1. Introduction
PointClub ("we", "us", "our") operates the PointClub and PointClub Merchant mobile applications (the "Apps") and associated backend services. This Privacy Policy explains how we collect, use, store, share, and protect your personal information when you use our loyalty points platform.
PointClub is operated from Pakistan and primarily serves businesses and consumers within Pakistan. By using our Apps, you agree to the collection and use of information as described in this policy.
2. Information We Collect
2.1 Customer Information
When you create a PointClub customer account, we collect:
- Full name — to personalise your experience and identify you to merchants
- Email address — for account authentication, verification, and password recovery
- Phone number — for account verification and optional SMS notifications (Pakistani mobile numbers in +92 format)
- Password — securely hashed and stored; we never store or view your plaintext password
2.2 Merchant Information
When you register a business on PointClub Merchant, we collect:
- Business name and category — displayed publicly to customers
- Owner name — for account management
- Business email and phone number — for account authentication and communication
- Business logo — uploaded images stored securely for branding loyalty cards
- Brand colours — custom colour preferences for loyalty card display
- Points configuration — earning rates and redemption values
2.3 Staff Information
Merchant owners may add staff members. We collect:
- Name, phone number, and email — for account creation and OTP verification
- Role and permissions — to control access within the merchant platform
2.4 Transaction Data
When loyalty points are earned or redeemed, we record:
- Transaction amount (in PKR), points earned or redeemed, and resulting balance
- Order or receipt ID provided by the merchant
- Timestamp and associated merchant and customer identifiers
2.5 Device and Usage Data
- IP address and user agent — recorded in audit logs for security monitoring
- Location data — approximate GPS coordinates (medium accuracy) used to find nearby merchants; only collected when you use the "Nearby" feature and grant location permission
- Camera access — used solely for scanning QR codes (merchant app scans customer QR; customer app scans at merchant locations)
- Photo library access — used by merchants to upload business logos
- Local storage — authentication tokens, theme preferences, and cached data stored on your device
2.6 Information We Do NOT Collect
- We do not collect payment card or bank account information
- We do not collect contacts, call logs, or browsing history
3. How We Use Your Information
| Purpose | Data Used |
|---|
| Account creation and authentication | Name, email, phone, password |
| Loyalty points earning and redemption | Transaction data, enrollment data |
| QR code generation and validation | Enrollment ID, cryptographic nonces |
| Merchant branding and loyalty card display | Logo, brand colours, business name |
| Staff management and access control | Staff name, phone, role, permissions |
| SMS notifications and OTP verification | Phone number |
| Security monitoring and fraud prevention | IP address, user agent, audit logs |
| Business analytics and reporting | Aggregated transaction and points data |
| Personalised offers and promotions | Transaction history, enrollment data, points balance |
| Improving pricing and service features | Aggregated usage patterns and transaction trends |
| Targeted advertising and promotional communications | Customer preferences, merchant enrollment data, transaction patterns |
Advertising and Offers: We may use your transaction history, enrolled merchants, points balance, and general usage patterns to deliver personalised offers, promotions, and advertisements within the Apps. We do not sell your personal information to third-party advertisers. You can opt out of promotional communications at any time via the App settings or by contacting us.
4. Data Storage and Security
4.1 Where We Store Data
All data is stored on Amazon Web Services (AWS) infrastructure in the Asia Pacific (Singapore) — ap-southeast-1 region. This includes:
- AWS Cognito — secure user authentication with hashed passwords
- AWS DynamoDB — encrypted database for user profiles, transactions, and enrollments
- AWS S3 — encrypted storage for merchant logos and audit log archives
4.2 Security Measures
- All data transmitted over HTTPS/TLS encryption
- Server-side AES-256 encryption for all stored data
- Passwords hashed using AWS-managed key derivation (never stored in plaintext)
- Single-use cryptographic nonces for QR code transactions (prevents replay attacks)
- HMAC signatures for QR code integrity verification
- Role-based access control (RBAC) for merchant staff
- Automatic token expiry and refresh mechanisms
- Comprehensive audit logging of all security-relevant events
5. Data Retention
| Data Type | Retention Period |
|---|
| Customer and merchant accounts | Until account deletion is requested |
| Transaction records | Retained indefinitely for accounting and dispute resolution |
| Enrollment records | Until cancelled by the customer |
| Audit logs (active) | 30 days in primary database |
| Audit logs (archive) | Archived to cold storage indefinitely for compliance |
| OTP codes | 5–10 minutes (automatically deleted) |
| QR code nonces | 5 minutes (automatically deleted) |
| Merchant logos | Until replaced or account deleted |
| Staff accounts | Until deleted by the merchant owner |
6. Data Sharing
6.1 With Merchants
When you enrol in a merchant's loyalty programme, that merchant can see your:
- Name, email, and phone number
- Points balance and transaction history with that merchant
- Enrollment status
Merchants cannot see your activity with other merchants.
