Skip to content

Maintained answers · Compliance and security

Compliance and security.

Map product controls to the operator’s legal, privacy, and security process.

Answers
3
Reviewed
12 July 2026
Source standard
Current product material

Questions and answers

Read the answer, then verify the source.

Product behavior, requirements, pricing, and integrations can change. The contextual link in each answer is the maintained next step.

Answer 01

Direct link

Is Reward Loyalty GDPR compliant?

Reward Loyalty includes controls that can support a GDPR program, including configurable cookie consent, member email preferences, data export, business-level deletion, account deletion, scoped partner data, activity logs, and security monitoring.

The operating organization still determines lawful purpose, roles, retention, contracts, subprocessors, configuration, staff practice, and security. Read the GDPR operating guide. This answer is not legal advice.

Answer 02

Direct link

Can members export or delete their data?

The member privacy area supports a data download, deletion of the member’s data with one business, and deletion of the complete member account. Each action has the documented scope and confirmation flow.

Review member privacy and data controls and document how the operator handles backups, external systems, retention, and disputes.

Answer 03

Direct link

Who secures a self-hosted Reward Loyalty installation?

The operator secures the server, domain, mail, backups, administrator access, secrets, updates, integrations, logging, monitoring, and incident response. Reward Loyalty provides application controls and health information; it does not operate the buyer’s infrastructure.

Use the security monitoring guide as one part of the operating process.

Cookies on this site.

Google Analytics runs only if you allow it. Cookie policy