Skip to main content
Add to Chrome
Extension Installed

Privacy Policy

Revised: August 14, 2025

Croissant Pay, Inc. ("Croissant") offers a service designed to support and provide resale offers for eligible goods purchased from participating merchants. This Privacy Policy describes how Croissant collects, uses, discloses, and otherwise processes personal information from individuals who: visit our website, interact with us through a merchant that we partner with that displays our services, or use our mobile applications and related technologies (collectively the "Service"), or who otherwise interact with us, both online and offline.

Personal Information That We Collect:

Personal information that you provide:

  1. Contact and biographical information, such as your name, age, gender, email address, mailing address, phone number, and birthday.
  2. Account information, such as your Croissant login information.
  3. Purchase information, such as the items that you purchase and your purchasing preferences, such as the time of day that you typically make purchases.
  4. Payment information, such as your PayPal or Venmo account information, bank account number, or other account information so that we can pay you.
  5. Marketing data, such as your preferences for receiving our marketing communications, and details about your engagement with those communications.
  6. Feedback or correspondence, such as information that you provide when you contact us with questions, feedback, or otherwise correspond with us, including your full name, email address, telephone number, and the content of your communications.
  7. Emailed order information, such as personal information contained on digital receipts and order confirmations, and consumer account and email log-in credentials so that we can easily import purchased items to your Croissant account through email forwarding and/or email sync.

Information that we obtain from other sources:

  1. Merchant interactions. Merchants that we partner with may provide us with information about your purchase, such as the items that you purchased, the purchase price, and the date of the purchase. These merchants may also provide us with your contact information, such as your email address.
  2. Social media interactions. We may maintain pages on social media platforms, such as Facebook or Twitter. When you visit or interact with our pages on those platforms, the platform provider's privacy policy will apply to your interactions and their collection, use, and processing of your personal information. You or the platforms may provide us with information through the platform, and we will treat such information in accordance with this Privacy Policy.

Automatic Data Collection:

We and our service providers may automatically log information about you, your computer or mobile device, and your interaction over time with our Service, our communications, and other online services, such as:

  1. Device data, such as your computer's or mobile device's operating system, manufacturer and model, browser type, IP address, unique identifiers, language settings, mobile device carrier, and general location information such as city, state, and geographic area.
  2. Online activity and usage data. When you access and use the Service, we receive and store information about your interactions such as pages or screens you viewed, how long you spent on a page or screen, browsing history, navigation paths between pages or screens, information about your activity on a page or screen, access times, and duration of access, as well as whether you have opened our marketing emails or clicked on links within them.

We use the following tools for automatic data collection:

  1. Cookies, which are text files that websites store on a visitor's device to uniquely identify the visitor's browser or to store information or settings in the browser for the purpose of helping you navigate between pages efficiently, remembering your preferences, enabling functionality, and helping us understand user activity and patterns.
  2. Local storage technologies, like HTML5, that provide cookie-equivalent functionality but can store larger amounts of data, including on your device outside of your browser in connection with specific applications.
  3. Web beacons, also known as pixel tags or clear GIFs, which are used to demonstrate that a webpage or email was accessed or opened, or that certain content was viewed or clicked.

How We Use Your Personal Information:

We use the personal information collected above for the following purposes:

  1. To operate our Service. Provide, operate, and improve our Service and our business; process your payments and complete transactions with you; verify and add the information from your purchases from our participating brands and merchants; and improve user-facing features on our app or website.
  2. To communicate with you. Communicate with you about our Service, including by sending announcements, updates, security alerts, and support and administrative messages; provide support, and respond to requests, questions, and feedback.
  3. For research and development. Analyze and improve the Service and develop new products and services, including by studying use of our Service.
  4. To create anonymous data. Create anonymous data from your personal information and other individuals' personal information that we collect. We make personal information into anonymous data by removing information that makes the data reasonably personally identifiable to you. We may use this anonymous data and disclose it to third parties (such as merchants that we partner with) for our lawful business purposes, including to analyze and improve our Service, conduct research, and promote our business.
  5. To comply with our legal and financial obligations. For example, to keep records of transactions or to verify your identity, or as requested by any judicial process or governmental agency.
  6. For fraud prevention and safety. Help protect our, your, or others' rights, privacy, safety, or property (including by making and defending legal claims); enforce the terms and conditions that govern our Service; and protect, detect, investigate, respond to, prosecute, and deter against security incidents or other malicious, deceptive, fraudulent, harmful, unauthorized, unethical, or illegal activity.
  7. To send you direct marketing communications. We may from time to time send you direct marketing communications via email or text message as permitted by law, such as to notify you of special promotions and offers. You may opt out of our marketing communications as described in the "Unsubscribe from direct marketing communications" section, below. Croissant's use and transfer of information received from Google APIs to any other app will adhere to Google API Services User Data Policy, including the Limited Use requirements.

