1. Who We Are
Khaata POS is operated by SAZTech Solutions ("we", "us", "our"), based in Lahore, Pakistan. This policy explains how we collect, use, and protect your information when you use the Khaata POS service ("the Service") at khaata-pos.com.
2. Information We Collect
Account information
When you create a shop, we collect your shop name, your name, a username, password (stored securely hashed — we cannot see it), WhatsApp/mobile number, and optionally your email address. This is the minimum needed to create your account and provide support.
Business data
As you use the Service, you enter business data including products, inventory, sales transactions, customer names and contact details, khata/udhaar records, vendor information, expenses, and purchase orders. This data is stored in your shop's private database partition and is accessible only to your authorized users.
Automatically collected data
We automatically collect basic usage information to keep the Service running smoothly: browser type, device type (mobile/desktop), connection status, and client-side error reports (JavaScript errors, if they occur). We do not use any third-party analytics, tracking pixels, or advertising trackers.
3. How We Use Your Information
We use your information solely to provide and improve the Service. Specifically, your account information is used to authenticate you, send support communications, and process billing. Your business data is used to power the POS features you use daily — sales, inventory, reports, khata, etc. Error reports help us find and fix bugs.
We do not sell your data to third parties, use your data for advertising or marketing to others, share your business data with other Khaata POS users, or mine your transaction data for any purpose beyond providing the Service to you.
4. Data Storage & Security
Your data is stored on servers managed by Supabase, hosted on Amazon Web Services (AWS) infrastructure. All data is encrypted in transit using TLS (HTTPS). Database access is protected by row-level security policies — each shop can only access its own data, enforced at the database level.
Passwords are hashed using industry-standard algorithms and cannot be retrieved in plain text, even by us. Session tokens are used for authentication and expire automatically.
While we implement reasonable security measures, no system is 100% secure. We encourage you to use strong passwords and keep your login credentials confidential.
5. Data Sharing
We do not share your personal or business data with any third party except in these limited circumstances: when required by Pakistani law or a valid legal order, to protect the safety of our users or the public, or with service providers who help us operate the Service (currently only Supabase for database hosting and Google Fonts for typography), who are bound by their own privacy commitments.
6. Data Retention
Your data is retained for as long as your account is active. If you close your account, we will assist you with exporting your data. After account closure, your data will be retained for 30 days (in case you change your mind), then permanently deleted from our systems and backups within 90 days.
If your paid subscription expires and is not renewed, your data is preserved for 60 days in a suspended state. You can reactivate at any time during this period. After 60 days, we may delete the data.
7. Your Rights
You have the right to access all data stored in your account (visible through the app's reports and export features), export your data at any time using the CSV export functions, request correction of inaccurate account information, request deletion of your account and all associated data, and know what data we hold about you.
To exercise any of these rights, contact us via WhatsApp at 0303-676-3300 or submit a support ticket from within the app.
8. Cookies & Local Storage
Khaata POS does not use cookies. We use your browser's local storage to keep you signed in between visits (session token), remember your display preferences (dark mode, language), and temporarily hold your active cart so it survives page refreshes.
This data stays on your device and is not sent to any third party. You can clear it at any time using the Hard Reload button in the app or by clearing your browser data.
9. Children's Privacy
The Service is designed for business use and is not intended for children under 18. We do not knowingly collect information from anyone under 18. If you believe a child has created an account, please contact us and we will delete it.
10. Changes to This Policy
We may update this Privacy Policy from time to time. If we make material changes, we will notify you via an in-app announcement at least 14 days before the changes take effect. The "Last updated" date at the top of this page indicates when the policy was last revised.
11. Contact Us
If you have any questions or concerns about this Privacy Policy or how your data is handled, please reach out:
WhatsApp: 0303-676-3300
In-app: Settings → Support → Create ticket
Website: khaata-pos.com