1. Who We Are

AiPOS AI is a cloud-based Point of Sale SaaS platform operated by Muhammad Ishfaq, Riyadh, Saudi Arabia. Email: m.ishfaq.86pk@gmail.com | Website: www.aiposai.com

2. Data We Collect

Account data: Name, email, password (encrypted), phone number, business name, country.

Business data: Products, sales records, invoices, expenses, supplier details.

Technical data: IP address, browser type, device type, login timestamps.

Payment data: Transaction ID and plan details (full card data is handled by Paddle.com, never stored by us).

3. How We Use Your Data

• To provide and operate the AiPOS AI service
• To send notifications (expiry alerts, shift reports, billing)
• To process subscription payments via Paddle
• To improve the platform and fix bugs
• To comply with legal requirements

4. Data Sharing

We never sell your data to anyone. We only share data with service partners necessary to run the platform:

• Paddle.com — payment processing
• Hostinger — hosting and infrastructure
• SendGrid — email delivery
• WhatsApp Business API — notifications (optional)

5. Data Storage & Security

• All data is encrypted in transit (SSL/HTTPS)
• Passwords are stored as bcrypt hashed values — never readable
• Daily automated backups
• Per-tenant data isolation — your data is never mixed with other businesses
• Hosted on Hostinger servers (EU data centers)

6. Cookies

• Essential cookies: Required for login sessions and security
• Preference cookies: Remember your language and theme settings
• Analytics cookies: Anonymous usage data to improve the platform

7. Your Rights

• Access: Request a copy of all data we hold about you
• Correction: Update any inaccurate information
• Deletion: Request deletion of your account and all data
• Export: Download your business data anytime in CSV/PDF format
• Portability: Receive your data in a standard machine-readable format
• Objection: Object to certain uses of your data

8. Data Retention

• Active accounts: data kept as long as account is active
• Cancelled accounts: data kept for 90 days after cancellation, then permanently deleted
• You can request immediate deletion by contacting privacy@aiposai.com

9. Children's Privacy

AiPOS AI is intended for users 18 years and older. We do not knowingly collect data from minors. If you believe a minor has registered, contact us immediately.

10. GDPR (European Users)

For EU users, we process data based on: contractual necessity (to provide the service), legitimate interests, and explicit consent where required. You have all rights under GDPR including the right to lodge a complaint with your local data protection authority.

11. Saudi Arabia PDPL

For Saudi users, we comply with the Personal Data Protection Law (PDPL). Data is processed lawfully and transparently. You may contact us to exercise your rights under PDPL.

12. Changes to This Policy

We will notify you 14 days before any material changes via email and in-app notification. Continued use after changes means acceptance of the updated policy.

13. Contact

Privacy questions: privacy@aiposai.com
WhatsApp: +966 577 586 143
Address: Riyadh, Saudi Arabia