Privacy policy
DRAFT — pending UK solicitor review. The intent below is what we actually do; the wording will be tightened by a lawyer before public launch.
Effective date: 2026-04-29 (draft).
1. Who we are & how to contact us
StanProof is operated from the United Kingdom and is the data controller for the personal information described below. Registered address: [SOLICITOR: confirm]. Privacy contact: privacy@stanproof.com. You can complain to the UK Information Commissioner's Office at ico.org.uk.
2. What we collect, why, and the lawful basis
| Category | Purpose | Lawful basis | Retention |
|---|---|---|---|
| Account: email, optional country, social handles | Identity, sign-in, public proof attribution | Contract | While account is active + 7-day soft-delete grace |
| Proof uploads: original images, redacted versions, SHA-256 hashes, EXIF-stripped metadata | Provide the service (publish redacted proof, fraud signals) | Contract | Originals: 90 days post-publish, then deleted. Redacted: while card is published. |
Moderation data: reports, hashed IPs, admin notes, card_events | Abuse prevention, audit trail, appeals | Legitimate interests | [SOLICITOR: 2 years default] |
| Analytics: PostHog events | Product improvement | Consent (only fires after you accept the cookie banner) | PostHog defaults |
| Error telemetry: Sentry | Reliability and incident response | Legitimate interests | 90 days |
3. Hashed IPs are still personal data
When you submit a report without signing in we store a one-way hash of your IP address combined with a daily salt. Even with salt rotation, this remains personal data because re-identification is possible via lookup, and we treat it as such throughout this policy.
4. Processors & sub-processors
- Supabase — database, file storage, and authentication. EU region.
- Hosting provider — [SOLICITOR: confirm — Vercel?]
- Resend — transactional email (magic links).
- PostHog (EU region) — product analytics, only after consent.
- Sentry — server-side error tracking.
- Upstash — rate-limit counters.
5. International transfers
We aim to keep processing in the UK or EEA. Any transfer to a third country is covered by UK Standard Contractual Clauses or an International Data Transfer Agreement (IDTA) as appropriate. [SOLICITOR: confirm processor list and transfer bases.]
6. How long we keep data
Retention is summarised per category in section 2. When you request account deletion we soft-delete for 7 days, then a scheduled job purges your originals, redacted files, and profile. Moderation logs retain references by user-id only.
7. Your rights
You have rights of access, rectification, erasure, restriction, portability, objection, and to withdraw consent. Email privacy@stanproof.com. We respond within one calendar month, extendable by up to two further months for complex or numerous requests in line with UK GDPR Article 12(3). If you are not happy with our response you can complain to the ICO.
8. Children
You must be at least 16 to use StanProof. We have completed a child-access assessment and apply age-appropriate design considerations where relevant. See our safety guide for the report and appeals route.
9. Cookies & analytics
We use essential cookies for sign-in and to remember your analytics-cookie choice. Product analytics (PostHog) — both browser-side and server-side — only fire after you accept the cookie banner. Internal moderation events stored in our card_events table are an audit trail required to run the service and are not analytics. We do not use third-party advertising cookies.
10. Security & breach handling
Files are encrypted at rest in Supabase storage. Access is governed by row-level security and service-role keys held only on the server. Where a breach is likely to result in risk to your rights and freedoms we will notify the ICO within 72 hours and notify you without undue delay.
11. Changes to this policy
If we change this policy we will give reasonable notice on the site. The effective date at the top of this page reflects the current version.