Privacy Policy

Your privacy is important to us. Learn how we collect, use, and protect your data.

Last Updated: March 17, 2026

Table of Contents

POS Pro ("we," "us," or "our") is operated by a company registered in the Kingdom of Saudi Arabia. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our web platform (the "Platform"), desktop application (the "Desktop App"), and related services (collectively, the "Services"). By accessing or using our Services, you consent to the practices described in this Privacy Policy.

1 Information We Collect

1.1 Account Information

When you register for an account, we collect:

  • Full name
  • Email address
  • Phone number
  • Company name
  • City
  • Commercial Registration (CR) number
  • VAT registration number

1.2 Device Information

When you activate a license on a device, we collect:

  • Machine fingerprint (a unique hardware identifier generated from your device's components)
  • IP address
  • Device hostname
  • Operating system type and version

1.3 Usage Data

We automatically collect certain information about how you interact with our Services:

  • License activation and deactivation events
  • Heartbeat logs (periodic check-ins from the Desktop App to verify license validity)
  • Application version information
  • Feature usage statistics

1.4 Payment Information

Payment processing is handled by third-party payment processors. We do not directly store your full credit card number, bank account details, or other sensitive financial information on our servers. We may retain transaction identifiers, payment amounts, dates, and partial card details (e.g., last four digits) for record-keeping purposes.

1.5 Support Data

When you contact our support team, we collect:

  • Support ticket details and messages
  • File attachments you provide
  • Communication history

1.6 Website Analytics

When you visit our website, we may collect:

  • Browser type and version
  • Pages visited and time spent
  • Referring website or source
  • General geographic location (country/city level)
  • Cookie data (see Section 7)

2 How We Use Your Information

We use the information we collect for the following purposes:

  • License Verification: To validate license keys, bind them to devices via machine fingerprints, and enforce subscription terms.
  • Subscription Management: To process subscriptions, manage billing cycles, send invoices, and handle renewals.
  • Customer Support: To respond to your inquiries, resolve technical issues, and improve service quality.
  • Product Improvement: To analyze usage patterns, identify bugs, and develop new features that better serve our users.
  • Security: To detect and prevent fraud, unauthorized access, and other malicious activities.
  • Legal Compliance: To comply with applicable laws, regulations, and legal processes, including Saudi Arabia's Personal Data Protection Law (PDPL).
  • Communications: To send you important service updates, security alerts, billing notifications, and (with your consent) marketing communications.

3 Data Sharing & Disclosure

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

We may share your information only in the following limited circumstances:

Payment Processors

We share necessary transaction data with our payment processors to facilitate payments, process refunds, and prevent fraud. These processors are contractually obligated to protect your data.

Cloud Hosting Providers

Our Services are hosted on cloud infrastructure providers. These providers may process your data as part of hosting our platform but are bound by strict data processing agreements.

Law Enforcement & Legal Requirements

We may disclose your information when required by law, regulation, legal process, or governmental request, including requests from Saudi Arabian authorities.

Business Transfers

In the event of a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of the transaction. We will notify you via email or prominent notice on our Platform before your data is subject to a different privacy policy.

4 Data Retention

We retain your data for the following periods:

Data Type Retention Period
Account information Duration of active account + 2 years after deletion
Activation & heartbeat logs 3 years from the date of the event
Support tickets & messages 5 years from ticket closure
Payment & billing records 7 years (as required by Saudi tax regulations)
Website analytics 24 months

After the applicable retention period expires, we will securely delete or anonymize your data. We may retain anonymized, aggregated data indefinitely for statistical and analytical purposes.

5 Data Security

We implement industry-standard security measures to protect your data:

Encryption in Transit

All data transmitted between your device and our servers is encrypted using TLS (Transport Layer Security) protocols.

Password Hashing

User passwords are hashed using bcrypt with appropriate cost factors. We never store passwords in plain text.

Access Controls

We enforce strict role-based access controls, ensuring only authorized personnel can access personal data on a need-to-know basis.

Regular Audits

We conduct regular security audits, vulnerability assessments, and penetration testing to identify and address potential threats.

While we strive to protect your personal data, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

6 Your Rights

Under applicable data protection laws, including the Saudi Personal Data Protection Law (PDPL), you have the following rights:

A

Right of Access

You may request a copy of the personal data we hold about you.

B

Right of Correction

You may request correction of inaccurate or incomplete personal data. You can update most account information directly through your dashboard.

C

Right of Deletion

You may request the deletion of your personal data, subject to our retention obligations and legitimate business interests.

D

Right to Data Export

You may request a machine-readable export of your personal data that we have processed.

E

Right to Opt-Out of Marketing

You may opt out of receiving marketing communications at any time by clicking the "unsubscribe" link in our emails or contacting us directly.

To exercise any of these rights, please contact us at privacy@posproapp.com. We will respond to your request within 30 days.

7 Cookies & Tracking Technologies

Our Platform uses cookies and similar technologies to enhance your experience:

Cookie Type Purpose Duration
Session Cookies Authentication and security. Required for the Platform to function properly. Browser session
Preference Cookies Remember your language preference (Arabic/English) and display settings. 1 year
Analytics Cookies Help us understand how visitors use our website to improve the experience. 24 months

You can control and manage cookies through your browser settings. Please note that disabling certain cookies may affect the functionality of our Platform.

8 Children's Privacy

Our Services are not intended for individuals under the age of 18. We do not knowingly collect personal data from children under 18 years of age. If we become aware that we have collected personal data from a child under 18, we will take steps to promptly delete such information. If you believe a child under 18 has provided us with personal data, please contact us at privacy@posproapp.com.

9 Saudi Arabia Compliance (PDPL)

POS Pro is committed to compliance with the Saudi Personal Data Protection Law (PDPL), issued by Royal Decree M/19 dated 9/2/1443H (corresponding to September 16, 2021), and its implementing regulations. We process personal data in accordance with the principles of the PDPL, including lawfulness, transparency, purpose limitation, data minimization, accuracy, and security.

In compliance with the PDPL, we ensure that:

  • Personal data is collected for specific, clear, and legitimate purposes.
  • Data processing is limited to what is necessary for the stated purposes.
  • Personal data is kept accurate and up to date.
  • Appropriate technical and organizational security measures are in place.
  • Data subjects are informed about the collection and processing of their data.
  • Cross-border data transfers, if any, comply with PDPL requirements and are subject to adequate safeguards.

If you believe your data protection rights under the PDPL have been violated, you have the right to file a complaint with the Saudi Data & Artificial Intelligence Authority (SDAIA).

10 Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes, we will:

  • Notify you via the email address associated with your account
  • Post a prominent notice on our Platform
  • Provide at least 30 days' notice before the changes take effect
  • Update the "Last Updated" date at the top of this policy

Your continued use of the Services after the effective date of the updated Privacy Policy constitutes your acceptance of the changes.

11 Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Address: Riyadh, Kingdom of Saudi Arabia

Start Your Free 7-Day Trial Today

Experience the full power of POS Pro with no limitations. No credit card required.

Register Now