Privacy Policy

Effective date: 5 November 2025 (Adelaide time) Who we are: SaveKey (including the SaveFee & SaveKey programs), founded and operated from Australia. We respect your privacy and are committed to protecting your personal information. This Policy explains what we collect, why we collect it, how we use and share it, and the choices you have.

1) Scope & Who this applies to

This Policy applies to:
  • Visitors to savekey.co and related pages
  • Users of the SaveKey app and Gift Card
  • Customers using SaveFee and/or SaveKey value-back services
  • Business partners and providers participating in our network
Where local laws apply (e.g., Australian Privacy Principles (APPs), GDPR/UK GDPR, India’s Digital Personal Data Protection Act (DPDP)), we follow those rules in that region.

2) The information we collect

You give us directly:
  • Account details (name, email, phone)
  • Profile info (country, city/town, redemption preferences)
  • Identification provided during support or verification
  • Messages you send us (support tickets, forms)
Automatically via website/app:
  • Device and log data (IP address, browser/app version, timestamps)
  • Usage events (pages/screens viewed, button taps, errors)
  • Cookies and similar technologies (see Cookies section)
Transactions & program data:
  • Payment confirmations/receipts from partners (we do not store full card numbers)
  • SaveKey balance, credits, redemptions, partner category used
  • Gift Card identifiers (stored securely; no plaintext)
Location & device permissions (optional/consented):
  • Location: to show relevant redemption options and partner lists
  • Camera: to scan QR codes or receipts (where enabled)
  • Notifications: to send balance updates, security alerts, and offers
We do not intentionally collect sensitive health information. If a service category implies health (e.g., clinic visit), we only store what’s needed for program operation (e.g., that a transaction occurred with a healthcare partner), not clinical data.

3) Why we collect and how we use your information

To operate the programs
  • Credit 100% back as redeemable value, manage balances, and process redemptions
  • Provide a personalized partner list based on your location and preferences
  • Detect and prevent fraud, abuse, and security incidents
To improve our services
  • Troubleshoot, measure performance, and enhance features
  • Run analytics (aggregated/ de-identified where possible)
To communicate with you
  • Account, security, and transactional messages
  • Program updates, new partner availability in your area
  • With your consent, promotions or educational content (opt-out anytime)
Legal bases (where applicable)
  • Contract performance (providing SaveFee/SaveKey to you)
  • Legitimate interests (security, improvement, support)
  • Consent (location, marketing, certain cookies)
  • Legal obligations (tax, accounting, compliance)

4) Sharing your information

We do not sell your personal information. We share only as needed with:
  • Service providers (processors): cloud hosting, analytics, email/SMS, support tools, fraud/risk systems
  • Payments & gift card infrastructure: tokenized processing; we don’t store full card data
  • Partner providers: limited information to verify eligibility, process redemptions, and resolve issues
  • Legal/compliance: if required by law or to enforce our terms and protect users
All vendors are bound by confidentiality and data-processing terms.

5) International transfers

Your data may be processed in countries other than where you live. We apply safeguards (contractual clauses and technical/organisational controls) to protect it, consistent with APPs, GDPR/UK GDPR, and other local laws.

6) Data retention

We keep personal information only as long as necessary for the purposes above, and to meet legal requirements. Typical periods:
  • Program & account data: while your account is active, then securely archived or deleted
  • Transaction records: usually retained up to 7 years to meet tax and accounting obligations
  • Logs & analytics: shorter rolling windows where feasible
SaveKey value is valid up to 5 years from credit date; associated records may be retained for that period plus any legally required time.

7) Your rights & choices

Depending on your location, you may have the right to:
  • Access and get a copy of your data
  • Correct inaccurate data
  • Delete data (subject to legal/operational retention)
  • Object to or restrict processing
  • Port your data (machine-readable copy)
  • Withdraw consent (e.g., location, marketing)
How to exercise: Email privacy@savekey.co. We may verify your identity to protect your account. Marketing emails include an unsubscribe link. App notifications can be controlled in device settings.

8) Cookies & similar technologies

We use:
  • Essential cookies: security, session management, balance display
  • Analytics: understand usage and improve features
  • Preference cookies: remember your settings
Where required, we ask for consent. You can manage cookies in your browser or app settings; some features may not work without essential cookies.

9) Security

  • TLS encryption in transit; encryption at rest for sensitive fields
  • Role-based access (least privilege) and audit logging
  • 2FA support, device checks, session timeouts
  • PIN/OTP for redemptions; instant lock if card/app is lost or stolen
  • Secure development lifecycle, vulnerability scanning, and regular patching
If we identify a breach that may affect you, we will notify you as required by law and our policies.

10) Children

Our services are intended for adults. If you are under 16, a parent/guardian should provide consent and manage the account/redemptions. If we learn we have collected personal information from a child without proper consent, we will delete it.

11) Third-party links

Our site or app may link to third-party websites or apps. Their privacy practices are their own; please review those policies.

12) Region-specific information

Australia (APPs): You can contact us (details below) with any privacy complaint. If unresolved, you may contact the Office of the Australian Information Commissioner (OAIC). EU/UK (GDPR/UK GDPR): Where GDPR applies, SaveKey is a controller of your personal data. You may lodge a complaint with your local Data Protection Authority (e.g., your EU DPA or the UK ICO). India (DPDP): You may exercise your rights as provided under the DPDP by contacting us. We will process requests per applicable law.

13) How to contact us

Privacy & data requests: privacy@savekey.co Security reports: security@savekey.co Customer support: support@savekey.co Postal: SaveKey, Adelaide, South Australia (include your order/account ID when applicable)

14) Changes to this Policy

We may update this Policy to reflect changes in our services or the law. When we make material changes, we’ll post the updated version here with a new effective date, and—where required—notify you in-app or by email.

15) Quick summary (at a glance)

  • We collect only what’s needed to run SaveFee & SaveKey and improve your experience.
  • We credit 100% back as redeemable value (not cash) and keep your balance secure.
  • You control your data: access, correct, delete, and opt out where applicable.
  • We use strong security and will notify you if something important happens.
  • Questions? privacy@savekey.co.
Copyright © SaveKey