StampStay ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our visa analysis services at www.stampstay.com.

1. Information We Collect

1.1 Information You Provide

When you purchase a visa analysis, we collect:

• Personal Information: Name, email address, nationality
• Travel History: Entry dates, visa types used, border crossings, days spent in Thailand
• Employment Information: Work situation, income level (for DTV analysis)
• Specific Concerns: Your questions and worries about Thailand entry/visa
• Payment Information: Processed securely by Stripe (we do not store credit card details)

1.2 Automatically Collected Information

When you visit our website, we may collect:

• Usage Data: Pages visited, time spent, links clicked (via Google Analytics)
• Device Information: Browser type, operating system, IP address
• Cookies: For analytics and improving user experience

2. How We Use Your Information

We use your information to:

• Provide Visa Analysis: Generate personalized risk assessment and recommendations
• Deliver Service: Send analysis via email, follow up on entry outcomes
• Improve Our Service: Identify patterns, refine risk scoring, enhance recommendations
• Customer Support: Respond to questions, provide clarifications
• Legal Compliance: Meet regulatory requirements, prevent fraud
• Marketing (with consent): Send occasional updates about Thailand visa changes

3. Data Anonymization for Pattern Intelligence

To build our proprietary risk intelligence platform, we:

• Anonymize Your Data: After 12 months, we strip all personally identifiable information (name, email, specific dates)
• Retain Patterns Only: We keep anonymized variables like: total days in Thailand, number of border runs, visa types, denial/approval outcomes
• Build Intelligence: Anonymized data helps us improve risk scoring and provide better recommendations
• Never Re-identify: Once anonymized, data cannot be linked back to you

This anonymized intelligence is what makes StampStay valuable — we can tell you "travelers with 180+ days and 3+ border runs have a 35% denial rate" because we've tracked hundreds of anonymized cases.

4. How Long We Keep Your Data

5. Who We Share Your Data With

We share your information with:

• Stripe: Payment processing (subject to Stripe's privacy policy)
• Resend: Email delivery service (subject to Resend's privacy policy)
• Upstash Redis: Secure data storage (encrypted at rest)
• Google Analytics: Anonymous usage analytics (IP addresses anonymized)
• Analysis Processing Services: For automated analysis generation (personal identifiers removed, data processed securely)

We do NOT share your data with: Marketing companies, data brokers, social media platforms, or any other third parties for their own use.

6. Your Privacy Rights (GDPR Compliance)

Under GDPR and similar privacy laws, you have the right to:

• Access: Request a copy of your personal data we hold
• Rectification: Correct inaccurate or incomplete data
• Erasure ("Right to be Forgotten"): Request deletion of your personal data
• Restriction: Limit how we use your data
• Portability: Receive your data in a machine-readable format
• Object: Object to processing based on legitimate interests
• Withdraw Consent: Opt out of marketing emails at any time

To exercise any of these rights, email us at: heystampstay@gmail.com

Response Time: We will respond to your request within 30 days.

7. How We Protect Your Data

We implement industry-standard security measures:

• Encryption: Data encrypted in transit (HTTPS) and at rest (Redis encryption)
• Access Controls: Only authorized personnel can access personal data
• Secure Payment Processing: Stripe handles all payment data (PCI DSS compliant)
• Regular Security Audits: Monitor for vulnerabilities and unauthorized access
• Data Minimization: We only collect data necessary for service delivery

However, no system is 100% secure. We cannot guarantee absolute security but take all reasonable precautions.

8. Cookies and Tracking

We use cookies for:

• Essential Cookies: Required for website functionality (session management)
• Analytics Cookies: Google Analytics to understand how visitors use our site
• Performance Cookies: Improve site speed and user experience

You can disable cookies in your browser settings, but this may affect site functionality.

9. International Data Transfers

StampStay operates globally. Your data may be transferred to and stored in countries outside your residence, including the United States and European Union.

When we transfer data internationally, we ensure appropriate safeguards are in place:

• Standard Contractual Clauses (SCCs) with service providers
• GDPR-compliant data processing agreements
• Encryption and secure transfer protocols

10. Children's Privacy

Our services are not intended for individuals under 18 years old. We do not knowingly collect data from children. If you believe we have collected data from a minor, please contact us immediately for deletion.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Significant changes will be notified via email to registered users. Continued use of our services after changes constitutes acceptance of the updated policy.

Last Updated: March 2, 2026