Login Get started for free
Search on the site
Cashback Coupons WhatsApp Integrations
Language and region
PortuguêsBrasil EnglishGlobal EspañolGlobal ItalianoItalia
Login Get started for free
Plans
Solutions
Loyalty ProgramFoster customer loyalty with benefits and re-purchase. CashbackRefund value and accelerate the next purchase. PointsCreate recurrence with progressive accumulation. Vouchers and couponsDirect incentives for the next return. Benefits ClubOwn partners, coupons, and Smartbis Network. Digital loyalty cardOnline experience to replace physical cards. Loyalty AppBalance and rewards on the customer's mobile. Customer recoveryReactivate those who stopped buying. Referral ProgramIndications with rules and rewards. GamificationGoals and rewards to increase engagement. Marketing automationFlows for re-purchase and recovery. WhatsApp MarketingCampaigns and reminders on WhatsApp. White Label ResaleYour brand, partners, and Smartbis Network. Dashboard and reportsSee performance and re-purchase.
Integrations
OverviewIntegrations for quick activation and growth. ShopifyQuickly connect your e-commerce operation. NuvemshopTake loyalty to growing brands. WooCommerceIntegration for WordPress stores and recurrence. WixConnect loyalty to the website and online store. Loja IntegradaActivate re-purchase in connected stores. TrayLoyalty for e-commerce operations. BlingEnter the financial and operational flow. Tiny ERPSales data connected to the re-purchase cycle. OmieManagement and loyalty working together. StoneBenefits connected to the payment operation. CieloPayments and re-purchase in the same flow. SmartPOSLoyalty directly in the counter operation. Public APITailored connections via proprietary integration. Site widgetTake the program to the current site.
Customers
CasesResults stories with real context. Discount couponsReal offers from Smartbis client stores. Flash couponsVouchers near expiration released to the public. RestaurantsBuyback for lounge, counter, and delivery. BakeriesLoyalty for recurring purchases. Physical storesMore return at the point of sale. Grocery storesRecurrence for routine purchases. PharmaciesRelationship for recurring purchases. Fashion and accessoriesReturn by collection, campaign, and benefit. Beauty and aestheticsRetention for services and products. E-commerceRecurrence for digital brands. Networks and franchisesLoyalty between units. Pet shopsReturn for care and replenishment. Clinics and healthRelationship with patients and clients. AutomotiveBuyback for services and maintenance. IT and electronicsBenefits for sales and assistance. Construction and materialsReturn for technical purchases and works. Benefit clubsAdvantages for communities and members. Associations and entitiesBenefits for member bases. Education and coursesRelationship with students and parents. Professional servicesRetention for recurring care. Health and well-beingContinuity for care and routine. Tourism and HospitalityBenefits for return and referral. Gas stations and convenience storesRecurrence for frequent purchases. Home and decorationRelationship for projects and environments. All segmentsSee the full list of categories.
Blog
All articlesContent about loyalty, cashback, and buyback. Loyalty ProgramStrategic content for retention. CashbackMechanics and best practices. Customer retentionRecurrence and recovery. RebuyGrowth based on return. Coupons and vouchersStrategies for offers, vouchers, and rewards. WhatsApp marketingMessages that trigger action. Cases and strategiesLearnings applied to business.
Support
How It WorksUnderstand the platform's implementation and flow. Help centerFrequently asked questions about plans, integrations, and usage. Public API DocumentationReference for own integrations. Platform statusMonitor service availability. Contact supportDirect assistance via WhatsApp. SearchFind pages, cases, coupons, and articles.
Search on the site
Cashback Coupons WhatsApp Integrations
Language and region
PortuguêsBrasil EnglishGlobal EspañolGlobal ItalianoItalia

Privacy Policy

How Smartbis collects, uses, shares, protects, and retains personal data on its platform, website, support channels, integrations, and related services.

Smartbis recognizes the importance of protecting personal data.

This Privacy Policy is structured to comply with the Brazilian General Data Protection Law (LGPD), the European Union General Data Protection Regulation (GDPR), the UK GDPR, and, when applicable, privacy laws of other jurisdictions, such as the California Consumer Privacy Act as amended by the California Privacy Rights Act (CCPA/CPRA).

The specific application of each law depends on factors such as the data subject’s residence, the location of data collection, the purpose of processing, Smartbis’s role in the operation, and contractual relationships with our clients.

1. Overview

This Policy explains how Smartbis processes personal data on its website, platform, applications, APIs, integrations, forms, support channels, commercial activities, marketing communications, and related services.

Personal data are information that identify or can identify a natural person, directly or indirectly. Depending on applicable law, they may also include online identifiers, browsing data, device information, geolocation, and inferences associated with a person or consumer.

By using our services, contracting with Smartbis, accessing our channels, or interacting with our forms, you acknowledge that your personal data may be processed in accordance with this Policy and according to contracts, terms of use, specific notices, and consent preferences applicable.

2. Who we are

We are Smartbis, a platform offering solutions for customer loyalty, cashback, points, vouchers, benefits club, marketing automation, relationship management, reports, and integrations with third-party systems.

