The data controller for this Privacy Policy is JamDoughnut Limited, a company registered in England and Wales, with company number 12277192 (JamDoughnut, we, us, our). We are registered with the ICO, with registration number ZA759668. Our registered address is 30 City Road, London, EC1Y 2AB.

This Privacy Policy applies to personal data we process through our website and the App. This Privacy Policy explains how JamDoughnut processes, stores and protects your personal data, as well as what your rights are as a data subject.

In this document we outline what personal data we capture and store on you as a user. All data is required under legitimate interest in order to deliver the service.

If you refer a consumer to the App then we shall send you a confirmation email when the person you referred sign ups and when they complete their first cash out. If you are the Referree the emails sent to the Referrer will contain your username only. We are sharing this data as the Referee has used the Referrer code. We shall not share any specific Personally Identifiable Information (PII).

We shall retain referral (referred and referee data) within the App. This shall include any bonus rewards that you or the person that referred you receives.

When you use our platform to purchase, we collect data from you related to that purchase including the company, the amount, points earned (which we will automatically calculate), payment method, time of purchase, incentives/rewards or bonuses, purchase ID, and access to the gift card. We process this data on the basis of our contract with you.

Your purchase is confirmed with the gift card issuer and the payment provider. Apple and Google Pay payments are processed by Stripe. We provide Stripe with your user ID and the payment details.


If you purchase using Open Banking bank transfer (Pay by Banked) the 
payment will be conducted by Banked. In order to process the transaction, we will then pass Banked your email address and the payment details. Banked will store your banking details for conducting the transaction as well as fraud prevention purposes.

From time to time, we may ask you for a copy of your identification. This is a requirement for Know Your Customer and to prevent fraud. If this is required, we will request a photo of your photo ID. We will verify your documents and then delete the documents. No documents shall be retained.

JamDoughnut shall require your bank details in order to complete the cash out. This will include your account name, sort code and account number. In order to simplify subsequent cash outs, we will retain this data. You can change your bank details whenever you cash out.

All refunds given by JamDoughnut will be transferred back to your orginal payment method. We will retain a copy of all refunds for our records and fraud prevention.

Certain types of data are classified as “special category” under the GDPR. This type of data is deemed to be potentially sensitive, as it relates to matters including race, ethnicity, sexuality, sex life, health status and religious or philosophical views. A higher threshold of protection requirements applies to dealing with this data.

JamDoughnut will ask you for your age and sexuality during sign up. You are not obliged to provide this data. This data is to allow us to understand our customer base. 

Information is also stored when you communicate with JamDoughnut via email, social media or other means by which you decide to contact us. This is usually limited to your name, email address and/or social account depending on how you contact us and any correspondence with us on resolving your enquiry.

We process this data on the basis of our contract with you and/or our legitimate interests in providing an efficient service to you.

In order to better understand our customers, JamDoughnut may also collects anonymised data in surveys and other feedback methods. We will use different platforms from time to time to conduct this. This helps us improve our service by tailoring our developments. Participation in surveys is optional and anonymous. Where you choose to participate in a survey, we process this data on the basis of our legitimate interests in understanding your experience on our platform.

When using our platform, we may also record your location, device type, OS version, App version as part of normal request processing and session management, and to support you and our service in the event of problems occurring. This is optional and determined within your device setting. We process this data on the basis of our legitimate interests in providing a secure platform.

Where we transfer your data outside the UK or EU to a country deemed to have a lower standard of data protection in place, for example to a third-party processor based in the US, we will ensure that your data is appropriately protected by meeting the obligations on us under GDPR and ensuring there is a transfer safeguard in place with the recipient, for example the Standard Contractual Clauses issued by the European Commission.

In general, we retain data for as long as is necessary for the purpose(s) for which we originally collected it. We may also retain information as required by law. Whilst you have an open account in JamDoughnut your data shall be stored on the platform. If you delete your account we will remove all personal data. In order to prevent fraud we will retain transactional data even after deletion of your account.

Our App may contain links to other websites or applications which are not controlled by JamDoughnut. JamDoughnut is not responsible for the privacy practices or content of such other websites or applications. As such, visiting these other websites or applications is at your own risk.

We use cookies on our website to facilitate proper functioning and analyse how users interact with the site. You have the right to reject the use of cookies, accept only essential cookies or to accept all cookies.

Non-essential cookies, for example for statistics or analytics, are deployed only on the basis of user consent. You can adjust your cookie preferences at any time by clearing the cookie cache in your web browser, which will present you with the cookie consent management platform when you visit the JamDoughnut website again.

We may revise our Privacy Policy from time to time. The most current version of our Privacy Policy will always be on our site. Should a change to the Privacy Policy result in a material impact to the processing of personal data, we will contact affected data subjects to inform them of these changes as required by law.

JamDoughnut believes that people should be fully informed of their rights, so that they can act upon them should they wish to. Under GDPR and data protection laws, there are certain rights that may be available to you with respect to your personal data:

1. Right to access – you have a right to ask for the personal data that we hold about you. We will provide you with your data within 30 days. If we may take longer, we will let you know and explain the reasons for the delay. We will not charge you for such a request, unless we reasonably consider your request to be excessive or repetitive. We also reserve the right to refuse a request if we reasonably consider it unfounded, repetitive, or excessive.
2. Right to be informed – This policy provides the information you need about how we collect and use your data which we have outlined within this document.
3. Right to rectification – If you consider that any information, we hold is inaccurate, please contact us at help@jamdoughnut.com and we will take steps to rectify it.
4. Right to erasure – In certain circumstances, you have the right to have personal data that we hold about you erased. You can delete your account and all data in our database from the App. We may be required by law to retain some data for a period of time.
5. Right to object and restrict – You can ask for the processing of your personal data to be restricted, for example for marketing purposes. Where your data is processed on the basis of consent, you may also withdraw your consent to that processing at any time. You can also object to the processing of your data entirely, but this may affect the service we are able to offer.
6. Right to portability – You can request a copy of your personal data to be sent to another data controller or to yourself in a machine readable format.

Please note, these rights are not absolute and may be restricted in certain circumstances. To exercise your rights or if you require any further information, please contact our data protection team at privacy@jamdoughnut.com or via post to our registered address.

If you are unsatisfied with the way we handle a request or believe we have processed your data unlawfully, you also have the right to make a complaint to the ICO https://ico.org.uk/make-a-complaint/. If you are based outside the UK, you can also contact your national data protection authority for further information.

This policy was updated on the 23rd February 2023.