Skip to main content

Legals

In short

Legals is where the loyalty club's Terms of Use and GDPR / privacy document URLs live, and where the post-POS-registration consent flow is configured. The terms / GDPR URLs are displayed on the Registration form when members click "view terms" — keep them up to date when your legal team updates the documents. The consent settings card is set at launch and rarely changes.

URLs — Terms of Use and GDPR

Two URL fields:

  • Terms of use — the URL of your hosted Terms-of-Use document. Whatever lives at this URL is what members see when they click the terms link on the Registration form.
  • GDPR — the URL of your hosted GDPR / privacy-policy document. Same idea.

These are typically pages on your business website (e.g. https://yourbusiness.com/terms and https://yourbusiness.com/privacy). Whenever your legal team updates the documents, no work is needed here — the URL keeps pointing at the same page, the new content shows automatically. Update the URLs only if you move the documents to a new path.

Legals page. Two cards side by side. Left: URLs card with Terms of use and GDPR fields, both populated with the URL of the merchant's terms-of-service / privacy-policy page. Right: Member consent settings card with Active toggle on, How to send dropdown set to "Auto", Communication template dropdown set to "Sólo te queda un paso más para disfrutar de las ventajas del club ☀". Save button bottom-right.

The right-hand card on the page controls the post-POS-registration consent flow — the flow that runs when a member is registered through the POS (rather than via the public registration form).

Background: when the Auto Registration from POS flow is on, members can become members at the till by buying a registration item — but they haven't yet consented to anything. This card configures what happens next:

  • Active — toggle. When on, the post-POS-registration consent flow is enabled.
  • How to sendAuto (the default; a system-managed flow) or a manual variant.
  • Communication template — the SMS / email template that gets sent to the member after their POS-side registration, asking them to complete consent. This template is configured under Comm. Templates and picked here. The sent message contains a link that takes the member to the Registration form where they fill in their consent (terms, GDPR, marketing) before they can log in to the loyalty web app.

In effect: registered at POS → receives this SMS → clicks the link → completes consent on the registration form → can log in.

When to touch this

  • Update the Terms of Use or GDPR URLs if you move the documents to a new path.
  • Change the consent SMS / email by editing the template under Comm. Templates — the template name selected here will pick up the new copy automatically (templates are referenced, not snapshotted).
  • Disable the consent flow by toggling Active off — only do this if you've changed how POS-side registration works on the operational side.

Why keeping the URLs current matters

Members often skip the terms link on registration, but regulators don't — when a data-protection authority asks "what did members agree to?", the answer needs to be the document at the URL on file. If your legal team updates the document and the URL has moved, members are agreeing to a 404 page. Quick check after any legal-document update: does each URL still load the right document?