Privacy Policy

1. Who We Are

ElevatedPOS Pty Ltd (ABN 00 000 000 000) (“ElevatedPOS”, “we”, “our”, or “us”) operates the ElevatedPOS point-of-sale platform, including the website at elevatedpos.com.au and all associated web applications, mobile apps, and APIs (collectively, the “Service”).

We are bound by the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs) contained in that Act.

2. Information We Collect

We collect information you provide directly, including:

• Business and account registration details (business name, ABN, address)
• Contact information (name, email address, phone number)
• Payment and billing information (processed securely via Stripe — we do not store card numbers)
• Transaction and order data processed through your POS
• Customer loyalty and contact data that you upload or generate via the Service
• Device pairing information and hardware identifiers

We also collect information automatically, including:

• Log data (IP address, browser type, pages visited, timestamps)
• Device information (device type, operating system)
• Usage analytics to improve the Service

3. How We Use Your Information

We use your information to:

• Provide, operate, and maintain the Service
• Process payments and manage billing
• Send transactional and operational emails (receipts, onboarding, support)
• Respond to your enquiries and provide customer support
• Detect and prevent fraud or abuse
• Comply with legal obligations
• Improve and develop the Service (using aggregated, de-identified data)

We do not sell your personal information to third parties.

4. Disclosure of Information

We may disclose your information to:

• Service providers who assist us in operating the Service (cloud infrastructure, payment processing, email delivery, analytics)
• Reseller partners who referred your account, to the extent necessary to manage that referral relationship
• Law enforcement or regulators when required by law or to protect our legal rights
• Successors in the event of a business merger, acquisition, or sale of assets

We require all third-party service providers to handle your data securely and only for the purposes we specify.

5. Data Storage and Security

Your data is stored on servers located in Australia (AWS Asia Pacific — Sydney region). We implement industry-standard security measures including encryption in transit (TLS), encryption at rest, access controls, and regular security reviews.

Despite these measures, no transmission or storage of data over the internet can be guaranteed to be 100% secure. You use the Service at your own risk.

6. Cookies

We use essential cookies to authenticate your session and maintain your login state. We do not use third-party advertising cookies. You can control cookies through your browser settings, but disabling essential cookies may prevent the Service from functioning.

7. Your Rights

Under the Australian Privacy Principles, you have the right to:

• Access the personal information we hold about you
• Request correction of inaccurate or incomplete information
• Complain about how we have handled your personal information

To exercise these rights, contact us at privacy@elevatedpos.com.au. We will respond within 30 days.

8. Retention

We retain your data for as long as your account is active and for up to 7 years thereafter to comply with Australian tax and financial record-keeping laws. You may request deletion of your account at any time; we will delete or de-identify your data except where retention is legally required.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by a prominent notice in the Service. Your continued use of the Service after the effective date constitutes acceptance of the updated policy.

10. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact our Privacy Officer:

You may also lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.