Legal

Privacy Policy

Last updated: February 2026

Stop Deepfake Candidates is a trade name (DBA) of Payload Ops Inc., a Delaware corporation. All references to "we," "us," or "our" in this Privacy Policy refer to Payload Ops Inc., operating under the Stop Deepfake Candidates brand.

1. What We Collect

We collect the minimum data necessary to operate the Service:

  • Account data: Your name, email address, and organization name when you sign up.
  • Verification metadata: The candidate's name, email, the verification outcome (pass or fail), and timestamps. We do not store ID documents or selfies — those are stored solely by Stripe.
  • Billing data: Payment card information is collected and stored solely by Stripe. We do not store payment details on our servers; we retain only a Stripe customer ID to reference your account.
  • Usage data: Basic analytics such as pages visited and actions taken, used to improve the product.

2. Candidate Identity Data

Identity verification for this Service is powered by Stripe Identity. When a candidate completes verification, their government-issued ID and selfie are submitted directly to and stored by Stripe — not by us.

We have the technical ability to retrieve verification results and associated data through Stripe's API, but we do not store, copy, or otherwise retain ID documents, selfie images, or raw biometric data on our own infrastructure. We store only the verification outcome (pass or fail), the candidate's name, email, and the associated timestamps.

Candidates should review Stripe's Privacy Policy for full details on how their identity documents and biometric data are handled, retained, and deleted.

3. How We Use Your Data

We use the data we collect to provide and improve the Service, send you transactional emails (e.g. verification alerts), respond to support requests, and comply with legal obligations. We do not sell your data or use it for advertising.

4. Data Sharing

We share data only with third-party providers necessary to operate the Service. Our key sub-processors are:

  • Stripe — identity verification (Stripe Identity) and payment processing. Stripe stores all ID documents, biometric data, and payment card details directly. Their processing is governed by Stripe's own Privacy Policy and Terms of Service.
  • Hosting & infrastructure providers — for running the application and storing metadata.

We do not sell data or share it with any other third parties without your explicit consent.

5. Data Retention

We retain account and verification metadata for as long as your account is active, or as required by law. You may request deletion of your account and associated data at any time by contacting us.

6. Your Rights

Depending on your location, you may have rights to access, correct, or delete your personal data. To exercise any of these rights, contact us at hello@stopdeepfakecandidates.com. We will respond within 30 days.

7. Security

We use industry-standard security practices to protect your data, including encryption in transit and at rest. However, no system is completely secure — please use a strong, unique password for your account.

8. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or a notice in the dashboard.

9. Contact

Questions about this policy? Reach us at hello@stopdeepfakecandidates.com.