Privacy Policy

Last updated: March 2026

1. Information We Collect

When you register for POS Ally, we collect your name, email address, business name, and billing information. When you use the platform, we collect usage data including transactions, inventory changes, and staff activity logs necessary to provide the service.

2. How We Use Your Information

We use your information to provide, maintain, and improve the POS Ally platform; process transactions and billing through Stripe; send service-related communications; and ensure security and prevent fraud.

3. Data Isolation

POS Ally operates a multi-tenant architecture with strict data isolation. Each business tenant's data is segregated at the database level using row-level security policies. No tenant can access another tenant's data.

4. Third-Party Services

We use the following third-party services to operate POS Ally: Supabase (database and authentication), Stripe (payment processing), and Resend (transactional email). Each provider has their own privacy policy governing data they process on our behalf.

5. Data Retention

We retain your data for as long as your account is active. Upon account cancellation, we retain data for 30 days to allow for reactivation, after which it is permanently deleted.

6. Security

We implement industry-standard security measures including encrypted data in transit (TLS), role-based access control, and regular security audits. Our architecture is designed to meet SOC 2 compliance requirements.

7. Your Rights

You have the right to access, correct, or delete your personal data. You may also request a copy of your data or restrict its processing. Contact us at privacy@posally.com to exercise these rights.

8. Contact

For privacy-related inquiries, contact us at privacy@posally.com.