Privacy Policy

Last updated: April 28, 2026

Effective date: April 28, 2026

Back2Me Global ("Back2Me," "we," "our," or "us") operates both a product business (selling physical QR tags) and a recovery platform (connecting item finders with item owners). This Privacy Policy explains how we collect, use, and protect information in both contexts.

Key principle:

Finders who scan a Back2Me tag are never required to create an account or share personal information with Back2Me or the item owner. The owner's personal details are never displayed to a finder.

1. Information We Collect

From product customers (tag buyers)

  • Identity: name, email address
  • Payment: processed exclusively by Stripe — we do not store card numbers
  • Shipping address for physical order fulfillment
  • Subscription data: plan type, billing cycle, renewal dates

From registered tag owners (dashboard users)

  • Profile information you choose to add (emergency contacts, medical notes, pet details)
  • Tag registration and activation data
  • Scan event history (when your tags were scanned, location if shared by the finder)
  • Recovery chat messages (stored only for the duration of the recovery event, accessible only to the owner and the finder who initiated the scan)

From finders (people who scan a tag)

  • The scan event itself (timestamp, tag ID, approximate geolocation if the browser grants permission)
  • Any message the finder voluntarily sends through the recovery chat
  • Shipping address if the finder initiates a Mail-It-Back return (used only to generate the label)

Finders are never required to create an account. We do not profile finders or use finder data for marketing purposes.

Automatically collected data

  • Browser type, device type, IP address, referring URL
  • Pages visited, time on site, click events (via analytics)
  • Cookies — see Section 7 below

2. How We Use Your Information

  • Order fulfillment: process payment, pack, and ship physical products
  • Platform operation: route scan events, open recovery chats, generate Mail-It-Back labels
  • Account management: subscription billing, dashboard access, tag activation
  • Communications: order confirmations, scan alerts, recovery notifications, service updates
  • Security: detect fraud, suspicious activity, and policy violations
  • Analytics: understand how the platform is used (aggregated and anonymized)
  • Legal compliance: respond to lawful requests and fulfill our obligations

3. Sharing of Information

We do not sell your personal data. We share information only as follows:

  • Stripe — payment processing and subscription management
  • Twilio — SMS notifications to registered owners for scan events and alerts
  • EasyPost / shipping carriers — to generate and fulfill shipping labels for product orders and Mail-It-Back events
  • Supabase — database and authentication infrastructure
  • Legal authorities — if required by law, court order, or to protect safety

During a recovery event, the item owner's profile message is displayed to the finder — but only the content the owner has explicitly chosen to share (e.g., a return message or emergency contact). The owner's name, email, and address are never shown.

4. Security

We use industry-standard measures to protect your data: TLS encryption in transit, encryption at rest for sensitive fields, and role-based access controls. Recovery chat messages are transmitted over encrypted connections and protected by strict access controls — only the finder who initiated the scan and the item owner can access a given conversation. No system is completely secure; we cannot guarantee absolute security, but we take reasonable precautions.

We may monitor or review communications between users strictly for safety, support, and fraud prevention purposes. Access to such communications is limited to authorized personnel and handled in accordance with our privacy and security practices.

5. Cookies

We use cookies and similar tracking technologies for:

  • Strictly necessary: authentication sessions, checkout cart state
  • Analytics: aggregate usage metrics to improve the platform
  • Marketing: only if you opt in (e.g., retargeting ads)

You can control cookies through your browser settings. Disabling strictly necessary cookies may prevent the platform from functioning correctly.

6. Children

Our services are intended for use by parents or legal guardians. We may collect and process limited information about children under 13 only with verifiable parental consent.

This information may include:

  • The child's first name or nickname
  • Medical information that the parents think is important to share, such as allergies

We do not allow children to create accounts or directly interact with the platform.

Parents or guardians may review, update, or delete their child's information at any time using their dashboard.

If we become aware that we have collected personal data from a child without parental consent, we will delete it promptly.

7. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will post the new version here and update the "Last updated" date. For material changes, we will notify registered users by email.

8. Contact

Questions or concerns about this policy? Email support@back2meglobal.com.