Legal

Privacy Policy

Last updated: 1 April 2025

1. Overview

LoyalText ("we", "our", "us") is an Australian business that provides SMS loyalty program software to small businesses. We are committed to protecting personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

This policy explains how we collect, use, store, and disclose personal information — for both the businesses that use our platform ("Operators") and the customers of those businesses who participate in loyalty programs ("Members").

2. What information we collect

From Operators (businesses using LoyalText):

  • Name and email address (for account creation)
  • Business name and contact details
  • Billing information (processed by Stripe — we do not store card numbers)
  • Usage data — how you use the dashboard, which features you access

From Members (customers of Operators):

  • Mobile phone number (collected when they join a loyalty program by SMS)
  • First name (if provided in their message or by the Operator)
  • Stamp history and reward records
  • Date and time of visits

3. How we collect information

We collect information when:

  • An Operator creates a LoyalText account
  • A Member texts a keyword to join a loyalty program (inbound SMS)
  • An Operator adds stamps or notes to a member's record in the dashboard
  • An Operator or Member contacts us directly

4. How we use information

Operator information is used to:

  • Provide and operate the LoyalText platform
  • Process billing and subscription management
  • Send service-related communications (account alerts, product updates)
  • Improve the platform based on aggregate usage patterns

Member information is used to:

  • Operate the loyalty program on behalf of the Operator
  • Send loyalty-related SMS messages (welcome, stamp updates, rewards, win-backs)
  • Display member records in the Operator's dashboard

We do not use Member information for our own marketing purposes. We do not sell Member data to third parties.

5. Third-party service providers

We use the following trusted third-party services to operate LoyalText:

  • Twilio — SMS delivery infrastructure. Member phone numbers are transmitted to Twilio to send and receive messages.
  • Stripe — Payment processing. Operator billing information is handled by Stripe and subject to Stripe's privacy policy.
  • Supabase — Database and authentication. All data is stored in secure, encrypted databases.
  • Vercel — Platform hosting and deployment infrastructure.

All third-party providers are contractually required to protect personal information and use it only for the purposes we specify.

6. Data storage and security

Personal information is stored on secure servers. We implement industry-standard security measures including encryption in transit (TLS) and at rest, access controls, and regular security reviews.

No method of transmission over the internet is 100% secure. While we take all reasonable steps to protect your information, we cannot guarantee absolute security.

7. SMS consent and opt-out

Members consent to receive SMS messages by texting a keyword to join a loyalty program. This constitutes explicit opt-in consent under Australian spam and privacy law.

Members can opt out at any time by replying STOP to any message. Opt-out requests are processed immediately and the member will not receive further messages.

8. Access, correction, and deletion

Operators can access, update, and export their member data at any time from the LoyalText dashboard. Operators can delete individual member records on request.

Members who wish to access or delete their personal information should contact the Operator whose loyalty program they joined. If you cannot reach the Operator, contact us at hello@loyaltext.com.au and we will assist.

Operators who wish to close their account and delete their data should contact hello@loyaltext.com.au. We will delete account data within 30 days of a verified request.

9. Retention

We retain personal information for as long as an account is active and for a reasonable period after closure for legal and business purposes. Member data associated with a closed Operator account is deleted within 90 days.

10. Complaints

If you believe we have breached the Australian Privacy Principles, please contact us at hello@loyaltext.com.au. We will respond within 30 days. If you remain unsatisfied, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.

11. Changes to this policy

We may update this policy from time to time. We will notify Operators of material changes by email. Continued use of LoyalText after changes constitutes acceptance of the updated policy.

12. Contact us

For any privacy-related questions, please contact:
LoyalText
Email: hello@loyaltext.com.au
Australia