Privacy Policy for Cash Rounding POS
Last Updated: July 16, 2026
This Privacy Policy describes how Cash Rounding POS ("the App," "we," "us," or "our") collects, uses, and discloses personal information when a merchant installs and uses our application on the Shopify Point of Sale (POS) platform. This policy is written specifically for merchants and their authorized retail staff. It does not apply directly to consumer storefront visitors.
Personal Information We Collect or Process
To calculate and apply cash-rounding discounts at checkout, the App accesses active cart and draft order data locally on your Shopify POS device. This includes reading line items, quantities, individual item prices, tax lines, existing discounts, and the cart's grand total. All of this processing happens strictly on your local device to perform the calculation. The App does not collect, store, or process customer names, email addresses, phone numbers, physical addresses, or payment card data. Your rounding preferences are stored locally within Shopify's POS extension storage.
To comply with Shopify App Store requirements, our secure backend service receives Shopify's mandatory privacy webhooks: customers/data_request, customers/redact, and shop/redact. We do not build, store, or maintain customer profiles from these payloads. We verify the authenticity of these webhooks, process the request as required by Shopify, and retain only minimal, anonymized logs.
Personal Information Sources
We access transaction metadata directly through the Shopify POS APIs on your device while a checkout session is active. We also receive mandatory compliance payloads directly from Shopify's platform servers via secure webhooks. We do not collect information from third-party data brokers, marketing partners, or offline sources.
How We Use Your Personal Information
We use active cart information strictly to calculate and apply cash-rounding adjustments to the active cart and to display real-time calculations to your retail staff. We also use incoming platform data to authenticate and respond to Shopify's mandatory privacy webhooks. These activities are necessary to maintain the security, performance, and stability of our local extension and webhook service.
How We Disclose Personal Information
We do not sell personal information, and we do not share any data with third parties for cross-context behavioral advertising. We only share information with Shopify to facilitate the App integration, and with our cloud hosting infrastructure provider to securely run our webhook endpoint. We may disclose information to legal authorities only if strictly required to comply with a binding legal process.
Relationship with Shopify
The App operates as an extension within the Shopify POS environment. Shopify collects and processes data about your use of the App to facilitate the service. Information processed via Shopify's mandatory compliance webhooks is handled in accordance with Shopify's Partner Data Protection Addendum.
Third Party Websites and Links
The App operates strictly within the secure Shopify POS app framework and does not link to external, unaffiliated third-party websites or online shopping platforms.
Children's Data
The App is designed solely for business and retail POS use. We do not knowingly collect, process, or maintain any personal information regarding children.
Security and Retention of Your Information
We secure our webhook endpoint using HTTPS (TLS 1.3) encryption, and we strictly verify all incoming Shopify payloads using Shopify's HMAC signatures. Cart contents used for rounding calculations are processed entirely on-device and are never transmitted to or retained on our servers. Webhook and diagnostic server logs are securely retained for up to 30 days solely for troubleshooting, after which they are automatically deleted or fully anonymized. Local app settings remain in your device's Shopify storage until the App is uninstalled or local storage is cleared.
Your Rights and Choices
Under global privacy laws, merchants and their customers have the right to access, correct, or delete personal data processed by the App. Because we do not store personal customer records beyond transient 30-day security logs, these rights are typically exercised automatically when you uninstall the App.
Complaints
If you have any questions or complaints about how we process data under this policy, please contact us using the details below. If you are located in the EEA or UK, you also have the right to lodge a complaint with your local data protection authority.
International Transfers
If you operate your store outside of the United States, please note that webhook compliance payloads will be processed on our secure hosting servers located in the United States. We protect this data in accordance with Shopify's standard data protection terms.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our utility features or regulatory requirements. We will post the revised policy within the Shopify App Store listing and update the "Last Updated" date at the top of this page.
Contact
Should you have any questions about our privacy practices, this Privacy Policy, or if you would like to exercise any of your data rights, please contact us at labs@invenshure.com.
