Privacy Policy

1. Data Controller

POS BATU is a product developed by GAMOEK. For any inquiries regarding the privacy of your data, you can contact us at:

• Email: privacy@batuhub.com
• General email: info@batuhub.com

2. Data We Collect

POS BATU collects and processes the following data in the context of its operation as a point-of-sale system:

Account and authentication data

• Username and access credentials (provided by the company administrator)
• Role and permissions assigned within the system
• Linked employee identifier

POS operational data

• Sales transactions (products, quantities, prices, payment method)
• Shift openings and closings, cash reconciliations
• Inventory movements and transfers between kiosks
• Employee attendance records

Device data

• Platform type (iOS, Android, or web browser)
• Internet connection status
• Data stored locally on the device (IndexedDB) for offline operation

3. How We Use Your Data

The collected data is used exclusively to:

• Operate the point-of-sale system and process transactions
• Manage inventory, shifts, and cash reconciliations
• Generate sales reports and operational metrics for the business
• Synchronize data between the device and the server when a connection is available
• Authenticate users and control access based on assigned permissions

We do not use your data for advertising, user profiling, or cross-app tracking.

4. Local Storage

POS BATU stores data on the user's device using IndexedDB and localStorage to enable operation without an internet connection. This data includes the product catalog, sales pending synchronization, and session preferences. Local data is automatically synchronized with the server when the connection is restored.

5. Third-Party Services

Data is processed and stored using the following infrastructure providers:

• Fly.io — Hosts the backend server (api.batuhub.com) in the Chicago, USA region.
• Cloudflare — Provides CDN, DNS, file storage (R2), and static page hosting.
• Stripe — Processes credit/debit card payments. Payment data is handled directly by Stripe and never passes through our servers. See Stripe's privacy policy.

We do not sell, rent, or share personal data with third parties for marketing or advertising purposes.

6. Camera and Bluetooth Usage

• Camera — Used solely to scan product barcodes. No images or video are captured or stored.
• Bluetooth — Used solely to connect to thermal receipt printers via Bluetooth. No data from nearby devices is collected.

Both permissions are optional and the app works without them, although with reduced functionality.

7. Data Retention and Deletion

Operational data (sales, inventory, shifts) is retained as long as the company's account is active in the system. Data stored locally on the device can be deleted by uninstalling the application or clearing the app's data from the device settings.

To request the deletion of your account data, contact your company administrator or write to us at privacy@batuhub.com.

8. Security

All communications between the app and the server are conducted via HTTPS with TLS encryption. Passwords are stored with bcrypt hashing. POS access requires user authentication and PIN. Session tokens expire automatically.

9. Changes to This Policy

We may update this privacy policy periodically. Any changes will be posted on this page with the corresponding update date. Continued use of the application after changes constitutes acceptance of the updated policy.