‘’Services’’ means Loyverse point of sale and inventory management products and services, and any features, technologies or functionality provided by those products or services, offered by us from time to time, including the Loyverse POS, Loyverse Dashboard, Loyverse KDS and Loyverse CDS applications ("Apps") and loyverse.com ("Website")
"Customer” or “Merchant’’ means the person or entity who registers to use the Service by creating a Loyverse account. If you are creating an account or using the Services on behalf of a business, you agree that you are accepting these Terms and have the authority to enter into these Terms, on behalf of the business, which will be deemed to be the Customer, and will be bound by these Terms.
"You" means the Customer and (where the context permits) includes any Authorised Users.
Identifying the Data Controller and Data Processor
In general, Cavius is the Controller for Customer (Merchant) Information and Processor for Consumer and Employee Information where the Controller is the Customer (Merchant).
For questions regarding the processing of personal data and the exercise of your rights by virtue of the GDPR, you may contact us via the email address [email protected].
Types of Personal Data collected
We collect and use several types of data for the individuals we cooperate with, including information by which subjects may be identified ("Personal Data" means any Data relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person), such as your first and last name, identity number, e-mail address, address and province and telephone number.
We are committed to protecting the privacy of the individuals on our websites, mobile applications, products and services. By registering for using our Services you acknowledge the collection, transfer, processing, storage, disclosure and other uses of your information.
- Customer information, being personal information relating to our Customers/Merchants (where applicable). We collect this information so that we can provide our Services to those Customers.
- Consumer information, being personal information relating to consumers with whom our Customers interact (such as consumers of their products or services) including their email address, phone number or other information.
- Employee information, being personal information relating to employees of our Customers, including email address, phone number or other information.
- Guests, being personal information relating to the visitors of our webpages and participants at Loyverse. Town and/or any other blogs or interactive platforms we have or may lunch.
Our customers are solely responsible for establishing policies for and ensuring compliance with all applicable laws and regulations, as well as all privacy policies, agreements or other obligations, relating to the collection of personal data in connection with the use of our Services by individuals with whom our Customers interact.
If you are an individual who interacts with a Customer using our Services - for instance if you’re an employee or consumer of a retail store – that Customer is the controller of your personal data and you should contact them directly (e.g. - the owner or manager of the retail store) – for assistance with any requests or questions relating to your personal data.
Guests are solely responsible for the personal data they provide on the blogs or other interactive media and that we do not collect for providing the blog capability, such as the blog content.
How and what information we collect
We collect information about you when you provide it to us or when you use our Services.
The ways and what we collect, it can be broadly categorized into the following:
1. Information You Directly Provide to Us:
Operational data. We store information you upload to or send through our Services, ( Information about products and services the Customer sells (including inventory, pricing, sale, transaction, tax, and other data and Information about the Customer or the Customer’s business (employees, consumers and suppliers).
Information for Support. When you contact our customer support, where you may choose to submit information regarding a problem you are experiencing with a Service. (contact information, problem summary, any documentation, screenshots or information that would be helpful in resolving the issue).
Payment Information. We collect certain payment and billing information when you subscribe for certain paid Services. You might also provide payment information, such as payment card details, which we collect via secure payment processing services.
Contribution to a discussion. You might contribute to an online discussion at Loyverse. Town or any other interactive media or blog about the Service we are providing to you. The content of the discussion might include personal data you input.
Other submissions. We ask your consent to collect personal information from you when you submit web forms on our websites or when you participate in any interactive features of our Services, participate in a survey, promotion, activity or event, request customer support, communicate with us via third party social media sites, or otherwise communicate with us.
2. Information We Collect Automatically When You Use Our Services:
3. Information We Receive from Other Sources
We collect information from other sources, such as our business partners. We do not control, supervise, or respond for how the third parties providing your information process your personal data, and any information request regarding the disclosure of your personal information to us should be directed to such third parties.
Legal Basis for processing
We collect and process information about you only where we have legal bases for doing so under applicable EU laws. The legal bases depend on the Services you use and how you use them. This means we collect and use your information only where:
- It is necessary to provide you the Services, including to operate the Services, provide customer support and personalized features and to protect the safety and security of the Services.
- It satisfies a legitimate interest (which is not overridden by your data protection interests), such as for research and development, to market and promote the Services and to protect our legal rights and interests.
- We need to process your data to comply with a legal obligation; or
- You give us consent to do so for a specific purpose
If you have consented to our use of information about you for a specific purpose, you have the right to change your mind at any time, but this will not affect any processing that has already taken place.
How we use your personal information
We are continually striving to improve Services. We may use information about you for purposes such as:
- Enabling you to access and use our Services
- Enabling you to access and use other SaltPay services as per the ‘’Internal SaltPay Parties’’ paragraph
- Displaying historical sale information
- Sending you marketing, advertising, educational content and promotional messages and other information that may be of interest to you, including information about us, our Services, or general promotions for business partner campaigns and services and only if you consented to. You can unsubscribe or opt-out from receiving these communications at any time
- Measuring, customizing and improving the Services and developing new products
- Sending to you service, support and administrative messages, reminders, technical notices, updates, security alerts and information requested by you
- Investigating and preventing fraudulent transactions, unauthorized access to Services, and other illegal activities
- Providing the capability for online discussion with other customers and/or users.
- With your consent, we may use information about you for a specific purpose not listed above. For example, we may publish testimonials or featured customer stories to promote the Services, with your permission.
