Stoopd

Privacy Policy

Last updated: July 5, 2026

What we collect

  • Account: username, email, password (stored as a bcrypt hash — we never see it), and optional display name and bio.
  • Location: optional city and state, which we convert to approximate coordinates to power “near me” search. We never collect your street address, and we never ask for GPS.
  • Content: the objects, photos, journal entries, posts, messages, and offers you create.
  • Scan stats: when someone views a public object page, we record a coarse city/region derived from network headers — no IP address, no user agent, and no account identity is stored with it.

Photos are scrubbed

Every uploaded photo is re-encoded on our servers, which strips all embedded metadata — including GPS coordinates and camera details — before the image is stored or shown to anyone.

What's public

Your username, display name, bio, city/state, profile stats, and anything attached to a public object (photos, journal entries, price history, ownership timeline) are visible to anyone. Unlisted objects are visible to anyone with the link. Private objects are visible only to you. Messages and offers are visible only to their participants.

What happens when you delete your account

Deletion anonymizes you: your credentials, location, and social graph are removed, and your name on past object chapters becomes “A former owner”. The chapters themselves stay with their objects — that permanence is Stoopd’s core feature and is disclosed before you post.

Email

We send account emails (verification, password reset) and, if you opt in, notification emails for offers, messages, and followed objects. Notification emails only go to verified addresses, and you can turn each type off in settings.

Service providers we rely on

We share data only with the vendors that run Stoopd for us, and only so they can provide their service:

  • Vercel — hosting and photo/file storage.
  • Our database host — stores your account and content data.
  • Resend — sends our account and notification emails.
  • Upstash — rate limiting and abuse prevention.

We don’t use payment processors, shipping/carrier services, external location or map services, or third-party analytics or ad SDKs.

What we don't do

  • No selling or sharing of personal data with advertisers.
  • No third-party tracking scripts or ad networks.
  • No payment data — Stoopd never touches money.

Contact

Questions or data requests: email privacy@stoopd.app.