GDPR Privacy Notice for EU Residents

At RewardMe, we take your privacy seriously.

Please read our general Privacy Policy, which describes how we treat your personal data and applies to all users no matter where users reside. If you are a resident of the European Union (“EU”), United Kingdom, Lichtenstein, Norway or Iceland, you may have additional rights under the EU General Data Protection Regulation (the “GDPR”) with respect to your Personal Data, as outlined below.

For this GDPR Privacy Notice, we use the terms “Personal Data” and “processing” as they are defined in the GDPR, but “Personal Data” generally means information that can be used to individually identify a person, and “processing” generally covers actions that can be performed in connection with data such as collection, use, storage and disclosure. ALTERNATIVE DATA LIMITED (“RewardMe,” “we”, and “us) will be the controller of your Personal Data processed in connection with the Services.

If there are any conflicts between this GDPR Privacy Notice and our general Privacy Policy, the policy or portion that is more protective of Personal Data shall control to the extent of such conflict. If you have any questions about this GDPR Privacy Notice or whether any of the following applies to you, please contact us at

Personal Data We Collect

The “Categories of Personal Data We Collect” section set forth in our general Privacy Policy details the Personal Data that we collect from users. However, with respect to EU users subject to this GDPR Privacy Notice, we do not collect payment data listed in our general Privacy Policy.

Personal Data Use and Processing Grounds

The “Our Commercial or Business Purposes for Collecting Personal Data” section set forth in our general Privacy Policy explains how we use your Personal Data.

We will only process your Personal Data if we have a lawful basis for doing so. Lawful bases for processing include consent, contractual necessity and our “legitimate interests” or the legitimate interest of others, as further described below.

  • Contractual Necessity: We process the following categories of Personal Data as a matter of “contractual necessity”, meaning that we need to process the data to perform under our Terms of Use with you, which enables us to provide you with the Services. When we process data due to contractual necessity, failure to provide such Personal Data will result in your inability to use some or all portions of the Services that require such data.

    • Phone number
  • Legitimate Interest: We process the following categories of Personal Data when we believe it furthers the legitimate interest of us or third parties:

    • Email
    • Purchase/transaction history
    • IP address, device ID, domain server
    • IP-address-based location information
    • Age/date of birth
    • Gender
    • Identifying information in emails or letters you send us
    • We may also de-identify or anonymize Personal Data to further our legitimate interests.

    Examples of these legitimate interests include (as described in more detail above):

    • Providing, customizing and improving the Services, including, but not limited to, to make available the ability for you to earn the Rewards Points. Please refer to our Terms of Use for more information.
    • Marketing the Services.
    • Corresponding with you.
    • Meeting legal requirements and enforcing legal terms.
    • Completing corporate transactions.
  • Consent: In some cases, we process Personal Data based on the consent you expressly grant to us at the time we collect such data. When we process Personal Data based on your consent, it will be expressly indicated to you at the point and time of collection. Specifically, if you elect to participate in our RewardMe Program and link your email account with the Services to earn the RewardMe Points, we will obtain your consent for linking your email account with the Services and collecting the following categories of Personal Data. During the email linking process, you’ll be prompted to authenticate that you’re the owner of such email account and provide consent for linking the Services to such email account, in which case the applicable email service provider has your permission to share the Linked Email Data with us.

    • Linked Email Data (defined in Section 2.2 of our general Privacy Policy) and including the following:
      • commercial and transactional email messages that are sent or forwarded from businesses or merchants to your email accounts about your purchases and other transactions, such as purchase receipts, reservations, bills, subscriptions, order confirmations, sign-ups or cancellations (collectively, “Commercial Messages”)
      • email meta data from Commercial Messages, including sender’s name, recipient’s name, subject line, email time chop, email contents and email attachments; and
      • IP Address.
  • Other Processing Grounds: From time to time we may also need to process Personal Data to comply with a legal obligation, if it is necessary to protect the vital interests of you or other data subjects, or if it is necessary for a task carried out in the public interest.

