Privacy Policy
Effective July 12, 2026
Metacortex Technologies Sociedad Limitada ("Metacortex", "Clubkey", "we") builds Clubkey: a Shopify app for merchants and a companion iOS app and web hub for their members. This policy explains what we collect, why, and what you can do about it. It is written to be read, not decoded.
We are based in Spain, subject to the GDPR, and we try to act like it everywhere, not just where the law requires it.
Who we are
Clubkey is operated by Metacortex Technologies Sociedad Limitada, Calle Rodríguez Arias 17, Piso 2, Bilbao, Vizcaya 48011, Spain. For anything covered by this policy, contact us at support@joinclubkey.com.
Two relationships, two roles
Clubkey sits between a merchant's Shopify store and that merchant's members, and we play a different role on each side.
For club membership data tied to a specific merchant — points, tiers, event RSVPs, redemptions — the merchant is the data controller and we are their processor, acting on their instructions to run the club.
For the account layer that spans every club a person belongs to — their email, their optional birthday, their push notification token, their Clubkey login — we are the controller, because that identity belongs to the person, not to any one shop.
What we collect from merchants
When a merchant installs Clubkey, we receive their shop domain and store details, and — through Shopify's own APIs, under Shopify's terms — the catalog and order data needed to run their club: products, orders, and customer records tied to those orders. We also see aggregate usage of the app itself (which features get used, how often) so we can tell what to build next.
What we collect from members
When someone joins a club, we collect their email address to identify them, and their membership record with that club: points earned, tier, event tickets, mission and reward claims, and anything they choose to post, like photos on a club wall.
An optional birthday, if given, unlocks birthday perks a merchant sets up — nothing else uses it.
If someone installs the Clubkey iOS app, we collect a push notification token so drops and event reminders can reach their lock screen, and, once the app requests it, the details needed to personalize an Apple Wallet pass.
Orders are linked to a membership through a one-way hash of the shop and the Shopify customer id, not through the order contents. We never see, store, or process card numbers or other payment details — those stay with Shopify and its payment processors entirely.
Why we process it
Every piece of data above exists to run the club: award points and tiers, issue and update Wallet passes, send the notifications a member opted into, list events they can RSVP to, and settle redemptions. Aggregate, de-identified usage helps us fix and improve the product. We do not build advertising profiles and we do not sell data, to anyone, ever.
Legal basis (GDPR)
For members, most processing rests on performance of the club membership itself: you join a club to earn points and access perks, and we process what that requires. Push notifications and marketing email rest on the consent given when opting in, withdrawable at any time. Security, fraud prevention, and basic product analytics rest on our legitimate interest in keeping the service working and safe, weighed against your rights.
For merchants, processing rests on the contract we have with them — the Shopify app listing and our terms of service — and their own legitimate interest in running their loyalty program.
Metacortex is established in Spain; our supervisory authority is the Agencia Española de Protección de Datos (AEPD).
Who else touches the data
We use a short list of processors, each bound by their own data processing terms, and none of them get more than they need to do their job:
- Shopify — the commerce platform itself; catalog, order, and customer data flows through their APIs under their merchant terms.
- Fly.io — hosts our application and database infrastructure, with regions in the EU and the US.
- Resend — delivers transactional email: sign-in codes, receipts, notifications.
- Anthropic — powers optional AI features merchants can use to draft club copy from their own catalog and brand content. Member personal data is never sent to Anthropic and is never used to train any model.
- Apple — Wallet pass delivery and, for app users, push notification routing.
Apple Wallet passes
A club membership pass — the barcode, tier, and points balance shown on the card — is generated by us and then lives on the member's own device, in their Wallet. We can push updates to a pass (a new tier, a redeemed reward) but we do not read anything else stored in that person's Wallet.
How long we keep it
Members can delete their Clubkey account at any time from inside the app. That erases their account-layer identity outright: login sessions, push tokens, push consent, notification history, and birthday. Their membership records at any specific club they belonged to remain subject to that merchant's own instructions, in line with Shopify's data protection requirements for apps.
When a merchant uninstalls Clubkey, Shopify notifies us and we honor all three of Shopify's mandatory GDPR webhooks: a customer's data access request, a customer redaction request, and, 48 hours after uninstall, a full shop redaction that erases the merchant's club data from our systems. Redaction deletes identifying and behavioral records outright (photos, tickets, claims); it keeps the points ledger and redemption history only as pseudonymous entries stripped of anything that could link them back to a person, the way a financial ledger keeps its history without keeping your name on it.
Your rights
Members can export everything Clubkey holds about them, and delete their account, both from inside the app, no support ticket required. Beyond that, under GDPR you have the right to access, rectify, restrict, or object to processing, and to lodge a complaint with the AEPD or your local supervisory authority. Email support@joinclubkey.com for any of the above and we will respond within a reasonable time, in practice a lot sooner.
Cookies and tracking
The member web hub sets a session cookie so you stay signed in, nothing else. We run no advertising pixels and no third-party analytics on this site or the hub at launch. If that changes, this policy will change first.
International transfers
Our infrastructure runs on Fly.io in EU and US regions. Where data leaves the EU, it does so under Fly.io's and our other processors' standard contractual clauses or equivalent safeguards.
Children
Clubkey is not directed at children, and club membership requires an email address a merchant's own storefront would already require for a purchase. We do not knowingly collect data from anyone we know to be under 16.
Changes to this policy
If we change what we collect or why, we will update this page and change the effective date at the top. Material changes, anything that changes what we collect or who we share it with, will also be announced through the app or by email before they take effect.
Contact
Metacortex Technologies Sociedad Limitada, Calle Rodríguez Arias 17, Piso 2, Bilbao, Vizcaya 48011, Spain. support@joinclubkey.com.