Privacy Policy

This Privacy Policy explains how MyGreenDeals (“we,” “our,” or “us”) collects, uses, and shares information when you use the MyGreenDeals app and website (the “Service”). By using the Service, you agree to the practices described here. If you do not agree, do not use the Service.

Operator and contact

The Service is operated by Jacob Nadauld d/b/a MyGreenDeals. Mailing address for legal notices: 6311 S 3100 W, Rexburg, ID 83440. For privacy-specific questions, data-access requests, or anything else covered in this policy, email mygreendealsadmin@gmail.com.

Who this policy applies to

MyGreenDeals serves two kinds of users: customers who browse and claim deals, and business owners who post deals and pay when a claimed deal is redeemed and scanned. This policy covers both. Where a practice applies only to one type, we say so.

You must be at least 18 years old to create an account. We do not knowingly collect information from children under 18. If you believe a child has signed up, email us and we'll delete the account.

Information we collect

Account information

• Email address used to sign up.
• Display name and (optional) profile photo.
• Password (stored hashed; we never see your plaintext password).
• Authentication provider identifiers if you sign in with Google or another OAuth provider.

Activity information

• Deals you save, claim, redeem, or share.
• Reward points earned, spent, or expired.
• Search queries inside the app.
• App-rating reviews you write on businesses.

Location information

Location is optional. With your permission, we may use your device's GPS coordinates to:

• Show you deals near you.
• Verify that you visited a business after you claimed a deal (a process called “geofence verification”) to support fraud checks, dispute review, and visit validation.

We do not continuously track your location. We only access your location while the app is open and either (a) you are actively browsing a map view, or (b) you have a claim within the last 48 hours and have triggered follow-through activity such as booking, directions, or calling the business.

We do not share your precise coordinates with the business that owns the deal you claimed. The business sees only that the visit was verified, the timestamp, and an approximate distance — never your exact location.

Geofence-verification records are retained for up to 90 days, long enough to handle disputes, and then deleted. You can revoke location permission at any time from your device's settings.

Payment information

Customer Gold subscriptions are billed through Stripe (web/PWA builds), Apple In-App Purchase (iOS app builds), or Google Play Billing (Android app builds). Business redeemed-lead invoicing and Pro subscriptions are billed through Stripe.

We do not store full credit card numbers. Stripe provides us with a payment-method identifier (a token) and the last four digits of your card so you can recognize it on your receipt. Apple and Google handle their respective in-app billing without sharing card information with us at all.

Business verification information

If you operate a business on the platform we additionally collect:

• Business name, address, and phone number.
• Employer Identification Number (EIN), if provided.
• Verification documents you upload (W-9, business license, etc.) to confirm business ownership.
• The verification verdict our AI pipeline produces and any admin notes.

Verification documents are stored in a private bucket. We use a signed-URL system so that even our own marketing site cannot link to them publicly. Only authorized MyGreenDeals administrators can view them, and only as part of resolving a verification ticket.

Support and dispute records

When you submit a support ticket, lodge a dispute, or contact us by email, we keep the message you sent, your contact information, and any internal notes the resolver writes. We retain support records for up to seven years for our own legal and accounting purposes.

Device and log information

Standard server logs: IP address, user agent, request timestamps, URL paths, response codes. We use these for security monitoring, rate-limiting, and debugging. Hosting-layer logs are retained at our provider's default (typically 30 days).

How we use information

• To operate the Service: show you nearby deals, deliver claims, settle redemptions, and process payments.
• To verify business identity using a combination of public records, Google Places lookups, and Anthropic's Claude AI for the document review step. The AI verdict is one factor; a human admin reviews any flagged or rejected applications.
• To send transactional emails (account verification, password reset, claim reminders, billing receipts, dispute notifications) through our SMTP provider.
• To bill businesses for redeemed, QR-scanned leads, charge subscriptions, and issue refunds where merited.
• To prevent fraud, abuse, and platform misuse.
• To comply with applicable laws (tax records, subpoenas, etc.).
• To improve the product, monitor performance, and respond to user feedback.

Sharing

We share information with the following service providers we rely on to run the Service:

• Supabase — managed Postgres database, authentication, and object storage.
• Vercel — application hosting and edge network.
• Stripe — payment processing for Gold and business billing.
• Apple and Google — in-app purchase processing for native app subscriptions, where applicable.
• Anthropic — AI-powered business verification (we send the EIN, business name, address, and any uploaded document contents to Claude for analysis).
• Google Places API — business name and address lookups during onboarding and verification.
• Mapbox — map tiles and address geocoding.
• Gmail (Google Workspace SMTP) — transactional email delivery.

We share claim and follow-through data (your display name and actions such as booking taps, call taps, directions taps, and redeemed QR scans) with the business that owns the deal you claimed so the business can prepare for incoming customers, review activity, and reconcile billed redemptions.

We do not sell your personal information to data brokers, advertisers, or anyone else.

We may disclose information when required by law, to comply with court orders, to enforce our Terms of Service, or to protect rights, safety, or property.

How to delete your account

You can permanently delete your MyGreenDeals account in three ways:

• In-app: Settings → Account → Delete account.
• Web: visit /delete-account and follow the typed-confirmation flow.
• Email fallback: email mygreendealsadmin@gmail.com from the email address on your account; we will process the deletion within 30 days.

What gets deleted, what gets retained, and how subscriptions are handled is described in the next section.

Retention and deletion

Most personal information is retained for as long as your account is active. When you delete your account:

• Your sign-in credentials and personal profile fields (name, email, phone, address, profile photo) are deleted immediately and cannot be recovered.
• Your saved deals, unredeemed claims, reward points balance, and any uploaded photos are deleted immediately.
• Stripe customer records, saved payment methods, and active Stripe-billed subscriptions are cancelled and detached.
• Apple App Store and Google Play subscriptions are not automatically cancelled when you delete your MyGreenDeals account. You must cancel those separately through your Apple ID or Google Play account. Deleting your MyGreenDeals account does not entitle you to a refund of platform-managed subscription charges.
• Anonymized records of past leads, invoices, and disputes are retained for at least seven years to satisfy US tax and accounting recordkeeping requirements. Personal identifiers (your name, email, address) are scrubbed from these records during the deletion process; only the transaction amount, timestamp, and opaque internal IDs remain.
• Aggregate analytics (counts of claims and leads per business per city per month, etc.) remain in our reporting database. After deletion, those counts are no longer attributable to you.
• Server access logs at the hosting layer follow our provider's default retention (typically 30 days) and may briefly contain your IP address even after deletion. They are not used for any business purpose after the account is gone.

Cleanup of cached copies in our CDN and hosting providers can take up to 24 hours after the destructive deletion runs. If you contact support to delete on your behalf, allow up to 30 days from the date we receive your request.

Subscription cancellation and renewal

If you subscribe to MyGreenDeals Gold or Business Pro, your subscription renews automatically at the price and interval shown at signup. To avoid the next renewal:

• Stripe-billed subscriptions (web/PWA): cancel from Settings or via the Stripe Customer Portal link in Settings. Cancellation takes effect at the end of your current billing period.
• Apple App Store subscriptions:cancel through your Apple ID at least 24 hours before the renewal date. Cancellations made within the last 24 hours of a billing cycle may not stop that cycle's charge.
• Google Play subscriptions: cancel through your Google Play account before the renewal date.

Cancellation does not delete your MyGreenDeals account. Deleting your MyGreenDeals account does not automatically cancel a platform-managed (Apple or Google) subscription — you must also cancel through Apple or Google.

Your rights

Depending on where you live, you may have the right to:

• Access the personal information we hold about you.
• Correct inaccurate information (you can edit most fields directly from Settings).
• Deleteyour account and associated personal information (see “How to delete your account” above).
• Export a machine-readable copy of your data by emailing us.
• Revoke permissions (location, push notifications) at any time from your device settings.
• Opt out of non-transactional email if we ever start sending it. Today we only send transactional email tied to actions you took.

Security

We use industry-standard practices to protect your information, including row-level security on our database, signed URLs for sensitive document access, encrypted connections (HTTPS) for every request, and a least-privilege policy for our internal tooling. No system is perfectly secure; if you become aware of a vulnerability in MyGreenDeals, please email us at the address below before disclosing it publicly so we can fix it responsibly.

International users

MyGreenDeals is operated from the United States. By using the Service from outside the US, you understand and agree that your information will be transferred to, stored, and processed in the United States. We do not currently market the Service outside the US.

Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be highlighted when you next sign in or by an in-app banner, and the “Last updated” date above will be revised. Continued use of the Service after the effective date of any change constitutes acceptance of the updated policy, where permitted by applicable law.

Contact

Privacy questions, data-access requests, or anything else covered in this policy: email mygreendealsadmin@gmail.com. See also our Terms of Service, Delete account page, and Contact.

This document is provided for informational purposes and does not constitute legal advice. We may update this policy from time to time and will revise the “Last updated” date above when we do.