How We Disclose Your Personal Information:

We disclose personal information with the following categories of recipients:

  1. Affiliates. We disclose personal information within Croissant and with our subsidiaries and affiliates for purposes consistent with this Privacy Policy.
  2. Service providers. We disclose personal information to third-party companies and individuals that provide services on our behalf or help us operate our Service (such as customer support, application hosting, email delivery, marketing, identity verification, fraud detection, shipping and logistics providers, and database management).
  3. Professional advisors. We disclose personal information to professional advisors, such as lawyers, bankers, auditors, and insurers where necessary in the course of the professional services that they render to us.
  4. To protect the rights of Croissant and others. We may disclose personal information if we believe that your actions are inconsistent with our user agreements or policies, if we believe that you have violated the law, or if we believe it is necessary to protect the rights, property, and safety of Croissant, our users, the public, or others.
  5. Legal. We may disclose personal information to law enforcement agencies, regulatory bodies, public authorities, or pursuant to the exercise of legal proceedings if we are legally required to do so or if we believe, in good faith, that such disclosure is necessary to comply with a legal obligation or request, or to enforce our terms and conditions.
  6. Business transfers. We may disclose personal information in connection with a corporate transaction (or potential transaction) such as a corporate divestiture, merger, consolidation, acquisition, reorganization, or sale of assets, or in the event of bankruptcy or dissolution.
  7. With your consent or at your direction. We make personal information available to third parties when we have your consent or you intentionally direct us to do so.

We do not disclose your information that we receive through Google Gmail APIs to third parties other than those service providers as necessary to support functions we need to operate our programs, for legal or security reasons, or as part of an acquisition or liquidation.

Your Choices:

Account information

You can access, correct, and delete certain information stored within your Croissant account at any time by logging in and navigating to your Profile.

Communication preferences

You may opt out of marketing-related communications by following the opt-out or unsubscribe instructions contained in the marketing communication that we send you, or by contacting us using the details in the "Contact Us" section below. If you opt out, we may still send you non-promotional emails, such as those about your account or transactions.

Online tracking opt-out

There are a number of ways to opt out of having your online activity and device data collected through our Service, which we have summarized below:

  1. Blocking cookies in your browser. Most browsers let you remove or reject third-party cookies. To do this, follow the instructions in your browser settings. Many browsers accept cookies by default until you change your settings. For more information about cookies, including how to see what cookies have been set on your device and how to manage and delete them, visit allaboutcookies.org.
  2. Use the following links to learn more about how to control cookies and online tracking through your browser: Firefox; Chrome; Microsoft Edge; Safari
  3. Opt out of data sharing. You can also opt out of certain ad-targeted and similar technologies by clicking the Opt Out of Data Sharing button in the footer of our website. Your opt-out choice will be linked to your browser only; therefore, you will need to renew your opt-out choice if you visit our website from a new device or browser, or if you clear your browser’s cookies.
  4. Google Analytics. We use Google Analytics to help us better understand how people engage with the Service by collecting information and creating reports about how users use our Service. For more information on Google Analytics, click here. For more information about Google's privacy practices, click here. You can opt out of Google Analytics by downloading and installing the browser plug-in available at: https://tools.google.com/dlpage/gaoptout.
  5. Using privacy plug-ins or browsers. You can block our Service from setting third-party cookies by using a browser with privacy features, like Brave, or installing browser plugins like Privacy Badger, DuckDuckGo, Ghostery, or uBlock Origin, and configuring them to block third- party cookies / trackers. Note that because these opt-out mechanisms are specific to the device or browser on which they are exercised, you will need to opt out on every browser and device that you use.
  6. Do Not Track. Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to “Do Not Track” or similar signals. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.

Children's privacy

Our Service is not intended for use by children under 18 years of age. If we learn that we have collected personal information through the Service from a child under 18 without the consent of the child's parent or guardian as required by law, then we will delete it. If you are a parent or guardian and you are aware that your child has provided us with personal information, then please contact us as set out in the “Contact Us” section below.

Security practices

We use reasonable organizational, technical, and administrative measures designed to protect against unauthorized access, misuse, loss, disclosure, alteration, and destruction of personal information. Unfortunately, data transmission over the Internet cannot be guaranteed as completely secure. Therefore, while we strive to protect your personal information, we cannot guarantee the security of personal information.

Changes to this Privacy Policy

We reserve the right to modify this Privacy Policy at any time. If we make changes to this Privacy Policy, then we will notify you by updating the date of this Privacy Policy and posting it on this page. If we make material changes, we will provide you with additional notice (such as by adding a statement to the Service or sending you a notification). We encourage you to review this Privacy Policy regularly to stay informed about our information practices and the choices available to you.

Contact Us:

If you have any questions, comments, or complaints about this Privacy Policy or our privacy practices, or if you would like to exercise your rights with respect to your personal information, then please contact us by email at support@croissant.com or by mail at:

Croissant Pay Inc.
222 2nd Ave S 17th Floor
Nashville, TN 37201