Effective date: May 21, 2026

Privacy Policy

Cafe Loyalty collects the information needed to create and manage a digital punch card account, including name, email address, optional phone number, pass code, QR token, punch activity, reward redemptions, email verification status, marketing preference, and basic security logs.

How information is used

We use this information to create customer accounts, verify email addresses, operate loyalty cards, prevent misuse, support staff scanning, process reward redemptions, send account emails, and improve loyalty reporting for the participating business.

Promotions and offers

Customers may choose to receive upcoming promotions and offers. This is optional. Account and security emails, such as verification and password reset messages, may still be sent even if promotional messages are not selected.

Sharing

Customer information is shared only with the participating business and service providers needed to run the program, such as hosting, database, and email delivery providers. We do not sell customer personal information.

Security and retention

Passwords are stored as hashes. QR codes use private scan tokens. Staff and admin actions are logged to protect the program from unauthorized punch changes. Information is retained while the account or loyalty program is active, unless deletion is required or requested where applicable.

Customer choices

Customers can request access, correction, deletion, or changes to promotional preferences by contacting the participating business. Some records may be retained where needed for security, accounting, fraud prevention, or legal compliance.

Important note

This policy is a practical operating policy for the loyalty program and should be reviewed by a qualified legal professional before selling the product broadly or onboarding larger businesses.