Privacy Policy

Last updated: March 2026

1. Who We Are

StackMap operates the website stackmap.co. We are committed to protecting your personal data and complying with UK GDPR, EU GDPR, and all applicable data protection laws. Contact: privacy@stackmap.co

2. What Data We Collect

We collect: account data (name, email, password hashed, billing info), usage data (pages visited, features used, IP address), payment data via Stripe (we never store card details), and support communications.

3. How We Use Your Data

We use your data to provide and improve StackMap, process payments, send product reports and updates, detect fraud, and comply with legal obligations. You can unsubscribe from marketing emails at any time.

4. Legal Basis for Processing (UK/EU GDPR)

Contract: to deliver the service. Legitimate interests: to improve product and prevent fraud. Consent: for optional cookies and marketing. Legal obligation: where required by law.

5. Data Retention

We retain your data while your account is active. Upon deletion we remove personal data within 30 days, except financial records required by law (typically 7 years).

6. Data Sharing

We do not sell your data. We share only with: Stripe (payments), Supabase (database, EU-hosted), Vercel (hosting), and law enforcement when legally required. All processors are GDPR-compliant.

7. Your Rights

Under UK/EU GDPR you have the right to access, correct, delete, restrict, and port your data, and to object to processing. Email privacy@stackmap.co to exercise these rights. You may also complain to the ICO (UK) at ico.org.uk.

8. Cookies

We use essential cookies for authentication, analytics cookies to improve the service, and optional marketing cookies. See our Cookie Policy for full details.

9. Security

We use HTTPS encryption, hashed passwords, JWT authentication, and regular security audits. No system is 100% secure but we take all reasonable steps to protect your data.

10. Contact

For any privacy questions: privacy@stackmap.co