Table of Contents
This Privacy Policy applies specifically to Stamp Identifier: Check Value(“the App”), an iOS application developed and operated by Elemental Ridge Ltd. (“Elemental Ridge,” “we,” “us,” or “our”). Elemental Ridge Ltd. has a mailing address at 6D - 7398 Yonge St Unit 2300, Thornhill, ON L4J 8J2, Canada. For the purposes of applicable data protection law, including the EU General Data Protection Regulation (GDPR), Elemental Ridge Ltd. is the data controller responsible for your personal data. The App allows users to photograph postage stamps to receive AI-powered identification and estimated market value information.
1.Legal Bases for Processing
Where applicable under the GDPR or equivalent legislation, we process your personal data on the following legal bases:
Contractual Necessity
Processing necessary to perform our contract with you, including providing and maintaining the App, managing your account, and delivering stamp identification and valuation results.
Legitimate Interests
Processing that serves our legitimate business interests, such as improving our stamp identification accuracy, diagnosing technical issues, detecting fraud, and ensuring security.
Consent
Processing that relies on your freely given, specific, informed consent, such as optional analytics or accessing your device camera to photograph stamps, which you may withdraw at any time.
Legal Obligation
Processing necessary to comply with applicable laws, regulations, court orders, or governmental requests.
2.Information We Collect
2.1 Device and Technical Information
We automatically collect device identifiers (a pseudonymous installation ID generated at first launch), device model, operating system type and version, App version number, language and locale settings, time zone, and network connection type. We do not collect hardware serial numbers or permanent device identifiers such as IMEI or UDID.
2.2 Usage and Interaction Data
We collect information about how you interact with the App, including features accessed, number of stamp scans performed, session frequency, session duration, timestamps, and navigation paths. This data is collected in aggregate or pseudonymous form where possible.
2.3 Stamp Photos and Camera Access
The core function of the App requires access to your device camera or photo library so you can submit photos of stamps for identification. When you submit a stamp photo, it is securely transmitted to our servers and third-party AI/ML processing services to analyze the image, identify the stamp, and generate an estimated market value. The App clearly indicates when a stamp image will be transmitted from your device. Stamp images are used solely to deliver identification and valuation results and are deleted from processing servers within 24 hours of processing completion. We do not use your stamp photos for any purpose other than providing the identification and valuation service you requested.
2.4 Locally Stored Data
The App may store data locally on your device, including your stamp scan history, cached identification results, estimated values, App preferences and settings. This data remains on your device under your control and is not transmitted to our servers unless a specific feature requires it.
2.5 Diagnostics and Crash Data
We collect crash reports, performance diagnostics, error logs, and stability metrics to identify and resolve technical issues. This data may include device state at the time of a crash and stack traces, but does not include your stamp photos or personal content.
2.6 Analytics Data
We collect aggregated and pseudonymous analytics data, including screen views, interaction events, session statistics, and feature adoption metrics, to understand how the App is used and to improve stamp identification accuracy and overall performance.
2.7 Information You Provide Voluntarily
When you contact us for support or provide feedback, we may collect your name, email address, the content of your message, and any attachments you send. We collect this information solely to respond to your inquiry and improve our services.
2.8 Information We Do Not Collect
We do not collect precise geolocation data, contact lists, health data, financial or payment information (all payments are processed by Apple), or advertising identifiers for the purpose of ad targeting. We do not serve advertisements in the App.
3.How We Use Your Information
We use the information we collect for the following purposes:
- To provide, operate, and maintain the App, including processing stamp photos through our AI/ML pipeline to deliver identification results and estimated market values
- To process and complete transactions, including managing subscriptions and verifying entitlements
- To improve, optimize, and develop the App, including analyzing usage patterns, improving stamp recognition accuracy, and diagnosing technical issues
- To enforce our Terms of Service, including usage limits, rate limits, and abuse prevention
- To respond to your customer support requests, inquiries, and feedback
- To send you service-related communications, such as update notifications, security alerts, and policy changes
- To comply with legal obligations, enforce our legal rights, and respond to lawful requests from public authorities
- To detect, prevent, and address fraud, security breaches, and other harmful or unauthorized activity
We do not sell your personal information. We do not use your personal information for automated decision-making or profiling that produces legal or similarly significant effects concerning you. Market value estimates provided by the App are generated by AI and are informational only — they are not professional appraisals and should not be relied upon for insurance, sale, or investment purposes.
4.Third-Party Services & Data Processors
We use the following categories of third-party services to operate the App. These services act as data processors on our behalf and are contractually obligated to handle your data in accordance with this Privacy Policy and applicable data protection law.
4.1 Firebase (Google LLC)
We use Firebase Authentication for account management; Cloud Firestore for cloud data storage; Cloud Functions for server-side processing; and Firebase Crashlytics for crash reporting and stability monitoring. Firebase processes data in accordance with Google's data processing terms.
4.2 Analytics Providers
We use analytics services to collect aggregated and pseudonymous usage data. Analytics data is used solely for improving the App and is not shared with third parties for their own purposes.
4.3 AI and Machine Learning Processing
Stamp identification and market value estimation are powered by third-party AI/ML services. When your stamp photo is sent to such services: (i) it is transmitted using TLS 1.3 or equivalent encryption; (ii) it is used solely to identify the stamp and generate a value estimate for you; (iii) it is not used by the provider to train or improve their general-purpose models without your separate consent; and (iv) it is deleted from the provider's systems within 24 hours of processing. Value estimates returned by these services are informational only and do not constitute professional philatelic appraisals.
4.4 Apple App Store
Subscription management, payment processing, and app distribution are handled by Apple Inc. We do not receive or store your payment card details.
4.5 Cloud Infrastructure
Our server-side infrastructure is hosted on Google Cloud Platform, with data centers subject to SOC 2, ISO 27001, and other industry-standard security certifications.
