Privacy Policy — Venue

01 — Introduction

What is Venue?

Venue is the end-user application of The Stamp ecosystem. It acts as a digital identity and access key for attendees at nightlife events and venues.

With Venue, users can present a cryptographically signed QR code at the door, claim cloakroom tickets, and manage re-entry — all without registering an account, providing personal information, or creating any traceable identity.

02 — Data we process

No personal data is collected

Venue does not collect any personal information. There are no accounts, no names, no email addresses, and no phone numbers. The application operates entirely on anonymous device-bound identifiers:

Device UUID — a randomly generated anonymous identifier created locally on the device, never linked to any personal identity
Device ID — a unique value stored in the device Keychain, used to bind the cryptographic key pair to the physical device
Public key — an EC P-256 public key generated in the device's Secure Enclave, shared with the server solely for signature verification

No location data, contacts, photos, usage analytics, or any other device data is collected at any point.

03 — How it works

Cryptographic identity, not personal identity

When the app launches, it generates a private key inside the device's Secure Enclave — a hardware-isolated environment that ensures the key never leaves the device. Each request to The Stamp server is signed with this private key.

The server verifies the signature using the corresponding public key, confirms the request originates from a legitimate source, and responds with a server-signed QR code. This QR is ephemeral, non-transferable, and non-replicable — it cannot be screenshotted, shared to an external screen, or recorded.

The result is a zero-knowledge access system: The Stamp can verify a valid user without ever knowing who that user is.

04 — Purpose of processing

Why do we use this data?

Cryptographic verification that a request originates from a trusted, unmodified device
Generation and delivery of a server-signed access QR code
Re-entry management during an active event session
Cloakroom ticket assignment and retrieval, bound exclusively to the device

05 — Data retention

How long do we keep data?

All operational data associated with an event (QR sessions, re-entry records, cloakroom assignments) is ephemeral by design. Once an event is closed, this data is not retained or used for any additional purpose.

The device registry (Device UUID, Device ID, public key) is retained solely to maintain the cryptographic trust chain. It contains no personal information and cannot be used to identify any individual. The user may request its deletion at any time.

06 — Data sharing

Do we share data with third parties?

No. The anonymous device identifiers processed by Venue are never sold, transferred, or shared with third parties under any circumstances. No advertising networks, analytics providers, or data brokers receive any data from this application.

07 — Security

How do we protect data?

The Stamp implements technical security measures including:

Private keys generated and stored exclusively in the device's Secure Enclave — they never leave the hardware
All server communication encrypted via secure WebSockets
QR codes are server-signed and ephemeral — invalid outside an active session
Technical prohibition of screenshots, screen recording, and external screen mirroring during active sessions
Content automatically hidden when the app is backgrounded or screen capture is detected

08 — Rights

User rights

Even without personal data, every user may exercise the following rights by contacting The Stamp directly:

Access to the anonymous device data associated with their device
Deletion of their device registry and all associated operational records
Objection to the processing of their device identifiers

09 — Contact

Questions or requests?

For any questions related to this policy or the processing of your data, contact us at:

hello@the-stamp.app

The Stamp · the-stamp.app

Venue — The Stamp