Data Minimization
We give you the flexibility to collect and process only the attributes necessary for your members’ loyalty experience. By default, the system utilizes a unique, non-personally identifiable external ID to link activities to a member profile without requiring a full set of personal identifiers. PII fields like name, email address, and date of birth are optional and used only when they serve a functional requirement, such as triggering birthday rewards.Member Rights & Control
The platform provides tools to honor member privacy requests:- Right to Access: Customer service personnel can view a member’s full profile directly inside the app to fulfill access requests.
- Right to Erasure: When a member is deactivated, their data can be handled according to your organization’s retention and deletion policies.
- Processing Restrictions: Halt data processing for specific members in the case of a dispute or privacy review.
AI
To leverage the power of frontier LLMs while maintaining member privacy, we implement the following safeguards:- PII Masking: Before data is processed by an LLM, PII such as names and email addresses are masked or anonymized. The model operates on patterns rather than individual identities.
- Purpose Limitation: Data processed by AI is used solely for the purpose of enhancing your program and is not shared with third parties for marketing.
- Transparency: All incentive processing outcomes are individually auditable, ensuring AI-driven personalization is compliant with your internal governance standards.