Privacy Policy

Last updated: February 2026

1. What Data We Collect

When you use posflow.io, we collect the following information:

  • Account information: Name, email address, and authentication data provided through Clerk.
  • Shopbox credentials: Your Shopbox API credentials, which are AES-256 encrypted at rest.
  • POS data: Sales transactions, product data, and order information synced from your Shopbox account.
  • Usage data: How you interact with the dashboard, pages visited, and features used.
  • Payment information: Billing details processed securely through Stripe. We do not store card numbers.

2. How We Use Your Data

  • To provide and maintain the posflow.io analytics service.
  • To sync and process your Shopbox sales data for dashboard display.
  • To generate reports, forecasts, and analytical insights.
  • To process payments and manage your subscription.
  • To communicate service updates, security notices, and support responses.

3. Data Storage

Your data is stored on Neon Postgres databases hosted in the European Union. All data is encrypted in transit using TLS and at rest. Shopbox API credentials are additionally encrypted using AES-256 before storage.

4. Third-Party Services

We use the following third-party services:

  • Clerk — Authentication and user management.
  • Stripe — Payment processing and subscription management.
  • Shopbox — POS data source (accessed via your provided credentials).
  • Neon — Database hosting (EU region).

Each third-party service operates under their own privacy policy. We only share the minimum data necessary for each service to function.

5. Data Retention

We retain your data for as long as your account is active. If you cancel your subscription, your data will be deleted within 30 days. You may request immediate deletion at any time by contacting us.

6. Your Rights (GDPR)

Under the General Data Protection Regulation (GDPR), you have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate data.
  • Request deletion of your data.
  • Object to or restrict processing of your data.
  • Request data portability.
  • Withdraw consent at any time where processing is based on consent.

To exercise any of these rights, contact us at the address below.

7. Contact

For privacy-related inquiries, please contact us at: privacy@posflow.io