BIS CLIENT LOYALTY AND MARKETING PLATFORM LTDA
CNPJ: 38.288.417.0001-74
Rod. José Carlos Daux (SC 401), 4150
88.032-005 Florianópolis / SC

You can contact us via email at support@smartbis.com. For data protection matters, use the contacts provided in the 'Contact and data protection officer' section.

3. Smartbis roles

Smartbis may act in different roles, depending on the processing context.

3.1. Smartbis as controller

Smartbis acts as controller when it determines the purposes and means of processing, such as in activities of self-marketing, sales, commercial support, support, billing, customer relationship, website security, administrative management, legal obligations compliance, and analysis of our channels’ usage.

3.2. Smartbis as processor or service provider

Smartbis acts as a processor, operator, or service provider when it processes personal data on behalf of a client company that uses the platform to operate its loyalty program, cashback, points, vouchers, benefits club, campaigns, and communications with end consumers.

In these cases, the client company is generally the controller of its end consumers’ data. Smartbis processes these data according to contractual instructions from the client and the resources configured on the platform.

3.3. Clients' responsibilities

Smartbis clients must inform their end consumers about the use of the platform, obtain necessary legal bases or consents, maintain their privacy policies, set campaign rules lawfully, and respond to data subjects' requests when they are controllers of the data.

4. Processed data

The data processed varies depending on platform usage, channels used, client configurations, and applicable law.

4.1. Identification and contact data

  • Name, surname, email, phone, WhatsApp, tax document when necessary, and professional contact data.
  • Company, position, segment, commercial address, country, language, and information necessary for business support.

4.2. Account, contract, and billing data

  • Registration data, credentials, user permissions, access logs, contracted plan, support history, and contractual information.
  • Payment data, billing, invoices, refunds, fraud prevention, and compliance with fiscal and accounting obligations.

4.3. Data of end consumers processed on the platform

  • End customer data sent or imported by client companies, such as name, email, phone, identifiers, purchases, points, cashback, vouchers, coupons, preferences, benefits history, and interactions.
  • Data from integrations with e-commerce, ERP, POS, APIs, widgets, imports, and communication channels configured by the client.

4.4. Technical data, browsing, and device information

  • IP address, device identifiers, browser, operating system, accessed pages, traffic source, usage events, security logs, and cookies.
  • Approximate or precise geolocation when enabled by the user, the client, or necessary for a specific resource with applicable legal basis.

4.5. Sensitive data

Smartbis generally does not collect sensitive personal data. If a client enters sensitive data into the platform or configures treatments involving such data, they must ensure an appropriate legal basis and instructions compliant with applicable legislation.

6. Cookies and similar technologies

We use cookies and similar technologies for website operation, security, preferences, usage analysis, campaign measurement, and, when applicable, advertising.

6.1. What are cookies?

Cookies are small files stored in the browser or device. They can identify a session, remember preferences, measure interactions, or enable essential features.

6.2. Cookie categories

  • Essential: required for proper website functioning, security, session handling, and display.
  • Preferences: used to remember language, region, and user choices.
  • Analytics: used to understand browsing, performance, and usage of services.
  • Marketing: used for campaign measurement, remarketing, and ad personalization, when applicable.

6.3. Examples of cookies

  • PHPSESSID: used for session management and basic website functioning.
  • _ga: used by Google tools for analytics and measurement, when enabled.
  • _fbp: used by Meta/Facebook tools for measurement and advertising, when enabled.

6.4. Consent and preferences

In regions where prior consent is required for non-essential cookies, Smartbis will seek consent before activating analytical or marketing cookies. You can also manage cookies in your browser, block cookies, or delete existing cookies.

7. Sharing and subprocessors

We may share personal data with vendors, operators, subprocessors, and partners when necessary to provide, protect, operate, measure, or improve services.

7.1. Categories of recipients

  • Infrastructure providers, hosting, cloud computing, storage, backup, and security.
  • Communication tools, email, WhatsApp, customer service, CRM, and support.
  • Payment providers, billing, fiscal issuance, accounting, and legal.
  • Analytics tools, ad measurement, fraud prevention, and availability monitoring.
  • Client-configured integrations, such as e-commerce, ERP, POS, third-party gateways, and APIs.
  • Public authorities, courts, or regulators when required by law or necessary for rights defense.

7.2. End-user data

When Smartbis acts as a operator/processer, sharing related to end-consumer data follows the instructions of the controller client, platform settings, and applicable contracts.

7.3. Sales or sharing for behavioral advertising

Smartbis does not sell personal data in the usual sense of selling for money. Some legislations, such as California's CCPA/CPRA, may define "sale" or "sharing" broadly, including certain uses of cookies, pixels, and behavioral advertising. When applicable, Smartbis will provide mechanisms for choice, opt-out, or preference management.

8. International transfers

Smartbis may process, store, or transfer personal data to countries different from where the data subject is located, including due to cloud infrastructure, support tools, analytics, communication, payments, integrations, and international suppliers.

