Privacy Policy

Last updated: November 2025

Introduction

This Privacy Policy describes how we collect, use, and protect your personal information when you use our geofencing location marketing service. We are committed to protecting your privacy and complying with GDPR and other applicable data protection laws.

Information We Collect

Personal Information

  • Email address (required)
  • First and last name (optional)
  • Location data when entering designated geofence zones
  • Marketing preferences and consent records

Technical Information

  • Device type and operating system
  • IP address
  • Geofencing subscription status
  • Email engagement metrics (opens, clicks)

How We Use Your Information

  • Send you location-based marketing offers when you enter our stores
  • Personalize your shopping experience
  • Comply with legal obligations and GDPR requirements
  • Improve our services and marketing effectiveness
  • Maintain audit logs for compliance purposes

Legal Basis for Processing

We process your personal data based on:

  • Consent: You have explicitly consented to receive marketing communications
  • Legitimate Interest: To improve our services and understand customer behavior
  • Legal Obligation: To comply with GDPR and maintain required records

Your Rights Under GDPR

  • Right to Access: Request a copy of your personal data
  • Right to Rectification: Correct inaccurate data
  • Right to Erasure: Request deletion of your data
  • Right to Withdraw Consent: Unsubscribe at any time
  • Right to Data Portability: Receive your data in a portable format
  • Right to Object: Object to processing of your data

Data Retention

We retain your personal data for as long as you remain subscribed to our service. Upon unsubscribing, your data will be deleted within 30 days, except for:

  • Audit logs required for GDPR compliance (retained for 7 years)
  • Consent withdrawal records (retained permanently for legal protection)

Data Security

We implement appropriate technical and organizational measures to protect your data:

  • Encryption of data in transit and at rest
  • Regular security audits and updates
  • Access controls and authentication
  • Secure data centers in the EU

Third-Party Services

We use the following third-party services:

  • Geofencing API: Camara Project (GSMA) - for location detection
  • Email Service: For sending marketing communications

These services are GDPR-compliant and process data according to our instructions.

Contact Us

For any privacy-related questions or to exercise your rights:

Email: privacy@example.com

Data Protection Officer: dpo@example.com

Address: [Company Address]

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes via email or through our service.