Privacy Policy

• Account data — your name, email, and password (stored only as a bcrypt hash; we never see or store the plain text), plus your notary commission details.
• Business records — appointments, client contact records, invoices and payment records, and expense receipts you upload.
• Notary journal entries — the sensitive one. Each entry can include signer names and addresses, ID document metadata, on-screen signatures, and — for California notaries, where required — thumbprint images. This is personal information about your signers, not just about you. We treat journal entries as legal records held on your behalf.
• Location data — GPS traces recorded while you use mileage tracking, used to compute your deductible miles.
• Payment data — handled entirely by Stripe. Your card number never touches our servers; we store only the billing records Stripe gives us (subscription status, invoices, card brand and last four digits).

Four reasons, and only these: providing the service (the features are the data — journal, mileage, invoices); legal-record keeping (your journal is a state-mandated record); billing your subscription; and supporting you when you email, text, or call us. We don’t use your data for advertising, profiling, or anything else.

We use a small set of service providers, each for one job. They process data only to provide their service to us:

We never sell your data or your signers’ data. We don’t run advertising trackers or third-party analytics — there are none in the app. We don’t share journal contents with anyone except as you direct (for example, an export you request) or as the law requires.

• Account and business data — kept while your account is active.
• Journal entries — these are legal records. Most states require notaries to retain their journals for a set period, often 7–10 years, and your state’s window governs. We retain journal records accordingly and won’t silently delete what the law says you must keep. (Stamp summarizes state retention rules for convenience — that isn’t legal advice; confirm your state’s requirement with your Secretary of State.)
• GPS traces — kept so your mileage deduction holds up if the IRS asks (audit defense), rather than purged immediately.
• After cancellation — you can export your journal and tax CSVs at any time while subscribed, and after cancellation on request.

• Export — download your journal and tax CSVs anytime from the app. Already cancelled? Email us and we’ll get you your data.
• Deletion — email support@stamphq.com from your account email and we’ll delete your account and data within 30 days — except journal records you ask us to retain, or that you want exported first. We’ll confirm what’s being kept, and why, before deleting.
• Correction — you can edit most records directly in the app; for anything you can’t, email us.

Two: a session cookie that keeps you signed in, and a theme preference. No third-party cookies, no advertising cookies, no cross-site trackers.

All traffic is encrypted in transit with TLS. Passwords are hashed with bcrypt. Two-factor secrets are encrypted at rest with AES-256-GCM. Two-factor authentication and passkeys are available for your account — we recommend turning one on, since your journal is a legal record. No system is perfectly secure; if we discover a breach affecting your data, we’ll notify you without undue delay.

Stamp is for working notaries, who must be adults. It isn’t directed at anyone under 18, and we don’t knowingly collect data from children.

We’ll post changes here and update the date at the top. If a change is material, we’ll email you before it takes effect.

Privacy questions or requests: support@stamphq.com.