Last updated: July 6, 2026
Stamp is operated by TripJar Travel LLC (“TripJar,” “we,” “us”), 151 Black River Rd, Long Valley, NJ 07853. This policy explains what we collect, how we use it, and who we share it with when you use the Stamp website or app (the “Service”). Questions: support@stamppostcard.com.
To send a postcard, you provide:
Payment information. Card payments are processed by Stripe. We do not receive or store your full card number; Stripe handles card data directly.
Location information. If you allow it, your device shares your GPS coordinates so we can show postcards available at your current location. We use these coordinates only at that moment to find nearby cards — we do not store your precise location in our systems.
Contact form. If you contact us, we collect the name, email, reason, and message you submit so we can respond.
Technical and usage data. Like most websites, our hosting and error-monitoring providers automatically process technical data such as IP address, browser/device information, and log data to operate, secure, and troubleshoot the Service.
We do not require you to create an account, and Stamp sends are one-off — we do not build a persistent user login profile.
We keep tracking to a minimum. We do not use advertising cookies, we do not run third-party analytics or ad networks, and we do not set our own tracking cookies. To take payment securely, our payment processor, Stripe, may set cookies or use similar local storage in your browser to process the transaction and help prevent fraud; this is necessary for checkout to function. You can control or block cookies through your browser settings, but blocking them may prevent payment from completing. Because we do not track you across other websites, there is no cross-site tracking to turn off, and we do not respond to browser “Do Not Track” signals.
We keep a transaction record of each order in our database. That record includes the order reference and status, amount and currency, payment and mailing identifiers, the card and location selected, your email address, and the recipient’s name, city, state, ZIP, and country. The full street addresses and your message are processed by our payment and mailing providers (below) to fulfill the order; they are held under those providers’ retention policies rather than in our own database.
We do not sell your personal information, and we do not use it for third-party advertising.
We share the minimum data necessary with providers that help us run the Service:
| Provider | Purpose | Data shared |
|---|---|---|
| Stripe | Payment processing | Payment details, order metadata (incl. names, addresses, message, email) |
| Lob | Printing, mailing, and address verification | Recipient and sender names + addresses, message |
| Cloudinary | Image hosting for card artwork | Card artwork (no personal contact data) |
| Resend | Sending receipt and support emails | Your email address and order details |
| Supabase | Database hosting for our order records | The transaction record described above |
| Sentry | Error monitoring | Technical error data, which may incidentally include limited request data |
| Railway | Application hosting | Technical/log data used to run the Service |
We may also disclose information if required by law, to protect our rights or users’ safety, or in connection with a business transfer.
We keep transaction records for as long as needed to operate the Service and to meet tax, accounting, and legal obligations — generally about 7 years. We delete or de-identify personal information when it is no longer needed, and we will delete your information on request where we are not legally required to keep it. Our providers (e.g., Stripe, Lob) retain data under their own policies.
We use reasonable administrative and technical measures to protect your information — including encryption in transit, restricted access to our systems, and delegating payment handling to Stripe so we never store your full card number. No method of transmission over the internet or electronic storage is completely secure, however, and we cannot guarantee absolute security.
You may request to access, correct, or delete the personal information we hold about you by emailing support@stamppostcard.com. Depending on where you live (for example, California), you may have additional rights, including the right to know what we collect, to request deletion, and to not be discriminated against for exercising those rights. Because precise geolocation is considered sensitive, note that we use it only momentarily and do not retain it.
Recipients: if someone sent you a postcard and you want to know what information we hold or ask us to delete it, contact us at the address above.
The Service is intended for users 18 and older. We do not knowingly collect personal information from anyone under 18.
The Service currently mails only to and from US addresses, and your information is processed in the United States. If you access the Service from outside the United States, you understand that your information will be transferred to and processed in the United States. If we expand internationally, we will update this policy to address the applicable requirements.
We may update this policy from time to time. Material changes will be posted here with a new “Last updated” date.