Privacy Policy — SavevyCoupons

← Back to Home

1. Data Controller

The data controller responsible for your personal data is:

SavevyCoupons Inc.
1401 Koll Circle, Suite 108
San Jose, CA 95112, United States
Email: privacy@savevycoupons.com
Phone: +1 (408) 673-8142

If you are located in the European Economic Area, SavevyCoupons Inc. acts as the data controller for any personal data processed in connection with the Service. For inquiries related to EU data protection, please contact our Privacy Officer at the email address above.

2. Data We Collect

We collect and process the following categories of personal data:

Account Data

Business name, registered address, and tax identification number
Contact name, email address, phone number, and job title of authorized account representatives
Billing information (processed and stored by Stripe; we do not store full payment card details)

End-Customer Data (Processed on Behalf of Our Clients)

Name and email address (as provided during loyalty program enrollment)
Coupon redemption history, loyalty points balance, and reward tier status
Transaction records linked to coupon usage (amount, date, location)

Usage & Technical Data

IP address, browser type, device type, and operating system
Pages visited, features used, and session duration within the platform
Error logs and performance metrics for troubleshooting and service improvement

3. How We Use Data

We use the personal data we collect for the following purposes:

Service delivery: To provide, maintain, and improve the SavevyCoupons platform, including coupon generation, loyalty tracking, and analytics
Transactional notifications: To send coupon redemption confirmations, loyalty balance updates, expiration reminders, account security alerts, and billing invoices
Account administration: To manage your subscription, process payments, and communicate regarding your account status
Security & fraud prevention: To detect, investigate, and prevent unauthorized access, abuse, or fraudulent activity
Legal compliance: To comply with applicable laws, regulations, and legal requests, including tax reporting and audit requirements
Platform improvement: To analyze aggregate usage patterns and improve features, performance, and reliability (using anonymized or aggregated data only)

We do not use personal data for marketing, advertising, or profiling purposes. We do not send promotional emails, newsletters, or advertising content.

4. Legal Bases for Processing (GDPR)

For individuals in the European Economic Area, we process personal data based on the following legal grounds:

Performance of a contract: Processing necessary to deliver the Service under our subscription agreement (account management, billing, service functionality)
Legitimate interests: Processing for platform security, fraud prevention, and service improvement, where our interests do not override your rights
Legal obligation: Processing required to comply with tax, accounting, or regulatory requirements
Consent: Where applicable, processing based on freely given, specific, informed, and unambiguous consent (e.g., optional communications preferences)

5. No Data Selling

SavevyCoupons does not sell, rent, lease, or trade your personal data to third parties. We do not share personal information with third parties for their own marketing or advertising purposes. This commitment applies to all data categories, including account data, end-customer data, and technical data.

Under the California Consumer Privacy Act (CCPA), we confirm that we have not sold personal information of any California consumer in the preceding twelve months and do not intend to do so in the future.

6. Sub-Processors

We use the following third-party sub-processors to deliver the Service. Each has been vetted for data protection compliance:

Amazon Web Services (AWS) — Cloud infrastructure hosting (us-west-2 region). Provides compute, storage, and database services for the SavevyCoupons platform
Mailgun (Sinch) — Transactional email delivery. Processes sender and recipient email addresses, email content, and delivery metadata for transactional notifications only
Stripe — Payment processing. Processes billing information, payment card details, and transaction records for subscription payments

We maintain Data Processing Agreements (DPAs) with each sub-processor. A current list of sub-processors is available upon request at privacy@savevycoupons.com.

7. International Data Transfers

Your data is primarily stored and processed in the United States (AWS us-west-2 region, Oregon). If you are located outside of the United States, your data will be transferred to the U.S. for processing.

