Introduction

Cyder (“we,” “us,” or “our”) provides a white-labeled Loyalty Platform (the “Platform”) designed to help credit unions deliver tailored rewards to their members (“members” or “Users”) based on eligible financial behaviors. This Privacy Policy outlines how we collect, use, disclose, and protect member information through the Platform.

​

By accessing or using the Platform, including any associated websites, mobile applications, or integrated services offered through participating credit unions, you acknowledge and agree to the terms of this Privacy Policy. All capitalized terms not otherwise defined herein shall have the meanings set forth in our Terms and Conditions.

​

We are committed to protecting member privacy while enabling credit unions to deliver meaningful value through responsible data use.

​

Our Privacy Principles

We believe members’ data should be treated with transparency, integrity, and respect. Accordingly, we adhere to the following principles:

• Member Control: Members have the right to determine what data is collected and how it is used. Data is never collected, accessed, modified, sold, licensed, or shared without appropriate authorization.

• Purpose-Driven Use: We only process member data to provide services requested by credit unions and their members, or as required to maintain the security and integrity of the Platform.

• Data Security: We implement strict safeguards,technical, administrative, and organizational,to protect member data from unauthorized access, misuse, or disclosure.

​​

What We Do​

​

Loyalty Platform

The Loyalty Platform for Credit Unions enables members to receive rewards based on eligible financial behaviors.​

 

Through the Platform, credit unions may choose to link member financial accounts and authorize the collection of transactional data. This data is used exclusively to identify and administer rewards tied to specific behaviors such as maintaining a minimum account balance, enrolling in direct deposit, utilizing a debit or credit card, contributing to a savings goal and many other use cases. ​

 

By interacting with the Platform, including but not limited to completing financial milestones, participating in surveys, or enrolling in promotional offers, members allow the Platform to assess eligibility for rewards and distribute benefits accordingly. These benefits may include monetary deposits, points, or other credit union-defined incentives.

​​

Participation in the Loyalty Platform constitutes consent for the credit union and its authorized service providers to collect and process relevant transaction data strictly for the purpose of operating the rewards program. This data is never sold, and is only disclosed to third parties insofar as necessary to fulfill reward obligations and enhance the member experience, in accordance with applicable laws and the Platform’s Terms and Conditions.​

 

The Loyalty Platform is committed to upholding the highest standards of data security and member privacy while providing tangible value in recognition of members’ everyday banking activities

​​

Data Collection

​

How Is Member Data Collected on the Loyalty Platform?

The Loyalty Platform collects data directly from members when they:
(i) authorize the linking of their credit union accounts or other eligible financial data sources;
(ii) complete profile, preferences, or eligibility questionnaires; and
(iii) engage with the Platform via integrated online banking portals, mobile applications, or participation in reward-based features and campaigns.

​

Data may also be collected passively through authorized and secure integrations with credit union systems for the purpose of evaluating reward eligibility based on transactional behavior.

​

What Data Do We Collect?

The Platform collects and processes data in accordance with applicable privacy laws, our internal Privacy Principles, and the instructions of participating credit unions and their members. We do not collect, store, or process data without appropriate consent and only access information required to operate a secure, compliant, and feature-rich loyalty program.

​

We retain member data only as long as necessary to fulfill the purposes outlined in this policy, including reward distribution, account support, and compliance with legal obligations.

​

The types of data we may collect include:

• Account and Identity Data: Information used to create and manage a member’s profile on the Platform, such as name, email address, and member ID or account identifier (as assigned by the credit union).

• Contact Information: Mailing address, phone number, and other relevant communication details.

• Transactional and Behavioral Data: Authorized financial data from linked accounts, including account balances, transaction history, and spending patterns used to determine eligibility for specific rewards or offers.

• Fraud Prevention and Security Data: Device information, login history, and other identifiers used to detect unauthorized access or behavior inconsistent with Platform rules.

• Platform Usage Data: Data about how members interact with the Platform, including pages visited, features used, campaign participation, and preferences.

• Member Communications: Content voluntarily provided by members, such as feedback, survey responses, or interactions with support representatives.

​​

​

Data Collected Through Member Use of the Platform

​

The Loyalty Platform enables credit unions and their members to participate in behavior-based rewards by securely collecting relevant financial and profile data. This may include transactional activity, account behavior, or other member-provided information that supports the delivery of personalized rewards and member experiences.​

​

Members may update permissions, revoke access, or manage linked data sources at any time through the Platform’s account settings or directly with their participating credit union.

​

Cross-Device Functionality

To ensure a consistent and secure experience across online banking, mobile apps, and promotional touchpoints, the Platform may store limited aggregated metadata (e.g., device type, session timestamps) to enable seamless access and performance across multiple member devices.

​

Security and Abuse Prevention

As a digital platform serving a growing credit union member base, we implement robust security measures to detect and prevent unauthorized access, fraud, and abuse. In support of this effort, we may collect and retain security-related metadata, including device identifiers, IP addresses, login activity, and historical account changes for up to five (5) years to comply with AML and KYC requirments.