6.2 With Service Providers
We use the following third-party services to operate PointClub:
- Amazon Web Services (AWS) — cloud infrastructure, authentication, database, storage, and SMS delivery. Data is stored in the Asia Pacific (Singapore) region (ap-southeast-1).
- Google Firebase — We use Firebase for:
- Push notifications — device tokens linked to your account for delivering transaction and account notifications via Firebase Cloud Messaging (FCM)
- Crash reporting — error data, stack traces, device information, and your account identifier (internal UUID, not your name or email) via Firebase Crashlytics, to diagnose and fix app issues
- Analytics — screen views, feature usage events (e.g., enrollment, transactions, profile updates), and your account identifier (internal UUID) via Firebase Analytics, to understand how the app is used and improve it. We also collect your user type (customer, merchant, or support) and, if provided during signup, your gender as analytics properties.
Firebase may assign a device identifier and correlate your analytics, crash reports, and push notification data using your account identifier. Your name, email address, and phone number are not sent to Firebase. Firebase's data handling is governed by Google's Privacy Policy.
We do not sell or rent your personal information to any third parties for their marketing purposes.
6.3 Legal Requirements
We may disclose your information if required by law, court order, or government authority under the laws of Pakistan, including but not limited to the Prevention of Electronic Crimes Act 2016 (PECA) and any applicable data protection regulations.
7. Your Rights
You have the right to:
- Access your personal data — view your profile and transaction history in the App
- Correct inaccurate data — update your name and phone number in the App
- Delete your account — contact us at support@pointclub.pk to request account deletion
- Cancel enrolments — unenrol from any merchant's loyalty programme at any time
- Opt out of promotional communications — via App settings or by contacting us
- Data portability — request a copy of your data by contacting us
We will respond to your request within 30 days.
8. Children's Privacy
PointClub is not intended for children under the age of 18. We do not knowingly collect personal information from minors. If you believe a child has provided us with personal data, please contact us immediately at support@pointclub.pk and we will delete such information.
9. SMS Communications
We send SMS messages to Pakistani mobile numbers (+92) for:
- One-time passwords (OTP) for staff account verification
- Initial staff account password delivery
These are transactional messages essential for account security. Standard SMS rates from your mobile carrier may apply.
10. Cookies and Local Storage
Our Apps do not use browser cookies. We store the following data locally on your device using secure local storage:
- Authentication tokens (cleared on logout)
- Theme preference (light/dark/system)
- Last login identifier (for convenience)
- Cached merchant profile data (for instant loading)
- Hidden and favourite loyalty card preferences
All locally stored data is cleared when you log out of the App.
11. International Data Transfers
Your data is primarily stored in the AWS Asia Pacific (Singapore) region. While AWS may process data globally for infrastructure management, your personal data remains within the AWS ap-southeast-1 region. By using PointClub, you consent to the storage of your data in Singapore-based AWS data centres. Google Firebase services may process device data, crash reports, analytics events, and your account identifier (internal UUID) in Google's global infrastructure as described in Section 6.2.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. When we make material changes, we will notify you through the App or via email. The "Last Updated" date at the top of this policy indicates when it was last revised.
13. Governing Law
This Privacy Policy is governed by the laws of Pakistan, including the Prevention of Electronic Crimes Act 2016 (PECA) and any future data protection legislation enacted in Pakistan.
14. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us: