Edara Loyalty — Privacy Policy

Last updated: 11 May 2026

Edara Loyalty is a customer loyalty platform for Edara ERP. It includes a web dashboard for managing members and rewards, and a browser extension that lets cashiers look up a customer's loyalty points and apply point-based discounts without leaving the Edara POS screen. This page explains, in plain terms, what data we handle and how we protect it.

What we handle

The Loyalty extension and web app handle only the data needed to operate the loyalty programme for your organisation:

Your Edara organisation identifier and the API credentials that link the extension to your Loyalty account — stored locally in the browser and never shared.
The customer mobile number typed by the cashier to look up a member.
The member's loyalty points balance, tier, and the discount amount calculated for a redemption.
A reservation record created when a cashier initiates a redemption, and the confirmation or cancellation of that record when the order is saved or discarded.
Field-picker selectors saved by the cashier so the extension knows which input on the POS page to fill — stored only in the local browser.

What we do not handle

Payment-card numbers, bank details, or any other payment instrument data.
Customer passwords, email addresses, or physical addresses.
Cashier or employee identifiers — we don't track who performed a lookup.
Order line items, product names, or any other sales-order content beyond the discount amount applied.
Browsing activity, pages visited, or data from any website other than your Edara POS session.

Where the data goes

All network requests made by the extension are sent exclusively to loyalty-backend.edara.io — your organisation's Loyalty backend. No data is sent to any third-party server, analytics service, ad network, or session-replay tool. We do not sell member data or share it with advertisers.

Authentication is handled through Auth0 using a PKCE flow. The resulting access token is stored in the browser's local storage for the extension session only.

What we store, and for how long

In the extension (chrome.storage.local): the backend URL, your organisation's tenant ID, your API key, and the field-picker selectors chosen by the cashier. These remain until you sign out or uninstall the extension.
During an active redemption: a temporary reservation record is held in extension storage to track the pending points hold. It is cleared automatically once the order is confirmed or cancelled, or after the reservation expires on the server (typically within a few minutes).
On the Loyalty backend: member records, points transactions, and redemption history are retained for as long as your organisation's account is active. Deletion requests can be made through the Settings screen or by contacting support.

Children

Edara Loyalty is a business tool used by retail staff and loyalty programme managers. It is not directed at children and does not knowingly collect data from them.

Changes to this policy

Material changes will be reflected here with a new "Last updated" date. Organisations under an active commercial agreement will also receive direct notice through the Edara extensions portal.

Contact

Questions about this policy, requests to delete member data, or anything else: [email protected].

Edara Loyalty · loyalty.edara.io