Syspos Technology LLC (“Syspos”, “we”,“our”, “us”) operates the Syspos point-of-sale applications, cloud dashboards,APIs, embedded payment solutions, and related platforms (collectively, the“Services”).

This Privacy Policy explains how wecollect, use, process, disclose, store, and protect your information when youaccess or use our Services.

By using Syspos, you acknowledge that youhave read and understood this Privacy Policy. If you do not agree with itsterms, you should discontinue use of the Services.

1. Scope & Roles

Depending on the context, Syspos may actas:

●     Data Controller — when we determine the purposes and means of processing (e.g.,merchant accounts, marketing, website visitors).

●     Data Processor — when we process transaction or customer data on behalf of merchantsusing Syspos.

Where Syspos acts as a Data Processor,the merchant remains the Data Controller and is responsible for compliance withapplicable data protection laws.

2. Information We Collect

We collect information necessary toprovide secure, reliable, and compliant Services.

2.1 Personal Information

When registering, subscribing, orinteracting with our Services, we may collect:

●     Full name

●     Email address

●     Phone number

●     Business name

●     Trade license details

●     VAT or tax registration number

●     Business address

●     Billing details

●     Account credentials (username,password, authentication tokens)

●     Support communications

Passwords are encrypted and never storedin plain text.

2.2 Transactional Information

We collect transactional and financialrecords processed through the Syspos platform, including:

●     Sales data

●     Invoice records

●     Purchase records

●     Refund records

●     Receipt data

●     Payment status

●     Settlement references

●     Audit logs

If using integrated payment solutions(e.g., Syspos Pay), we may process:

●     Transaction ID

●     Authorization codes

●     Masked card numbers (last 4 digitsonly)

●     Device/terminal ID

We do not store full card numbers, CVVcodes, or PIN data. Payment processing is conducted via PCI-DSS compliantpartners.

2.3 Device and Usage Information

We automatically collect certaintechnical information, including:

●     Device model and type

●     Operating system version

●     IP address

●     Browser type

●     POS terminal identifier

●     Log-in timestamps

●     System error logs

●     API request logs

●     Performance metrics

This information helps us ensure systemstability, fraud prevention, and operational monitoring.

2.4 Location Data (If Enabled)

Where permitted and enabled, we maycollect approximate geolocation data to:

●     Enhance device security

●     Prevent fraud

●     Support business analytics

●     Monitor multi-location activity

Location data is not used for advertisingpurposes.

2.5 Camera, Photos, and Files

Access to camera, photos, and filestorage is used strictly for operational purposes such as:

●     Uploading product images

●     Scanning QR codes

●     Attaching receipts

●     Managing digital menus

Media files remain within the merchant’ssystem environment and are not shared externally unless explicitly integratedby the merchant.

2.6 Website & Marketing Data

If you visit our website, we may collect:

●     Cookies

●     Analytics data

●     Referral source

●     Form submissions

●     CRM interaction data

This data is used to improve userexperience and marketing performance.

3. Legal Basis for Processing

We process data based on:

●     Contractual necessity

●     Legal obligations (including taxand financial regulations)

●     Legitimate business interests

●     Consent (for marketing andcookies)

For users in the UAE, processing alignswith Federal Decree-Law No. 45 of 2021 (PDPL).
For EU residents, processing aligns with GDPR requirements.

4. How We Use Your Information

We use collected data to:

●     Provide, operate, and maintain ourServices

●     Authenticate users and manageaccounts

●     Process transactions securely

●     Provide reporting and analytics

●     Deliver AI-driven businessinsights

●     Prevent fraud and misuse

●     Provide technical and customersupport

●     Improve system performance andfeature development

●     Ensure compliance with legal andregulatory requirements

●     Communicate updates and servicenotifications

We do not use merchant transaction datato compete with or commercially exploit merchant businesses.

5. Data Sharing and Disclosure

We may share information in the followingcircumstances:

5.1 With Service Providers

We engage trusted third-party vendorsfor:

●     Cloud hosting infrastructure

●     Payment processing

●     SMS/email delivery

●     Customer support systems

●     Fraud detection tools

●     Analytics platforms

All providers are contractually bound toconfidentiality and data protection obligations.

5.2 For Legal Compliance

We may disclose information when requiredto:

●     Comply with laws or regulations

●     Respond to lawful governmentrequests

●     Protect our legal rights

●     Prevent fraud or security threats

5.3 Business Transfers

In the event of a merger, acquisition,restructuring, or asset sale, information may be transferred as part of thetransaction under appropriate safeguards.

We do not sell, rent, or tradepersonal data to third parties.

6. Data Retention

We retain personal data only for as longas necessary to:

●     Provide Services

●     Fulfill contractual obligations

●     Comply with financial and tax laws

●     Resolve disputes

●     Enforce agreements

Transactional data may be retained inaccordance with regulatory requirements (e.g., tax retention laws).

Upon account termination, certain recordsmay be retained for legal compliance purposes.

7. Data Security

We implement strict technical andorganizational safeguards, including:

●     SSL/TLS encryption in transit

●     Encrypted databases at rest

●     Role-based access controls

●     Multi-factor authentication

●     Infrastructure firewalls

●     Activity audit logs

●     Secure cloud hosting environments

●     Periodic security monitoring

Access to production systems isrestricted to authorized personnel only.

While we use commercially reasonablesecurity measures, no system can be guaranteed 100% secure.

8. Data Breach Response

In the event of a suspected data breach,we will:

●     Investigate promptly

●     Contain and mitigate risks

●     Notify affected parties whererequired

●     Comply with applicable breachnotification laws

9. Your Rights

Depending on your jurisdiction, you mayhave the right to:

●     Access your personal data

●     Request correction of inaccurateinformation

●     Request deletion (subject to legalobligations)

●     Restrict or object to processing

●     Withdraw consent

●     Request data portability

Requests may be submitted to:

📧 info@syspos.ae

We may verify your identity beforefulfilling requests.

10. International Transfers

Your information may be processed in theUnited Arab Emirates or other countries where our service providers operate.

Where cross-border transfers occur, weimplement appropriate safeguards to ensure compliance with applicable dataprotection laws.

11. Children’s Privacy

Our Services are intended for businessusers and are not directed at individuals under 18 years of age. We do notknowingly collect personal data from minors.

12. Updates to This Policy

We may update this Privacy Policyperiodically. Any changes will be reflected by updating the “Last updated”date.

Material changes may be communicated via:

●     Email notification

●     Dashboard alerts

●     Website notice

Continued use of our Services afterupdates constitutes acceptance of the revised Policy.

13. Contact Us

Syspos Technology LLC
UAE – Dubai, Al Quoz 3

📧 info@syspos.ae
🌐 www.syspos.ae