Privacy Policy

Effective Date: March 24, 2026  |  Last Updated: March 24, 2026

1. Who We Are

Flip POS ("Flip POS," "we," "our," or "us") provides a restaurant management application built for the Shopify platform. Our application enables restaurant merchants to manage tables, staff, menus, orders, and kitchen operations directly within the Shopify Point of Sale (POS) system.

For questions about this Privacy Policy, contact us at support@flip-pos.com.

2. Scope of This Policy

This Privacy Policy applies to:

• Merchants who install and use the Flip POS Shopify application
• Visitors to our website at www.flip-pos.com
• End customers of merchants who use Flip POS (as described in Section 4)

By installing the Flip POS application or using our website, you agree to the collection and use of data as described in this policy.

3. Data We Collect from Merchants

When a merchant installs Flip POS through the Shopify App Store, we collect and store the following information:

Account and Authentication Data

• Shopify store domain (e.g., yourstore.myshopify.com)
• Shopify access tokens required to make API calls on behalf of the merchant
• Shopify account owner name and email (provided by Shopify at installation)

Application Configuration Data

• Restaurant settings (table service preferences, currency, language, tax rates)
• Service area and table configurations
• Menu items, categories, and modifier groups
• Staff profiles (name, role, PIN) — not linked to Shopify staff accounts
• Printer and Kitchen Display System (KDS) connection settings
• Subscription and billing status

Operational Data

• Order records created through the Flip POS application
• Kitchen logs and order event history
• Table status history

4. Merchant Customer Data

With the merchant's authorization (granted through Shopify's permission system), Flip POS may access the following protected customer fields from the merchant's Shopify store:

Fields Accessed

• Customer name (first name, last name, display name) — used by restaurant staff to identify and seat customers at tables
• Email address — used to send digital receipts and checks directly to the customer at the merchant's direction
• Phone number — used by restaurant staff to contact customers regarding their order or reservation, and optionally used to send a one-time SMS notification when a QR-ordered meal is ready for pickup (see Section 17)

How This Data Is Used

• Customer name and contact details are retrieved live from the Shopify API at the time of search — they are not copied to or stored in our database
• If a merchant attaches a customer to a table, the customer's name and Shopify customer ID are stored on that table record for the duration of the dining session
• This association is cleared when the table is marked available
• Email addresses may be temporarily used to dispatch a receipt; we do not retain email addresses in our systems after the transaction

What We Do Not Do With Customer Data

• We do not sell or rent customer personal data to any third party
• We do not use customer personal data for marketing or advertising purposes
• We do not build profiles of individual customers
• We do not share customer data with any party other than as required to operate the application (e.g., sending an email through our transactional email provider)
• We do not transfer customer data outside of the context of the merchant's own Shopify store

5. Usage and Technical Data

We collect limited technical data to operate and improve the application:

• Server logs (IP addresses, request paths, timestamps) — retained for up to 30 days
• Application error logs — retained for up to 30 days
• Aggregated, anonymized usage metrics (feature adoption, performance)
• Website analytics via Google Analytics (see Section 16)

6. How We Use Data

We use the data we collect to:

• Provide the service — operate, maintain, and improve the Flip POS application
• Fulfill orders — process table assignments, kitchen tickets, and payment events
• Send communications — transactional emails such as digital receipts at a merchant's direction, and one-time SMS order-ready notifications when a customer has voluntarily provided their phone number through the QR ordering flow
• Customer support — diagnose issues and respond to support requests
• Billing — manage subscription status and usage-based charges through Shopify's billing system
• Legal compliance — meet our obligations under applicable laws and Shopify's Partner requirements
• Security — detect, prevent, and investigate fraudulent or unauthorized activity

We do not use personal data for purposes beyond those described above without obtaining additional consent where required by law.

7. Data Sharing and Disclosure

We do not sell personal data. We may share data only in the following limited circumstances:

Service Providers

We engage the following categories of sub-processors who may process data on our behalf:

• Cloud hosting — Fly.io (application hosting and database storage)
• Transactional email — email delivery provider used to send receipts
• SMS messaging — Twilio, Inc. (used to deliver one-time order-ready text notifications to restaurant customers who have opted in through the QR ordering flow)
• Error monitoring — application performance and error tracking services

All service providers are contractually required to process data only as instructed and to maintain appropriate security standards.

Legal Requirements

We may disclose data if required to do so by law, court order, or government authority, or to protect the rights, property, or safety of Flip POS, our merchants, or the public.

Business Transfers

In the event of a merger, acquisition, or sale of assets, personal data may be transferred to the acquiring entity, subject to the same privacy protections described in this policy.

