Effective Date: 05 August 2024
Retail IT (PVT) LTD ("we," "us," or "our") operates the EasyPos web-based and Android point-of-sale (POS) system. This Privacy Policy outlines how we collect, utilize, disclose, and safeguard your information when you leverage our service. By employing EasyPos, you signify your agreement to the collection and use of information in accordance with this policy.
We collect information solely for the effective operation and legal compliance of our POS system. This information can be categorized as follows:
Personally Identifiable Information (PII): This encompasses names, email addresses, phone numbers, and any other details that can be used to identify an individual. We collect this information during user registration and may request it for specific functionalities within the POS system.
Payment Information: We utilize a secure third-party payment processor to manage all credit card transactions. We do not store full credit card details on our servers. The payment processor may collect billing addresses and other information necessary to process payments. Please refer to the payment processor's privacy policy for details on how they handle your information.
Business Information: This includes details pertaining to your business operations, such as store locations, inventory data, and customer information collected during transactions (with your explicit consent). You have control over the level of detail stored within the EasyPos system.
Technical Information: We collect IP addresses, browser types, device information, and usage data through cookies and similar technologies. This information assists us in comprehending how users interact with our service and in enhancing its functionality.
We gather information through various methods, including:
User Registration: Information provided when you create an account for our service.
Transaction Processing: Information collected during the utilization of our POS system, such as product details and customer information (with your consent).
Cookies and Tracking Technologies: We utilize cookies to enhance your experience, track user activity, and collect usage data. You can manage your cookie preferences through your browser settings.
We utilize the information we collect for several legitimate business purposes:
Service Delivery: To provide, operate, maintain, and improve our POS systems.
Customer Management: To create and manage customer databases (with your consent) and provide support services.
Communication: To send you updates, support messages, and notifications related to our services and legal requirements.
Marketing and Analytics: We may leverage anonymized and aggregated data to analyze usage trends and improve our services. You can opt-out of receiving marketing communications at any time.
Compliance: To comply with legal obligations, including tax regulations and data protection laws.
We do not sell, trade, or otherwise transfer your personal information to third parties without your consent. We may share information with trusted third-party service providers who assist us in operating our service, provided they adhere to the following:
Maintaining the confidentiality of your information.
Utilizing your information only for the purposes we specify, which are aligned with this Privacy Policy.
Complying with applicable data protection and privacy laws.
We may also disclose your information if required by law or to protect the rights and safety of ourselves, our users, or others.
You have several rights concerning your personal information:
Access: You can request access to the personal information we hold about you.
Rectification: You can request that we correct or update any inaccurate or incomplete information.
Erasure: You can request the deletion of your personal information, subject to certain legal and operational limitations (e.g., transaction records for tax purposes).
Restriction of Processing: You can request that we restrict the processing of your personal information.
Data Portability: You have the right to receive your personal information in a structured, commonly used, and machine-readable format and to transmit it to another controller.
To exercise these rights, please contact our Data Protection Officer at [email address removed].
We prioritize the security of your personal information and implement various measures to protect it, including:
Encryption: We employ industry-standard encryption to safeguard sensitive information during transmission and storage.
Access Controls: We restrict access to personal information to authorized personnel only who have undergone security training.
Regular Audits: We conduct regular security audits and assessments to identify and mitigate potential risks.
We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.
We adhere to the applicable data protection and privacy laws of Sri Lanka, including the Data Protection Act No. 35 of 2011 and any subsequent amendments. We are committed to safeguarding your personal information and ensuring compliance with all relevant regulations.
In the event of a data breach, we have robust incident response procedures in place to promptly investigate, contain, and mitigate any potential harm to individuals. We will notify affected individuals and relevant authorities as required by law.
Our services are not directed at children under the age of 16. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child, we will take steps to delete it promptly.
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or technological advancements. We will notify you of any significant changes by prominently posting the new policy on our website and updating the effective date.
If you have any questions or concerns about this Privacy Policy or our data practices, please contact Us using below details.