ShadowPOS LLC Privacy Policy

Last Updated: October 21, 2025

The Gist

We are ShadowPOS LLC, the company behind the ShadowPOS point-of-sale (POS) system. Our mission is to provide retail businesses with powerful, easy-to-use software as a service (SaaS) to manage their sales, inventory, and customer relationships effectively.

This Privacy Policy applies to information that we collect about you when you use our SaaS POS system and any related services (collectively, our "Services"). We respect your privacy and are committed to protecting your personal information. Below, we explain how we collect, use, disclose, and safeguard your information, along with the choices you have.

This Privacy Policy is incorporated into our Terms of Service. By using our Services, you agree to the practices described here. If you do not agree, please do not use our Services.

We may update this Privacy Policy from time to time. Although most changes are likely to be minor, we encourage you to frequently check this page for any changes. We will notify you of material changes by posting the updated policy on our website, updating the "Last Updated" date, and, where appropriate, via email or in-app alerts. Your continued use of the Services after such changes constitutes your acceptance of the new policy.

1. Who We Are and What This Policy Covers

We, ShadowPOS LLC ("we," "us," or "our"), provide a POS system for retail businesses. This Privacy Policy covers how we handle information collected through our Services. It does not apply to third-party services, like our payment processing partner GPS Pay, which have their own privacy policies.

ShadowPOS LLC does not provide legal, tax, or accounting advice. You should consult your own legal, tax, and accounting advisors to ensure compliance with all applicable laws and regulations.

2. Information We Collect

We only collect information about you if we have a reason to do so—for example, to provide our Services, communicate with you, or improve our Services. We collect this information from three sources: directly from you, automatically through our Services, and from outside sources. We do not collect information from children under 18, as our Services are not directed to them.

Information You Provide to Us:

• Basic Account Information: We ask for basic details to set up your account, such as your email address, password, and business name.
• Payment and Contact Information: If you subscribe to our Services, you provide additional personal and payment details, like your name, credit card information, billing address, and contact information.
• Business and Transaction Data: In using our Services, you provide business data, including product information, inventory details, transaction details (e.g., product details, purchase price, date, and location), customer names, contact details, and purchase history. This may include sensitive information like payment card details, but we do not store full card numbers—these are handled securely by third-party processors (e.g., GPS Pay) in compliance with Payment Card Industry Data Security Standard (PCI DSS).
• Communications with Us: You may provide information when responding to surveys, communicating about support questions, or sharing feedback. We store copies of these communications.

Information We Collect Automatically:

• Log Information: Like most online providers, we collect data that browsers, mobile devices, and servers make available, including browser type, IP address, unique device identifiers, language preference, referring site, date and time of access, operating system, and mobile network information.
• Usage Information: We collect details about your usage of our Services to provide them, gain insights on user behavior, improve features, and predict retention. This includes interactions like clicks and scrolls.
• Location Information: We may derive approximate location from your IP address to calculate geographic usage trends or provide location-based features (e.g., for multi-store operations).
• Information from Cookies & Other Technologies: We use cookies and similar technologies to identify and track visitors, usage, and preferences. Cookies help with authentication, performance analysis (e.g., via tools like Google Analytics), and security. We use:
  • Essential Cookies: For core features like authentication.
  • Performance Cookies: To analyze usage. We do not honor "Do Not Track" signals, as there is no industry standard for compliance.

Information from Other Sources:

We may receive data from third parties, such as if you connect your account to a third-party service or from partners like payment processors (e.g., GPS Pay) and third-party catalog providers (e.g., product images, descriptions, and prices). Those third parties reserve all rights to their products, logos, and trademarks. We do not claim ownership of this third-party data and, while we strive for accuracy, do not guarantee it.

3. How We Use Your Information

We use your information for legitimate business purposes, based on grounds such as fulfilling our commitments under our Terms of Service, compliance with legal obligations, protecting vital interests, our legitimate interests (e.g., security and improvement), or your consent.

