Privacy Policy

Effective 17 June 2026 · Last updated 17 June 2026

This policy explains what LoyaltyPass collects, why we collect it, who else sees it, and what you can do about it. We have written it in plain English so a non-lawyer can read it end to end.

Contents
  1. Who we are
  2. Data we collect
  3. How we use it
  4. Who we share it with
  5. How long we keep it
  6. Your rights
  7. Children's data
  8. Cookies and tracking
  9. Data security
  10. International data transfers
  11. Changes to this policy
  12. Contact

1.Who we are

LoyaltyPass is a loyalty card platform for hospitality vendors, operated by Joseph Mattouk and based in Accra, Ghana. We let cafés, bars, studios, and similar venues issue digital loyalty cards to Apple Wallet and Google Wallet, record visits via QR scans at their shops, and message their customers through the wallet pass.

Questions about this policy go to support@loyaltypass.org.

2.Data we collect

We collect different things from vendors (the business that runs the loyalty programme) and from customers (the people who get a loyalty card from that vendor).

From vendors

  • Business name and brand slug.
  • Contact email, used to sign in to the admin app.
  • Optional logo and brand colors.
  • Loyalty reward setup (how many punches earn a reward, what the reward is, which icon represents it).
  • Industry (café, bar, studio, etc.).
  • Shop names and addresses.
  • Staff PINs used by counter staff to authorise the scanner on their shift.
  • Subscription and billing data, including the Paystack authorization reference we use to take recurring monthly charges. We do not store full card numbers; Paystack handles that.

From customers

  • Name and mobile phone number, captured at QR signup.
  • A one-time verification code used to confirm the phone number at signup. The code is stored as a hash and expires in five minutes.
  • Visit history and punch count on the loyalty card for that vendor, plus the timestamp of every redeemed reward.
  • Whether the customer installed the loyalty card into Apple Wallet or Google Wallet, and the device push tokens that the wallet apps register with us so we can update the card and deliver push notifications.
  • The timestamp the customer signed up.

We do not collect customer email at this time. We do not collect location data. We do not run third-party analytics or advertising trackers on the customer-facing pages.

3.How we use it

Vendor data

  • Run the admin app so you can manage your loyalty programme.
  • Render your brand on the loyalty card customers add to their wallet.
  • Bill you monthly via Paystack and keep your subscription in good standing.
  • Send transactional product email (billing notices, security alerts, material changes to this policy or the Terms).

Customer data

  • Deliver the loyalty card to Apple Wallet or Google Wallet.
  • Record visits when staff scan the customer's pass at a shop.
  • Deliver marketing broadcasts authored by the vendor as wallet push notifications: lock-screen alerts on Apple Wallet, message updates on Google Wallet.
  • Confirm the customer's phone number at signup with a one-time code.

4.Who we share it with

We use the following service providers to run LoyaltyPass. We do not sell personal data to anyone.

  • Supabase(eu-west-2 region). Primary database and authentication. All vendor and customer rows live here, encrypted at rest. Each vendor's data is isolated at the database level using Postgres Row Level Security.
  • Apple (Apple PassKit and the Apple Push Notification service). Distributes the loyalty card to iPhones and delivers wallet push notifications. Apple receives the pass contents and the device push tokens for cards customers have installed.
  • Google (Google Wallet and the Google Wallet Messages API). Distributes the loyalty card to Android phones and delivers wallet message updates. Google receives the pass contents and the message payloads for cards customers have installed.
  • Paystack. Processes vendor subscription payments. Paystack receives the vendor's email and payment instrument details. LoyaltyPass never sees full card numbers.
  • Vercel. Hosts the LoyaltyPass application. Vercel sees standard request metadata (IP addresses, user agents) as part of normal hosting operation but does not have direct access to the database.

5.How long we keep it

  • Customer loyalty data is kept while the vendor's subscription is active. If a vendor cancels and 90 days pass without resubscribing, the customer records tied to that vendor are deleted.
  • Vendor data is kept while the account is active. On cancellation, plus 90 days, vendor data is deleted unless we are required to retain it for legal or tax reasons (Ghana Revenue Authority record-keeping, dispute defence, and similar).
  • OTP records are short-lived and removed within 30 days.
  • Server logs kept by our hosting and database providers may persist for up to 90 days for diagnostic and security purposes.

6.Your rights

Customers

You can ask the vendor whose loyalty card you signed up for to:

  • Show you the data they hold about you.
  • Correct anything that is wrong.
  • Remove you from broadcasts.
  • Delete your record entirely.

Vendors handle these requests because they are the controller of their own customer list (see section 6 of the Terms of Service). If a vendor will not respond, you can email support@loyaltypass.org and we will help.

Vendors

  • You can export your customer list as CSV from the admin app.
  • You can correct your account data inside the admin app.
  • You can request full account deletion by emailing support@loyaltypass.org.

Ghana does not currently have a statutory equivalent of the EU General Data Protection Regulation. We follow GDPR-style data subject rights as our standard regardless.

7.Children's data

LoyaltyPass is not directed at children under 18. We do not knowingly collect data from anyone under 18. If you believe a child has signed up to a vendor's loyalty card through LoyaltyPass, contact support@loyaltypass.org and we will delete the record.

8.Cookies and tracking

We use only the cookies required to keep you signed in. No tracking pixels, no third-party analytics, and no advertising cookies on the customer-facing pages. The admin app and the marketing landing page may add basic first-party analytics in the future. This policy will be updated before that happens.

9.Data security

Data is encrypted in transit (TLS) and at rest (Supabase managed encryption). Every cross-vendor boundary is enforced at the database level using Postgres Row Level Security, not just at the application layer. Signing material for Apple PassKit and Google Wallet is held server-side only and never transmitted to the customer's browser.

No system is perfectly secure. If you believe you have found a vulnerability, please email support@loyaltypass.org and we will get back to you quickly.

10.International data transfers

LoyaltyPass relies on cloud infrastructure that may process data outside Ghana:

  • Supabase processes data primarily in the EU (eu-west-2 region).
  • Apple processes data in the jurisdictions where Apple operates wallet and push infrastructure, including the United States.
  • Google operates Google Wallet globally, including the United States.
  • Vercel hosting runs on US-based infrastructure.

By using LoyaltyPass you consent to your data being processed in these regions.

11.Changes to this policy

We may update this policy. The “Last updated” date at the top of this page reflects the most recent change. If a change is material (for example, a new third-party processor or a new category of data), we will notify vendors by email and update the customer signup screen so customers see a notice on their next signup.

12.Contact

Email support@loyaltypass.org for any privacy question, data access request, or deletion request.