Privacy Policy

Effective date: April 13, 2026 Last updated: April 13, 2026

At GoPosly, we respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, and safeguard your information when you use our platform or website.

1. Who We Are

GoPosly is a business management platform for growing SMEs, providing tools for inventory management, point of sale, sales, purchasing, and reporting in one unified system.

2. Information We Collect

a. Information You Provide Directly

  • Account data: name, email address, password, company name, phone number
  • Profile data: job title, industry, company size
  • Communications: messages sent through contact forms or email
  • Payment information: we do not store payment card details directly — payments are processed by a PCI-compliant third-party payment processor

b. Information Collected Automatically

  • Usage data: pages visited, session duration, features used, button clicks, and navigation paths
  • Technical data: IP address, browser type and version, operating system, device type, time zone
  • Cookies and tracking: see our Cookie Policy for full details

c. Business Data

  • Inventory, product, sales, and purchasing data you or your team enter into the platform
  • This data belongs entirely to you and is used only to provide and operate the service

3. How We Use Your Information

  • Providing the service: creating your account, activating subscriptions, and delivering customer support
  • Improving the platform: analysing usage patterns to develop features and improve performance
  • Communications: sending service updates, security alerts, and billing-related correspondence
  • Marketing (with your consent): sending newsletters, product announcements, and educational content
  • Legal compliance: fulfilling applicable legal and regulatory obligations
  • Security and fraud prevention: detecting and preventing fraudulent, abusive, or illegal activity

4. Legal Basis for Processing (GDPR)

We rely on the following legal bases to process your personal data:

  • Contract performance: processing account and billing data to deliver the service
  • Legitimate interests: analysing and improving platform performance and security
  • Consent: marketing emails and non-essential cookies
  • Legal obligation: retaining records required by tax or regulatory law

5. Sharing Your Information

We do not sell, rent, or trade your personal data. We may share it with:

  • Service providers: trusted partners who help us operate the platform (cloud hosting, email delivery, payment processing) under strict data processing agreements
  • Legal compliance: when required by law, court order, or governmental authority
  • Rights protection: to defend our rights, property, or the safety of our users
  • Business transfer: in connection with a merger, acquisition, or sale of assets, with prior notice to you

6. Data Retention

  • Active accounts: retained for the duration of your subscription
  • After account closure: we retain data for 90 days to allow recovery, then permanently delete it
  • Financial records: retained for 7 years as required by applicable law
  • Contact communications: retained for 3 years from the date of last contact

7. Your Rights

Depending on your location, you may have the following rights under applicable data protection law (including GDPR and CCPA):

  • Access: request a copy of your personal data
  • Rectification: correct inaccurate or incomplete data
  • Erasure: request deletion of your data where legally permitted
  • Restriction: restrict how we process your data in certain circumstances
  • Portability: receive your data in a structured, machine-readable format
  • Objection: object to processing based on legitimate interests
  • Withdraw consent: opt out of marketing emails at any time via the unsubscribe link or by contacting us

To exercise any of these rights, email us at [email protected]. We will respond within 30 days.

8. Security

We apply comprehensive technical and organisational security measures, including: encrypted data transmission (HTTPS/TLS), encryption at rest, role-based access controls, two-factor authentication, and continuous security monitoring. No system can be guaranteed 100% secure — if you suspect a security incident, please contact us immediately.

9. Cookies

We use cookies to operate the platform, analyse usage, and improve your experience. For full details on the cookies we use and how to manage them, see our Cookie Policy.

10. International Data Transfers

Your data may be processed in countries outside your own. We ensure an appropriate level of protection through legally recognised transfer mechanisms such as Standard Contractual Clauses (SCCs) where required.

11. Children

Our service is intended for businesses and adults only. We do not knowingly collect personal data from anyone under 18 years of age. If we become aware of such data being collected, we will delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by posting a prominent notice on the platform before the change takes effect. Your continued use of the service after the update constitutes your acceptance of the revised policy.

13. Contact Us

For questions about this policy or to exercise your rights: