LoyalFace

Privacy Policy

Last updated: Oct 2025

1. Information We Collect

We collect the following types of information when merchants use the Loyal Face app in their venues:

1.1 Facial Recognition Data

When you stand in front of a device using the Loyal Face app, the camera captures live image frames of your face. These frames are used locally on the device to generate a facial embedding — a unique numerical representation of your facial features.

  • We do not store or transmit raw facial images or video.
  • The embedding is non-reversible; it cannot be used to reconstruct your face.
  • If enabled by the merchant, the app may also generate a voice embedding using a short spoken input, processed locally. No raw audio is stored.

1.2 Customer Profile Information

Merchants may collect and store basic information you provide, such as your name, preferred orders, loyalty preferences, or other voluntarily shared details. This information is linked to your facial embedding to help the merchant recognise returning customers.

1.3 Device & Technical Information

We may collect limited device information (e.g. iPad model, OS version) and diagnostic logs for performance, security monitoring, and troubleshooting. No facial or biometric data is included in diagnostic transmissions.

2. How We Use Your Information

We use facial embeddings and related data exclusively for customer recognition and loyalty interactions at the merchant’s venue. Specifically:

  • To recognise returning customers in real time when they visit the venue.
  • To display their previously stored preferences to staff, improving service speed and personalisation.
  • To securely synchronise loyalty data across the merchant’s devices (if they use multiple iPads).
  • To provide technical support and maintain system performance.

We do not use face data for advertising, tracking outside the venue, profiling beyond loyalty recognition, or any unrelated purposes.

3. Storage and Security of Face Data

3.1 Local Device Storage

Facial embeddings are stored locally on the merchant’s iPad in encrypted form using AES-256 encryption.

3.2 Cloud Storage (Optional)

For merchants who enable multi-device sync or backups, encrypted embeddings and associated loyalty data are stored on our SOC 2–compliant cloud infrastructure.

  • All data in transit is protected with TLS 1.2+ encryption.
  • All data at rest is encrypted using AES-256.

4. Retention and Deletion Rights

  • Facial embeddings and linked loyalty data are retained only for as long as the merchant actively maintains the customer’s loyalty record.
  • If a customer opts out or requests deletion, the merchant or Loyal Face will permanently delete the facial embedding and associated data from both local and cloud storage within 30 days.
  • Merchants can manually delete records at any time through the app.
  • Once deleted, the data is permanently erased and cannot be recovered.

5. Customer Rights

Customers have the following rights regarding their data:

  • Opt-Out: You can opt out of facial recognition at any time at the point of service.
  • Access: You can request to view the information stored about you, including your loyalty profile.
  • Deletion: You can request deletion of your biometric data, which will be processed within 30 days.
  • Correction: You may ask merchants to update or correct your personal information.

To exercise these rights, contact the merchant directly or email us at privacy@eronka.com

6. Data Sharing & Third Parties

We do not sell, lease, rent, or otherwise disclose biometric data to any third parties.
We may share aggregated, anonymised statistical data (which contains no biometric information) for service improvement, compliance reporting, or security analysis.

7. Children's Privacy

Loyal Face is designed for use by merchants in retail environments. It is not directed at children under the age of 13. We do not knowingly collect biometric information from children without parental consent.

Changes to this Privacy Policy

We may update this Privacy Policy to reflect changes in our practices or legal obligations. Significant updates will be posted on this page with a revised effective date.

6. Contact Us

If you have any questions about this Privacy Policy, please contact us at privacy@eronka.com or through our contact form.