There are two sides to the data we collect; that used to manage the loyalty programs you are part of, and the rest including website visits, email communications etc. Let's try and deal with these individually to make things as clear as possible.

ACCOUNT

Zapacard is a service that allows individual businesses to operate loyalty programs for, and collect feedback from, their own customers. By doing this we remove the need for them to operate any system or manage the various elements. But as a result of this we necessarily collect some data on account holders. We keep this to a minimum and do as little with it as possible.

The individual business providing you with loyalty programs also have access to some information. This is also kept to a minimum.

For clarity we will outline both what we receive and what the businesses receive.

Data Collection

• Zapacard

Our system uses Facebook Messenger as a base because it is on the majority of phones (meaning most customers need to download no software). It also performs the authentication which in turn means we do not need you to create passwords and allows us to collect the minimal data necessary. This data consists of your name and your public Facebook profile.

In addition to this we also know the number of points awarded and redeemed at every premises and the time and date when the transaction occurred.

Finally, the business can ask you for feedback. We record any feedback you provide. This includes the sentiment ("Poor", "Ok", "Good") along with any optional comments or email address you provide.

• Businesses

The individual businesses do NOT have access to your name or Facebook profile.

They do NOT see the the individual transaction that you made with them.

They do NOT know who provided feedback or what feedback any individual provided UNLESS you specifically provide an email address, which is optional.

These businesses can only see your points balance or make changes to that balance when you scan one of the QR codes with your phone.

Once a month each business does receive a summary that includes the number of transactions that occurred, points awarded and redeemed, positive and negative feedback etc. This is a report that is compiled from ALL the transaction that occurred in their premises. It contains no personally identifiable information.

The only exception to this is if you choose to provide your email when leaving feedback. That will be provided along with the sentiment and any comment

• Third Parties

Facebook can see the communications that take place across Messenger. Their use of this is something you have previously agreed to.

Data Storage And Use

• The individual transactions (points awarded and redeemed, time of transaction) are stored on a database in Ireland.
• The feedback is also stored on a database in ireland.
• We do not store your name or your general Facebook ID. We do store a unique ID that Facebook generates that is uniquely used to link your Facebook account to ours. It is not used elsewhere in Facebook.
• If you provide your email along with feedback we do store this with the feedback. It is not stored in the same database as the point transactions but it it not difficult to link the two.
• The only personal data we share with anyone is the feedback data and this is only if you choose not to be anonymous for that particular transaction.
• The only aggregate data we provide to anyone is the transaction and feedback statistics relevant to each business.

WEBSITE, COMMUNICATIONS, AND COOKIES

We use a range of tools on our website. Some of these require cookies.

Cookies used include those from

• Gist

This allows us to manage communication and support for our visitors. This includes email support and our newsletter.

• Convertful

This manages the pop-up notices on the website. The cookies allow it to choose the most relevant pop-up to show and ensures you don't get bombarded with notices.

• Facebook

We use Messenger on our site. We also have a script that allows us to target marketing without knowing the individuals involved.

• Paperform

Paperform provides the forms that we use to allow businesses to sign-up and for people to join our newsletter.

• Landbot

Landbot provides the chatbot we use for businesses to sign up to our service. 

• LinkedIn

The LinkedIn code allows us to target marketing without knowing the individuals involved.

MANAGING YOUR DATA

As allowed by GDPR you can request to see all the data we have for you, or have all your data removed from our systems, at any time. 

Ironically we will probably need to ask for information that will allow us to identify you.

We are automating this process but right now please send an email to [email protected] with your request.