1. Introduction
SuperlinePOS ("the App", "we", "our", or "us") is a Point-of-Sale (POS) business management application designed for retail merchants and their staff. This Privacy Policy explains what information we collect, how we use it, how we protect it, and your rights regarding that information.
By installing or using SuperlinePOS you agree to the practices described in this policy. If you do not agree, please uninstall the App and contact your system administrator.
2. Who This Policy Applies To
- Business owners / administrators who deploy the App for their organisation.
- Cashiers and employees who use the App during business operations.
- End customers whose purchase records may be captured by the business.
3. Data We Collect
We collect only the information necessary to deliver POS functionality:
| Category | Examples | Purpose |
|---|---|---|
| Account & Staff Data | Name, username, phone number, role, PIN, biometric flag | Authentication, access control, audit trail |
| Sales & Transaction Data | Receipt number, items sold, quantities, prices, discounts, tax, totals, timestamp | Sales processing, reporting, receipts |
| Payment Data | Payment method (cash, M-Pesa, bank transfer, credit, cheque), amounts | Till reconciliation, financial reporting |
| Customer Data | Customer name, phone number, outstanding debt/credit balance | Credit sales tracking, customer management |
| Inventory Data | Product names, SKUs, prices, stock levels, inter-branch transfers | Stock management, purchase orders |
| Device & Session Data | Till ID, branch ID, session open/close times, network connectivity status | Multi-branch operations, session audit |
✓ No Location Data ✓ No Camera Access ✓ No Contacts Access ✓ No Microphone Access
The App requests only Internet and Network State Android permissions.
4. Biometric Data
The App supports optional biometric authentication (fingerprint / face unlock). Biometric
processing is handled entirely by the Android operating system via the
local_auth framework. SuperlinePOS does not store, transmit, or have
access to raw biometric data. Only a boolean flag ("biometric enabled") is stored
in the App's local database.
5. How Data Is Stored
-
On-device local storage: Transactional and inventory data are stored locally
using an encrypted SQLite database (Drift/SQLCipher). Sensitive credentials are stored
using
flutter_secure_storage, which leverages the Android Keystore. - Remote / cloud storage: Data is synchronised with your business's back-end server over HTTPS. The security of server-side data is governed by the agreement between your organisation and the server operator.
- No third-party analytics or advertising SDKs are included in the App.
6. Data Retention
Transaction and operational data are retained for as long as needed to support your business operations and comply with applicable accounting or tax regulations (typically 5–7 years). User accounts are deleted upon request by an administrator. You may contact us to request deletion of specific data records.
7. Security Measures
- All network communication uses HTTPS / TLS encryption.
- Sensitive credentials (tokens, PINs) are stored in the Android Keystore via
flutter_secure_storage. - Local database is encrypted with SQLCipher.
- Session management includes forced logout and token expiry controlled by the server.
- Role-based access control restricts data access to authorised personnel only.
- Biometric authentication provides an additional layer of device-level security.
While we implement industry-standard safeguards, no method of transmission or storage is 100% secure. We encourage organisations to follow best practices such as strong passwords and regular account audits.
8. Children's Privacy
SuperlinePOS is a business tool intended for adults (18+). We do not knowingly collect personal data from children under 13. If you believe a child's data has been collected, please contact us immediately.
9. Your Rights
Depending on applicable law, you may have the right to:
- Access personal data we hold about you.
- Correct inaccurate data.
- Delete your account and associated data.
- Restrict or object to certain processing activities.
- Data portability – receive your data in a structured, machine-readable format.
To exercise any of these rights, contact your system administrator or reach out to us directly.
10. Changes to This Policy
We may update this Privacy Policy from time to time. The updated version will be made available within the App and on the Play Store listing. Your continued use of the App after changes take effect constitutes acceptance of the revised policy.
11. Contact Us
If you have questions or concerns about this Privacy Policy, please contact:
- App: SuperlinePOS
- Email: support@superlinepos.com
- Website: www.superlinepos.com