Fidelizz
Fidelizz

Privacy Policy

Last updated: March 1, 2026

1. Introduction

Fidelizz is committed to protecting the privacy of its users. This privacy policy describes how we collect, use and protect your personal data in accordance with the GDPR.

2. Data collected

We collect the following data:

For merchants (Customers):

  • First and last name
  • Email address
  • Business name
  • Payment information (processed by Stripe)

For end customers (cardholders):

  • Name (optional)
  • Email address
  • Loyalty point history
  • Date and time of visits

3. Purpose of processing

Your data is collected to:

  • Create and manage your user account
  • Provide the digital loyalty card service
  • Process subscription payments
  • Send service-related communications
  • Allow the merchant to contact their customers by email (with consent)
  • Improve the quality of our services

4. Legal basis for processing

The processing of your data is based on contract performance, your consent and our legitimate interest.

5. Retention period

Your data is retained for the entire duration of your use of the service, then for 3 years after the end of the business relationship.

6. Data sharing

Your data may be shared with:

  • The partner merchant: email and name accessible for commercial communications (with consent)
  • Stripe: for payment processing
  • Supabase: for database hosting
  • Vercel: for website hosting
  • Apple / Google: for card distribution via Wallet

We never sell your data to third parties.

7. Data transfers outside the EU

Some of our sub-processors are based in the United States. These transfers are governed by the EU-US Data Privacy Framework and/or Standard Contractual Clauses.

8. Your rights

In accordance with the GDPR, you have the following rights:

  • Right of access: obtain a copy of your data
  • Right of rectification: correct inaccurate data
  • Right to erasure: request the deletion of your data
  • Right to data portability: receive your data in a structured format
  • Right to object: object to the processing of your data
  • Right to restriction: limit the processing of your data

To exercise these rights, contact us at contact@fidelizz.fr. Response within 30 days.

9. Cookies

The site uses essential cookies (authentication, preferences) and no advertising cookies.

10. Security

We implement appropriate technical and organizational measures: HTTPS encryption, secure authentication, restricted access, regular backups.

11. Contact

legal.confidentialite.section11Body1

legal.confidentialite.section11Body2