Privacy Policy
Last updated: April 16, 2026
Genie Perks ("we", "us") is a consumer rewards panel operated in the United States. We pay you for your time (answering surveys) and, with your explicit consent, for sharing anonymized insights from your shopping activity. This policy explains, in plain English, what we collect, why we collect it, who we share it with, and what rights you have.
If you're under 18 or outside the United States, please don't use Genie Perks — we don't operate in your region yet.
What we collect
- Account info. Email address, a verified US phone number, and (once you complete your profile) basic demographics: year of birth, gender, ZIP code, household income bucket, household size, and employment status.
- Earning activity. Surveys you complete, receipts you submit, retailer accounts you connect, referrals you send, and your resulting balance and payouts.
- Receipt content. When you upload a receipt, we extract the merchant, date, total, line items, and (where printed) UPCs. We do not persist the receipt image — only a hash used for duplicate detection.
- Retailer purchase data (only when you connect a retailer or email account). This is limited to order records: merchant, order date, total, and SKU-level line items. We never access anything other than order history.
- Device + fraud-prevention signals. A device fingerprint and the IP address of your requests, used only to prevent duplicate accounts and bot signups.
- Communications. Emails we send you (magic links, payout confirmations) are delivered via Resend and not retained beyond normal logs.
How we use what we collect
- To pay you the rewards you've earned.
- To match you to surveys and offers that fit your profile.
- To produce aggregated, de-identified insights that we sell to brands and market research clients. These insights never include your name, email, phone, or any individually identifiable information.
- To detect and prevent fraud (duplicate accounts, fake receipts, bot signups).
- To communicate with you about your account and rewards.
- To meet legal obligations (tax reporting for earnings over $600/yr per IRS rules).
What we don't do
- We do not sell your personally identifiable information.
- We do not share the contents of your email beyond parsed retailer order confirmations. If you connect Gmail, we look at emails from specific retailers and extract only the order details — never full message bodies, never unrelated mail.
- We do not make purchases on your behalf or store your payment methods.
- We do not retain uploaded receipt images — only the parsed data.
Third parties we use (subprocessors)
- Vercel — hosts the website and API.
- Neon — Postgres database for account and earning data.
- Resend — delivers transactional email.
- Twilio — sends SMS verification codes.
- Tremendous — processes payouts (gift cards, PayPal, ACH).
- Sentry — collects technical errors (stack traces, no form data).
- Google (Gmail API) — only if you explicitly connect Gmail for receipt scanning.
Each of these is bound by their own privacy terms and we select them for their security posture. We do not transfer data outside the United States except where the subprocessor processes data in their standard US infrastructure.
How long we keep your data
We keep your account data as long as your account is active, plus up to 90 days after you request deletion (to finalize any pending payouts and comply with fraud records). Tax records required by the IRS are retained for 7 years. Deleted-account data is permanently removed from our live database and restricted in backups.
Your rights
- Access. Ask us for a copy of the personal data we have about you.
- Correction. Update your profile in the app at any time.
- Deletion. Ask us to delete your account and personal data. Pending payouts will be finalized first.
- Disconnect retailer / email connections.You can revoke access to any connected account in the app; we'll stop pulling new data immediately.
Email any request to privacy@getgenieperks.com. We respond within 30 days.
Security
We encrypt sensitive fields (including any retailer credentials you provide) at rest using authenticated encryption. All traffic is HTTPS. We restrict database access to authorized engineering personnel. We maintain a written incident response plan and will notify affected users within 72 hours of any qualifying breach.
Children's privacy
Genie Perks is for adults (18+). We do not knowingly collect information from minors. If you believe a minor has created an account, email us and we'll remove it.
Changes to this policy
If we make material changes, we'll notify you by email before they take effect. The date at the top of this page shows the current version.
Contact
Privacy questions: privacy@getgenieperks.com