Privacy Policy for Perk Punch

Last Updated: January 16, 2026

Perk Punch ("we," "us," or "our") provides digital loyalty and punch card services to businesses and customers through our mobile application. This Privacy Policy explains how we collect, use, store, share, and protect your information when you use our services.

By using Perk Punch, you agree to the practices described in this Privacy Policy.

1. Information We Collect

1.1 Customer Accounts

When customers create an account, we collect:

Email address (required for account creation, login, and account recovery)
Name (optional; if provided, visible to businesses where you have punch cards)
Phone number (optional; if provided, visible to businesses where you have punch cards)
Profile photo (optional; if provided, visible to businesses where you have punch cards)
Punch card activity: Card progress, punches earned, rewards redeemed, visit history, and business interactions
Location data (optional; only if you grant permission, used to find nearby businesses)
Camera access (optional; only for scanning QR codes to add punches)

      Important Privacy Protection: Businesses can NEVER see your email address. Your email is private
      and used only for account authentication and communications from Perk Punch.
    

1.2 Business Accounts

When businesses create an account, we collect:

Business name and description
Business category
Location details (address, coordinates)
Contact information
Business logo and branding assets
Reward offers and loyalty program configuration
Social media links (optional)
Customer interaction data (punch activity, rewards issued)
Subscription or purchase history

1.3 Payment and Subscription Information

We do not directly handle or store payment card information. All purchases and subscriptions are processed securely through:

Apple's In-App Purchase system (for iOS users) - handled by Apple according to their privacy policy
RevenueCat - our subscription management service provider

Auto-Renewable Subscriptions:

Subscriptions automatically renew unless canceled at least 24 hours before the end of the current period
Payment is charged to your iTunes Account at confirmation of purchase
You can manage and cancel subscriptions through your App Store Account Settings
Prices and subscription lengths are clearly displayed before purchase

1.4 Automatically Collected Data

We automatically collect certain technical information:

Device type, model, and operating system version
App version and build number
Device identifiers (for analytics and fraud prevention)
IP address (for security, fraud prevention, and general location)
App usage patterns and feature interactions
Crash reports and diagnostic data
Performance metrics

2. How We Use Your Information

We use the information we collect to:

2.1 Provide Core Services

Create and manage your account
Process punches and track loyalty card progress
Enable reward redemption
Connect customers with businesses
Display relevant business information to customers
Show businesses their customer engagement data
Process subscription purchases and manage billing

2.2 Improve and Secure Our Services

Analyze app usage to improve features and user experience
Debug technical issues and crashes
Prevent fraud, abuse, and security threats
Enforce our Terms of Service
Comply with legal obligations

2.3 Communicate With You

Send transactional emails (account creation, password reset, reward notifications)
Provide customer support
Send important service updates and policy changes
Send promotional communications (only with your consent; you can opt out anytime)

2.4 Legal Bases for Processing (EEA/UK Users)

We process your personal data based on:

Contract: Processing is necessary to provide the Perk Punch service you requested
Legitimate interest: For analytics, fraud prevention, app improvement, and business operations
Consent: For optional features like location services, push notifications, and marketing communications
Legal obligation: To comply with applicable laws and regulations

3. Information Visibility

3.1 What Businesses Can See About Customers

Businesses you interact with can see:

Name (only if you added it to your profile)
Phone number (only if you added it to your profile)
Profile photo (only if you added it to your profile)
Punch card progress and visit history with that specific business
Rewards earned and redeemed with that specific business
Date you joined their loyalty program

      Your Email is Always Private: Businesses can NEVER see your email address. Period.
    

3.2 What Customers Can See About Businesses

Customers can see:

Business name, description, and category
Business location(s) and hours
Reward offers and loyalty program details
Business logo and photos
Social media links
Contact information (phone, website)

4. Data Sharing and Third Parties

We do not sell or rent your personal information to third parties.