8. Data Retention

Merchant Customer Data

Customer personal data (name, email, phone) fetched from the Shopify API is not persistently stored in our database. It exists only in application memory during an active session or request. The sole exception is a customer's name and Shopify customer ID, which may be stored on a table record during an active dining session and is cleared when the table is reset to available.

Merchant Account Data

Merchant configuration data, menus, staff, orders, and operational records are retained for the duration of the merchant's active subscription plus 90 days following cancellation or uninstallation, after which it is permanently deleted.

Server and Access Logs

Technical server logs are retained for a maximum of 30 days. Customer data access logs (records of when customer data was queried) are retained for 12 months to support security auditing.

Backup Data

Database backups are retained for up to 30 days and then permanently deleted.

9. Data Security

We implement technical and organizational measures to protect data against unauthorized access, loss, or disclosure:

• Encryption in transit — all data transmitted between users, the application, and Shopify is encrypted via TLS 1.2 or higher (HTTPS)
• Encryption at rest — application databases are stored on encrypted volumes provided by our cloud infrastructure provider (Fly.io)
• Encrypted backups — database backups are encrypted at rest during storage and transfer
• Access controls — access to production systems and customer data is restricted to authorized personnel only
• Separated environments — development and production environments are fully separated with no shared databases or credentials
• Access logging — all access to protected customer data through the application is logged with shop, action, and timestamp
• Authentication — the application relies on Shopify's OAuth and token-exchange authentication system; we do not manage merchant passwords

Despite these measures, no system is completely secure. We encourage merchants to use strong passwords and to contact us immediately at support@flip-pos.com if they suspect unauthorized access.

Security Incident Response

In the event of a data breach that affects personal data, we will:

• Contain and assess the incident within 24 hours of discovery
• Notify affected merchants without undue delay and within 72 hours where required by applicable law
• Take remedial action and document the incident and our response
• Report to relevant supervisory authorities where legally required

10. Merchant Data Processing Agreement

This section constitutes the Data Processing Agreement (DPA) between Flip POS (the "Processor") and merchants who use our application (each a "Controller") with respect to personal data of the merchant's customers.

Roles

The merchant is the data controller of their customers' personal data. Flip POS acts as a data processor, processing that data only on the merchant's documented instructions (as expressed through their use of the application).

Our Obligations as Processor

• Process customer personal data only as necessary to provide the Flip POS service and as directed by the merchant through their use of the application
• Not process customer personal data for our own independent purposes
• Implement appropriate technical and organizational security measures as described in Section 9
• Assist the merchant in responding to data subject rights requests to the extent we hold relevant data
• Delete or return merchant customer data upon termination of the service relationship
• Make available information necessary to demonstrate compliance with this agreement
• Not engage sub-processors without appropriate data protection terms in place

Merchant Obligations as Controller

Merchants are responsible for:

• Ensuring they have a lawful basis to share their customers' data with third-party applications like Flip POS
• Maintaining an accurate and up-to-date privacy policy for their own store that discloses the use of third-party apps
• Responding to customer rights requests related to data held in their Shopify store
• Notifying Flip POS if they become aware of any unauthorized use of their application credentials

11. Shopify Protected Customer Data

Flip POS participates in Shopify's Protected Customer Data program. This means we have requested and received authorization from Shopify to access certain protected customer fields (name, email, phone) through the Shopify Admin API.

Purpose of Access

We access protected customer fields for the following specific purposes only:

• Customer name: To allow restaurant staff to search for and identify a customer when seating them at a table, and to display the customer's name on the table management screen for the duration of their dining session
• Email address: To send a digital receipt or check to the customer at the merchant's direction through the Flip POS table management interface
• Phone number: To allow restaurant staff to contact a customer regarding their order or reservation when needed

Minimum Data Principle

We request only the fields necessary to provide the functionality described above. We do not request shipping addresses, billing addresses, or other customer fields that are not required for restaurant table service operations.

GDPR Compliance Webhooks

In compliance with Shopify's requirements, Flip POS supports the following mandatory privacy webhooks:

• customers/data_request — we respond to requests for customer data held in our systems
• customers/redact — we delete customer data from our systems upon request
• shop/redact — we delete all data associated with a merchant's store upon uninstallation

12. Your Rights

Depending on your location and applicable law, you may have the following rights with respect to your personal data:

• Access — request a copy of the personal data we hold about you
• Correction — request that inaccurate data be corrected
• Deletion — request that your personal data be deleted
• Portability — request your data in a structured, machine-readable format
• Objection — object to certain types of processing
• Restriction — request that we restrict processing of your data in certain circumstances

For merchant customers: If you are a customer of a merchant that uses Flip POS, your data is controlled by that merchant. Please contact the merchant's store directly to exercise your rights. We will assist merchants in fulfilling verified requests.

For merchants: Contact us at support@flip-pos.com to exercise your rights with respect to the data we hold about your account.

