Privacy Policy

Effective Date: January 1, 2025
Last Updated: December 16, 2025

This policy applies to the LoyalBean Consumer App

← Back to LoyalBean

1. Information We Collect

1.1 Account Information

  • Email address (from Apple Sign-In, Google Sign-In)
  • Display name and profile information
  • Account creation and last login dates
  • User preferences and settings

1.2 Usage Information

  • Loyalty point transactions and balances
  • Cafe visits and check-in history
  • App usage patterns and feature interactions
  • Device information (iOS/Android version, app version)

1.3 Location Information

  • Approximate location for nearby cafe suggestions (with your permission)
  • Cafe visit locations when checking in
  • GPS coordinates (only when you grant location permissions)

Your Control: You can manage location permissions anytime through your device settings. Disabling location will limit cafe discovery features but won't affect your ability to earn or redeem points.

2. How We Use Information

  • Managing your loyalty point balance across cafes
  • Processing cafe check-ins and reward redemptions
  • Providing personalized cafe recommendations based on your location
  • Service-related notifications about your rewards
  • Analytics and service improvement

3. Information Sharing

3.1 What Participating Cafes See

Important Privacy Information: We want you to understand exactly what information cafes can see about you.

Cafes CAN see:

  • Your name and email address
  • Your loyalty point balance at their specific establishment only
  • Your visit history and transaction records at their cafe only
  • Redemption patterns and preferences at their cafe only

Cafes CANNOT see:

  • Your overall app activity or usage patterns
  • Which other cafes you visit
  • Your loyalty balances at other establishments
  • Your full transaction history across all cafes
  • Your location data or movements
  • Your personal device information

Privacy Protection: Each cafe operates independently in our system. Your data is compartmentalized, and cafes only see information directly related to their own loyalty program.

3.2 Third-Party Services

We use third-party services that may access your information:

  • Firebase (Google): Database, authentication, analytics
  • Apple Sign-In: Authentication and profile information
  • Google Sign-In: Authentication and profile information
  • Cloud service providers: Data hosting and backup

4. Data Security

We take the security of your information seriously and apply due diligence through the following measures:

  • Data is stored on Google Firebase, which provides enterprise-grade infrastructure with encryption at rest and in transit
  • Firebase App Check is enforced to verify that only legitimate app builds can access our backend
  • Firestore security rules restrict data access so you can only access your own loyalty data
  • We conduct regular security reviews and apply patches as vulnerabilities are identified
  • No payment card data is stored by LoyalBean — this service is free to consumers

Despite these measures, no system is completely immune to security risks. We cannot guarantee absolute prevention of unauthorized access or data breaches. We will notify affected users as required by applicable law in the event of a security incident.

5. Your Rights and Choices

5.1 Managing Your Privacy

You have control over your privacy:

Location Permissions:

  • Change location permissions anytime in your device settings (Settings → Apps → LoyalBean → Permissions)
  • "Allow only while using" gives you cafe recommendations without constant tracking
  • "Don't allow" disables cafe discovery but keeps all loyalty features working

Data Sharing Control:

  • Choose which cafes to join and earn points at
  • Delete your account to stop sharing data with all cafes
  • Contact cafes directly to request removal from their customer list

5.2 Account Management

You may:

  • View and update your profile information in the app
  • Control which cafes you interact with
  • Delete your account through app settings or by visiting our account deletion page
  • Manage notification preferences in app settings

6. Data Retention

  • Account information: Until you delete your account
  • Transaction history: 7 years or as required by law (for cafe business records)
  • Usage analytics: 2 years from collection
  • Technical logs: 1 year from creation

When you delete your account, we remove your profile information immediately. However, transaction records may be retained for legal compliance and cafe business records.

7. International Data Transfers

Your information may be processed in countries other than your residence, including the United States and European Union. We make no guarantees about the privacy laws or protections in other jurisdictions.

8. Children's Privacy

Our Service is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13.

9. Legal Limitations

To the maximum extent permitted by law, our liability for privacy incidents is limited to direct damages where we have failed to meet our stated security commitments. We are not liable for third-party data misuse, events outside our reasonable control, or consequential damages beyond what is required by applicable law.

10. Contact Information

For privacy-related questions or to exercise your privacy rights:

Email: [email protected]

Response Time: We aim to respond within 30 days but make no guarantees about response times or resolution of privacy concerns.

By using the LoyalBean Consumer Service, you acknowledge the data practices described in this policy and consent to the collection and use of your information as described. We are committed to protecting your data and will handle it responsibly in accordance with this Privacy Policy.
Remember: You can delete your account anytime to stop data collection. Visit your app settings or our account deletion page.