Sharing Personal Data

The “How We Share Your Personal Data” section set forth in our general Privacy Policy details how we share your Personal Data with third parties.

EU Data Subject Rights

You have certain rights with respect to your Personal Data, including those set forth below. For more information about these rights, or to submit a request, please email us at Please note that in some circumstances, we may not be able to fully comply with your request, such as if it is frivolous or extremely impractical, if it jeopardizes the rights of others, or if it is not required by law, but in those circumstances, we will still respond to notify you of such a decision. In some cases, we may also need you to provide us with additional information, which may include Personal Data, if necessary to verify your identity and the nature of your request.

  • Access: You can request more information about the Personal Data we hold about you and request a copy of such Personal Data. You can also access certain of your Personal Data by logging on to your account.
  • Rectification: If you believe that any Personal Data we are holding about you is incorrect or incomplete, you can request that we correct or supplement such data. You can also correct some of this information directly by logging on to your account.
  • Erasure: You can request that we erase some or all of your Personal Data from our systems.
  • Withdrawal of Consent: If we are processing your Personal Data based on your consent (as indicated at the time of collection of such data), you have the right to withdraw your consent at any time. Please note, however, that if you exercise this right, you may have to then provide express consent on a case-by-case basis for the use or disclosure of certain of your Personal Data, if such use or disclosure is necessary to enable you to utilize some or all of our Services.
  • Portability: You can ask for a copy of your Personal Data in a machine-readable format. You can also request that we transmit the data to another controller where technically feasible.
  • Objection: You can contact us to let us know that you object to the further use or disclosure of your Personal Data for certain purposes, such as for direct marketing purposes.
  • Restriction of Processing: You can ask us to restrict further processing of your Personal Data.
  • Right to File Complaint: You have the right to lodge a complaint about RewardMe’s practices with respect to your Personal Data with the supervisory authority of your country or EU Member State. A list of Supervisory Authorities is available here:

Transfers of Personal Data:

The RewardMe group has business processes, management structures and systems that cross borders. As such, we may share information about you within the Reward corporate group and transfer it to countries in the world where we operate our business in connection with the purposes identified above and in accordance with this GDPR Privacy Notice. The Services are hosted in the U.S. through our hosting service providers and operated through us and our service providers located in Hong Kong and the U.S. Please note that the laws in the U.S. and Hong Kong may differ from the laws where you reside, but we will handle your Personal Data in the manner described in this GDPR Privacy Notice.

RewardMe may, pursuant to the purposes listed above, transfer your Personal Data within the EU or Switzerland and to a different jurisdiction. We take the privacy and security of your Personal Data seriously and have adopted intra-group data processing agreement among our affiliates (“Intra-Group DPA”), which incorporates Controller to Controller Standard Contractual Clauses, available at (“C2C Model Clauses”). We undertake that the transfer of your Personal Data from Europe to the territories where your Personal Data is hosted and processed by us will follow the C2C Model Clauses to enable the lawful transfer of Personal Data pursuant to GDPR. Please contact the RewardMe Privacy Team at should you wish to examine the Intra-Group DPA.

Changes to this Privacy Policy

We’re constantly trying to improve our Services, so we may need to change this Privacy Policy from time to time, but we will alert you to any such changes by placing a notice on the website, by sending you an email and/or by some other means. Please note that if you’ve opted not to receive legal notice emails from us (or you haven’t provided us with your email address), those legal notices will still govern your use of the Services, and you are still responsible for reading and understanding them. If you use the Services after any changes to the Privacy Policy have been posted, that means you agree to all of the changes. Use of information we collect is subject to the Privacy Policy in effect at the time such information is collected.

Contact Information

If you have any questions or comments about this Privacy Policy, the ways in which we collect and use your Personal Data or your choices and rights regarding such collection and use, please do not hesitate to contact us at:

If you are located in the European Union, you may use the following information to contact our Data Protection Officer and our European Union-Based Member Representative:

DP-Dock GmbH

Ballindamm 39

20095 Hamburg

Tel.: +49 (0) 40 99999 – 3430

Mob.: +49 (0) 172 918 22 22