Privacy Policy
Last updated: June 16, 2026
BiscuitPOS ("we", "us", or "our") operates the BiscuitPOS platform, including the web application and associated digital menu services (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.
1. Information We Collect
1.1 Account & Authentication Data
- Name, email address, and phone number provided during account creation.
- Login credentials and authentication tokens for Super Admin and Viewer accounts.
- Mobile numbers and PINs used for Viewer (POS staff) authentication.
1.2 Business & Restaurant Data
- Restaurant name, menu items, pricing, categories, and table configurations.
- Digital menu themes, QR code settings, and public menu URLs.
1.3 Order & Transaction Data
- Order details, item selections, quantities, and special instructions.
- Order type (dine-in, takeaway, delivery) and table numbers.
- Payment status, amounts paid, payment methods, and billing records.
- Order timestamps and edit history (where applicable).
1.4 Usage & Technical Data
- Device type, browser type, and IP address.
- Access logs and interaction data within the application.
- Error logs and diagnostic data for troubleshooting.
2. How We Use Your Information
We use the information we collect to:
- Provide, operate, and maintain the Service.
- Process and manage orders, payments, and table assignments.
- Authenticate users and enforce role-based access controls (Super Admin, Viewer).
- Generate reports, analytics, and insights for restaurant operations.
- Communicate with you regarding your account, orders, or support requests.
- Improve the Service, fix bugs, and ensure security.
3. How We Share Your Information
We do not sell your personal information. We may share data in the following circumstances:
- With Your Restaurant / Business: Super Admins within your organization can access all data related to your restaurant account.
- Service Providers: We use third-party providers (e.g., hosting, payment processing) who are bound by confidentiality obligations.
- Legal Compliance: We may disclose information if required by law, regulation, or legal process.
4. Data Security
We implement industry-standard security measures to protect your data, including:
- Encrypted data transmission (HTTPS/TLS).
- Role-based access controls and PIN-based authentication for Viewer accounts.
- Regular security monitoring and access logging.
However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.
5. Data Retention
We retain your data for as long as your account is active or as necessary to fulfill the purposes outlined in this policy. Order and payment records may be retained for accounting and legal compliance purposes even after account closure.
6. Your Rights & Choices
Depending on your jurisdiction, you may have rights to:
- Access, update, or correct your personal information.
- Request deletion of your data (subject to legal and operational retention requirements).
- Object to or restrict certain processing activities.
To exercise these rights, contact us at support@biscuitpos.com.
7. Children's Privacy
Our Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us.
8. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the new policy within the application or by other means. Your continued use of the Service after changes constitutes acceptance of the updated policy.
9. Contact Us
If you have questions or concerns about this Privacy Policy or our data practices, please contact us at:
- Email: support@biscuitpos.com
- Address: Think Forge Global, thinkforgeglobal.com