1. Who we are
Loyalty Chips, Inc. ("we", "us") operates the Loyalty Chips platform, which lets merchants issue physical NFC/QR chips that capture first-party customer data on scan.
2. What we collect
- From merchants: email, name, venue metadata, billing information processed by Stripe.
- From customers (end users of merchants): name, email, phone, reward terms acceptance, separate email/SMS marketing opt-in flags, timestamps of scans, chip ID, method of scan (NFC/QR/iOS fast-open preview), and consent audit details.
- Automated: a hashed IP address (SHA-256 + salt, truncated), coarse IP network hash, page path, referrer, UTM/source fields, device/browser class, user-agent string, timestamp, and privacy-safe interaction metadata such as named button clicks, scroll-depth milestones, validation error type, field name, character-count bucket, and paste-used flag. Raw IP is never stored, typed field values are not stored for analytics, and detailed launch analytics are timestamped for expiration under the configured retention window.
3. How we use it
- To deliver the rewards experience tied to each chip.
- To populate the merchant's customer dashboard (only the merchant tied to the chip sees their customers).
- To provide email campaign tooling the merchant triggers manually.
- To maintain the platform (security, abuse prevention, launch funnel diagnostics, checkout reliability, and aggregate analytics).
4. How we share it
We never sell your data. We share it only with sub-processors required to run the service, including Stripe for billing, cloud infrastructure providers, SendGrid for email, Twilio for SMS, Google for OAuth/Wallet/Business Profile connections, and Apple/Google Wallet services when a customer saves a pass.
5. Your rights
You have the right to access, correct, delete, or export your personal data. See GDPR / CCPA.
6. Contact
Email privacy@loyaltychips.com.