For transfers of personal data from the European Economic Area, we rely on:

Standard Contractual Clauses (SCCs) approved by the European Commission
EU-U.S. Data Privacy Framework certification (where applicable to our sub-processors)
Supplementary safeguards including encryption in transit (TLS 1.3) and at rest (AES-256), access controls, and contractual commitments

8. Data Retention

We retain personal data only as long as necessary for the purposes described in this policy:

Account data: Retained for the duration of your subscription plus 90 days. After this period, data is permanently deleted unless retention is required by law
End-customer data: Retained for the duration of the merchant's subscription. Upon termination, end-customer data is deleted within 90 days
Transaction and redemption logs: Retained for 24 months for analytics and audit purposes, then anonymized
Email delivery logs: Retained for 90 days, then permanently deleted
Access and security logs: Retained for 12 months for security and compliance review
Billing records: Retained for 7 years as required by U.S. tax regulations

Upon request, we can provide a detailed data retention schedule for your specific account.

9. Your Rights — GDPR

If you are located in the European Economic Area, you have the following rights under the General Data Protection Regulation:

Right of access: Request a copy of the personal data we hold about you
Right to rectification: Request correction of inaccurate or incomplete personal data
Right to erasure: Request deletion of your personal data when it is no longer necessary for the purposes it was collected
Right to restriction: Request limitation of processing in certain circumstances
Right to data portability: Receive your personal data in a structured, commonly used, machine-readable format
Right to object: Object to processing based on legitimate interests or for direct marketing purposes
Right to withdraw consent: Withdraw consent at any time, where processing is based on consent

We will respond to all GDPR rights requests within 30 days of receipt. To exercise any of these rights, contact us at privacy@savevycoupons.com.

10. Your Rights — CCPA

If you are a California resident, the California Consumer Privacy Act provides the following rights:

Right to know: Request disclosure of the categories and specific pieces of personal information we have collected about you
Right to delete: Request deletion of your personal information, subject to certain exceptions
Right to opt-out of sale: We do not sell personal information. No opt-out mechanism is necessary, but we include this disclosure for transparency
Right to non-discrimination: We will not discriminate against you for exercising your CCPA rights

To submit a CCPA request, contact us at privacy@savevycoupons.com or call +1 (408) 673-8142. We will verify your identity before fulfilling any request and respond within 45 days.

11. Cookies

SavevyCoupons uses strictly necessary cookies only:

Session cookie: Maintains your authenticated session while using the platform. Expires when you close your browser or log out
CSRF token cookie: Prevents cross-site request forgery attacks. Expires with the session

We do not use:

Advertising or tracking cookies
Third-party analytics cookies (e.g., Google Analytics)
Social media tracking pixels or widgets
Fingerprinting or cross-site tracking technologies

Because we use only strictly necessary cookies, no consent banner is legally required under GDPR. However, we display an informational notice for transparency.

12. Data Security

We implement robust technical and organizational measures to protect your personal data:

Encryption in transit: All data transferred between your browser and our servers uses TLS 1.3
Encryption at rest: All database records and file storage are encrypted using AES-256
Access controls: Role-based access control (RBAC) ensures only authorized personnel can access personal data. Multi-factor authentication (MFA) required for all administrative accounts
Vulnerability management: Regular automated security scanning and annual penetration testing by independent assessors
Employee training: All team members complete data protection and security awareness training annually
Incident response: Documented incident response plan with defined roles, communication procedures, and post-incident review

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or business operations. When we make changes:

We will provide at least 30 days advance notice before material changes take effect
Notice will be delivered via email to the primary contact on your account and prominently displayed within the platform
The "Last Updated" date at the top of this page will be revised
Continued use of the Service after the effective date constitutes acceptance of the updated policy

We encourage you to review this policy periodically to stay informed about how we protect your data.

14. Contact — Privacy Office

For any privacy-related questions, concerns, or rights requests, please contact our Privacy Officer:

Email: privacy@savevycoupons.com
Phone: +1 (408) 673-8142
Mailing Address:
Privacy Officer
SavevyCoupons Inc.
1401 Koll Circle, Suite 108
San Jose, CA 95112, United States

If you believe your data protection rights have not been adequately addressed, you have the right to lodge a complaint with your local supervisory authority.