FencyPay Privacy Policy

Last updated: 2025-08-31

This Privacy Policy explains how Fency Pay, LLC (“FencyPay,” “we,” “us,” or “our”) collects, uses, shares, and safeguards information when consumers and merchants use the FencyPay promotional credits platform, websites, and apps (the “Services”).

We do not sell personal information. We never sell or rent consumers’ personally identifiable information (“PII”) to third parties. We may publish or sell aggregated or de‑identified community shopping insights (e.g., city/locality trends) that do not identify any individual. See De‑identified & Aggregated Data.

1) Summary of how we use data

  • No sale of PII. We do not sell consumers’ personal information. We will only share PII with a merchant if a consumer explicitly opts in (blanket or merchant‑specific).
  • We track transactions across the FencyPay network to run the promotional program: amounts, items (when available), returns/refunds, merchant location, and timestamps.
  • We may sell economic insights to local governments or civic groups at the community/locality level using de‑identified/aggregated methods that prevent re‑identification.
  • Merchants can message cohorts of customers as a premium feature. They do not receive customer PII unless the customer opts in. See Merchant messaging.

2) Information we collect

2.1 Account & profile

  • Consumers: name, email, and (optional) phone for 2‑factor authentication; preferences and opt‑ins/opt‑outs.
  • Merchants: business contact info, payout/KYC data (via our payment processors), store locations, inventory or category data you choose to connect.

2.2 Transaction & network activity

  • Earn/redemption events, purchase/refund amounts, items (if provided by POS), date/time, merchant location, device/app telemetry (e.g., app version, coarse location if shared), and fraud signals.

2.3 Technical data

  • Device IDs, browser type, OS, IP address (to derive city/region), cookies and similar technologies. We do not collect precise GPS unless you enable it.

2.4 Support & communications

  • Messages you send to us, feedback, and preferences, plus records needed to fulfill legal obligations.

3) How we use information

  • Run the promotional credits program (issue credits, record earns/redemptions, compute merchant rebates, detect abuse/fraud).
  • Customer experience (account, authentication/2FA, notifications you request, cohort messaging delivery).
  • Analytics & service improvement (performance, debugging, product decisions).
  • Compliance (tax/GRT on fees, recordkeeping, responding to lawful requests).
  • Community insights using de‑identified/aggregated data for economic development and public reporting that does not identify individuals.

4) How we share information

  • Service providers/processors. We share necessary data with vetted vendors (e.g., cloud hosting, fraud tools, email, payments/KYC) under contracts that limit use to our instructions.
  • Merchants. By default, merchants receive program‑level metrics and redemption records about their store(s). They do not receive consumer PII unless you opt in (see §5).
  • Government/economic partners. We may sell or publish de‑identified/aggregated locality data (not PII). See De‑identified & Aggregated Data below.
  • Legal & safety. We may disclose information to comply with law, enforce our terms, or protect rights, security, and integrity.
  • Business transfers. If we undergo a merger or acquisition, this policy will continue to govern unless you are notified of materially different practices and given choices as required by law.

De‑identified & Aggregated Data

We maintain and use de‑identified data using reasonable measures so it cannot reasonably be linked to any individual, and we publicly commit not to attempt re‑identification. When we disclose aggregated insights (e.g., “weekday spend in ZIP 87102 increased 3%”), we apply technical, organizational, and contractual safeguards to prevent reverse engineering.

5) Merchant messaging (cohorts & opt‑ins)

  • Cohort delivery: Merchants may pay to push messages to anonymized customer groups (e.g., “frequent/re-occcurring buyers last 60 days”). FencyPay delivers messages; merchants do not receive the underlying PII.
  • No PII sharing by default: We do not provide PII to merchants for marketing unless you expressly permit it.
  • Opt‑ins: You can grant (and revoke) (a) a blanket marketing opt‑in (any participating merchant), or (b) merchant‑specific opt‑ins. Each opt‑in is recorded with timestamp and scope.
  • Opt‑outs: You can opt out of cohort messaging or withdraw any opt‑in at any time in the app or by contacting us (see Your rights).

6) Cookies & analytics

We use cookies and similar technologies to keep you signed in, remember preferences, prevent fraud, and measure usage. Where required, we display a consent banner allowing you to manage preferences. If you block cookies, some features may not work.

7) Your privacy rights (US state laws)

Depending on your state (e.g., CA, CO, CT, VA, UT), you may have rights to:

  • Access/know and receive a copy of your personal information;
  • Delete personal information (subject to legal/operational exceptions);
  • Correct inaccuracies;
  • Opt out of targeted advertising, profiling with legal effects, or the sale/share of personal information (we do not sell PII; see Appendix for CA);
  • Appeal a decision on your request (we’ll tell you how to appeal in our response).

Submit a request at support@fencypay.com We will verify your identity (and authority if you use an authorized agent) before acting. We will not discriminate against you for exercising your rights.

California “Do Not Sell or Share”

We do not sell or share your personal information for cross‑context behavioral advertising. If our practices change, we will update this Policy and provide a “Do Not Sell or Share My Personal Information” link as required.

8) Security

We use administrative, technical, and physical safeguards appropriate to the nature of the data (e.g., encryption in transit, access controls, logging, least‑privilege). No system can be 100% secure; we encourage strong unique passwords and enabling 2‑factor authentication.

9) Data retention

We retain personal information only as long as needed for the purposes in this Policy and to meet legal, tax, and audit obligations. Typical retention periods:

  • Account identifiers & preferences: while your account is active, then for up to 24 months after closure (or longer if required by law).
  • Transaction records: generally 7 years for accounting/compliance.
  • Logs & telemetry: typically 12–24 months.

We may retain de‑identified/aggregated data without time limit.

10) Children’s privacy

The Services are not directed to children under 13, and we do not knowingly collect personal information from them. If you believe a child has provided personal information, contact us and we will delete it.

11) Data hosting & transfers

We are US‑based and store/process data in the United States. If you access the Services from outside the US, you consent to processing in the US, where laws may differ from your jurisdiction.

12) Changes to this policy

We may update this Policy to reflect changes to our practices or the law. We will post the updated Policy with a new “Last updated” date and, when required, provide additional notice or obtain consent.

13) Contact us

Questions or privacy requests:

  • Email: support@fencypay.com
  • Mail: Privacy Team, Fency Pay, LLC, 23 Winery Rd, Bosque NM 87006

Appendix – California Notice at Collection CA

We collect the following categories of personal information from Consumers for the business purposes below. We do not sell or share personal information as defined by Cal. Civ. Code §1798.140 unless we update this Policy and provide required choices.

Categories collected

  • Identifiers (name, email, phone for 2FA, device IDs, IP address)
  • Commercial information (purchases, returns, redemption history, amounts, items when available)
  • Internet/electronic activity (app usage, cookies, telemetry)
  • Geolocation (coarse) (derived from IP or merchant location; not precise GPS unless you enable it)
  • Inferences (non‑sensitive preferences derived from activity)

Business purposes

  • Provide and improve the Services; prevent fraud and security incidents; debugging; short‑term transient use; internal research and analytics; activities to verify or maintain quality and safety.

Retention

See Data retention above for typical periods. We maintain de‑identified/aggregated data and will not attempt to re‑identify it.

Consumer rights

Access, delete, correct, portability, opt‑out of sale/share/targeted advertising (not currently applicable), and limit the use of sensitive information (we do not seek to collect sensitive categories). Submit requests by email: support@fencypay.com