Privacy Policy
Effective Date: December 28, 2024
Last Updated: December 28, 2024
Introduction
Welcome to Peso.link ("we," "our," or "us"). We operate a WhatsApp-based customer loyalty platform that helps restaurants and businesses reward their customers through our point-based system. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our WhatsApp Business services.
By interacting with our WhatsApp Business account or using our services, you agree to the collection and use of information in accordance with this Privacy Policy.
Information We Collect
Information You Provide Directly
- Phone Number: Your WhatsApp phone number when you contact us
- Profile Information: Name, profile picture, and status information from WhatsApp
- Messages: Content of messages you send to us through WhatsApp
- Registration Data: First name, last name, and referral codes when joining our loyalty program
- Transaction Information: Purchase details, redemption requests, and loyalty points activity
Information Collected Automatically
- Message Metadata: Message timestamps, delivery status, and read receipts
- Device Information: Device type and operating system (provided by WhatsApp)
- Usage Data: Interaction patterns with our WhatsApp services
- Location Data: General location information (city/region level only, if shared)
Information from Third Parties
- WhatsApp Business API: Message delivery information and account status
- Business Partners: Transaction data from participating restaurants and vendors
- Payment Processors: Payment confirmation and transaction details (when applicable)
How We Use Your Information
Primary Business Functions
- Loyalty Program Management: Track points, process redemptions, and manage customer accounts
- Customer Communication: Send welcome messages, point balance updates, reward notifications, and promotional offers
- Transaction Processing: Process purchases, validate redemptions, and manage payment transactions
- Customer Support: Respond to inquiries, resolve issues, and provide assistance
Service Improvement
- Analytics: Understand usage patterns to improve our services
- Personalization: Customize offers and recommendations based on your preferences
- System Optimization: Improve message delivery and platform performance
- Fraud Prevention: Detect and prevent fraudulent activities and abuse
Legal and Compliance
- Regulatory Compliance: Meet legal obligations in Mexico and other applicable jurisdictions
- Terms Enforcement: Enforce our Terms of Service and other agreements
- Legal Proceedings: Respond to legal requests and protect our rights
Legal Basis for Processing (GDPR Compliance)
Where applicable under GDPR, we process your personal data based on:
- Consent: You have given clear consent for specific purposes
- Contract Performance: Processing is necessary to fulfill our loyalty program services
- Legitimate Interests: For fraud prevention, service improvement, and business operations
- Legal Obligation: To comply with applicable laws and regulations
Information Sharing and Disclosure
Business Partners
- Participating Restaurants: Share necessary transaction data for point earning and redemption
- Payment Processors: Share payment information for transaction processing
- Service Providers: Share data with trusted third parties who assist in our operations
Legal Requirements
- Law Enforcement: When required by law or to protect rights and safety
- Legal Proceedings: In response to valid legal requests or court orders
- Business Transfers: In case of merger, acquisition, or asset sale
Data Protection Measures
- All data sharing is governed by strict contractual agreements
- We implement appropriate technical and organizational safeguards
- We only share the minimum necessary information for specific purposes
WhatsApp-Specific Data Handling
Message Processing
- Content Analysis: We may analyze message content to provide automated responses
- Message Storage: Messages are stored securely for customer service and compliance purposes
- Delivery Tracking: We track message delivery status for service quality
WhatsApp Business API Compliance
- We comply with WhatsApp Business Platform Terms of Service
- We follow Meta's data handling requirements and guidelines
- We respect WhatsApp's encryption and privacy standards
Data Security
Technical Safeguards
- Encryption: Data is encrypted in transit and at rest using industry-standard protocols
- Access Controls: Strict access controls limit data access to authorized personnel only
- Infrastructure Security: Secure cloud hosting with regular security updates and monitoring
- Database Protection: Encrypted databases with backup and recovery procedures
Organizational Safeguards
- Employee Training: Regular privacy and security training for all staff
- Data Minimization: We collect and retain only necessary information
- Regular Audits: Periodic security assessments and vulnerability testing
- Incident Response: Established procedures for security incident management
Data Retention
We retain your information for as long as necessary to provide our services and comply with legal obligations:
- Active Accounts: Data retained while your loyalty account is active
- Inactive Accounts: Data may be retained for up to 3 years after last activity
- Legal Requirements: Some data may be retained longer for legal compliance
- Account Deletion: You can request account deletion at any time
Your Privacy Rights
Depending on your location, you may have the following rights:
General Rights
- Access: Request a copy of your personal data we hold
- Correction: Request correction of inaccurate or incomplete data
- Deletion: Request deletion of your personal data
- Portability: Request transfer of your data to another service
- Objection: Object to certain types of data processing
Exercise Your Rights
To exercise these rights, you can:
- Data Deletion: Visit our Data Deletion page for step-by-step instructions
- Email Requests: Send requests to admin@peso.link
- WhatsApp: Send a message to our business account
- Response Time: We will respond within 30 days of your request
Quick Data Deletion
For immediate data deletion requests:
- Email admin@peso.link with subject "Data Deletion Request"
- Include your WhatsApp phone number and full name
- State clearly: "I request deletion of my personal data"
- We will confirm deletion within 7 days and complete it within 30 days
For detailed instructions, visit: https://peso.link/data-deletion
International Data Transfers
If you are located outside Mexico, please note:
- Your data may be transferred to and processed in Mexico
- We ensure appropriate safeguards for international data transfers
- We comply with applicable data protection laws in your jurisdiction
Children's Privacy
Our services are not intended for children under 16 years of age:
- We do not knowingly collect personal information from children under 16
- If we discover we have collected information from a child under 16, we will delete it promptly
- Parents or guardians may contact us to request deletion of their child's information
Third-Party Services
Our service may contain links to third-party websites or services:
- This Privacy Policy does not apply to third-party services
- We encourage you to review the privacy policies of any third-party services you use
- We are not responsible for the privacy practices of third parties
Changes to This Privacy Policy
We may update this Privacy Policy from time to time:
- Notification: We will notify you of any material changes via WhatsApp or email
- Effective Date: Changes become effective on the date specified in the updated policy
- Review: We encourage you to review this policy periodically
Contact Information
If you have questions about this Privacy Policy or our data practices, please contact us:
Peso.link
WhatsApp Business: [INSERT WHATSAPP NUMBER]
General Inquiries: admin@peso.link
Privacy Inquiries: privacy@peso.link
Data Deletion: peso.link/data-deletion
Website: https://peso.link
Mailing Address:
[INSERT PHYSICAL ADDRESS]
Mexico
Regulatory Information
Mexico Data Protection
We comply with the Federal Law on Protection of Personal Data Held by Private Parties (LFPDPPP) and other applicable Mexican privacy laws.
GDPR Compliance
For users in the European Union, we comply with the General Data Protection Regulation (GDPR).
CCPA Compliance
For users in California, we comply with the California Consumer Privacy Act (CCPA).
Last Updated: December 28, 2024
Version: 1.0