Logo

Privacy Policy

Effective Date: Jan 14, 2026

Last Updated: Jan 14, 2026

Table of contents

This Privacy Policy explains how Elyon Techno Labs Inc (“StampEzee,” “we,” “us,” “our”) collects, uses, discloses, transfers, and protects information when you access or use our website(s), mobile applications (iOS/Android), retailer dashboard/admin tools, and related services (collectively, the “Service”).

StampEzee is offered globally. Privacy laws vary by location. Where required, we apply additional notices and rights described below.

1) Who We Are

Controller/Business Operator: Elyon Techno Labs Inc (operating StampEzee)
Address: Hilton Court, Mississauga, Ontario, Canada
Email: [privacy@stampezee.com] and/or [support@stampezee.com]
Website: [www.stampezee.com]

2) Scope and Relationship to Retailers

StampEzee is a platform that enables Retailers to create and run loyalty programs and enables End Users to participate.

  • If you are an End User, you typically interact with a loyalty program operated by a specific Retailer (store/brand). That Retailer may also collect and use your data outside of StampEzee (e.g., in-store records, their own mailing lists, their own point-of-sale system). Those practices are governed by the Retailer’s policies, not ours.
  • If you are a Retailer, you control the loyalty program settings (stamp cards, rewards, validity rules, and communications) you run through StampEzee.

Depending on the context, StampEzee may process certain data as a controller (platform operations, security, billing) and certain data on behalf of Retailers (loyalty participation data used to run the program). This policy covers StampEzee’s handling of data.

3) Information We Collect

3.1 Information you provide directly

Retailers / Retailer Owner Access

  • Account and contact details (name, business name, email, phone if provided)
  • Store and branch details (store name, branch name, location details you provide)
  • Loyalty program configuration (stamp cards, reward descriptions, completion paths, validity rules, campaign content)
  • Branding inputs (logo, preferred brand colors if enabled, email template edits where offered)
  • Support requests and communications with us
  • Billing metadata (plan selections, add-ons, subscription status)

Retailer staff (Loyalty Executive Access)

  • Staff identity details (name, email/username)
  • Role and permissions
  • Operational activity logs (e.g., stamps issued, scans performed, actions taken)

End Users

  • Basic account identifiers (name, email/phone if used for login/OTP; language preferences)
  • Loyalty participation details (stamps earned, redemptions, visited stores/branches within the app experience)
  • Support messages submitted to us

3.2 Information collected automatically (website + app + dashboard)

Device and technical data

  • Device type, operating system, browser type, app version
  • IP address and approximate region (derived from IP)
  • Time zone, language setting, and app settings
  • Diagnostic logs and error reports (e.g., crash logs) where enabled/available

Usage data

  • Pages/screens viewed, navigation paths, clicks/taps, feature usage events
  • Session duration, referral/source pages, and basic performance data

Security and audit data

  • Login timestamps, failed login attempts, security events, and administrative actions (especially for Retailer dashboards)

3.3 App permissions and device features (where applicable)

Depending on your device and usage:

  • Camera access (for scanning QR codes) — only if you grant permission
  • Notifications (push notifications) — only if you enable them in your device settings
  • Photos/files — only if a feature requires uploading an image/logo/document and you choose to do so

We do not access device features unless needed for functionality and permitted by you.

3.4 Information from third parties

We may receive limited data from:

  • Payment processors (e.g., Stripe): payment confirmation, subscription status, billing events (we do not receive full card numbers)
  • App stores: high-level install/upgrade information and aggregated metrics
  • Analytics/monitoring providers: aggregated usage trends and technical performance metrics

4) How We Use Information

We use information for the following purposes:

4.1 Provide, operate, and maintain the Service

  • Create and manage Retailer and End User accounts
  • Authenticate users (including OTP delivery where used)
  • Enable core loyalty features (stamp tracking, redemption records, program configuration)
  • Provide dashboards, settings, and administrative controls
  • Deliver essential system communications and account notices

4.2 Security, fraud prevention, and platform integrity

  • Detect abuse, suspicious activity, and attempted circumvention of plan limits
  • Protect accounts, devices, systems, and data
  • Maintain audit logs for administrative and security-relevant events

4.3 Customer support and communications

  • Respond to inquiries and support tickets
  • Troubleshoot and resolve technical problems
  • Communicate service updates, security notices, and changes to policies

4.4 Improve and develop the Service

  • Understand feature usage and improve user experience
  • Debug, test, and enhance performance and reliability
  • Build new features and refine existing ones

4.5 Billing and business administration (Retailers)

  • Process subscriptions, renewals, add-ons, invoices/receipts
  • Track plan eligibility and enforce plan limits
  • Handle billing-related support
  • Comply with legal obligations
  • Enforce Terms & Conditions and protect rights and safety
  • Respond to lawful requests and legal processes

4.7 Optional marketing (if/when you enable it)

If you later run marketing emails or newsletters (primarily to Retailers), we will provide opt-out mechanisms and comply with applicable anti-spam laws. End Users generally should not receive marketing emails unless explicitly opted in (or where permitted by law).