​

This data is used exclusively to safeguard member accounts, ensure compliance with our Terms and Conditions,  comply with regulation and maintain the integrity of the Loyalty Platform.

​

The Data That We Do Not Collect

​

Your Payment Information: Cyder does not process payments from or to Users and instead relies on payment providers. It is the payment providers that handle and store your bank and/or credit card details. Your bank and/or credit card information never reaches Cyder’s servers, and we do not access or store this information. Although we may work in partnership with payment providers, they are completely independent of Cyder. Please study their relevant Privacy Policies before sharing your financial data with them.

​

Data of Minors Under the Age of Eighteen: You must be at least eighteen (18) years old to use the Services. Our Services are not addressed, directed or intended for individuals under the age of eighteen (18).

​

Cyder will never knowingly collect personal information about individuals under the age of eighteen (18). By using the Services, you represent that you meet this minimum age requirement. In the event that we discover that an individual under the age of 18 has provided personally identifiable information to us, we will make efforts to delete the individual’s information along with the entire account in accordance with any applicable regulations.

​

If you are a parent or guardian and you are aware that your child has provided us with their personally identifiably information, please contact us at getcyder@gmail.com.

​​​

Keeping your Data Safe

​

How We Keep Your Data Safe

Cyder is committed to safeguarding the data you collect, manage, and share through our Platform. We have implemented industry-standard security procedures to protect the storage and disclosure of the data we process, including encryption in transit and at rest. No method of transmission over the Internet or method of electronic storage is 100% secure; therefore, while we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security.

​

Third-Party Programs

Our Privacy Policy does not apply to how third parties define and collect personal data or how they use it. Cyder will not be held liable for how third parties collect and use your personal data. We encourage you to read their Privacy Policies and to know your privacy rights before interacting with them.

​​

How We Use Member Personal Information

Redemption and Reward Fulfillment

We use member-provided information to fulfill reward redemptions initiated through the Loyalty Platform, which may include:

• Processing payment or points transfers in accordance with the member’s selected redemption method

• Generating confirmations, statements, or other transaction-related communications

• Facilitating communication regarding the status of reward activities

This data is used solely for delivering services requested by the member or participating credit union, and in accordance with the member’s stated preferences.

​

Communications and Member Engagement

We may also use member information to:

• Communicate program updates, reward status, or service changes

• Inform members of new benefits or promotions, when such communication aligns with preferences or applicable consent

• Conduct surveys or engagement activities to improve program experience

​

Device and Technical Information

We collect and use device-level and technical information (such as IP address, browser type, and session history) to:

• Detect, investigate, and mitigate potential fraud or unauthorized access

• Improve Platform performance, usability, and accessibility

• Monitor traffic patterns, engagement trends, and system usage for analytics and optimization

This data is aggregated or pseudonymized wherever possible and retained only as long as necessary for its purpose.

​

Legal and Regulatory Compliance

We may access, retain, or disclose member personal information where reasonably required to:

• Comply with applicable laws, regulations, legal processes, or law enforcement requests

• Enforce the Loyalty Platform’s Terms and Conditions, including investigating suspected violations

• Detect, prevent, or respond to unlawful behavior, technical abuse, or system vulnerabilities

• Protect the rights, property, and safety of our users, partners, and systems

​

In such instances, we reserve the right to assert or waive any legal objections or rights available to us at our sole discretion.

​

Data Sharing with Credit Unions and Authorized Service Providers

To deliver the services offered through the Loyalty Platform, we may share member data with participating credit unions and a limited number of authorized service providers. We do so under strict confidentiality obligations and in accordance with applicable privacy laws.

Sharing with Credit Unions

​

Member data may be shared with the member’s participating credit union to:

• Confirm reward eligibility based on account activity and behavioral criteria

• Facilitate the issuance, tracking, and redemption of rewards

• Provide reporting, insights, or analytics to improve credit union services

• Address member inquiries or support requests related to loyalty program participation

Credit unions are independently responsible for the handling and processing of member data in accordance with their own privacy policies and regulatory obligations.

​

Sharing with Service Providers

We may engage trusted third-party vendors to perform functions on our behalf, such as:

• Payment processing or funds disbursement

• Data hosting and cloud infrastructure

• Fraud detection and security monitoring

• Platform analytics and performance optimization

These providers are contractually obligated to use member data only as necessary to deliver the contracted service and are prohibited from using or disclosing data for any other purpose.

​

Preventing Spam Abuse

To prevent phishing, spam and other kinds of abuse and violations of our Terms and Conditions, our systems may check your data. If you abuse any of the terms of our Terms and Conditions, your account may be suspended – temporarily or permanently. In case of more serious violations, your account may be banned. We may also use automated algorithms to analyze the data to stop the abuse.​

​

Legitimate Interests

Generally, the remainder of the processing of your data and personal information we perform is necessary for the purposes of our legitimate interest, for example, for legal compliance purposes, security purposes, or to maintain ongoing confidentiality, integrity, availability, and resilience of Cyder’s systems, Website, and Services.

