A
AmariPOS

Privacy Policy

Last updated: March 21, 2026

Amari POS ("we," "us," or "our") is committed to protecting the privacy of our users. This Privacy Policy explains how we collect, use, store, share, and protect your personal information when you use our point-of-sale platform, including our web application, mobile applications, and related services (collectively, the "Service").

This policy is designed in compliance with the Data Privacy Act of 2012 (Republic Act No. 10173) of the Republic of the Philippines and the rules and regulations issued by the National Privacy Commission (NPC).

1. Information We Collect

1.1 Information You Provide

When you register for and use the Service, we collect information that you directly provide, including:

  • Account Information: Name, email address, phone number, business name, business address, and business type.
  • Staff Information: Names, roles, and PIN codes for staff accounts you create within the Service.
  • Business Data: Product catalog, menu items, inventory records, pricing, and supplier information.
  • Transaction Data: Sales records, order details, payment methods used, discounts applied, and refund records.
  • Customer Data: If you use customer management features, you may store your customers' names, contact information, and purchase history.
  • Payment Information: Billing details for your subscription. Payment card details are processed by our third-party payment processor and are not stored on our servers.

1.2 Information Collected Automatically

When you use the Service, we automatically collect certain technical information:

  • Device Information: Device type, operating system, browser type, and screen resolution.
  • Log Data: IP address, access times, pages viewed, and actions taken within the Service.
  • Usage Data: Feature usage patterns, session duration, and interaction data to help us improve the Service.
  • Cookies: We use cookies and similar technologies for authentication, preferences, and analytics. See Section 9 for details.

2. Legal Basis for Processing

Under the Data Privacy Act of 2012, we process your personal information based on the following lawful criteria:

  • Consent: You provide consent when you create an account and agree to this Privacy Policy.
  • Contractual Necessity: Processing is necessary to provide the Service under our Terms of Service.
  • Legitimate Interest: Processing is necessary for our legitimate business interests, such as improving the Service, preventing fraud, and ensuring security.
  • Legal Obligation: Processing is necessary to comply with applicable laws and regulations, including tax and financial reporting requirements.

3. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain the Service.
  • Process your transactions and manage your subscription and billing.
  • Generate reports, analytics, and business insights for your dashboard.
  • Communicate with you about your account, updates, and support inquiries.
  • Send you product announcements and feature updates (you may opt out at any time).
  • Detect, prevent, and address fraud, abuse, and technical issues.
  • Improve and develop new features based on aggregated usage patterns.
  • Comply with legal obligations and enforce our Terms of Service.

4. How We Share Your Information

We do not sell your personal information. We may share your information only in the following circumstances:

  • Service Providers: We share data with trusted third-party providers who assist us in operating the Service, such as cloud hosting, payment processing, email delivery, and analytics. These providers are contractually bound to protect your data and may only use it for the purposes we specify.
  • Legal Requirements: We may disclose your information if required by law, court order, subpoena, or a lawful request by a government authority, including to comply with the Data Privacy Act of 2012 or orders from the National Privacy Commission.
  • Business Transfers: If Amari POS is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.
  • With Your Consent: We may share your information for other purposes when you provide explicit consent.

5. Data Storage and Security

5.1 Storage

Your data is stored on secure cloud infrastructure. Data may be processed or stored in servers located outside the Philippines. In such cases, we ensure that adequate safeguards are in place as required by the Data Privacy Act of 2012 and NPC guidelines for cross-border data transfers.

5.2 Security Measures

We implement appropriate technical and organizational measures to protect your personal information, including:

  • Encryption of data in transit using TLS/HTTPS.
  • Encryption of sensitive data at rest.
  • Access controls and role-based permissions.
  • Regular security assessments and monitoring.
  • Secure authentication mechanisms for account access.

While we take reasonable steps to protect your data, no method of transmission or storage is completely secure. We cannot guarantee absolute security.

