Privacy Policy

Introduction

BaristaCard ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our loyalty card service.

Information We Collect

Guest Users

When you use BaristaCard without registering, we collect:

• A unique guest identifier (stored in a cookie)
• Stamp collection and Coffee Beans progress
• Café visit history (which venues you've scanned at)
• Device and browser information

Registered Users

When you register via Google or Facebook OAuth, we collect:

• Email address
• Display name
• Profile picture (avatar URL)
• OAuth provider and unique identifier
• All guest data (if migrating from guest to registered user)

Café Owners

When you sign up as a café owner, we collect:

• All registered user information (above)
• Café name, description, and location details
• Loyalty deal configurations
• Customer engagement analytics (aggregated and anonymized)

How We Use Your Information

We use the collected information to:

• Provide and maintain our loyalty card service
• Track your stamp progress and Coffee Beans balance
• Enable reward redemptions
• Sync your data across devices (registered users)
• Send you important service updates
• Improve our service and develop new features
• Prevent fraud and abuse
• Provide café owners with engagement analytics

Data Sharing and Disclosure

We do not sell your personal information. We may share your information only in the following circumstances:

• With café owners: Aggregated, anonymized analytics about customer engagement
• Service providers: Third-party services that help us operate (e.g., hosting, analytics)
• Legal requirements: If required by law or to protect our rights
• Business transfers: In connection with a merger, sale, or acquisition

Cookies and Tracking

We use cookies and similar tracking technologies to:

• Maintain your session and guest identifier
• Remember your preferences
• Analyze service usage and performance

You can control cookies through your browser settings, but disabling them may limit functionality.

Data Security

We implement appropriate technical and organizational measures to protect your information, including:

• Encrypted data transmission (HTTPS)
• Secure database storage
• Regular security audits
• Access controls and authentication

However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

Your Rights

You have the right to:

• Access your personal data
• Correct inaccurate data
• Request deletion of your data
• Export your data
• Opt out of promotional communications

To exercise these rights, please contact us at privacy@baristacard.com.

Data Retention

We retain your data for as long as your account is active or as needed to provide services. Coffee Beans may expire after 90 days of inactivity (when implemented). You can request deletion of your account at any time.

Children's Privacy

BaristaCard is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the new policy on this page and updating the "Last updated" date.