When required by applicable legislation, we will adopt appropriate mechanisms for international transfers, such as standard contractual clauses, contracts with operators/sub-processors, adequacy decisions, technical and organizational safeguards, or other mechanisms recognized by applicable law.

Customers using the platform to process end consumer data should assess their own obligations regarding international transfer, especially when configuring integrations, imports, exports, automations, or own sub-processors.

9. Retention and security

9.1. Retention

We will retain personal data for as long as necessary to fulfill the purposes outlined in this Policy, provide services, fulfill contracts, comply with legal obligations, resolve disputes, preserve rights, maintain security, prevent fraud, and meet fiscal, accounting, or regulatory requirements.

When acting as a controller/processer, data retention on the platform may depend on the controller's settings, the applicable contract, backups, technical logs, and legal obligations.

Anonymized or aggregated data, without a reasonable possibility of identifying an individual, may be kept indefinitely.

9.2. Security

We adopt technical and organizational measures to protect personal data against unauthorized access, destruction, loss, alteration, communication, or inappropriate processing. These measures may include access controls, logs, incident management, backups, environment segregation, monitoring, encryption when applicable, and internal security processes.

No system is entirely secure. If a security incident occurs that could pose a risk or significant harm, we will evaluate notification obligations to data subjects, customers, competent authorities, and other affected parties according to applicable law.

10. Data subjects' rights

Depending on applicable legislation and Smartbis's role in processing, you may exercise rights related to your personal data, such as:

  • Confirm whether we process your personal data.
  • Access the processed personal data.
  • Correct incomplete, inaccurate, or outdated data.
  • Request anonymization, blocking, or deletion of unnecessary, excessive, or unlawfully processed data.
  • Request portability, when applicable.
  • Revoke consent and obtain information about the consequences of refusal.
  • Object to certain processing, when applicable.
  • Request restriction of processing, when applicable.
  • Request information about sharing and recipients.
  • File a complaint with the competent authority.

When Smartbis acts as a controller/processor on behalf of a customer, we may direct your request to the controlling customer or assist in responding, according to the contract and applicable law.

11. Rights by region

11.1. Brazil - LGPD

If LGPD applies, you may exercise rights provided by Law 13.709/2018, including confirmation of processing, access, correction, anonymization, blocking, deletion, portability, information on sharing, information on consequences of refusal, revocation of consent, and petitions to the National Data Protection Authority (ANPD).

11.2. European Economic Space and United Kingdom - GDPR and UK GDPR

If GDPR or UK GDPR apply, you may have rights to access, rectify, delete, restrict, port, oppose, withdraw consent, and file complaints with the relevant supervisory authority.

When Smartbis is subject to GDPR or UK GDPR in relation to a specific processing, we will inform applicable legal bases, recipients or categories of recipients, retention criteria, relevant international transfers, and applicable safeguards.

11.3. California - CCPA/CPRA

If California legislation applies to you and the activity in question, you may have a right to know what categories of personal data we collect, sources, purposes, categories of third parties, right to access, correct, delete, restrict the use of sensitive personal information, opt-out of sale or sharing, and not face discrimination for exercising these rights.

Smartbis does not sell personal data for money. If cookies, pixels, or similar technologies are considered "sharing" or "sale" under applicable legislation, we will provide appropriate opt-out means when required.

11.4. Other jurisdictions

Users from other regions may have additional rights under local privacy and data protection laws. Smartbis will evaluate requests according to the applicable legislation for the specific processing.

12. Children and minors

Smartbis services are not directed at children. We do not intentionally seek to collect personal data from children for marketing purposes.

When Smartbis clients configure programs, campaigns, or registrations involving minors, the controlling client must ensure a proper legal basis, guardian consent where required, and compliance with applicable legislation.

13. Automation, profiling, and AI

The Smartbis platform may enable automations, segmentation, communication rules, customer recovery, profile-based campaigns, reports, cashback rules, points, coupons, and vouchers configured by clients.

These features may use transactional data, purchase behavior, engagement, balances, benefit validity, preferences, and operational events to generate communications, reports, or automated actions.

When Smartbis acts as a controller/processor, the client company is responsible for configuring these automations in compliance with applicable laws, including informing data subjects, legal bases, opt-out options, and impact assessments when necessary.

Smartbis may also use aggregated, anonymized, or operational data to improve products, security, support, abuse detection, platform quality, and business intelligence.

14. Contact and data protection officer

For questions, requests, or exercising rights related to personal data, contact us.

Support: support@smartbis.com
Data Officer: Josué Felipe Garcia
Email of the data officer: lgpd@josuegarcia.com.br

When submitting a request, we may ask for additional information to confirm your identity, locate the data, identify the relevant controller, and prevent unauthorized third-party access.

15. Updates

We may update this Privacy Policy periodically to reflect legal, regulatory, operational, technical, contractual, or product changes.

When the change is relevant, we may communicate through the website, platform, email, account notice, or another appropriate channel. The most recent version will be available on this page.