Voucher.Social

1. What We Collect

Account data: username, display name, role, account status.
Session/security data: session token hashes, IP address, user-agent, login timestamps.
Voucher operations data: product key, issuance/revocation actions, actor identity, timestamps.
Campaign delivery data: recipient email, optional recipient name/notes, send status, open timestamp, bounce/spam events.
Infrastructure logs: request metadata and operational errors (with configured redaction of auth credentials and secrets).

Postmark (email delivery provider): recipient email, campaign message metadata, delivery/bounce/open events.
UniFi (network voucher provider): voucher generation/sync metadata.
Cloud hosting providers (Railway, Vercel): service runtime and encrypted storage/transport handling.

We do not sell personal information.

Authoritative retention and deletion workflows are documented internally.

Authorized requests can be submitted for:

Access/export of personal data associated with a campaign recipient or operator account.
Correction/update of account display data.
Deletion/anonymization where legally and operationally permitted.

Campaign emails are treated as transactional voucher communications unless explicitly approved otherwise by Legal/Compliance.
For promotional/marketing communications, operators must document consent basis and provide unsubscribe mechanisms before send.

Session tokens are stored as hashes, not plaintext.
Authentication and authorization enforced server-side.
Security headers, CORS restrictions, CSRF protections, and rate-limiting are enabled.
Credential/secret redaction configured for request logging.

For privacy requests and policy questions, contact Legal/Compliance through internal support channels.

Material changes will include an updated effective date and Legal/Compliance sign-off.