Privacy Policy

1. Information We Collect

We collect information you provide directly to us when you create an account, including your name, email address, business name, and payment information processed securely through Stripe.

For receipt delivery, we process transaction data from your connected POS system including item names, prices, and payment methods. We do NOT collect personal information from your customers who view receipts.

2. How We Use Information

• To provide, maintain, and improve our services
• To process transactions and send related information
• To send technical notices, security alerts, and support messages
• To respond to your comments, questions, and customer service requests

3. Customer Receipt Viewing

When customers tap an NFC tag or scan a QR code, they receive a temporary, one-time-use token that displays their receipt. We do not:

• Track customer identities
• Store customer device information
• Use cookies on receipt pages
• Require any personal information to view a receipt

4. Data Security

We implement industry-standard security measures including:

• AES-256-GCM encryption for stored OAuth tokens
• JWT-based authentication with short-lived access tokens
• HTTPS encryption for all data in transit
• POS webhook signature verification
• Time-limited receipt tokens (24-hour expiry)

5. Data Retention

We retain receipt data for 90 days after creation. Receipt access tokens expire after 24 hours. You may request deletion of your account and associated data at any time.

6. Third-Party Services

We integrate with the following third-party services:

• Stripe — Payment processing
• Square, Lightspeed, Clover — POS integrations (OAuth)

Each third-party service has its own privacy policy governing the information they collect.

7. Contact Us

If you have questions about this Privacy Policy, please contact us at [email protected]