Muns Logo

Privacy Policy

Muns – Retailer Service
Last updated: June 2026

Important notice: This Service is provided "as is" with no warranties of any kind. Use at your own risk.

We respect your privacy. This policy explains what data we collect, how we use it, and your rights. We do not track or store any shopper data or behaviour.

1. What we collect

  • Business Information: Retailer email, shop name, physical address, shop location coordinates, and shop cash payment offers - collected during registration and shop setup.
  • Security Data: Authentication identifiers, including a unique numeric ID and assigned user role, used solely for account access and session security. No personal information is stored within these identifiers.

2. What we do NOT collect or track

We are committed to minimal data collection and do not engage in any form of tracking or profiling. Specifically:

  • No usage analytics, browsing behaviour, or IP addresses for tracking purposes.
  • No cookies are used except for one essential authentication token required for account security.
  • No personal shopper data whatsoever: We do not track, store, or process any shopper location, behaviour, or personal information.
  • We do not use analytics, advertising, tracking, preference, or any third-party cookies.

Cookies

We use only one strictly necessary, first-party cookie: a JWT authentication token. This is essential for secure user authentication and maintaining access to core features in our service.

  • Type: First-party authentication cookie (JWT bearer token).
  • Purpose: To securely authenticate users and verify permissions. The application is fully stateless — no server-side session data is stored; all required claims are contained in the secure token itself.
  • Claims in the token: The token contains all non-PII required claims. It is built using a database-generated numeric ID and the user's role (e.g., RETAILER). It contains no personal data.
  • Duration: 2 hours. The cookie is cleared immediately upon logout or when it expires.
  • No other cookies: As noted above, we do not use any other cookies or similar technologies.

This cookie is exempt from consent requirements under applicable laws (including UK GDPR, PECR, and other international data privacy standards) because it is strictly necessary for the service you explicitly request.

3. How we use your data

  • To display your shop and offers on the public map.
  • To authenticate you in the dashboard.
  • To send important service emails (e.g., password resets).

4. Data storage and security

  • Sensitive business and account information is encrypted at rest and in transit.
  • Shop coordinates are stored securely to enable map functionality.
  • Data is stored in secure cloud infrastructure.
  • We use secure, hashed identifiers for data retrieval to ensure your information is only accessed by authorised processes.

5. Data sharing and payment processing

  • We do not sell your personal or business data to third parties.
  • We use a trusted third-party payment provider to securely process all payments and refunds.
  • We do not see or store your sensitive payment credentials (such as credit card numbers). These are handled exclusively and securely by our third-party payment provider.
  • We store basic transaction records (such as amount, date, status, and payment provider reference IDs) in our database to manage your account and process refunds.
  • We do not store your full billing information in our database. However, we may receive limited transaction details from our payment provider to assist with customer support and account management.
  • We may share data if required by law or regulatory authorities.

6. Your rights

  • You can view, update, or delete your account data at any time via the dashboard.
  • Deleting your account will permanently delete all your data from our database immediately.

7. Retention

We retain your data for as long as your account remains active.

If you delete your account (via the dashboard), all associated data — including shops, offers, personal information, and transaction records — is permanently and irreversibly removed immediately.

If your paid subscription expires and is not renewed, your account enters a 24-hour grace period during which you can still renew and maintain access. After the 24-hour grace period ends, your account and all related data will be permanently deleted and cannot be recovered.

8. Changes to policy

We may update this policy from time to time. We will notify you of significant changes via a dashboard message or email. Continued use of the Service after such changes constitutes your acceptance of the new policy.

Contact: support@muns.app

This site uses one essential cookie: a secure token for login and account access. It contains no personal data and is strictly necessary for the application to function. See details in our Privacy Policy.