Sharing & disclosure of your information
When you use the Services, we may share your information only as described below:
Service Providers, Business Partners and Others
We use and work with third party service providers and our trusted Business Partners to provide application development, hosting, website, infrastructure, maintenance, backup, payment processing, customer relationship management, marketing, accounting, human resources, business intelligence and analytics, data enrichment, customer support and other services for us. These service providers may have access to or process your information for the purpose of providing those services for us. Some of our pages use white-labelling techniques to serve content from our service providers while providing the look and feel of our site. Please note that you are providing your information to these third parties acting on our behalf. These third parties are located in countries which may be outside of your location.
We also share your contact information with select trusted Business Partners, such as our partners who integrate with Services, to enable them to contact you about their services (as they relate to your Services).
Compliance with Laws and Protection of Rights
In certain situations, we may be required to use and disclose your information (including personal information) to a third party if we believe the disclosure is reasonably necessary:
- To comply with any applicable law, legal process (for example, subpoenas and warrants) or governmental request
- To protect the property, rights, and our safety of, our Customers or the public from harm or illegal activities
- For fraud prevention, risk assessment, investigation, customer support, product development or debugging purposes
- To protect the rights, property or our personal safety, its users or members of the public
- To establish or exercise our legal rights or defend ourselves against any third-party claims or allegations
Non-Identifying or Aggregated Data
We may share aggregated or other non-personal information that does not directly identify you with third parties in order to improve our Services.
Internal SaltPay Parties
All SaltPay Group companies have a legitimate business interest in accessing the data and may do so for the purposes and in the way described in this Privacy Notice. SaltPay Group companies shall be taken to include any entity that directly or indirectly controls, is controlled by, or is under common control with SaltPay from time to time, whether located in or outside of the United Kingdom. When we transmit data between our group entities located inside and outside of the EEA, this sharing is governed by our intra-group data sharing and processing agreement which is drafted in compliance with the GDPR and includes the relevant safeguards necessary for transfers outside the EEA.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and, unless otherwise notified to you, only permit them to process your personal data for specified purposes and in accordance with our instructions.
Your privacy rights
Subject to the provisions of the General Data Protection Regulation, you have the following rights in regard to your Personal Data: (Please note, these rights are not absolute and, in some cases, they are subjected to conditions as defined by law)
- Right of Access: You have the right to access your own Personal Information through the platform, as well as the right to request a copy of your personal information that is maintained and processed by us.
- Right to Erasure: You have the right to request the deletion of Personal Data only if one of the following reasons is true:
- Personal Data are no longer necessary in relation to the purposes for which they were collected or processed.
- If the processing is based on your consent and you have withdrawn this consent (on which processing is based) in accordance with Articles 6.1.a and 9.2.a of the Regulation and if no other legal basis for processing applies.
- If you object to processing in accordance with Article 21.1 of the Regulation and there are no compelling and legitimate reasons for processing.
- If Personal Data has been processed illegally.
- If Personal Data should be deleted in compliance with a legal obligation under Union law to which our company is subject to.
- If the Personal Data have been collected in relation to the provision referred to in Article 8.1 of the Regulation.
- Right to Object: Object to the processing of your Personal Data for marketing purposes or on grounds relating to your situation.
- Right to Restriction of Processing: Request the restriction of the processing of your Personal Data in specific cases.
- Right to Data Portability: Receive your Personal Data in a machine-readable format and send it to another controller (‘data portability’);
- Right to Object and Automated Individual Decision-Making (Including Profiling): Request that decisions based on automated processing concerning you or significantly affecting you and based on your Personal Data are made by natural persons, not only by computers. You also have the right in this case to express your point of view and to contest the decision.
If you are an individual who interacts with a Customer using our Services - for instance if you’re an employee or consumer – that Customer is the controller of your information. If this is the case, please direct your data privacy request and questions to that controller,
You can request to exercise these rights by emailing [email protected].
Our global operations (including transfers of data from your home country to another)
To bring you Services, we operate globally. In order to do so, your personal information may be transferred to, and processed in countries other than the country you live in, outside of your home country, including the United States. These countries may have laws different to what you’re used to. Rest assured, where we disclose personal data to a third party in another country, we put safeguards in place to ensure your personal data remains protected.
Specifically, Cavius hosts data with Amazon Web Services in the Germany. If you are a non-EU resident, this means that your personal information will be transferred to the EU. The servers on which personal information is stored are kept in a controlled environment.
European Economic Area (EEA) users: This means that your information may be transferred outside of the EEA. Where your personal information is transferred outside the EEA, it will only be transferred to countries that have been deemed to provide adequate protection for EEA information (Adequacy Decision Countries), or to a third party where we have approved transfer mechanisms in place to protect your personal information – i.e., European Commission’s Standard Contractual Clauses.
How long we retain your information
We generally retain your information only as long as reasonably necessary to provide you the Services or to comply with applicable law.
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymise it.
Children’s use of the services
Services are not directed to individuals under 16. We do not knowingly collect personal information from children under 16. If we become aware that a child under 16 has provided us with personal information, we will take steps to delete such information. If you become aware that a child has provided us with personal information, please contact us at the email [email protected].
We take appropriate security technical and organisational measures (including physical, electronic and procedural measures) to safeguard your Personal Information from unauthorized access, unlawful use, intervention, modification or disclosure under the requirements of the Regulation.
Where data is transferred over the Internet as part of the Services, the data is encrypted using industry standard TLS (HTTPS).
Cavius International Limited
Archiepiskopou Leontiou A, 187, 4th floor
Limassol, 3020, Cyprus
If you have a concern about the way we are collecting or using your personal data, you should raise your concern with us in the first instance or directly to the office of the Commissioner for the Protection of Private Data. You can be provided the complaint forms for the Commissioner’s office here.