We may share limited information with trusted service providers who help us operate the app:

4.1 Service Providers

Firebase (Google): Cloud database, authentication, and analytics
RevenueCat: Subscription and purchase management
Apple: In-app purchases, push notifications, and app distribution
Analytics providers: To understand app usage and improve features
Crash reporting tools: To identify and fix technical issues

All service providers are contractually bound to protect your data and use it only for specified purposes.

4.2 Legal Requirements

We may disclose information if required by law, court order, or government regulation, or if necessary to:

Comply with legal processes
Enforce our Terms of Service
Protect our rights, property, or safety
Protect users from fraud or security threats

4.3 Business Transfers

If Perk Punch is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your information becomes subject to a different privacy policy.

5. Data Security

We implement industry-standard security measures to protect your information:

Encryption in transit (HTTPS/TLS)
Encryption at rest for sensitive data
Secure authentication systems
Regular security audits and updates
Access controls and monitoring
Firebase Security Rules to prevent unauthorized access

However, no system is perfectly secure. While we take reasonable measures to protect your data, we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your account credentials.

6. Data Retention

We retain your information only as long as necessary to:

Provide our services
Comply with legal obligations
Resolve disputes
Enforce our agreements

Customer Accounts: Your account data is retained as long as your account is active. When you delete your account, we delete or anonymize your personal data within 90 days, except where retention is required by law.

Business Accounts: Business data is retained as long as the account is active. Deleted business accounts are permanently removed within 90 days.

Backup Data: Information in backup systems may persist for up to 180 days after deletion.

7. Your Privacy Rights

7.1 All Users

You have the right to:

Access: Request a copy of your personal data
Correction: Update inaccurate or incomplete information
Deletion: Delete your account and associated data
Portability: Receive your data in a structured, machine-readable format
Opt-out: Unsubscribe from marketing communications

7.2 EEA/UK Users (GDPR Rights)

In addition to the rights above, users in the European Economic Area and United Kingdom have:

Right to restriction: Request limited processing of your data
Right to object: Object to processing based on legitimate interests
Right to withdraw consent: Withdraw consent for optional processing
Right to lodge a complaint: File a complaint with your local data protection authority

7.3 California Residents (CCPA/CPRA Rights)

California residents have additional rights under the California Consumer Privacy Act:

Know what personal information is collected, used, shared, or sold
Delete personal information held by us
Opt-out of the sale of personal information (we do not sell personal information)
Non-discrimination for exercising your privacy rights

7.4 How to Exercise Your Rights

To exercise any of these rights, contact us at:

Email: JamesConnorHill@gmail.com
In-App: Settings → Privacy & Security → Request Data

We will respond to verified requests within 30 days.

8. Children's Privacy

Perk Punch is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected information from a child under 13, we will take immediate steps to delete it.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us at JamesConnorHill@gmail.com.

9. International Data Transfers

Perk Punch is based in the United States. Your information may be transferred to, stored, and processed in the United States or other countries where our service providers operate.

When we transfer data internationally, we ensure appropriate safeguards are in place, including:

Standard contractual clauses approved by the European Commission
Adequacy decisions recognizing equivalent data protection
Binding corporate rules and certifications

10. Location Data

Perk Punch may request access to your device location to:

Help you find nearby businesses
Show relevant local offers
Improve business discovery

You always have control: Location access is optional and can be granted or revoked at any time in your device settings. The app functions without location access, though some features may be limited.

11. Camera Access

Perk Punch requests camera access only for:

Scanning QR codes to add punches
Uploading profile photos

You control camera access: Camera permission is optional and can be managed in your device settings. We do not access your camera without your explicit permission.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect:

Changes in our services or business practices
Legal or regulatory requirements
Improvements to our privacy practices

When we make material changes, we will:

Post the updated policy in the app
Update the "Last Updated" date
Send you an in-app notification or email
Request your consent if required by law

Your continued use of Perk Punch after changes indicates your acceptance of the updated Privacy Policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

Email: JamesConnorHill@gmail.com

Support: Settings → Help & Support in the app

Data Protection Inquiries: JamesConnorHill@gmail.com

We will respond to your inquiry within 30 days.