How we handle your data — in writing.

DoublePenniesOnline LLC is a research and development company. The personal information we collect supports research participation and operational integrity — not advertising, profiling, or resale. This page explains what we collect, why, who else sees it, what your rights are, and how to reach us with any privacy concern.

Effective date

May 15, 2026

Last updated

May 15, 2026

Privacy contact

support@doublepennies.online

What we collect — and what we do with it

DPO collects three categories of information. Each category exists for specific operational reasons described below; we don't collect data we don't need.

Category 01

Account & contact information

When you activate a Spending Account, you provide your name, email address, and payment information. Payment processing is handled by our third-party payment processor; DPO does not store full credit card numbers — only a payment reference and the card's last four digits.

Why we collect it: to administer your participation, process the $10 research fee and any refunds, communicate with you about your Consumer Research Spending Card, and meet record-keeping obligations as a registered research entity.

How long we keep it: for the duration of your active participation, plus a reasonable period afterward to honor refund rights and respond to inquiries (typically up to 7 years for record-keeping).

Category 02

Spending data — category-level only

Once your $500 Consumer Research Spending Card is issued, the card platform records each transaction by merchant category code (MCC). This means we know that you spent at a "grocery store" or a "utility company" — but we do not see the individual merchant name, the items you purchased, or the itemized breakdown of any transaction.

Why we collect it: the category-level patterns across many participants are the data behind our household spending research. Aggregating this data helps us understand how households apply spending support — which is the entire research purpose of DPO.

How long we keep it: indefinitely in anonymized, aggregated form for research outcomes. Your individual transaction-by-transaction history is purged from identifiable form on the same retention schedule as your account information.

Category 03

Technical & website data

When you visit doublepennies.online, our servers automatically log standard technical information: your IP address, browser type, device type, referring URL, the pages you view, and timestamp. We use cookies for session management and basic analytics (see Cookies section below).

Why we collect it: to operate the website, prevent fraud, debug issues, and understand high-level traffic patterns (e.g., which pages are most visited).

How long we keep it: server logs typically rotate within 90 days. Aggregated analytics may be kept longer in non-identifiable form.

Who we share your information with — and who we don't

DPO shares the minimum personal information necessary to operate as a research and development company. There are categories of providers we work with to do that. There are people we will never share your information with.

Research outcomes published by DPO use aggregated, anonymized metrics — for example, "of participants who completed at least three orders, X% applied a portion of their Consumer Research Spending Card to utilities." Individual participants are never identifiable in published research outputs.

Your rights and choices

Depending on where you live, you may have specific legal rights regarding your personal information. The rights below apply to all participants regardless of location, with additional state and country-specific rights described where applicable. To exercise any of these rights, email support@doublepennies.online with the subject "Privacy rights request."

Access

Request a copy of the personal information DPO holds about you. We respond within 30 days.

Correct

Request correction of any inaccurate information about you.

Delete

Request deletion of your personal information. (Note: we may retain certain records as required for legal, regulatory, or research-integrity purposes — described in the response to your request.)

Refund & withdraw

Request a refund of your $10 research fee at any time. Refunding effectively withdraws your participation in that order — see our refund policy.

Marketing opt-out

DPO does not send marketing emails. The only emails you'll receive are operational (account, refund, milestone notifications). If you'd prefer not to receive operational emails, your option is to refund and withdraw participation.

Complaint

Lodge a complaint with the data-protection authority in your jurisdiction if you believe DPO has mishandled your information.

California residents (CCPA / CPRA) and EU/UK residents (GDPR) have additional specific rights. If you are a resident of California or the EU/UK, please contact us using the email above and we will provide jurisdiction-specific information about your rights and how to exercise them.

Security, retention, cookies, and children

🔒 Security

DPO uses industry-standard administrative, technical, and physical safeguards to protect personal information from unauthorized access, alteration, disclosure, or destruction. This includes encryption of data in transit (HTTPS), secure third-party processors (our payment processor and the Consumer Research Spending Card platform), and access controls limiting which DPO personnel can view participant information.

No system is 100% secure, however. If a security incident affects your personal information, DPO will notify you and any required regulatory authorities in accordance with applicable law.

⏱ Retention

Personal information is retained only as long as necessary for the purposes described in this policy:

— Account & contact info: through active participation plus a reasonable period (typically up to 7 years) for record-keeping and refund-rights compliance.
— Spending data: identifiable form retained on the same schedule as account info; anonymized aggregate form retained indefinitely for research outputs.
— Technical & website data: server logs typically rotate within 90 days.

🍪 Cookies and similar technologies

DPO uses cookies for two purposes: (1) to keep you logged in / maintain your session as you navigate the site, and (2) to gather aggregate, anonymous analytics about which pages are used most. We do not use cookies for advertising, behavioral profiling, or cross-site tracking.

You can control cookies through your browser settings. Disabling certain cookies may affect website functionality but will not prevent you from accessing public pages.

🧒 Children's privacy

DPO is not directed to children under 13 (or under 16 in jurisdictions where applicable, such as the EU/UK). We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us at support@doublepennies.online and we will delete the information promptly.

Changes to this policy & how to reach us

DPO may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

Update the "Last updated" date at the top of this page.
Notify active participants by email when changes materially affect how we handle your information.
Provide a reasonable opportunity to review the changes before they take effect when feasible.

Your continued participation in DPO after policy changes take effect constitutes acceptance of the updated policy. If you do not accept the updated policy, you may request a refund for your $10 research fee and withdraw participation at any time.

For any privacy question, concern, or rights request, email: