Reminator logo
Get Started
Legal

Privacy Policy

How we collect, use, and protect your personal information

Last updated: April 22, 2026

1Introduction

Fluctuation Games LLC, doing business as Reminator ("Reminator," "we," "us," or "our"), is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our notification aggregation platform and related services.

By using Reminator, you agree to the collection and use of information in accordance with this policy.

2Information We Collect

2.1 Information You Provide

  • Phone Number: When you subscribe to receive notifications via RCS, SMS, WhatsApp, or Telegram
  • Subscription Preferences: Which businesses you choose to subscribe to
  • Communication Content: Commands and messages you send to our WhatsApp number

2.2 Information Collected Automatically

  • Message Delivery Status: Whether messages were delivered and read
  • Interaction Data: Button clicks and responses to notifications
  • Timestamp Data: When subscriptions are created or modified

2.3 Business Dashboard Users

If you are a business using our dashboard, we additionally collect:

  • Business contact information and account credentials
  • Notification templates and flow configurations
  • Analytics data about notification performance

3How We Use Your Information

We use the collected information to:

Deliver Notifications

Send you notifications from businesses you've subscribed to

Manage Subscriptions

Process subscription requests, changes, and unsubscribe commands

Improve Service

Analyze usage patterns to improve our platform and user experience

Ensure Security

Detect and prevent fraud, abuse, and security incidents

Legal Compliance

Comply with legal obligations and respond to lawful requests

4Information Sharing

We do not sell your personal information. We will not share, sell, or disclose your mobile phone number or any mobile information to third parties for marketing or promotional purposes. We may share your information in the following circumstances:

  • With Businesses You Subscribe To: We share your phone number with businesses you explicitly subscribe to, solely for sending notifications
  • Service Providers: Third-party vendors who assist in operating our platform (e.g., cloud hosting, messaging infrastructure)
  • Legal Requirements: When required by law, court order, or governmental authority
  • Business Transfers: In connection with a merger, acquisition, or sale of assets

4APayment Information

Reminator never collects, stores, transmits, or has access to Subscriber payment card data, bank account numbers, or any other sensitive payment credentials.

4A.1 Business Subscription Billing

When a Business pays Reminator for platform access, payment is processed by Stripe. Reminator stores only a non-sensitive customer identifier returned by Stripe and the last four digits and brand of the payment instrument for display in the dashboard. Full card data is held by Stripe under their PCI DSS Level 1 certification.

4A.2 Subscriber Payments to Businesses

Where a Business enables the optional payment-display feature, Reminator displays a payment link configured by the Business. When a Subscriber clicks that link, the Subscriber is redirected to a third-party payment processor chosen by the Business (such as Stripe, Mercado Pago, PayPal, or another processor). The Subscriber transacts directly with that processor.

For Subscriber payments, Reminator stores only:

  • the public payment link URL configured by the Business;
  • the processor name (e.g., "Stripe") and a non-sensitive transaction reference (such as Stripe'scheckout_session_idorpayment_intent_id);
  • the payment status (e.g., "Pending", "Paid", "Refunded", "Failed") and timestamp, derived from cryptographically signed webhook events sent by the processor or from a clearly labeled manual confirmation by the Business;
  • the gross amount and ISO 4217 currency code shown on the link;
  • an audit trail of webhook events received and any manual status changes, including the Business User who performed them;
  • when supplied by the processor, a non-sensitive receipt URL hosted by the processor (for example, a Stripe receipt_url), so that the Subscriber can view their official receipt in a new tab. The URL itself is treated as a public link by the processor; Reminator stores only this URL and never the receipt content;
  • a record of any "Transaction Confirmation" document Reminator has generated on demand for the Subscriber or the Business (rendered from the data above; cached up to 24 hours, then re-generated as needed).

Reminator does not store, process, or have access to:

  • full or partial Subscriber payment card numbers (PAN);
  • card expiration dates, CVV/CVC, or 3-D Secure data;
  • bank account numbers, IBANs, routing numbers, or PIX/CBU/CLABE keys;
  • cardholder name as it appears on the card, billing address, or ZIP code;
  • the Business's payment-processor secret API keys (only public webhook signing secrets are stored, encrypted at rest in AWS Secrets Manager and never returned to the dashboard after creation).

4A.3 Webhook Security

Reminator verifies every incoming payment webhook against an HMAC signature computed with a secret shared only between Reminator and the Business's payment processor. Webhooks that fail signature verification or replay-window checks are rejected and logged. This prevents an attacker from forging a "Paid" status without compromising the processor.

4A.4 Third-Party Privacy Policies

Subscriber data submitted to any third-party payment processor is governed by that processor's privacy policy, not by this Privacy Policy. Reminator recommends reviewing the policies of any processor a Business uses, including:

5Data Security

We implement industry-standard security measures to protect your data:

Encryption at Rest
TLS 1.3 in Transit
Access Controls
Audit Logging
MFA Authentication
AWS Security

For healthcare-related notifications, we implement additional HIPAA-compliant safeguards to protect Protected Health Information (PHI).

6Data Retention

We retain your information for as long as necessary to provide our services:

  • Active Subscriptions: Data is retained while your subscription is active
  • After Unsubscription: Phone numbers are anonymized or deleted within 30 days
  • Message Logs: Retained for 90 days for troubleshooting, then deleted
  • Audit Logs: Retained for 7 years for compliance purposes

7Your Rights

Depending on your location, you may have the following rights:

Access

Request a copy of the personal data we hold about you

Correction

Request correction of inaccurate personal data

Deletion

Request deletion of your personal data (reply STOP ALL to any message)

Portability

Request your data in a portable format

Opt-Out

Unsubscribe from notifications at any time

8Children's Privacy

Reminator is not intended for users under the age of 13. We do not knowingly collect personal information from children. If you believe we have collected information from a child under 13, please contact us immediately.

9International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers, including Standard Contractual Clauses where required.

10Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. For significant changes, we may also send you a notification via your subscribed messaging channel.

11Contact Us

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us:

Email: privacy@reminator.com

Mail: Fluctuation Games LLC (d/b/a Reminator), 1000 Brickell Ave, 715, Miami, FL 33131, USA

See also: Terms of Service | Opt-In Policy