Where required by law (e.g., GDPR/UK GDPR), we rely on:

  • Contract: to provide the Service you request
  • Legitimate interests: security, fraud prevention, service improvement, reliability
  • Consent: certain cookies/trackers, push notifications, and optional marketing
  • Legal obligation: compliance with applicable laws and lawful requests

Where multiple bases apply, we select the most appropriate basis for the processing purpose.

6) How We Share Information

We do not sell personal information in the traditional sense. We share information only as described below.

6.1 With Retailers (for loyalty program operation)

If you are an End User, your participation data (e.g., stamps earned, redemption history, and relevant program actions) is shared with the Retailer whose program you’re using so they can operate and administer the loyalty program.

6.2 With service providers (vendors/sub-processors)

We may share information with vendors who help us provide the Service, such as:

  • Hosting and infrastructure providers
  • Email delivery providers (OTP and system notifications)
  • Analytics and monitoring providers
  • Customer support platforms
  • Payment processors (e.g., Stripe) for Retailer billing

These providers are contractually restricted to using the data only to provide services to us and must implement appropriate safeguards.

6.3 For legal, safety, and enforcement purposes

We may disclose information when we believe it is reasonably necessary to:

  • comply with law or legal process
  • respond to lawful requests
  • protect the rights, safety, and security of users, Retailers, and StampEzee
  • investigate fraud, abuse, or security incidents
  • enforce our Terms & Conditions

6.4 Business transfers

If we are involved in a merger, acquisition, financing, reorganization, or sale of assets, information may be transferred as part of that transaction, subject to appropriate confidentiality and protection measures.

7) International Data Transfers

StampEzee is based in Canada, but our Service providers may process data in other countries. When personal information is transferred internationally, we take reasonable steps to protect it, including contractual safeguards and security controls appropriate to the transfer.

8) Data Retention

We retain information only as long as necessary for the purposes described in this policy, including legal, accounting, tax, security, and dispute-resolution needs.

Typical retention approach (may vary by context):

  • Account data: retained while the account is active; limited retention after closure to meet legal/compliance and security needs
  • Audit/security logs: retained for a reasonable period to investigate abuse and protect platform integrity
  • Billing records: retained as required by applicable accounting/tax laws
  • Support records: retained as needed to resolve issues and maintain service history

We may anonymize or aggregate data so it can no longer be linked to an individual; such data may be retained longer for analytics and service improvement.

9) Security

We use reasonable administrative, technical, and organizational safeguards designed to protect information, such as access controls, encryption in transit where appropriate, and monitoring.

No system is perfectly secure. You are responsible for keeping your password and device secure and for controlling access to your account.

10) Cookies and Similar Technologies

We use cookies and similar technologies for:

  • essential site functionality (sessions, security)
  • preferences (language, settings)
  • analytics (understanding traffic and improving pages)

Where required by law, we display a cookie banner/consent mechanism and honor your choices. You can also manage cookies via browser settings.

(If you want, we can publish a separate Cookie Policy with a full cookie category breakdown and vendor list.)

11) Automated Decision-Making

We may use automated systems to help detect fraud, abuse, suspicious activity, or to enforce plan limits. These systems are intended to protect the platform. Where required by law, you may request information about such processing.

12) Children’s Privacy

StampEzee is not directed to children where parental consent is required by law. We do not knowingly collect personal information from children in a way that violates applicable laws. If you believe a child has provided personal information, contact us and we will take appropriate steps.

13) Your Rights and Choices

Your rights depend on where you live, but may include:

  • access to the personal information we hold about you
  • correction of inaccurate information
  • deletion (subject to legal and operational limits)
  • withdrawal of consent (where processing is based on consent)
  • objection/restriction (in certain jurisdictions)
  • portability (in certain jurisdictions)

How to request

Email [privacy@stampezee.com] and include:

  • your name
  • the email/phone linked to your account
  • your request (access/correction/deletion, etc.)

We may need to verify your identity before processing your request.

Retailer-managed data note

If your request relates to a specific Retailer program (e.g., reward disputes, program rule changes), you may also need to contact that Retailer directly.

14) Region-Specific Notes

Because StampEzee is global, additional rights may apply in some regions (e.g., EEA/UK under GDPR, certain U.S. states, Quebec/Canada). We will honor applicable legal requirements for your jurisdiction.

If you want the policy to explicitly name specific regions (e.g., “California,” “Virginia,” “Colorado,” etc.), tell me and I’ll add a dedicated section.

15) Do Not Track

Some browsers offer “Do Not Track” signals. There is no universal standard for interpreting these signals, so the Service may not respond to them consistently.

The Service may contain links to third-party websites or services. We are not responsible for their privacy practices. Review their policies independently.

17) Changes to This Policy

We may update this Privacy Policy at any time. We will update the “Last Updated” date. Where required, we will provide additional notice of material changes.

Continued use of the Service after changes become effective constitutes acceptance where permitted by law.

18) Contact Us

Elyon Techno Labs Inc (StampEzee)
Hilton Court, Mississauga, Ontario, Canada
Email: [privacy@stampezee.com] / [support@stampezee.com]

Book A Call