Data Processing Agreement (DPA)
Estimate Your Loyalty ROI
Is Your Loyalty Program Built for Growth—Safely?
This quiz is informational marketing content only. It is not legal, financial, or investment advice. Loyalteez Points (LTZ) are
promotional, account-bound, non-transferable units for use with participating partners; they are not cash, not e-money,
not a cryptoasset, and have no secondary market or redemption for cash. Program configuration must comply with applicable
laws (e.g., consumer-protection, advertising, privacy, and anti-fraud rules).
Level 0
Your personalized recommendation will appear here.
How Loyalteez can help—within compliant guardrails
We’ll propose a configuration based on your answers. Implementation remains subject to your internal compliance review and applicable law.
Slide Into Our DMs (Professionally)
Whether you're a developer, brand, protocol, or just Alpha-curious, we'd love to hear from you. Drop us a line and let’s make loyalty unbreakable.
Last Updated: October 15, 2025
1. Introduction
This Data Processing Agreement (“DPA”) forms part of the agreement between Loyalteez (“Processor”) and partner brands (“Controller”) regarding the use of the Loyalteez platform and services (“Services”).
The purpose of this DPA is to ensure that the processing of personal data complies with the General Data Protection Regulation (GDPR), UK GDPR, CCPA/CPRA, and other applicable data protection laws.
2. Definitions
3. Scope of Processing
Loyalteez processes personal data solely for the following purposes:
4. Obligations of Loyalteez (Processor)
Loyalteez agrees to:
5. Obligations of the Controller
The Controller agrees to:
6. Sub-Processing
7. International Transfers
Where personal data is transferred outside the EU/EEA/UK, Loyalteez uses Standard Contractual Clauses (SCCs) or other lawful mechanisms to ensure adequate protection.
8. Security Measures
Loyalteez applies enterprise-grade security practices, including but not limited to:
9. Data Subject Rights
Loyalteez will assist the Controller in fulfilling requests from data subjects under applicable laws, including:
10. Liability
Each party remains liable for its respective obligations under this DPA and applicable data protection law.
11. Duration
This DPA remains in effect for as long as Loyalteez processes personal data on behalf of the Controller.
12. Governing Law
This DPA shall be governed by the laws of Texas, unless otherwise agreed.
1. Introduction
This Data Processing Agreement (“DPA”) forms part of the agreement between Loyalteez (“Processor”) and partner brands (“Controller”) regarding the use of the Loyalteez platform and services (“Services”).
The purpose of this DPA is to ensure that the processing of personal data complies with the General Data Protection Regulation (GDPR), UK GDPR, CCPA/CPRA, and other applicable data protection laws.
2. Definitions
- “Controller” – The brand or business that determines the purposes and means of processing personal data.
- “Processor” – Loyalteez, which processes personal data on behalf of the Controller.
- “Personal Data” – Any information relating to an identified or identifiable natural person.
- “Sub-processor” – A third party engaged by Loyalteez to process personal data.
3. Scope of Processing
Loyalteez processes personal data solely for the following purposes:
- Enabling LTZ credit issuance and redemption.
- Maintaining partner dashboards, analytics, and user reward history.
- Providing customer support and communications.
- Complying with applicable laws.
4. Obligations of Loyalteez (Processor)
Loyalteez agrees to:
- Process personal data only on documented instructions from the Controller.
- Ensure staff with access to data are bound by confidentiality.
- Implement appropriate technical and organizational measures (encryption, access controls, audits).
- Assist the Controller in responding to data subject requests (e.g., access, deletion, portability).
- Notify the Controller without undue delay of any data breach.
- Delete or return all personal data upon termination of services, unless retention is required by law.
5. Obligations of the Controller
The Controller agrees to:
- Ensure that data subjects have been provided with lawful notices of processing.
- Obtain all necessary consents, where required.
- Ensure the lawful basis for processing personal data under GDPR or other laws.
6. Sub-Processing
- Loyalteez may engage Sub-processors (e.g., cloud hosting, analytics providers).
- A current list of Sub-processors is available upon request.
- Loyalteez will ensure Sub-processors are bound by written agreements providing equal data protection obligations.
7. International Transfers
Where personal data is transferred outside the EU/EEA/UK, Loyalteez uses Standard Contractual Clauses (SCCs) or other lawful mechanisms to ensure adequate protection.
8. Security Measures
Loyalteez applies enterprise-grade security practices, including but not limited to:
- Data encryption in transit and at rest.
- Network firewalls and intrusion detection.
- Access management and role-based permissions.
- Regular penetration testing and monitoring.
9. Data Subject Rights
Loyalteez will assist the Controller in fulfilling requests from data subjects under applicable laws, including:
- Right of access
- Right to rectification
- Right to erasure
- Right to data portability
- Right to object or restrict processing
10. Liability
Each party remains liable for its respective obligations under this DPA and applicable data protection law.
11. Duration
This DPA remains in effect for as long as Loyalteez processes personal data on behalf of the Controller.
12. Governing Law
This DPA shall be governed by the laws of Texas, unless otherwise agreed.
Disclaimer: LTZ credits are non-transferable, non-speculative loyalty units. They are not cryptocurrency, securities, or cash equivalents. This DPA governs data processing obligations only and does not alter the non-financial nature of LTZ.
Connect With Loyalteez
Join our community of forward-thinking brands and marketers. Follow us for insights, strategies, and behind-the-scenes updates on building the future of loyalty.
We’re Just Getting Started
Together, let's build the next era of loyalty.
Manage cookies
Cookie Settings
Cookies necessary for the correct operation of the site are always enabled.
Other cookies are configurable.
Other cookies are configurable.