We do not sell, rent, or trade your personal information to third parties. We may disclose your information if required by law, in response to valid legal process, to protect our rights, or in connection with a merger, acquisition, or sale of assets.
5.Data Storage & Security
5.1 On-Device Storage
Data stored locally on your device, including your stamp scan history and saved results, is protected by the security measures built into iOS, including hardware encryption where available.
5.2 Server-Side Storage
Stamp photos and data transmitted to our servers are encrypted in transit using TLS 1.2 or higher. Data at rest is encrypted using AES-256 or equivalent encryption standards. Our infrastructure is hosted on Google Cloud Platform, which maintains SOC 2, ISO 27001, and other certifications.
5.3 Security Measures
We implement appropriate technical and organizational measures including access controls, audit logging, regular security assessments, and employee training. However, no method of electronic transmission or storage is completely secure, and we cannot guarantee absolute security.
5.4 Data Breach Notification
In the event of a personal data breach likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and, where the breach poses a high risk, notify you directly without undue delay.
6.Data Retention
We retain your personal data only for as long as is necessary to fulfill the purposes for which it was collected, or as required by applicable law:
- Stamp scan history and identification results stored locally remain on your device until you delete them or uninstall the App
- Stamp photos transmitted for AI analysis are deleted within 24 hours of processing completion
- Server-side processing logs are retained for a maximum of 7 days
- Analytics data is retained in aggregated or pseudonymous form for a maximum of 24 months
- Customer support correspondence is retained for 12 months following resolution
- Account data is deleted within 30 days of account deletion or your erasure request
- Crash and diagnostics data is retained for up to 90 days
When retention periods expire, data is securely deleted or irreversibly anonymized. You may request earlier deletion at any time, subject to our legal retention obligations.
7.Children's Privacy
The App is not directed to children under the age of 13 (or under 16 in the European Economic Area, United Kingdom, and Switzerland). We do not knowingly collect, use, or disclose personal information from children under these ages. If we become aware that we have inadvertently collected such information, we will take prompt steps to delete it. If you are a parent or guardian and believe your child has provided personal information to us, please contact us immediately via our contact page.
8.International Data Transfers
Elemental Ridge operates infrastructure hosted in the United States and other jurisdictions. Where we transfer personal data from the EEA, United Kingdom, or Switzerland to countries without an adequacy decision, we rely on:
- Standard Contractual Clauses (SCCs) approved by the European Commission
- Data Processing Agreements (DPAs) with all third-party processors
- Other lawful transfer mechanisms recognized under applicable law
New Zealand has received an adequacy decision from the European Commission. You may request a copy of the safeguards we use for international transfers by contacting us.
9.Your Privacy Rights
9.1 General Rights
- Right of Access — request a copy of the personal data we hold about you
- Right to Rectification — request correction of inaccurate or incomplete data
- Right to Erasure — request deletion of your personal data
- Right to Restriction — request we restrict processing in certain circumstances
- Right to Data Portability — receive your data in a structured, machine-readable format
- Right to Object — object to processing based on legitimate interests
- Right to Withdraw Consent — withdraw consent at any time without affecting prior processing
9.2 GDPR Rights (EEA, UK, Switzerland)
If you are located in the EEA, United Kingdom, or Switzerland, you have all of the rights listed above under the GDPR. You also have the right to lodge a complaint with your local data protection supervisory authority. We will respond to verified requests within 30 days, extendable by 60 days for complex requests.
9.3 CCPA/CPRA Rights (California)
If you are a California resident, you have additional rights including the right to know what personal information we collect, the right to delete, the right to correct, and the right to non-discrimination. We do not sell or share your personal information as defined under the CCPA/CPRA. We will respond to verified requests within 45 days.
9.4 New Zealand Privacy Act 2020
If you are located in New Zealand, you have rights under the Privacy Act 2020, including the right to access and correct your personal information and to complain to the Office of the Privacy Commissioner.
CCPA Disclosure Table
| Category | Collected | Sold or Shared |
|---|---|---|
| Identifiers (device ID) | Yes | No |
| Commercial information | No | No |
| Internet / network activity | Yes | No |
| Geolocation data | No | No |
| Biometric data | No | No |
| Photos / images (stamp photos) | Yes (transiently) | No |
| Inferences drawn from personal information | No | No |
To exercise any of your privacy rights, please contact us via our contact page. We will verify your identity before fulfilling your request and will not discriminate against you for exercising your rights.
11.Links to Third-Party Services
The App may contain links to third-party websites, services, or applications not operated by us. This Privacy Policy does not apply to third-party services. We encourage you to review their privacy policies before providing any personal information. The inclusion of a link does not imply our endorsement.
12.Do Not Track Signals
The App is not web-based and does not respond to browser “Do Not Track” (DNT) signals. We do not engage in cross-app or cross-site tracking, and we do not serve targeted advertising. We respect operating system-level privacy controls, including App Tracking Transparency prompts on iOS.
13.Changes to This Privacy Policy
We may update this Privacy Policy to reflect changes in our practices, technologies, or legal requirements. When we make material changes, we will post the updated policy with a revised “Last Updated” date and, where practicable, provide additional notice such as an in-app notification. Your continued use of the App after changes constitutes your acceptance of the updated policy.
14.Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices for Stamp Identifier: Check Value, please contact us:
Elemental Ridge Ltd.
Mailing Address: 6D - 7398 Yonge St Unit 2300, Thornhill, ON L4J 8J2, Canada
Contact: Visit our contact page
If you are located in the EEA, UK, or Switzerland, you also have the right to lodge a complaint with your local data protection supervisory authority. If you are a California resident, you may contact the California Attorney General's office regarding your CCPA/CPRA rights.