POS SAAS POS SAAS Saudi POS & e-invoicing platform
العربية Start Free
Product Affordable POS Small Businesses Groceries New Cafes Small Restaurants Food Trucks & Kiosks Van Sales Restaurants & Cafes Retail & Supermarkets ZATCA Pricing Blog FAQ Start Free Trial
Legal العربية

POS SAAS Privacy Policy

Last updated: April 21, 2026 — Compliant with the Saudi Personal Data Protection Law (PDPL)

1. Introduction & Compliance

POS SAAS (the "Platform" or "we"), available at gigapos.cc and its associated mobile applications, is committed to protecting the privacy and security of your personal and business data in accordance with the Saudi Personal Data Protection Law (PDPL). By using the Platform, you consent to the data collection and processing practices described in this policy.

2. Who We Are (Data Controller)

  • System trade name: POS SAAS
  • Domain: gigapos.cc
  • Headquarters: Buraidah, Qassim Region, Kingdom of Saudi Arabia.
  • Privacy & contact email: [email protected]

3. Data Retention Responsibility & ZATCA Records (Important)

POS SAAS is a cloud system for real-time processing and integration with the Saudi Zakat, Tax and Customs Authority (ZATCA).

  • Transfer of responsibility: The user (business owner) acknowledges that retaining tax records and e-invoices for ten (10) years as required by Saudi regulations is the customer's sole responsibility.
  • After account deletion: Once the customer deletes their account or terminates their subscription, the Platform erases their data from its servers and bears no obligation to archive or store any invoices on the customer's behalf thereafter. Customers must export and retain their data before requesting deletion.

4. Data We Collect

We only collect the data necessary to operate the POS system:

  • Account data: name, email, mobile number, business name, and VAT number.
  • Operational data: sales records, invoices, and inventory data.
  • Technical data: IP address, device type, and OS — for security and identity verification.
  • Payment data: processed via a licensed gateway (Moyasar); we do not store credit card data.

5. Mobile App Permissions (Android/iOS)

The POS SAAS mobile app requests the following permissions to deliver its functionality:

  • Camera: to scan product barcodes and QR invoices.
  • Bluetooth: to connect to receipt printers and barcode readers.
  • Storage: to let the customer download and save invoices and reports as PDF on their device.
  • Internet: to sync data with the server and integrate with ZATCA.

6. Account Deletion on User Request (Google Play Requirement)

The Platform grants users the right to permanently delete their accounts via the following flow:

  • Deletion request: via (Settings > Account > Delete Account) or by emailing [email protected].
  • Data export before deletion: the Platform provides a "Export/Download data" option before completing deletion. The user's confirmation of deletion constitutes acknowledgement that they have saved a copy of their records and releases the Platform from any future obligation to retain them.
  • Final deletion: once confirmed, all user and business data is permanently erased from the Platform's servers.
  • Grace period: data may be held in a "suspended" state for 30 days before final wipe to guard against accidental deletion; after that it is permanently destroyed and unrecoverable.

7. Automatic Deletion of Inactive Accounts

In line with the data minimisation principle under PDPL, the Platform deletes data of businesses whose subscription has lapsed and not been renewed for more than 30 days.

  • During the 30 days after subscription expiry, the service is suspended and the customer may still request a data export by emailing [email protected].
  • After the 30 days elapse, non-renewal is treated as the customer's acknowledgement of their wish to have the data deleted, and the Platform is entitled to permanently delete all business data from its servers.
  • The user acknowledges the forfeiture of any legal claim against the Platform arising from this deletion, and bears sole responsibility for the loss of tax records before governmental authorities.

8. Storage & Processing

  • Data is stored on secure, encrypted servers.
  • To ensure global service continuity, data may be transferred and processed outside Saudi Arabia, while we guarantee a protection level equivalent to local regulations using advanced encryption (AES-256).

9. Disclaimer & Financial Liability Limits

  • Disclaimer: POS SAAS bears no liability for fines or financial claims arising from the customer losing their tax records due to their own deletion or failure to keep backups.
  • Liability cap: in the event of a direct technical fault by the Platform, our aggregate financial liability to the customer shall not exceed the value of the last month's subscription actually paid by the customer.

10. Your Rights Under PDPL

You have the right to be informed, to access, correct, request deletion of, and obtain a copy of your data (data portability). To exercise these rights, contact us via the email above — bearing in mind the impact of deletion on your tax records, which remain your responsibility.

11. Contact & Complaints

For any privacy-related question, reach us via:

  • Email: [email protected]
  • If unsatisfied, you are entitled to file a complaint with the Saudi Data & AI Authority (SDAIA).