Privacy Policy

Last updated 2026-05-01

Wallet Loyalty ("we", "us") provides wallet-native loyalty stamp cards to businesses ("merchants"). This policy explains what personal data we collect, why, how we use it, and your rights under the GDPR and equivalent laws.

1. Who is the controller

Wallet Loyalty, contactable at [email protected], is the data controller for the data described in section 2 (merchant accounts). For data merchants enter about their own customers (loyalty program participants), the merchant is the controller and we are the processor — see our Data Processing Agreement available on request.

2. What we collect

From merchants (account holders)

From end customers (your loyalty program participants)

When a customer claims a loyalty card we may store, on the merchant's behalf:

3. Why we use it (legal bases)

4. Who we share with

We share only what's needed to operate the service:

We do not sell personal data. We do not share with advertising or data-broker third parties.

5. International transfers

Our primary infrastructure is in the EU. Some processors (Stripe, Apple, Google, Cloudflare) operate globally; transfers outside the EEA rely on Standard Contractual Clauses and Adequacy Decisions where applicable.

6. How long we keep it

7. Your rights

Under the GDPR you have the right to access, rectify, erase, restrict, port, and object to the processing of your personal data, and to withdraw consent at any time. To exercise any of these rights, email [email protected] or use the in-app deletion flow at More → Danger → Delete my account. You also have the right to lodge a complaint with your local data protection authority.

8. Account deletion

Merchants can delete their account at any time from the app (More → Danger), or by following the steps at /delete-account. Deletion soft-deletes the account immediately, cancels active Stripe subscriptions, and triggers permanent purge after 30 days.

9. Children

Wallet Loyalty is a B2B service. It is not directed at children and we do not knowingly collect data from anyone under 16.

10. Security

All traffic is encrypted in transit (HTTPS). Sessions are short-lived and tied to a device cookie. Payment card data never touches our servers — Stripe handles it. We log access to sensitive endpoints.

11. Cookies on the marketing site

The marketing site at walletloyaltycard.com sets only essential cookies. If we add analytics, the relevant banner will appear and you can opt out.

12. Changes

We will update the "last updated" date at the top of this page when this policy changes. Material changes will be notified by email to merchants.

13. Contact

Privacy questions: [email protected]
General support: [email protected]


Wallet Loyalty · walletloyaltycard.com · [email protected]