6. Your Rights Under the Data Privacy Act

As a data subject under the Data Privacy Act of 2012, you have the following rights:

  • Right to Be Informed: You have the right to be informed about how your personal information is being collected and processed.
  • Right to Access: You may request a copy of the personal information we hold about you.
  • Right to Correction: You may request that we correct any inaccurate or incomplete personal information.
  • Right to Erasure or Blocking: You may request the deletion or blocking of your personal information under certain conditions, such as when it is no longer necessary for the purposes for which it was collected.
  • Right to Data Portability: You may request your personal data in a structured, commonly used, and machine-readable format.
  • Right to Object: You may object to the processing of your personal information, including processing for direct marketing purposes.
  • Right to Damages: You may claim compensation if you have suffered damages due to inaccurate, incomplete, outdated, false, unlawfully obtained, or unauthorized use of your personal information.
  • Right to File a Complaint: You may file a complaint with the National Privacy Commission if you believe your data privacy rights have been violated.

To exercise any of these rights, please contact us at privacy@amaripos.com. We will respond to your request within 30 days.

7. Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Service. After account termination:

  • Your Merchant Data will be available for export for 30 days, after which it will be permanently deleted.
  • We may retain certain information as required by law (such as tax and financial records) or for legitimate business purposes (such as fraud prevention and dispute resolution).
  • Anonymized and aggregated data that does not identify you may be retained indefinitely for analytics and product improvement.

8. Merchant Responsibilities

As a Merchant using Amari POS, you act as a personal information controller for the customer data you collect through the Service. You are responsible for:

  • Ensuring that your collection and use of customer data complies with the Data Privacy Act of 2012 and other applicable laws.
  • Obtaining any necessary consent from your customers before collecting their personal information.
  • Providing your customers with notice about how their data is collected and used.
  • Responding to data subject requests from your customers regarding data you have collected.

9. Cookies and Tracking Technologies

We use cookies and similar technologies to operate and improve the Service:

  • Essential Cookies: Required for authentication, security, and core functionality. These cannot be disabled.
  • Analytics Cookies: Help us understand how users interact with the Service so we can improve it. You may opt out of analytics cookies.
  • Preference Cookies: Remember your settings and display preferences.

You can manage cookie preferences through your browser settings. Disabling certain cookies may affect the functionality of the Service.

10. Children's Privacy

The Service is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child, we will take steps to delete that information promptly. In accordance with the Data Privacy Act of 2012, processing of personal information of minors requires the consent of a parent or guardian.

11. Cross-Border Data Transfers

Your information may be transferred to and processed in countries outside the Philippines where our cloud infrastructure or service providers are located. We will ensure that any such transfers comply with the requirements of the Data Privacy Act of 2012, including ensuring that the receiving country provides an adequate level of data protection or that appropriate contractual safeguards are in place.

12. Breach Notification

In the event of a personal data breach that is likely to result in serious harm to affected data subjects, we will:

  • Notify the National Privacy Commission within 72 hours of becoming aware of the breach, as required by NPC Circular 16-03.
  • Notify affected data subjects within a reasonable period if the breach involves sensitive personal information or is likely to cause them harm.
  • Take immediate steps to contain the breach and mitigate its effects.

13. Third-Party Services

The Service may contain links to or integrations with third-party services (payment gateways, delivery platforms, etc.). This Privacy Policy does not apply to those third-party services. We encourage you to review the privacy policies of any third-party services you connect to through Amari POS.

14. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or the Service. We will notify you of material changes by email or through a prominent notice on the Service at least 15 days before the changes take effect. Your continued use of the Service after the effective date constitutes acceptance of the updated policy.

15. Data Protection Officer

In compliance with the Data Privacy Act of 2012, we have designated a Data Protection Officer (DPO) who is responsible for overseeing our data protection practices and ensuring compliance. You may contact our DPO for any data privacy concerns:

  • Email: privacy@amaripos.com

16. Filing a Complaint

If you believe that your data privacy rights have been violated, you have the right to file a complaint with the:

  • National Privacy Commission
  • 3rd Floor, Core G, PICC Complex, Pasay City 1307
  • Philippines
  • Website: privacy.gov.ph

17. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

  • Email: privacy@amaripos.com
  • Website: amaripos.com