Rate Me More (“we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains what information we collect from end users and business customers, how we use it, and your rights. By using Rate Me More (including scanning our QR codes or accessing business dashboards), you consent to the data practices described here.
Information We Collect: We collect customer feedback (satisfaction ratings, written comments, and selected feedback tags), device and platform information, and usage data. For example, when a customer scans a Rate Me More QR code, our system may capture the customer’s satisfaction score (0–100%), any feedback text, selected tags, and optional contact info (email/phone) if provided. We also collect device fingerprints and technical details (e.g. browser/device type, user agent, IP address) for duplicate prevention and analytics. Interaction events (button clicks, pages viewed, timestamps) and cookie/localStorage data (e.g. a session token, device_info string) are stored to manage the session and track analytics. We gather business account information (owner name, email, business details, subscription status) when you sign up. Payment details (credit card numbers) are collected by Stripe (our payment processor) and are not stored on our servers; only tokenized references (e.g. a Stripe Customer ID) are retained.
How We Use Your Information: We use feedback and ratings to generate AI-powered reviews on various platforms, using OpenAI’s GPT-4 model to craft tailored review text. We analyze feedback to provide businesses with analytics and insights on customer satisfaction and trends. Device and usage data help us improve our platform and prevent fraud (e.g. duplicate reviews via device fingerprinting). We use contact information (email/SMS) to send business notifications (e.g. alerts for negative feedback or subscription updates). We may also use aggregated analytics (non-personalized) to improve our services.
Third-Party Services: We integrate with trusted third parties to operate our platform. Notably, we use OpenAI’s GPT-4 API to generate review content based on customer feedback. When a review is generated, the customer’s feedback (rating, tags, etc.) is sent to OpenAI’s servers for processing; no additional personal data is provided. We use Stripe for payment processing (subscriptions and one-time purchases). Stripe handles credit card transactions under PCI-DSS security standards; we share only minimal information (e.g. email, subscription choice) with Stripe and never handle raw card data. We may also use third-party analytics services (e.g. Vercel Analytics, Google Analytics) and notification services (email/SMS providers) to operate the site. In all cases, we require these providers to protect personal data and use it only for their stated purposes.
Data Retention: We retain personal data only as long as necessary. For example, we may keep your feedback and profile data for business reporting and legal compliance (up to seven years for legal obligations). Analytics data is retained according to your plan (e.g. ~30 days on the free tier, up to 365 days on enterprise plans). Payment transaction records (tokens) are retained for at least 90 days to meet tax and PCI requirements. After the retention period, personal data is anonymized or deleted as required. We securely delete or de-identify data that is no longer needed.
Your Rights: You have rights over your personal data. Under GDPR (EU) and similar laws, you may request access to, correction of, or deletion of your personal data. Under CCPA/CPRA (California), you also have rights to know, delete, or opt-out of sale/sharing of your personal information. For example, California consumers can request deletion of their personal information. We will honor valid requests in accordance with the law (e.g. GDPR requires a response in a “timely manner”, CCPA requires response within 45 days
oag.ca.gov). To exercise your rights, contact us via our support channels or forms provided in your account dashboard. We do not charge fees for accessing or correcting your data.
Cookies and Local Storage: We use cookies and similar technologies (localStorage/sessionStorage) to provide our services. Strictly necessary cookies (or storage entries) maintain your authenticated session and keep track of your progress in the feedback flow. Performance cookies (e.g. analytics cookies or localStorage) collect anonymous usage data to help us improve the platform. For example, we store a session key (e.g. ratememore_session) and related data (business ID, QR code ID, timestamp, device_info) in localStorage for up to 24 hours. We do not use advertising cookies. Where required by law, we obtain your consent before storing non-essential cookies (in compliance with GDPR/ePrivacy rules). You can manage or disable cookies via your browser settings (note disabling necessary cookies may prevent platform functionality).
Jurisdiction & Compliance: Rate Me More is based in [Your Jurisdiction], and we comply with applicable laws including the EU GDPR, UK GDPR, California CCPA/CPRA, and others. Personal data of EU residents is handled under GDPR principles (lawful basis, data minimization, user consent where needed). California residents have the rights described above under CCPA. For data transfers outside the EU/EEA, we use standard contractual clauses or rely on adequate data protection measures. If you have questions about privacy or wish to lodge a complaint, contact our Data Protection Officer at [email] or your local data protection authority.