COPPA.

By using Stamplo in the United States, you acknowledge that data is processed in the UK under GDPR and the ICO Children's Code. If you have specific concerns about COPPA compliance, please contact us at support@stamplo.kids.

15. Age and Identity Verification

Stamplo partners with Didit Ltd, an independent verification provider, to perform this check. Didit Ltd acts as a data processor under a written agreement and complies with UK GDPR and the ICO Children’s Code. The verification process may involve presentation of an identity document or other proof of age directly to Didit Ltd. Stamplo receives only a confirmation flag (verified / not verified) and does not receive or store copies of any documents.

In some cases where verification fails (for example due to low lighting, camera angle, or a failed liveness match), a trained Stamplo safeguarding officer may view the verification media directly inside Didit’s secure dashboard to determine whether the attempt was genuine. Stamplo does not download, copy, or store any images, videos, or documents. All access is strictly limited, used only for safeguarding, and recorded in our Audit Log for accountability.

The lawful basis for processing this data is legitimate interest(ensuring child safety and compliance with age-appropriate access standards) and, where required, legal obligation. The information is retained only as long as necessary to confirm verification status and is then deleted or anonymised.

Parents or legal guardians can view their verification status within their dashboard and may request deletion of verification data by contacting support@stamplo.kids.

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will post any updates here. For significant changes we will notify you by email before they take effect. Continued use of Stamplo after minor updates indicates your acceptance of the revised policy.

17. Contact Us

Data Controller: Stamplo is developed and maintained by “Stamplo Limited” (Co. No. 16555069).

If you have any questions about this Privacy Policy, please contact us at:

support@stamplo.kids