Purposes for Using Information:

• To provide and maintain our Services (e.g., account setup, payment processing, transaction management).
• To ensure quality, maintain safety, and improve our Services (e.g., monitoring interactions, creating new features, analyzing retention).
• To market our Services and measure marketing effectiveness (with opt-out options).
• To protect our Services, users, and the public (e.g., detecting fraud, security incidents, or spam).
• To fix problems and customize the user experience.
• To communicate with you (e.g., service updates, security alerts).
• To anonymize and aggregate data for our business purposes and to provide general industry insights (e.g., retail benchmarks). Aggregated data is de-identified and not linked to you.

We are committed to ethical data practices: We only collect data necessary for our Services, anonymize it thoroughly to prevent re-identification, and do not use it in ways that could invade your privacy, such as individual tracking or selling personal information.

4. How We Share Your Information

We do not sell your personal information. We share it only in limited circumstances, with appropriate safeguards:

• Subsidiaries and Independent Contractors: To help provide or process information for our Services.
• Third-Party Vendors: Vendors needing the data to assist us or you, such as payment processors (e.g., GPS Pay), cloud storage (e.g., AWS), and email services, bound by confidentiality.
• Third-Party Catalog Data: As displayed in our Services; third parties retain rights.
• Legal and Regulatory Requirements: In response to subpoenas, court orders, or governmental requests.
• To Protect Rights, Property, and Others: When necessary to protect ShadowPOS LLC, third parties, or the public (e.g., from fraud).
• Business Transfers: In mergers, acquisitions, or asset sales (with notice where required).
• With Your Consent: For other purposes you approve.
• Aggregated or De-Identified Information: Shared so it cannot identify you, e.g., for aggregate statistics.

We may share Aggregated Anonymous Data with customers, publishers, or partners (e.g., in exchange for catalog data), but only in a form that cannot identify you or your business.

5. How Long We Keep Information

We retain your information as long as needed for the purposes described, your account's duration, or legal requirements (e.g., tax records for 7 years). We generally discard information when no longer necessary and not legally required to keep it. Upon termination, we delete or anonymize data within 30 days, except for backups (retained up to 90 days) or legal holds.

6. Security

While no online service is 100% secure, we implement reasonable measures—including encryption, access controls, regular audits, and PCI DSS compliance for payments—to protect your data from unauthorized access, use, alteration, or destruction. You are responsible for securing your account (e.g., strong passwords).

In case of a data breach, we will notify you and authorities as required by law (e.g., within 72 hours under GDPR if applicable).

7. Choices You Have

• Limit the Information You Provide: You can choose not to provide optional details, though this may limit features.
• Opt Out of Marketing Communications: Unsubscribe from promotional emails; we may still send account or legal notices.
• Set Your Browser to Reject Cookies: This may affect functionality.
• Close Your Account: Contact us to delete your account and associated data, subject to retention obligations.

8. Your Rights

Depending on your location (e.g., under CCPA for California residents or GDPR for EU users), you may have rights to:

• Access, correct, or delete your personal information.
• Request data portability.
• Object to processing or withdraw consent (may limit Services).
• Opt out of sales (we do not sell data).

To exercise rights, contact us at [email protected]. We respond within 30-45 days. For CCPA: You have rights to know, delete, and opt out; we do not discriminate for exercising rights. If data is controlled by your employer, contact them first.

9. Children's Privacy

Our Services are not for children under 18. We do not knowingly collect data from minors. If we learn of such data, we delete it.

10. Transferring Information

Our Services are hosted in the United States. If you are outside the US, your data may be transferred to and stored in the US, subject to US laws. We use safeguards like Standard Contractual Clauses for transfers from the EEA/UK/Switzerland.

11. Third-Party Software and Services

If you use third-party services (e.g., GPS Pay), you may provide data to them. We are not responsible for their practices—review their policies. Our Services may link to third-party sites; we are not liable for their content or privacy.

12. Controllers and Responsible Companies

ShadowPOS LLC is the controller of your personal information.

13. How to Reach Us

For questions, requests, or complaints, contact:

ShadowPOS LLC
8 The Green, Ste B
Dover, DE 19901
Email: [email protected]

We investigate complaints promptly and respond in writing.

This Privacy Policy is governed by Delaware law, as per our Terms of Service.

Return to ShadowPOS homepage