Privacy Policy | SnappyRatings

Introduction

StarForm LLC, operating as SnappyRatings ("we", "our", "us"), respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, and protect your data when you use the SnappyRatings platform.

✅We do not sell personal information. Your data is used solely to operate and improve the Service — never sold or rented to third parties for marketing or advertising purposes.

🌎US-Only Service: The Service is intended solely for use within the United States. We do not direct the platform to users outside the United States.

Information We Collect

Business account information

Name and business name
Email address and phone number
Username and login credentials (password stored as a one-way hash)
Billing information (processed and stored by Stripe; we store only billing name and address for invoice purposes)
Review destination URLs you configure (Google, Yelp, Facebook, or other platforms)
Business location names and their associated review URLs (Growth plan)
Custom "from name" for email outreach and custom invitation message body
Consent timestamps (terms agreement and communications consent recorded at signup)
Subscription and plan status

QR scan data

IP address of the device that scanned the QR code
User agent (browser/device type)
Timestamp of the scan

Used solely to power scan count analytics in your dashboard. Not sold or shared with third parties.

Email & SMS invitation data

Customer email addresses and phone numbers submitted by the business for sending review invitations
Delivery status and follow-up timestamps for each invitation
Email unsubscribe records — when a recipient unsubscribes, their email is added to a suppression list to prevent future outreach

Platform-generated communications

Transactional emails — account verification, password reset, billing notifications
Weekly performance digest — a summary of scan activity, invitation stats, and top-performing channel (can be disabled in dashboard settings)
Onboarding emails — helpful tips sent at day 3, day 7, and day 30 after account activation
Milestone notifications — sent when your account reaches notable scan or invitation milestones (e.g. 10, 50, or 100 scans)

Google Business Profile data (if connected)

Review text, ratings, reviewer names, and publication dates from your Google Business Profile
Your business name, location, phone number, and hours (synced from Google)
Aggregate statistics: review count, average rating, and rating distribution
Sentiment analysis and review trends (Growth plan only)
OAuth access token (securely encrypted and stored to maintain the connection)

How We Use Information

We use personal data to:

Provide and maintain the Service
Process payments via Stripe
Send account, billing, and onboarding notifications
Send email and SMS review invitations on behalf of businesses (where the business has provided customer contact details)
Send automated follow-up review invitations (if the business has enabled this feature)
Send weekly performance digests and milestone notifications to business account holders
Maintain an email suppression list to honor unsubscribe requests from invitation recipients
Sync and display Google Business Profile data in your dashboard to help you track reviews and customer sentiment
Improve security and functionality
Prevent fraud or abuse

We do not sell personal information.

Payments

Payments are processed through Stripe. We do not store full payment card details on our servers. Payment data is subject to Stripe's own privacy practices. We store billing name and address solely for invoice and tax purposes.

Third-Party Services

We use the following third-party services to operate the platform. Each has its own privacy policy governing how it handles data:

Stripe — Payment processing, subscription billing, and affiliate payouts via Stripe Connect
Resend — Transactional and invitation email delivery
Infobip — SMS message delivery
Google (Business Profile API) — OAuth-based connection to sync reviews, ratings, and customer feedback from your Google Business Profile (Growth plan and above)
Google Analytics — Aggregate website usage analytics (anonymized)

We do not sell your personal information to any of these or any other third parties.

Google Business Profile Integration

If you connect your Google Business Profile to SnappyRatings (Starter plan and above), we collect and display the following information from Google:

Reviews data — Review text, ratings, reviewer names, and review publication dates
Business information — Your business name, location, phone number, and hours (from Google Business Profile)
Analytics — Aggregate rating distribution, review sentiment analysis, and trends over time (Growth plan only)
OAuth token — A secure token used to authenticate with Google APIs; this token is encrypted and stored securely on our servers

Plan-based access:

Starter plan: Can view live review count, ratings, and newly published reviews (read-only access)
Growth plan: Full access to all Google data including the ability to respond to reviews, view detailed analytics, and track sentiment trends

Your Google Business Profile data is displayed solely in your SnappyRatings dashboard and is never shared with third parties. We do not sell or use this data for any purpose other than to provide the Service.

Disconnecting: You may disconnect your Google Business Profile from SnappyRatings at any time from your account settings. Disconnecting will revoke our access to your Google data; however, any SnappyRatings data (QR codes, scan analytics, email/SMS history) will remain on your account.

