Prestige Rewards

Privacy Policy

Last updated: 2026-06-11

Template — not legal advice. This page is a working draft to be reviewed and finalized with legal counsel before launch.

Information we collect

Account information (name, email), business details (business name, owner/contact, MIDs), payment-processing volume and settlement data, loyalty points and redemption history, shipping addresses for reward fulfillment, and the content of support requests and disputes (including any files you upload).

Third-party service providers

We share data only as needed to operate the service:

  • Supabase — hosting, database, and authentication for the platform (US region by default).
  • Sentry — application error monitoring. Enabled only with your consent; we do not send your password or financial details, and error reports are tagged with an opaque user id rather than your email.
  • Tango Card — gift-card fulfillment (recipient name/email for delivery of redeemed rewards).
  • Anthropic — AI-assisted features (recommendations, statement summaries). Requests are proxied server-side; the API key is never exposed to your browser.
  • Google Fonts — web fonts.

Cookies & consent

We use essential storage to keep you signed in. Optional error-monitoring (Sentry) is enabled only after you accept it in our consent banner; you can decline without affecting core functionality.

Data retention

Immutable financial records (points ledger, settlements) are retained as required for reconciliation, tax, and legal obligations. Personal information can be anonymized on request while preserving those non-personal financial records.

Your rights

Subject to applicable law (e.g. GDPR/CCPA), you may request access to, a portable export of, or erasure/anonymization of your personal data. Contact us to exercise these rights; we honor erasure by anonymizing personal fields while retaining legally required financial records.

Contact

Questions about this policy: privacy@your-company.example (update before launch).

Terms of Service