Privacy Policy
Batch POS, Inc. ("Batch POS", "we", "us") provides a software platform that businesses use to run their businesses. This Privacy Policy explains the personal data we collect, how we use it, who we share it with, how long we keep it, and the rights you have over it. We aim to be plain and specific. Where we act on behalf of a business, the business is the controller and we are the processor; the Data Processing Addendum sets out that relationship in more detail.
1. Data we collect
1.1 Account data
When you create an account we collect your name, email address, and authentication credentials. If you sign in through a third-party identity provider, we receive the identifiers and basic profile information that provider exposes. We collect the business name, slug, timezone, and currency you choose during onboarding.
1.2 Business operational data
As you use the Service we store the operational data your team produces: appointments, services, schedules, pricing, commissions, rent settings, internal notes, and message history. We also store the connections and credentials you authorize between Batch POS and third-party services such as your NMI gateway and PAX terminals. You and Batch POS jointly own this non-personal operational data, as described in Section 5 of the Terms, and each of us may use it independently. This joint ownership does not extend to your customers' personal data (Section 1.3), which we process only as your processor.
1.3 Customer personal data
Your business's customer records (names, phone numbers, email addresses, visit history, preferences, and free-text notes you write about them) are processed by Batch POS on your behalf, as a processor, under our Data Processing Addendum. We may create and use aggregated and de-identified data derived from these records for any lawful purpose (see Section 2). We do not sell your customers' personal data.
1.4 Payment metadata
Batch POS does not store full card numbers or CVCs. When you take a payment through the NMI gateway or a PAX terminal, the processor handles cardholder data and returns metadata such as transaction identifier, amount, currency, brand, last four digits, status, and timestamps. We store that metadata to reconcile orders, build reports, and respond to disputes.
1.5 Technical and usage data
We collect IP address, browser type, operating system, device identifiers, referring URL, request timestamps, and pages viewed. We use cookies and similar technologies for authentication, security, and product analytics. Where required by law we ask for your consent before non-essential cookies are set.
2. How we use data
- To provide and operate the Service, including authentication, multi-tenant access control, scheduling, payments reconciliation, and notifications.
- To send transactional messages (booking confirmations, reminders, password resets, account alerts).
- To detect, investigate, and prevent fraud, abuse, and security incidents.
- To maintain, secure, analyze, and improve the Service, and to develop new products and features.
- To create and use aggregated and de-identified data for any lawful business purpose, including analytics, benchmarking, product development, and training and improving models and algorithms. Aggregated and de-identified data does not identify you or any individual.
- To communicate with you about your account, and — for account holders and the contacts you register with us — to send product, service, and marketing communications, from which you can opt out at any time.
- To share personal data with our affiliates, service providers, and the sub-processors listed below, and to disclose or transfer it in connection with a merger, acquisition, financing, or sale of assets, or as required by law or to respond to lawful requests.
- To comply with legal, tax, accounting, and regulatory obligations.
We do not sell your personal data for money. Personal data you collect about your own customers is processed on your behalf under the Data Processing Addendum; we use it to provide the Service to you and to create aggregated and de-identified data, and we do not sell it.
2.1 Batch Network — optional cross-merchant marketing (US, email only)
If you are a shopper at a business that uses Batch POS in the United States, we may operate an optional "Batch Network" that lets the businesses you visit recognize you and send you marketing email. To recognize you across businesses we use a one-way hashed token derived from your email address — not your raw contact details — and we never share your phone number for cross-business text marketing.
When the Network is active, US businesses on Batch POS that you transact with may send you marketing email about their own products and offers. Every such email identifies the sender and includes a one-click unsubscribe link (RFC 8058). You can opt out at any time, and opting out applies across the whole Network: use the unsubscribe link in any message, reply STOP to text messages, email privacy@batchpos.com, or send a Global Privacy Control signal from your browser — we honor all of these. We do not include EEA, UK, or Swiss residents in the Network, and we do not sell Network data.
3. Legal bases (EEA and UK users)
Where the EU or UK General Data Protection Regulation applies, we process personal data on the following legal bases: performance of a contract with you; our legitimate interests in operating and securing the Service (balanced against your rights); compliance with legal obligations; and your consent where required (for example, for non-essential cookies). You may withdraw consent at any time without affecting the lawfulness of prior processing.
4. Sub-processors
We use the following sub-processors to deliver the Service. Each is bound by a written agreement requiring confidentiality and protection of personal data consistent with this policy.
| Sub-processor | Purpose | Data location |
|---|---|---|
| Amazon Web Services | Postgres database (RDS), authentication (Cognito), infrastructure | United States |
| Vercel | Application hosting, edge network | United States, global edge |
| Resend | Transactional and notification email | United States |
| Twilio | SMS for booking reminders and notifications (where enabled) | United States |
| NMI | Card processing gateway, transaction metadata | United States |
| PAX Technology | Card-present terminals and cloud terminal management | United States |
| Amazon Web Services | Background workflows, scheduled jobs (SQS + Lambda) | United States |
We will give reasonable advance notice of new sub-processors via in-product notice or email so you have an opportunity to object.
5. International transfers
Our infrastructure is hosted in the United States. When personal data is transferred from the EEA, UK, or Switzerland to the US, we rely on Standard Contractual Clauses and supplementary measures including encryption in transit and at rest.
6. Retention
We keep account and operational data for as long as the business's account is active. After account closure, we retain data for ninety days to allow account recovery and export, then delete it from active systems within thirty days and from backups within a further ninety days.
Some records (financial transactions, billing invoices, audit logs, and security events) are retained for up to seven years where required by tax, accounting, or regulatory law. Aggregated and de-identified data may be retained indefinitely.
7. Security
We protect personal data with administrative, technical, and physical safeguards. Credentials for third-party integrations (such as NMI gateway and processor keys) are encrypted at rest with AES-256-GCM using a key managed by Batch POS. All traffic to the Service is encrypted in transit with TLS 1.2 or higher. Database access is controlled by Postgres row-level security so each tenant can only read its own data, and audit logs record administrative actions. Despite these measures, no system is perfectly secure; report any suspected vulnerability to security@batchpos.com.
8. Your rights
Depending on where you live, you may have rights to access, correct, delete, port, or restrict processing of your personal data, and to object to processing based on legitimate interests. EEA, UK, and Swiss residents may lodge a complaint with their data protection authority. California residents have rights under the CCPA/CPRA, including the right to know what personal information we collect, the right to delete, the right to correct, and the right to opt out of any sale or sharing of personal information; we do not sell personal information.
To exercise any of these rights, email privacy@batchpos.com from the email registered to your account, or use the in-product export and deletion tools where available. We will respond within the timeframes required by applicable law, typically thirty days.
If you are a customer of a business that uses Batch POS and you want to exercise rights over your data, please contact the business directly. We will support the business in responding to your request, but the business controls the data and decides how to act on it.
9. Children
The Service is not directed to children under sixteen. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact privacy@batchpos.com and we will delete it.
10. Cookies and tracking
We use first-party cookies for authentication and security. We use limited first-party analytics to understand how the Service is used. We do not use third-party advertising cookies on the Batch POS application.
11. Changes to this policy
We may update this Privacy Policy from time to time. Material changes will be announced by email or an in-product notice at least thirty days before they take effect. The "Last updated" date at the top reflects the current version.
12. Contact
Privacy questions and requests can be sent to privacy@batchpos.com. Postal mail can be addressed to Batch POS, Inc., Attn: Privacy, 1209 Orange Street, Wilmington, DE 19801, USA.