Privacy Policy

Last Updated: December 11, 2025

1. Introduction

POSUSA ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

2. Information We Collect

2.1 Information You Provide

Account Information:

  • Name and email address
  • Business name and address
  • Phone number
  • Password (encrypted)

Business Information:

  • Products and menu items
  • Pricing information
  • Business hours
  • Logo and images

Payment Information:

  • Bank account details (for payouts)
  • Transaction history
  • Note: Credit card information is processed directly by Stripe and not stored on our servers

Customer Data (that you collect):

  • Customer names and contact information
  • Order history
  • Payment records

2.2 Information Collected Automatically

Usage Data:

  • Pages visited and features used
  • Time and date of access
  • Device and browser information
  • IP address

Cookies and Tracking:

  • Session cookies (required for functionality)
  • Analytics cookies (to improve our Service)
  • You can control cookies through your browser settings

3. How We Use Your Information

We use collected information to:

  • Provide and maintain the Service
  • Process transactions and send related information
  • Send administrative notifications
  • Respond to inquiries and support requests
  • Improve and personalize the Service
  • Analyze usage patterns and trends
  • Detect, prevent, and address fraud or technical issues
  • Comply with legal obligations

4. How We Share Your Information

4.1 Service Providers

We share data with third parties that help us operate the Service:

  • Stripe - Payment processing (Privacy Policy)
  • Supabase - Database and authentication (Privacy Policy)
  • Unsplash/Pexels - Stock images (only used when you search for images)

4.2 Legal Requirements

We may disclose information if required by law, such as:

  • Court orders or legal process
  • Government requests
  • To protect our rights or safety
  • To investigate fraud or security issues

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new owner.

4.4 With Your Consent

We may share information for other purposes with your explicit consent.

5. Customer Data

As a Merchant using our Service, you collect data from your customers. You are responsible for:

  • Providing your own privacy notice to customers
  • Obtaining necessary consents
  • Using customer data only for legitimate purposes
  • Complying with applicable privacy laws (CCPA, GDPR if applicable)

We process customer data on your behalf and only as necessary to provide the Service.

6. Data Security

We implement appropriate security measures including:

  • Encryption of data in transit (HTTPS/TLS)
  • Encryption of sensitive data at rest
  • Regular security assessments
  • Access controls and authentication
  • Secure data centers (via our hosting providers)

However, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.

7. Data Retention

We retain your information for as long as:

  • Your account is active
  • Needed to provide the Service
  • Required by law (tax records, legal obligations)
  • Necessary to resolve disputes

After account deletion, we may retain anonymized data for analytics purposes.

8. Your Rights

Depending on your location, you may have the right to:

  • Access - Request a copy of your personal data
  • Correction - Request correction of inaccurate data
  • Deletion - Request deletion of your data (subject to legal requirements)
  • Portability - Request your data in a portable format
  • Opt-out - Unsubscribe from marketing communications
  • Withdraw Consent - Where processing is based on consent

To exercise these rights, contact us at privacy@posusa.com

9. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights:

  • Right to know what personal information is collected
  • Right to know if personal information is sold or disclosed
  • Right to say no to the sale of personal information
  • Right to equal service and price

We do not sell personal information.

To make a request, contact us at privacy@posusa.com with "California Privacy Request" in the subject line.

10. Children's Privacy

The Service is not intended for anyone under 18 years of age. We do not knowingly collect information from children. If you believe we have collected information from a child, please contact us immediately.

11. International Users

POSUSA serves users in the United States, United Kingdom, Canada, Australia, and other countries. Your data may be transferred to and processed in the United States.

11.1 United Kingdom

If you are located in the UK, your data is protected under the UK General Data Protection Regulation (UK GDPR) and Data Protection Act 2018. You have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Request erasure ("right to be forgotten")
  • Restrict or object to processing
  • Data portability
  • Lodge a complaint with the Information Commissioner's Office (ICO)

Data transfers from the UK to the US are conducted in compliance with applicable UK data protection laws.

11.2 Canada

If you are located in Canada, your data is protected under the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy laws. You have the right to:

  • Access your personal information
  • Challenge the accuracy and completeness of your data
  • Withdraw consent (subject to legal restrictions)
  • Lodge a complaint with the Office of the Privacy Commissioner of Canada

11.3 Australia

If you are located in Australia, your data is protected under the Privacy Act 1988 and the Australian Privacy Principles (APPs). You have the right to:

  • Access your personal information
  • Request correction of inaccurate data
  • Complain about privacy breaches
  • Lodge a complaint with the Office of the Australian Information Commissioner (OAIC)

11.4 Data Transfers

By using the Service, you consent to the transfer of your data to the United States for processing. We use service providers (Stripe, Supabase) that maintain appropriate data protection standards. While your data is stored and processed in the US, we implement security measures to protect your information regardless of location.

12. Third-Party Links

Our Service may contain links to third-party websites. We are not responsible for the privacy practices of these sites. We encourage you to read their privacy policies.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

  • Email notification
  • Notice on the Service
  • Updating the "Last Updated" date

Your continued use after changes constitutes acceptance of the updated policy.

14. Do Not Track

Some browsers have a "Do Not Track" feature. We currently do not respond to Do Not Track signals, as there is no industry standard for compliance.

15. Contact Us

For questions or concerns about this Privacy Policy or our data practices, contact us at:

POSUSA
Email: privacy@posusa.com

For data protection requests:
Email: privacy@posusa.com
Subject: "Privacy Request"

By using POSUSA, you acknowledge that you have read and understood this Privacy Policy.

← Back to Sign Up