​

If you would like to request deletion of data that we process on the basis of consent, or if you object to our processing of personal information, please email us at getcyder@gmail.com.

​

Onward Transfer

Cyder shares information with trusted third-party vendors who may help us to manage the Website and our Platform (e.g., cloud hosting services). These third-party vendors are prohibited via written contract from using the information for purposes other than performing services for Cyder.

​

Cyder may be required to disclose your information to third parties when obligated to do so by law and to investigate, prevent, or take action regarding suspected, or actual prohibited activities, including transfer, reasonably intended to meet national security or law enforcement requirements, or when we believe in good faith that disclosure is necessary to protect our rights, including but not limited to fraud and situations involving potential threats to the physical safety of any person.

​

Finally, Cyder may transfer information, including any data we have on the Platform, to a successor entity in connection with a corporate merger, consolidation, sale of assets, bankruptcy, or other corporate change. We will provide notice of this transfer in our Privacy Policy.​

​

Sharing Personal Information and Data​

​

Personal Data

Except as explicitly described in this Privacy Policy, the Loyalty Platform does not collect, store, access, use, sell, rent, or share member data without appropriate consent. Any personal information voluntarily provided by members, such as contact details or support inquiries, may be used strictly for the purposes of fulfilling member requests, providing technical support, or communicating about Platform-related activities.

​

Data Use for Loyalty Services

Transactional and behavioral data is collected and processed solely to evaluate member eligibility for rewards, support credit union reporting needs, and enhance the member experience. This data is never sold or commercialized. Members’ personal data is only shared with the participating credit union or authorized service providers to the extent required to deliver the agreed-upon services.

​​

Member Consent and Data Governance

All data sharing through the Loyalty Platform is governed by explicit member consent and the instructions provided by participating credit unions. Members retain control over which data is used, for what purpose, and may restrict or revoke access at any time via the Platform’s account settings.

​

The Platform may use aggregated, de-identified data to generate program insights or reporting for credit unions. This data is stripped of any personally identifiable information (PII) and does not allow for individual identification.

​

All data is transmitted and stored using industry-standard encryption and access controls to ensure confidentiality and security.

​

Marketing and Member Communications

With appropriate consent and in accordance with applicable marketing laws, we may use member information to provide updates about new reward opportunities, Platform features, or credit union offers that may be relevant or beneficial.

​

The Loyalty Platform does not engage in third-party behavioral advertising or share member data with external advertisers. Marketing communications are limited to direct communications facilitated by the Platform or the member’s credit union and may be opted out of at any time.

​

For more information about responsible advertising practices, please visit the Network Advertising Initiative.

​​​

Data Deletion and Retention

​​

Member Rights and Data Access

Members have the right to access, manage, and control their personal information processed through the Loyalty Platform. These rights include:

• Access: Members may request a summary of the personal data collected and used by the Platform.

• Correction: Members may update or correct their personal or account information at any time via Platform settings or by contacting support.

• Restriction: Members may restrict certain types of data processing, such as opting out of specific reward campaigns or promotional communications.

• Withdrawal of Consent: Members may withdraw consent for data collection or sharing at any time. This may limit their ability to participate in certain loyalty activities or receive rewards.

• Portability: Upon request, members may obtain a copy of their personal data in a commonly used, machine-readable format.

• Deletion: Members may request permanent deletion of their data, subject to applicable legal or contractual obligations with their credit union.

Requests to exercise any of these rights can be submitted through the Platform interface or by contacting the Platform’s data protection officer or designated representative. All verified requests will be fulfilled in accordance with applicable data protection laws.

 

Data Retention and Deletion

We retain personal data only as long as necessary to fulfill the purposes outlined in this Privacy Policy, including:

• Delivering loyalty program features and rewards

• Complying with credit union service agreements

• Meeting legal, tax, and regulatory requirements

If a member deletes their account or requests data erasure, the Loyalty Platform will securely delete or anonymize all personal information within a reasonable timeframe, except where retention is required by law, regulatory standards, or credit union policy.

De-identified and aggregated data may be retained for analytic or historical reporting purposes, provided it no longer identifies any individual member.

​

Miscellaneous

​

Changes To This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in legal requirements, technological developments, or improvements to our services. When changes are made, we will:

• Post the updated Privacy Policy on the Platform and indicate the "Effective Date" at the top of the document

• Notify participating credit unions and, where required by law, obtain member consent before applying material changes

We encourage members to review this Privacy Policy periodically to remain informed about how their personal information is collected, used, and protected.

Continued use of the Loyalty Platform after the effective date of any changes constitutes acceptance of the updated terms, unless otherwise required by applicable law.

​

​

Contact Us

For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail at getcyder@gmail.com

​

​

​

​

​​

​​