13. GDPR — EEA and UK Residents

If you are located in the European Economic Area (EEA) or the United Kingdom, the following applies:

Legal Basis for Processing

• Contract performance — processing necessary to provide the Flip POS service to merchants (Article 6(1)(b) GDPR)
• Legitimate interests — processing for security, fraud prevention, and service improvement where our interests are not overridden by your rights (Article 6(1)(f) GDPR)
• Legal obligation — processing required to comply with applicable law (Article 6(1)(c) GDPR)

International Transfers

Our application is hosted in the United States. If you are located in the EEA or UK, your data may be transferred to and processed in the US. We take appropriate safeguards for such transfers, including using service providers that maintain Standard Contractual Clauses or equivalent protections.

Right to Lodge a Complaint

You have the right to lodge a complaint with your local data protection supervisory authority if you believe we have processed your data unlawfully.

14. CCPA — California Residents

If you are a California resident, the California Consumer Privacy Act (CCPA) grants you the following rights:

• Right to Know — the categories and specific pieces of personal information we have collected about you
• Right to Delete — deletion of personal information we have collected, subject to certain exceptions
• Right to Opt-Out of Sale — we do not sell personal information
• Right to Non-Discrimination — we will not discriminate against you for exercising your CCPA rights

To exercise these rights, contact us at support@flip-pos.com.

15. Third-Party Services

Flip POS integrates with or relies upon the following third-party services, each governed by their own privacy policies:

• Shopify — our application operates within the Shopify platform. Shopify's Privacy Policy governs data held within your Shopify account.
• Fly.io — cloud infrastructure provider hosting our application and database
• Twilio, Inc. — SMS delivery provider used to send one-time order-ready text notifications. Phone numbers are transmitted to Twilio solely to deliver the notification and are subject to Twilio's Privacy Policy.
• Google Analytics — website analytics on flip-pos.com (see Section 16)
• Tawk.to — live chat support widget on our website

We are not responsible for the privacy practices of third-party services. We encourage you to review their policies.

16. Cookies

Our marketing website (flip-pos.com) uses cookies for analytics purposes via Google Analytics. These cookies collect anonymized, aggregated data about how visitors interact with our website (pages visited, time on site, referral source).

The Flip POS application itself (embedded within Shopify admin) does not use cookies independently — session management is handled by Shopify's authentication system.

You can opt out of Google Analytics tracking by installing the Google Analytics Opt-out Browser Add-on.

17. SMS Messaging and Text Notifications

Flip POS offers an optional SMS notification feature as part of the QR code ordering flow. This section describes how that feature works and how phone number data is handled.

How Opt-In Works

When a restaurant customer scans a table QR code to place an order, they are presented with an optional phone number field. The form displays the following disclosure before the customer submits:

Providing a phone number is entirely optional. Customers who do not provide a phone number can still place orders normally. No SMS is sent unless a phone number is voluntarily entered.

Message Content and Frequency

If a customer opts in, they will receive exactly one (1) SMS message per order — sent only when their order is marked ready for pickup by restaurant staff. The message identifies the restaurant by name and references the customer's order. No marketing, promotional, or recurring messages are sent.

Opt-Out

Customers can reply STOP to any message to opt out of future notifications. Reply HELP for assistance. Standard carrier message and data rates may apply.

SMS Provider

SMS messages are delivered through Twilio, Inc., a third-party SMS service provider. Phone numbers provided by customers are transmitted to Twilio for the sole purpose of delivering the order-ready notification. Twilio's handling of this data is governed by Twilio's Privacy Policy. We do not authorize Twilio to use customer phone numbers for any other purpose.

Data Retention

Phone numbers collected through the QR ordering flow are stored as part of the order record in our database. Order records are retained for the duration of the merchant's active subscription plus 90 days, consistent with our standard merchant data retention policy (Section 8). Phone numbers are not used for any purpose after the order-ready notification has been sent.

No Sharing for Marketing

Phone numbers collected through this feature are never sold, rented, or shared with any third party for marketing purposes. They are used exclusively to deliver the transactional order-ready notification described above.

18. Children's Privacy

Flip POS is a business-to-business application intended for use by adult merchants. We do not knowingly collect personal data from individuals under the age of 16. If you believe we have inadvertently collected such data, please contact us at support@flip-pos.com and we will delete it promptly.

19. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. When we make material changes, we will:

• Update the "Last Updated" date at the top of this policy
• Notify merchants via the Flip POS application interface or by email if the changes are significant

Your continued use of Flip POS after the effective date of a revised policy constitutes your acceptance of the changes.

20. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

• Email: support@flip-pos.com
• Website: flip-pos.com/contact

We will respond to all legitimate requests within 30 days. For complex requests, we may need up to 90 days and will notify you if an extension is required.