Legal

GDPR & CCPA

Last updated: May 4, 2026.

A full Data Processing Addendum (DPA) is available on request for merchants operating in the EU/UK/California.

Controller and processor roles

For customers who scan a merchant's Loyalty Chips surface, the merchant is usually the controller of the customer list and Loyalty Chips acts as a processor. For merchant account data, site visitor analytics, billing administration, security logs, and platform operations, Loyalty Chips may act as an independent controller.

Data categories and service providers

The platform uses Firebase Auth and Cloud Firestore for account and venue data, Stripe for billing, SendGrid for email, Twilio for SMS when configured, Cloudflare for hosting and security, and Google or Apple services when OAuth or wallet passes are enabled. Analytics and security events store hashed IP values, coarse device/browser metadata, path/source fields, and privacy-safe interaction metadata. Raw payment card data, raw passwords, and raw typed field values are not stored by Loyalty Chips.

Your rights

  • Access — request a copy of the personal data we hold about you.
  • Correction — update inaccurate data.
  • Deletion ("right to be forgotten") — request full erasure.
  • Portability — receive your data as CSV or JSON.
  • Restriction & objection — limit or opt out of specific processing.
  • Do Not Sell/Share (CCPA) — we do not sell personal data.

How to exercise them

Email privacy@loyaltychips.com with a subject line including the right you wish to exercise. We respond within 30 days where required. If you are a customer of a merchant using our platform, you may also contact that merchant directly because they control the reward and campaign data they collect.

Legal basis for processing (GDPR)

  • Contract - to deliver merchant accounts, billing, hardware orders, reward claims, dashboard access, exports, and support.
  • Consent - for optional email or SMS marketing by the merchant, stored separately by channel and revocable at any time.
  • Legitimate interest - for platform security, fraud prevention, audit logging, conversion diagnostics, checkout reliability, and aggregate analytics.

Opt-out and deletion handling

Unsubscribe links and merchant dashboard tools write suppression and consent records so campaign sends can skip opted-out customers. Export and deletion requests are handled through merchant tools or support, with audit records retained where needed for legal, accounting, security, or abuse-prevention purposes.

Retention

Launch analytics and visit records include expiration timestamps for Firestore TTL retention when enabled in production. Merchant customer records remain available to the merchant until exported, deleted, suppressed, or removed under the merchant's retention policy and applicable law.