Privacy Policy - SMART-TiLL

1. Introduction

SMART-TiLL ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our point of sale system and related services, including our web application and mobile applications for Android and iOS.

This Privacy Policy applies to all users of SMART-TiLL, whether you access the Service through our web platform or mobile applications. Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the service.

2. Information We Collect

2.1 Personal Information

We collect information that you provide directly to us, including:

Name and contact information (email address, phone number)
Business information (business name, address, tax ID)
Payment information (processed securely through third-party payment processors)
User account credentials

2.2 Business Data

When you use SMART-TiLL, we collect and store:

Sales transactions and receipts
Inventory and product information
Customer information you enter into the system
Supplier information
Employee/user information

2.3 Cash Management Data

Our Service includes cash management features that track:

Cash in hand balances for authorized users
Cash collection transactions and records
Cash transaction history and audit trails
User-specific cash balances and movements

2.4 Automatically Collected Information

We automatically collect certain information when you use our Service:

Log and usage data (IP address, browser type, pages visited)
Device information (device type, operating system, device identifiers)
Cookies and similar tracking technologies (web platform)
Authentication tokens stored securely on your device (mobile applications)
Network information and connection quality

2.5 Mobile App Specific Information

When you use our mobile applications (Android and iOS), we may collect:

Device information (device model, operating system version, unique device identifiers)
App usage statistics and crash reports
Authentication tokens stored securely using platform-specific secure storage
Local preferences and settings stored on your device
Network connectivity information required for API communication

3. How We Use Your Information

We use the information we collect to:

Provide, maintain, and improve our Service
Process transactions and send related information
Send you technical notices and support messages
Respond to your comments and questions
Monitor and analyze trends, usage, and activities
Detect, prevent, and address technical issues and security threats
Comply with legal obligations (including FBR integration in Pakistan)

4. Data Sharing and Disclosure

4.1 Third-Party Service Providers

We may share your information with third-party service providers who perform services on our behalf, such as:

Cloud hosting services
Payment processing
Analytics services
Email delivery services
Mobile app stores (Google Play, Apple App Store) for distribution and updates

Third-Party Technologies Used: Our Service uses the following third-party technologies:

Web Platform: Laravel Framework, Filament Admin Panel, Laravel Sanctum (authentication), Laravel Horizon (queue management), Laravel Telescope (debugging)
Mobile Applications: Flutter Framework, Dio (HTTP client), Flutter Secure Storage (secure token storage), Shared Preferences (local settings)
Infrastructure: Cloud hosting providers, database services, content delivery networks

These third-party services may collect or process your information in accordance with their own privacy policies. We recommend reviewing their privacy policies to understand how they handle your data.

4.2 Government Authorities

For users in Pakistan, sales data may be shared with the Federal Board of Revenue (FBR) as part of our FBR integration feature to comply with local tax regulations.

4.3 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities.

5. Data Security

We implement appropriate technical and organizational measures to protect your personal information, including:

Encryption of data in transit and at rest
Regular security assessments
Access controls and authentication
Regular backups

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee its absolute security.

6. Data Retention

We retain your information for as long as your account is active or as needed to provide you services. We will also retain and use your information as necessary to:

Comply with legal obligations
Resolve disputes
Enforce our agreements

Upon account termination, we will provide you with an export of your data and delete your information within 90 days, unless retention is required by law.

7. Your Rights

You have the right to:

Access your personal information
Correct inaccurate or incomplete information
Request deletion of your personal information
Object to processing of your personal information
Request data portability
Withdraw consent where processing is based on consent

To exercise these rights, please contact us using the contact information provided below.

8. Cookies and Tracking Technologies

Web Platform: We use cookies and similar tracking technologies on our web platform to:

Remember your preferences and settings
Keep you signed in
Understand how you use our Service
Improve our Service

You can control cookies through your browser settings. However, disabling cookies may limit your ability to use certain features of our Service.

Mobile Applications: Our mobile applications use:

Secure storage on your device for authentication tokens (using platform-specific secure storage)
Local preferences storage for app settings
No cookies are used in mobile applications

9. Children's Privacy

Our Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18. If you become aware that a child has provided us with personal information, please contact us.

10. International Data Transfers

Your information may be transferred to and maintained on servers located outside of your country. By using our Service, you consent to the transfer of information to countries outside of your country of residence.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

Posting the new Privacy Policy on this page
Updating the "Last updated" date
Sending you an email notification for material changes

Your continued use of the Service after changes become effective constitutes your acceptance of the new Privacy Policy.

12. Mobile Application Permissions

Our mobile applications request the following permissions:

Internet Access: Required for communicating with our servers and accessing your account data
Secure Storage: Used to securely store authentication tokens on your device (handled automatically by the operating system)

Our mobile applications do not access your contacts, location, camera, microphone, or other sensitive device features without your explicit permission. If we add features in the future that require additional permissions, we will notify you and request your consent.

13. Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact us through the contact information provided on our website or via email at the contact address listed on our website.

For privacy-related requests (access, deletion, correction of your data), please contact us using the information provided on our website and we will respond to your request within a reasonable timeframe as required by applicable law.