Privacy Policy

1. What We Collect

The platform collects the following data when you use it:

• Account data: name, role, branch, terminal ID, and login credentials.
• Transaction data: type, amount, reference ID, channel, timestamp, and any notes you add.
• Statement data: uploaded files and the parsed transaction lines extracted from them.
• Settlement data: opening and closing float, totals by transaction type, and variance.
• Activity logs: every action you take on the platform — logged with your user ID, role, and timestamp.

2. How We Use It

• To reconcile your POS transactions against uploaded bank or terminal statements.
• To surface discrepancies and support resolution by POS Admins.
• To generate reports and maintain audit trails for internal compliance and review.
• To send you notifications about your transactions, statements, and settlement status.
• To investigate disputes, errors, or suspected misuse of the platform.

3. Who Can See Your Data

• POS Agents can only see their own transactions, statements, and reconciliation status.
• POS Admins can see all agent data within their assigned scope.
• The Organisation's authorised personnel may access audit logs and reports for compliance purposes.
• Your data is not shared with third parties except where required by law or regulatory obligation.

4. Uploaded Statements

• Statements you upload are stored securely and used only for reconciliation within the platform.
• Uploaded files are scanned for malware before processing. Malicious files are rejected and not stored.
• Parsed statement data becomes part of the audit record and is retained alongside your transaction history.

5. Data Security

• All data is encrypted in transit (HTTPS/TLS) and at rest.
• Access is controlled by role — you can only see what your role permits.
• POS terminal sync is authenticated via a unique API key per terminal.
• The Organisation applies industry-standard security practices to protect your data.

6. Data Retention

• Transaction, statement, settlement, and audit log data is retained for a minimum of 12 months.
• After the retention period, data may be archived or deleted in accordance with the Organisation's data policy.
• You may request a copy of your own data by contacting your POS Admin or Organisation representative.

7. Your Rights

• You have the right to access the personal data held about you on the platform.
• You may request correction of inaccurate personal data, subject to audit integrity requirements.
• For data removal requests, contact your Organisation. Note that audit logs may be exempt from deletion where required for compliance.

8. Changes to This Policy

This policy may be updated from time to time. You will be notified of material changes. Continued use of the platform means you accept the updated policy.