Privacy Policy

1. Who we are

Dily Pro is operated by Dily, based in Belgium. We provide a digital loyalty system for local businesses: stamp cards, customer analytics, Google review integration, and team management.

Contact: [email protected]

2. Your data is private

We do not sell, share, rent, or trade your data with any third party under any circumstances. Your business data, customer information, and usage data belong to you. We only process it to provide the Dily Pro service.

This applies to all data: business profiles, customer stamp progress, analytics, team member information, and any other data collected through the platform.

3. What data we collect

For business owners (merchants):

• Business name, address, phone number
• Account email (via Google or Apple Sign-In)
• Loyalty program configuration (card theme, stamps, points)
• Team member emails and roles

For customers (end users):

• Name and email (via Google or Apple Sign-In)
• Stamp/point progress per business
• QR code identifiers

Automatically collected:

• Device type and browser (for compatibility)
• IP address (for security and fraud prevention)
• Usage analytics (stamps collected, cards completed)

4. How we use your data

• To provide and maintain the Dily Pro service
• To authenticate users via Google or Apple Sign-In
• To display loyalty card progress to customers
• To generate analytics for business owners
• To send push notifications (when enabled)
• To provide customer support
• To detect and prevent fraud or abuse

We never use your data for advertising, profiling, or marketing to third parties.

5. Authentication

We use Google Sign-In and Apple Sign-In for authentication. When you sign in, we receive your name and email from these providers. We do not receive or store your Google or Apple password. These providers have their own privacy policies.

6. Data storage and security

• All data is stored on servers located in Europe
• Data is encrypted in transit (HTTPS/TLS)
• Access tokens are securely generated and stored
• We use industry-standard security practices

7. Data sharing

We do not share your personal data with anyone. The only exceptions are:

• Service providers: Hosting (DigitalOcean), email delivery (Mailgun), error tracking (Bugsnag) — these process data only on our behalf and under strict agreements
• Legal requirements: If required by Belgian or EU law, we may disclose data to comply with a legal obligation

We will never sell your data. Period.

8. Your rights (GDPR)

Under the General Data Protection Regulation (GDPR), you have the right to:

• Access — Request a copy of your personal data
• Rectification — Correct inaccurate data
• Erasure — Request deletion of your data
• Portability — Receive your data in a structured format
• Objection — Object to processing of your data
• Restriction — Request limited processing

To exercise any of these rights, email us at [email protected]. We will respond within 30 days.

9. Data deletion requests

You have the right to request the deletion of your account and all associated data at any time. This includes your business profile, customer data, loyalty program data, team member information, and analytics.

To request data deletion:

• Email us at [email protected] with the subject line "Data Deletion Request"
• Or call us at +32 470 35 14 16

Upon receiving your request, we will:

• Confirm your identity as the account owner
• Deactivate your account and loyalty program
• Permanently delete all your personal data within 30 days
• Send you a confirmation once deletion is complete

This action is irreversible. Customer cards linked to your business will no longer be accessible after deletion.

10. Data retention

We retain your data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days. Aggregated, anonymized analytics data may be retained indefinitely.

11. Cookies

We use minimal cookies and local storage for authentication tokens and language preferences only. We do not use tracking cookies, advertising cookies, or third-party analytics cookies.

12. Children

Dily Pro is not directed at children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it.

13. Changes to this policy

We may update this privacy policy from time to time. We will notify you of significant changes by email or through the service. The "last updated" date at the top of this page indicates when the policy was last revised.

14. Contact

If you have any questions about this privacy policy or how we handle your data:

• Email: [email protected]
• Phone: +32 470 35 14 16

Dily — Based in Belgium 🇧🇪