Privacy Policy

SPNSR (“we”, “us”, “our”) operates the SPNSR value tracking mobile application (the “App”). SPNSR is a trading name of SPNSR.NET LTD (company number 09773388), registered in England and Wales.

For the purposes of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, we are the data controller for the personal data we collect through the App.

This policy explains what personal data we collect when you use the App, why we collect it, how we use it, who we share it with, how long we keep it, and your rights under UK data protection law.

3.1 Data You Provide Directly

3.2 Data We Generate About You

3.3 Transaction Data

When you present your QR code at a partner business and the business staff records a transaction, we collect:

• Transaction amount (before discount)
• Discount amount applied
• Points earned
• Date and time of transaction
• Which business and which staff member recorded the transaction

This data is the core of the App's function — it enables clubs and sponsor businesses to see the measurable value that club members generate at partner businesses.

3.4 Data We Do NOT Collect

• We do not collect your location or GPS data
• We do not use advertising tracking SDKs. Our hosting platform (Base44) may collect basic usage analytics as part of its service — see their privacy policy for details
• We do not track your activity across other apps or websites
• We do not collect payment card details — all payments happen directly between you and the business at the point of sale

Under the UK GDPR, we rely on the following legal bases:

5.1 Your Sports Club

Your club can see aggregated spending data and leaderboard rankings. Club administrators do not have access to individual transaction details unless they are also SPNSR administrators.

5.2 Partner Businesses

When you present your QR code at a partner business, the business staff member can see your name and membership card to verify your identity. Businesses can see aggregated data about total member spending at their premises. Individual transaction records are visible to the business that recorded them.

5.3 Other Club Members

Your first name, last name, and total points are visible on the club leaderboard to other members of the same club. You can choose to hide yourself from the leaderboard at any time via your Account settings (see Section 8).

5.4 Sponsor Businesses (Aggregated Data Only)

We provide aggregated data to sponsor businesses to demonstrate the return on their sponsorship investment. This data shows total spending volumes and trends — not individual member identities or transactions.

5.5 Service Providers

We use the following third-party service providers to operate the App:

Base44 and its sub-processors (including Supabase) process data on our behalf under a Data Processing Addendum and do not use your data for their own purposes. Google and Apple process authentication data under their own privacy policies (Google Privacy Policy; Apple Privacy Policy).

5.6 International Transfers

Some of our service providers are based outside the UK. When your data is transferred outside the UK, we ensure appropriate safeguards are in place in accordance with UK GDPR Articles 44–49. Transfers to the United States are protected by the UK-US Data Bridge and/or Standard Contractual Clauses. You can request a copy of the relevant safeguards by contacting us at info@spnsr.net.

5.7 We Do NOT

• Sell your personal data to anyone
• Share your data with advertisers
• Use your data for marketing by third parties

Under the UK GDPR, you have the following rights:

• Access — You can request a copy of all personal data we hold about you.
• Rectification — You can ask us to correct inaccurate data.
• Erasure — You can ask us to delete your personal data (see Section 8 below).
• Restriction — You can ask us to restrict how we process your data.
• Portability — You can request your data in a structured, machine-readable format.
• Object — You can object to processing based on legitimate interests.

To exercise any of these rights, contact us at info@spnsr.net. We will respond within one month.

If you are not satisfied with our response, you have the right to complain to the Information Commissioner's Office (ICO):

• Website: ico.org.uk
• Phone: 0303 123 1113
• Post: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

8.1 Leaderboard Visibility

You can choose whether to appear on the club leaderboard. In your Account settings, you can toggle “Show me on the leaderboard” on or off at any time.

If you choose to hide yourself:

• Your name and points will no longer be visible to other club members
• You will be ineligible for any prizes, promotions, or rewards linked to leaderboard rankings or points totals while hidden
• Your points will continue to accumulate — you can rejoin the leaderboard at any time to restore your visibility and regain eligibility

8.2 Deleting Your Account

You can delete your account at any time from the Account page in the App. When you delete your account:

• Your personal data (name, phone, date of birth) will be deleted from our active systems within 30 days. It may persist in encrypted backups for a further period before being permanently removed
• Your email address and authentication credentials are managed by our third-party authentication provider and will be deleted in accordance with their retention policies
• Your identity will be removed from your transaction records, but the transaction data (amount, date, business) will be retained for aggregate reporting
• Your leaderboard entry will be removed
• This action cannot be undone

The App automatically calculates your member tier based on your spending activity and determines your alcohol eligibility based on your date of birth. These calculations do not produce legal effects or similarly significant effects on you. No decisions about your access to the App or its features are made solely by automated means.

The App is rated 17+ and is not intended for anyone under the age of 17. We do not knowingly collect personal data from anyone under 17. If you are under 17, please do not register for or use the App.

Users aged 17 who are under the legal drinking age (18) will be flagged as ineligible for alcohol-related discounts.

We implement appropriate technical and organisational measures to protect your personal data, including:

• Encrypted data transmission (HTTPS/TLS)
• Authentication-protected access to all personal data
• Role-based access controls (members, business staff, and administrators see different data)
• QR codes include live timestamps to prevent screenshot reuse

No system is completely secure. If we become aware of a data breach that poses a risk to your rights, we will notify you and the ICO in accordance with UK GDPR requirements.

We may update this policy from time to time. If we make material changes, we will notify you through the App. The “Last updated” date at the top of this policy indicates when it was last revised.

If you have any questions about this privacy policy or how we handle your data:

• Email: info@spnsr.net
• Website: spnsr.net