Privacy Policy

1. What we collect

Free accounts (registered)

• Your email address (used to log in)
• Your signature data — name, title, company, phone, social links, and any other details you enter in the builder
• Your profile photo, if you upload one — stored on our servers (Cloudflare R2) and served from neatstamp.com
• Tracking pixel data:when someone opens an email containing your free-tier signature, our pixel records the event’s timestamp and the opener’s approximate IP address. This is how we show you open counts. You can read more in section 3 below.

Pro accounts

• Same as above, except Pro signatures contain no tracking pixel
• Subscription status and renewal date

Google Analytics (with your consent)

If you accept cookies when the consent banner appears, we load Google Analytics. It collects:

• Pages you visit and how long you spend on them
• Device type, browser, and operating system
• Country-level location (not city or street level)

If you decline cookies, Google Analytics is not loaded at all. You can change your preference at any time via the cookie settings link in the site footer.

Google OAuth (if you sign in with Google)

• Your name, email address, and Google profile picture

2. How we use your data

• Signature creation and storage: your signature data is saved so you can edit and re-copy it any time you log in
• Tracking pixel (free tier): pixel events are aggregated into an open count shown on your dashboard — we do not share individual open events with third parties
• Google Analytics: to understand how people use the site so we can improve it — only with your cookie consent
• Transactional email: to send password reset links and other account-related messages. We do not send marketing email unless you opt in separately.

3. Tracking pixel (free tier)

Free-tier signatures include a 1×1 pixel image hosted on neatstamp.com. When a recipient opens an email containing your signature, their email client loads this image — that request tells us the email was opened, along with the time and the recipient’s IP address.

We use this data only to show you your own open counts. We do not build profiles of your recipients, and we do not sell or share this data.

If you would prefer signatures with no tracking, upgrade to Pro. Pro signatures are pure HTML with no server-side image loading.

4. Image hosting

Profile photos uploaded by free and registered users are stored on Cloudflare R2 and served from the neatstamp.com domain. This means your photo is loaded from our servers every time someone views an email with your signature.

Images belonging to inactive free accounts may be deleted after 90 days of inactivity. If your account is deactivated, your signature images will stop loading for recipients.

Pro users receive pure HTML output. Their signatures do not reference any image hosted on our servers — you host your own images or reference external URLs you control.

5. Cookies

• Authentication cookie: set when you log in to keep your session active. This is strictly necessary and cannot be turned off.
• Cookie consent preference: stored in localStorage to remember whether you accepted or declined analytics cookies.
• Google Analytics cookies: set only if you accept the cookie consent banner. These track page views and session data as described in section 1.

We do not use advertising cookies or sell cookie data to any third party.

6. Data retention

• Account data: kept until you delete your account. You can request deletion at any time.
• Free signatures and hosted images: deactivated and queued for deletion after 90 days of inactivity (no logins and no pixel activity).
• Tracking pixel data: retained for 90 days, then permanently deleted.
• Audit logs: retained for 90 days, then permanently deleted.

7. Your rights (GDPR)

If you are in the European Economic Area (or anywhere else, for that matter), you have the following rights regarding your personal data:

• Access: request a copy of the data we hold about you
• Correction: ask us to fix inaccurate data
• Deletion:ask us to delete your account and all associated data (“right to be forgotten”)
• Withdraw consent: opt out of analytics cookies at any time via the cookie settings link in the footer
• Data portability: request your data in a machine-readable format

To exercise any of these rights, email us at [email protected]. We will respond within 30 days.

8. Third-party services

We use the following third parties to run NeatStamp. Each has its own privacy policy.

• Cloudflare — hosting, CDN, database (D1), and image storage (R2). Your data is stored on Cloudflare infrastructure.
• Google — OAuth sign-in and, with your consent, Google Analytics.
• Resend — transactional email delivery (password resets, etc.). They receive your email address to deliver messages.
• LemonSqueezy — payment processing. All payment and billing data is handled entirely by LemonSqueezy. We never see or store your card details.

9. We never sell your data

We do not sell, rent, trade, or otherwise transfer your personal information to any third party for their own commercial use. Ever.

10. Data security

All data transmitted between your browser and our servers is encrypted using TLS. Account data is stored in Cloudflare D1, which is encrypted at rest. We follow industry best practices for access control and security.

11. Children’s privacy

NeatStamp is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected such information, contact us immediately at [email protected].

12. Changes to this policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes by email. The “last updated” date at the top of this page shows when the policy was last revised.

13. Contact

Questions about this Privacy Policy? Email us at [email protected].