Email & SMS Outreach

All plans include email and SMS review invitation tools. When a business uses these features:

Customer contact details (email addresses and phone numbers) provided by the business are used solely to send review invitations on that business's behalf
SnappyRatings acts as a Data Processor for this contact data — it is not used for any other purpose, shared with third parties, or retained beyond what is necessary to deliver the invitations
Businesses are responsible for ensuring they have obtained proper consent from their customers before submitting contact details for outreach
Email recipients may unsubscribe at any time using the unsubscribe link included in every invitation email. Unsubscribed addresses are added to a per-business suppression list and will not receive future outreach from that specific business through the platform
SMS messages are delivered via third-party carriers; standard messaging rates may apply for recipients

Review Destination URLs & Multiple Locations

The review destination URLs you configure (Google, Yelp, Facebook, or any other URL) are stored on our servers and used solely to redirect customers when they scan your QR code or visit your review link. If you configure multiple destinations, customers are shown a chooser page to select their preferred platform. If you use the multiple locations feature (Growth plan), each location's name and destination URL is stored separately.

We do not control or store any data from destination pages — that is governed by the respective third-party platform (e.g. Google, Yelp, or Facebook) the URL belongs to.

Data Retention & Deletion

We retain information as long as necessary to provide services, meet legal obligations, and resolve disputes.

Account cancellation: When you cancel your subscription, your account remains active until the end of the current billing period. After that, your account and all associated data (scan history, invitation logs, locations, settings) are permanently deleted.

Deletion requests: You may request deletion of your personal data at any time by emailing support@snappyratings.com. We will fulfill verified deletion requests within 30 days. Note that affiliate account records may be retained in a limited archived form to satisfy tax reporting obligations (e.g. IRS 1099 requirements) even after deletion of your business account.

Email unsubscribe records are retained indefinitely to honor suppression requests and prevent future unwanted outreach.

Data Security & Breach Notification

We implement reasonable technical and organizational safeguards to protect your personal information, including encrypted data transmission (HTTPS), password hashing, and access controls. However, no method of transmission over the internet is 100% secure.

In the event of a data breach that is reasonably likely to result in harm to affected individuals, we will notify affected users without undue delay and, where required by applicable US federal or state breach notification laws, within a reasonable time of becoming aware of the breach. Notification will be sent to the email address associated with your account.

Cookies

We use the following cookies:

Session cookie (strictly necessary): Keeps you signed in to your account. Expires after 30 minutes of inactivity. The Service cannot function without this cookie.
Google Analytics cookies (_ga, _ga_*): Used to understand aggregate website traffic and usage patterns (e.g. which pages are visited most). These are analytics cookies set by Google. No personally identifiable information is sent to Google through these cookies.

You may disable cookies in your browser settings. Disabling the session cookie will prevent you from signing in. Disabling analytics cookies will not affect your use of the Service.

US Privacy Rights

The Service is intended solely for use within the United States. We do not direct the Service to users outside the United States.

🏛️

California Residents (CCPA / CPRA)
If you are a California resident, you have the right to know what personal information we collect, request access to your data, request deletion, request correction, opt out of sale or sharing (we do not sell data), and not be discriminated against for exercising your rights.

To exercise your rights, contact: support@snappyratings.com

Children's Privacy

The Service is not intended for individuals under 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a minor, please contact us and we will delete it promptly.

Changes to This Policy

We may update this Privacy Policy periodically. When we do, we will revise the "Last Updated" date at the top of this page. Continued use of the Service after changes are posted constitutes your acceptance of the updated policy. For material changes, we will notify you via email or an in-dashboard notice.

Affiliate Program Data

If you participate in the SnappyRatings affiliate program, we collect and process the following information:

Your name and email address (used to create your affiliate account and send commission notifications)
Your referral activity, including which customers signed up using your code and commission amounts earned
Your Stripe Connect account ID and payout status (for processing commission payments — actual bank account details are stored and managed by Stripe, not SnappyRatings)

This data is used solely to operate the affiliate program, calculate and pay commissions, and comply with tax reporting obligations (including IRS 1099-K reporting where applicable). It is not sold or shared with third parties except as necessary to process payouts via Stripe.

Affiliate account records may be retained in a limited archived form after account closure to satisfy applicable tax reporting obligations, even if you request deletion of your business account.

Contact Information

If you have questions about this Privacy Policy or how we handle your data, please reach out:

StarForm LLC (operating as SnappyRatings)
Email: support@snappyratings.com

💬We typically respond to privacy-related inquiries within 2 business days. For data deletion or access requests, allow up to 30 days for fulfillment.