Privacy Policy
Last updated on March 31th 2024.
At StickerDocs we take your privacy and data security very seriously. We make all our decisions and build features with careful consideration to protect your privacy and security.
Trust is built upon transparency which is why the core of StickerDocs is open for review.
See Security for more details about how the app has been built for security and privacy.
The most recent version of the Privacy Policy can be found at https://stickerdocs.com/privacy. All StickerDocs users are required to agree and adhere to the Privacy Policy prior to signing up for an account and prior to logging in to our services. Use of our services implies acceptance of the Privacy Policy.
Tracking, Telemetry and Analytics
We do not use analytics or telemetry on this site or in our app because these can be invasive to your privacy.
This makes it harder for us to detect and respond to app crashes for example but, that just forces us to be more creative.
If the app crashes the next time you open it, you will be asked if you are happy to send the crash report to us or not. This is your choice to make and nothing will be sent without your approval. You can even change the data in the crash report before sending.
We put our customers directly in control of their data and do not resort to any creepy spying tricks.
Data We Store About You
We store the following minimal information about you:
| What | Why | Retention Period |
|---|---|---|
| Name | So we can communicate with you, and when you share documents with others so they know who you are. | Deleted 30 days after your account is deleted |
| So we can communicate with you, and when you share documents with others so they know who you are. | Deleted 30 days after your account is deleted | |
| User ID | This is a randomly generated unique identifier; a UUID, created by us it identify users uniquely when they register. We use this so we know which device you are using for synchronisation to function. | Deleted 30 days after your account is deleted |
| A client/device identifier | This is a randomly generated unique client/device identifier; a UUID, created by the app on each installation. It is not the manufacturer’s permanent device ID. We use this so we know which device you are using for synchronisation to function. | Deleted 30 days after your account is deleted |
| IP address | For security and so we can prevent service abuse. | Deleted after 30 days |
| File ID | This is a randomly generated unique identifier; a UUID, created by the app for every file. It is not a hash or signature. We use this so we know which file your devices want to download for synchronisation to function, and also when sharing files with other users. If you share a file with another user that shared file will have the same ID when it is uploaded by them to their account, for as long as the file is not deleted. | Files are deleted immediately when users delete a file, or if the account is deleted. |
| Which File ID is owned by and shared with which User ID | For synchronisation and file sharing to work. Whilst the data is encrypted we do not want to let anyone download your files unless they have been shared with them | Files are deleted immediately when users delete a file, or if the account is deleted. |
| Sticker names and images | We only see this in unencrypted form when dealing with sticker share invitations. We need to see this so we can send the invitation to the recipient. If you never share a sticker we will not ever see this data because it is otherwise stored with End-to-End Encryption (E2EE) with the rest of your data. | Deleted after 30 days or once the sticker has been accepted or rejected. |
How we keep your data secure
The primary way we keep your data secure is via the use of End-to-End Encryption (E2EE) for your data and the metadata used to describe that data. This means there is no way for us or anyone who might compromise our systems to access your data, because only you have the key to decrypt it.
All other (non-file) data (e.g. your registration details) to and from StickerDocs is encrypted in transit (via HTTPS) and at rest (via AWS-managed encryption keys).
Data Jurisdiction
All data is stored within the UK on AWS.
Compliance with General Data Protection Regulation (GDPR)
The General Data Protection Regulation (GDPR) grants individual rights which StickerDocs Limited respects and honors.
This page provides all the details on the information we collect and how we use it. This is your right to be informed.
If you wish us to remove your data in accordance with your rights under the GDPR, please use the delete account feature from the app to do this.
If you wish to invoke any of your other rights under the GDPR please email at support@stickerdocs.com, or write to us at StickerDocs Limited, 1A Davyhulme Circle, Urmston, Manchester, England, United Kingdom. Please make it clear in your communication that you are invoking your GDPR rights.
At this time we unfortunately cannot accommodate users under 13 years old because to do so that requires parental consent to comply with GDPR. All users must be over 13 years old to use this application.
Data Processors
We use the following suppliers to process data:
| Company | Purpose |
|---|---|
| AWS | The API runs on, and all data is stored within AWS. Emails are sent via AWS. |
| Proton AG | Emails to and from StickerDocs Limited are processed by Proton Mail. |
Online Safety Act 2023
The Online Safety Act 2023 sets out several requirements for companies to comply with the law.
Here is how we comply with this law:
- There is a feature in the app to report harmful content. This means the app of the person reporting the harmful content will transmit the encryption keys to StickerDocs to enable a review of the encrypted content. If upon review this is found to be the case the material will be removed from the StickerDocs platform and the relevant authorities informed. Because files shared will all have the same unique file identifier, this is what we use to determine who has this content even after a file may have been un-shared.
Account Deletion
You can delete your account. This can be done preferably via the app, but you can also email us at support@stickerdocs.com to request this. We will of course need to verify the legitimacy of the request to prevent abuse.
Data Protection Officer
Our Data Protection Officer is Anthony Fielding who can be contacted at anthony@stickerdocs.com.
Automated Decision-Making Processes And Use Of Artificial Intelligence (AI)
There are no automated decision making processes and we do not make use AI for customer data. We may use generative AI to create images for marketing or to produce stickers.
Complaints
You have the right to lodge a complaint with the Information Commissioners Office (ICO) if you believe we have not adequately upheld these rights.
Contact Us
If you have any questions or concerns about this policy or your data you can contact us by email at support@stickerdocs.com, or write to us at StickerDocs Limited, 1A Davyhulme Circle, Urmston, Manchester, England, United Kingdom.