Privacy Policy

[Spaghetti Arms App] (“we,” “us,” or “our”) respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, and share your information when you use our mobile application (“App”) and related services.


  1. Information We Collect

    We collect the following types of information:

    1.1 Information You Provide to Us
    • Account details: first name, last name, email address, and password (encrypted).
    • Optional profile information: e.g., profile picture if added.
    • Loyalty data: points balance, stamps earned, redemption history
    1.2 Information Collected Automatically
    • Device identifiers (such as device model, OS version, IP address).
    • Usage data (how and when you use the app).
    1.3 Information from QR Code Scans

    When your QR code is scanned, your account ID and loyalty data are retrieved from our system to update your points and stamps.

  2. How We Use Your Information

    We use your information to:

    • Create and manage your account.
    • Process loyalty points and rewards.
    • Display your account and reward progress.
    • Communicate updates, offers, or promotions (if you opt in).
    • Maintain the security and performance of our services.

  3. Legal Basis for Processing

    We process your personal information under the following legal bases:

    • Contract performance: to provide the services you request.
    • Consent: for marketing communications and certain optional features.
    • Legitimate interests: improving our services and preventing fraud.

  4. Data Sharing

    We do not sell your personal information. We may share it with:

    • Service providers who help us operate the app (e.g., cloud hosting, analytics).
    • Affiliated businesses (if white-labelled) solely for providing loyalty rewards.
    • Authorities where required by law or to protect legal rights.

  5. Data Storage and Retention

    • Your data is stored securely on servers located in the UK/EU.
    • We retain your account data for as long as your account is active. If you delete your account, we erase or anonymise your data within 30 days unless required to retain it for legal purposes.

  6. Your Rights

    Under GDPR and applicable laws, you may:

    • Access the personal data we hold about you.
    • Request correction or deletion.
    • Object to processing or withdraw consent.
    • Request a copy of your data (data portability).
    • You can exercise these rights via the “Delete Account” option in the app or by contacting us at: [hello@sugarrushloyalty.app].

  7. Children's Privacy

    Our app is not intended for children under 16. We do not knowingly collect their data.

  8. Security

    We implement appropriate technical and organisational measures to protect your data, including encryption of stored passwords.

  9. Changes to this Policy

    We may update this Privacy Policy. Changes will be posted within the app with a revised “last updated” date.

  10. Contact Us

    If you have questions, contact:
    Data Protection Officer
    Email: [hello@sugarrushloyalty.app]