GDPR and Data Processing

Last updated 2026-05-01

Wallet Loyalty is designed for EU small businesses that need a loyalty program without collecting unnecessary customer data. This page summarises how we support GDPR obligations for merchants using the Service.

Roles

Data Processing Agreement

A Data Processing Agreement is available to merchants on request. Email [email protected] from your account email and include your business name.

Privacy-by-default product choices

Merchant responsibilities

Subprocessors

We use service providers only where needed to operate the Service, including payment processing, wallet pass delivery, push delivery, hosting, email, and security. The current categories are listed in the Privacy Policy.

Data subject requests

Merchants can handle customer requests through the app where available. If you need help locating, exporting, correcting, or deleting data, email [email protected].

Security and retention

Traffic is encrypted in transit, payment card details are handled by payment processors, and deleted merchant accounts are permanently purged after the documented retention period except for billing and tax records we are legally required to keep.

Questions

For GDPR, privacy, or DPA questions, contact [email protected].


Wallet Loyalty · walletloyaltycard.com · [email protected]