سياسة الخصوصية

Privacy Policy

Introduction

We respect your privacy and are committed to protecting your personal and business information. This Privacy Policy explains what information we collect, how we use it, and why we need it when you use the Yalla Business POS application.

By using the Yalla Business POS application, you consent to the collection and use of your information as outlined in this Privacy Policy.

Information We Collect

1. Account Information

When creating an account in our application, we collect the following information:

• Full name
• Phone number (required)
• Email address (optional)
• Password (encrypted)
• Tenant information: includes the automatically generated tenant code
• Third-party login information (such as Google): when logging in using a Google account, we collect the data you consent to share from your account, which typically includes: name, email address, and profile picture. We do not collect or store your Google account password.

2. Business Information

We collect information related to your business including:

• Customer information (names, phone numbers, addresses, payment information)
• Supplier information (when using the purchase feature)
• Product information (names, codes, prices, categories, images)
• Invoice and transaction information (sales and purchases)
• Inventory and financial reports

Note: The "address" in the context of customer and supplier information refers to the physical address field (such as business address or delivery address) and not precise geographic location or location tracking information.

3. Login and Device Information

We collect the following information to ensure your account security:

• Device information (for security purposes)
• Login information (login time, failed login attempts)
• Fingerprint information (when biometric login is enabled)

4. Security Information

We use the following information to ensure system security:

• Cross-site request forgery protection (CSRF tokens)
• Limited information to prevent rate limiting abuse
• Failed login attempt information

How We Use Information

We use the information we collect for the following purposes:

1. Service Provision

• Enabling you to manage your store and business operations
• Processing sales and purchase transactions
• Managing inventory and customers
• Generating reports and analytics

2. Security and Authentication

• Verifying your identity upon login
• Protecting your account from unauthorized access
• Preventing repeated login attempts
• Enabling biometric login (when activated)

3. Service Improvement

• Analyzing app usage to improve performance
• Fixing bugs and improving user interface
• Customizing user experience

Information Sharing

We are committed to not selling, renting, or exchanging your personal information with any third party. We share your information only in the following cases:

• With external service providers who help us operate the application (under strict security commitments)
• When required by law or to enforce our policies
• To protect property rights or personal safety

Data Storage and Security

1. Encryption

• Passwords are encrypted using standard encryption algorithms
• Sensitive data is encrypted during transmission using secure protocols
• Encrypted data is stored on secure servers

2. Physical Security

• Servers are located in secure data centers
• Continuous monitoring of security systems
• Limited access to data systems

3. Digital Security

• Using JWT (Tokens) for secure authentication
• CSRF protection to prevent phishing attacks
• Rate limiting system to prevent abuse

User Rights

You have the following rights regarding your information:

1. Data Access

• The right to know what data we hold about you
• The right to obtain a copy of your information

2. Data Correction

• The right to correct any inaccurate information
• The right to update your information at any time
• You can do this directly through the account settings page within the application.

3. Data Deletion

• The right to delete your account and information (except for data required by law)
• Please note that some data may remain for a period to ensure system integrity
• You can request account deletion by contacting using the contact information provided below.

Data Retention Period

We retain your information as long as your account is active and using the service. After deactivating the account or closing it, we retain your data for a limited period according to applicable laws, then securely delete it.

Changes to Privacy Policy

We reserve the right to modify this Privacy Policy at any time. When making significant changes, we will notify you through the application or via email. Continuing to use the application after changes constitutes acceptance of the updated Privacy Policy.

Children's Privacy

Our services are not directed to individuals under the age of 18. We do not intentionally collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us so we can take necessary actions.

Contact Us

If you have any questions about this Privacy Policy or our practices regarding your data, please contact us:

• Email: info@yaalla.online
• Phone: [+201000499431]

Additional Information

Cookies and Tracking Technologies

Our application uses secure temporary storage technologies to improve user experience and save preferences.

Security

We use standard security technologies to protect your information from unauthorized access, modification, disclosure, or destruction.

Breach Notification

In the event of any security breach affecting your information, we will notify you immediately and take necessary actions to protect your data.

Note: This policy is subject to local laws and data protection requirements applicable in your country.