Xoxoday Plum transfers only the minimum required loyalty tier or segment identifiers through encrypted, TLS 1.2+ integrations — customer PII is never required for offer eligibility or visibility enforcement.
Least-privilege data model
Xoxoday Plum enforces a least-privilege data model across all loyalty layer integrations. Your organisation’s loyalty system passes a single tier identifier or segment tag — for example, “Gold”, “Tier 2”, or a segment code — to Xoxoday Plum. This identifier is all that is needed to control which reward offers are visible or redeemable for a given user group. No names, email addresses, phone numbers, or other personally identifiable information need to cross the integration boundary.Encryption and authentication in transit
All data in transit is protected using TLS 1.2 or higher encryption. Xoxoday Plum requires strong authentication and authorisation at the integration layer — OAuth 2.0 and JWT-based token flows are the standard mechanism, ensuring only authenticated, authorised services can read or write tier data. Access tokens are scoped narrowly, so the integration service cannot request or receive data beyond its defined role.Audit logging and compliance alignment
Every data exchange across the integration is captured in audit logs. These logs record what data was accessed, by which service, and at what time — supporting compliance reviews, security incident investigations, and regulatory reporting without exposing individual customer records. This approach aligns with frameworks such as ISO 27001 and SOC 2 Type II, both of which require demonstrable controls over data access and data minimisation.Practical example
Consider an organisation running a tiered loyalty scheme where members are classified as Silver, Gold, or Platinum. Xoxoday Plum receives only that classification string per authenticated session. The reward catalogue then surfaces only the offers eligible for that tier. At no point does Xoxoday Plum need the member’s name, purchase history, or contact details to enforce offer eligibility or visibility rules. This same pattern applies when Xoxoday Plum is integrated alongside enterprise HR or identity systems such as Workday, SAP SuccessFactors, or Darwinbox. Only the segment attribute needed for reward logic is passed, keeping broader employee records within your organisation’s own systems. The result is a compliant, privacy-preserving integration model that satisfies data protection requirements across most enterprise and regulated-industry environments, without creating unnecessary data dependencies between your loyalty layer and the rewards platform. Learn more: [Xoxoday Plum Help Centre — General](How does Xoxoday Plum secure API integrations?
Learn how Xoxoday Plum uses OAuth 2.0, JWT, and TLS encryption to protect data exchanged across enterprise integrations.
What compliance certifications does Xoxoday Plum hold?
Understand how Xoxoday Plum’s ISO 27001 and SOC 2 Type II certifications support enterprise data protection requirements.