Privacy Policy

Sponti ("we", "our", or "us") operates a marketplace platform that connects local businesses offering last-minute deals with nearby customers (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and website.

By using Sponti, you agree to the practices described in this policy. If you do not agree, please discontinue use of our Service.

We use the information we collect to:

• Provide the Service: Match customers with relevant nearby deals, process bookings, and enable business-customer interactions.
• Personalise your experience: Surface deals based on your location, browsing history, and stated preferences.
• Process payments: Handle transactions, payouts to businesses, and associated record-keeping.
• Communicate with you: Send booking confirmations, deal alerts (if opted in), operational notices, and customer support responses.
• Maintain platform integrity: Detect fraud, verify business accounts, enforce our Terms of Service, and prevent abuse.
• Improve the Service: Analyse usage patterns, conduct A/B testing, fix bugs, and develop new features.
• Legal compliance: Meet our obligations under applicable laws and respond to lawful requests from authorities.

We do not sell your personal data to third parties for their own marketing purposes.

We share information only as described below:

With businesses: When you redeem a deal, the business receives your name and booking reference. They do not receive your payment card details, exact home address, or browsing history.

With customers: Businesses' public profile information (name, description, category, photos) is visible to all users browsing the app.

With service providers: We engage trusted third-party vendors to help operate the Service — including payment processors (Stripe), cloud hosting providers, analytics platforms, and push notification services. These vendors are contractually bound to use your data only to provide services to us.

For legal reasons: We may disclose information if required by law, court order, or regulatory authority, or if we believe disclosure is necessary to protect the rights, safety, or property of Sponti, our users, or the public.

Business transfers: In the event of a merger, acquisition, or sale of assets, user information may be transferred as part of that transaction. We will notify you via email or in-app notice before your information becomes subject to a different privacy policy.

Our website uses cookies and similar tracking technologies to:

• Keep you signed in across sessions
• Remember your preferences
• Understand how visitors navigate the site (via analytics tools such as Google Analytics)
• Measure the effectiveness of our content

Cookie types we use:

• Essential cookies: Required for authentication and core functionality. Cannot be disabled.
• Analytics cookies: Collect anonymous usage statistics. You can opt out via your browser settings or by using browser extensions such as uBlock Origin.
• Preference cookies: Store your language and display preferences.

Our mobile app uses similar device-level identifiers for analytics and crash reporting purposes. You can limit ad tracking via your device's privacy settings (iOS: Settings → Privacy → Tracking; Android: Settings → Privacy → Ads).

We do not use advertising cookies or sell data to ad networks.

We retain your personal information for as long as your account is active or as needed to provide the Service. When you delete your account:

• Your public profile information is removed within 30 days.
• Transaction and booking records may be retained for up to 7 years for legal and financial compliance purposes.
• Anonymised, aggregated analytics data derived from your usage may be retained indefinitely.

Business accounts that have processed payments through Stripe are subject to Stripe's data retention requirements as a regulated financial service provider.

Depending on your location, you may have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you.
• Correction: Request correction of inaccurate or incomplete data.
• Deletion: Request deletion of your account and associated data, subject to legal retention requirements.
• Portability: Request your data in a structured, machine-readable format.
• Objection: Object to certain types of processing, such as direct marketing.
• Withdrawal of consent: Where processing is based on consent (e.g., location access), withdraw that consent at any time.

To exercise any of these rights, contact us at privacy@sponti.app. We will respond within 30 days. We may need to verify your identity before fulfilling a request.

If you are located in the European Economic Area, you also have the right to lodge a complaint with your local data protection authority.

We implement industry-standard security measures including:

• Encryption in transit (TLS) and at rest for sensitive data
• Access controls restricting internal data access to authorised personnel
• Regular security reviews and vulnerability assessments
• Payment data handled exclusively by Stripe, a PCI DSS-compliant processor

No method of transmission over the internet is 100% secure. We cannot guarantee absolute security, but we take reasonable steps to protect your information and notify you promptly in the event of a breach that affects your data.

Sponti is not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.

The Service may contain links to third-party websites or services (such as restaurant booking platforms, event ticketing systems, or social media pages). We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before sharing any personal information with them.

We may update this Privacy Policy from time to time. When we make material changes, we will notify you via email or a prominent in-app notice at least 14 days before the changes take effect. Continued use of the Service after the effective date constitutes acceptance of the updated policy.

We maintain a version history of this policy available upon request.

If you have questions, concerns, or requests relating to this Privacy Policy or your personal data, please contact us at:

Sponti Email: privacy@sponti.app

We aim to respond to all privacy-related enquiries within 5 business days.