Privacy Policy
Last updated: 8 July 2026
This Privacy Policy explains how Stelia ("we," "our," or "us") collects, uses, stores, and protects information when you use the Stelia website and related services (the "Service"). We keep this simple on purpose: we collect very little, and only what is needed to make the Service work.
Who we are
Stelia is operated by Quentin Flechaire as an independent product. If you have any questions about your personal data, contact us at contact@stelia.app.
Information we collect
When you buy a pass, we collect your email address and the details of your order (products, quantities, amounts, and pickup code). Your email is used to send you the order confirmation and your pass. No account is required to make a purchase.
When your pass is scanned at the venue, we record the scan (time and checkpoint) so the venue can validate entries and track remaining uses.
If you subscribe to our newsletter, we store the email address you provide. You can unsubscribe at any time.
Venues that use Stelia have professional accounts. For their staff, we store the email address and authentication data needed to access the dashboard.
We also collect limited technical information automatically, such as basic error and usage logs, to keep the Service stable and prevent misuse. We do not use advertising trackers.
Payments
Payments are processed by Stripe. Your card details never pass through or get stored on our servers. Payment funds go directly to the venue's Stripe account; Stelia only receives the order and billing information needed to operate the Service.
How we use your information
We use your information to process your order, send you your pass by email, let the venue validate it on site, operate professional accounts, and keep the Service secure and reliable.
We do not sell personal data and we do not use it for third-party advertising. We only send marketing emails if you explicitly subscribed to the newsletter.
Who we share data with
The venue you buy from can see the orders that concern it (email, order details, and scans), since it is the seller of your pass and needs this information to honor it.
We rely on trusted third-party services to run Stelia: Stripe for payments, Supabase for database hosting and authentication, Resend for transactional emails, and Vercel for web hosting. Data is shared with them only as needed to provide the Service and is handled according to each provider's privacy policy.
Data storage and international transfers
Data is stored on the infrastructure of the providers listed above, which may be hosted outside your country of residence. We take reasonable steps to ensure data is protected in accordance with this Privacy Policy and applicable laws.
Data retention and deletion
We keep personal data only as long as needed to operate the Service. Order records are retained for the period required by accounting and legal obligations. Newsletter emails are kept until you unsubscribe.
You can request the deletion of your data at any time by writing to contact@stelia.app.
Your rights
You may request access to, correction of, or deletion of your personal data, or information about how it is processed. Contact us at contact@stelia.app and we will respond in accordance with applicable data protection laws, including the GDPR.
Cookies
We only use essential cookies: one to remember your language and, for professional accounts, one to keep you signed in. We do not use advertising or cross-site tracking cookies, which is why you don't see a cookie banner.
Security
We implement reasonable administrative, technical, and organizational safeguards to protect your information. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.
Changes to this Privacy Policy
We may update this Privacy Policy from time to time. Changes take effect when posted. Continued use of the Service constitutes acceptance of the updated Privacy Policy.
If you have questions, concerns, or requests regarding this Privacy Policy, contact us at contact@stelia.app.