ezpay
Sign inGet started

Privacy Policy

Last updated: May 2026

1. Overview

ezpay ("we," "us," or "Company") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our restaurant POS platform.

2. Information We Collect

We collect information in the following categories:

Account Information

When you create an account, we collect your business name, contact email, password hash, phone number, business address, and account preferences.

Restaurant Data

We store data you input about your restaurant, including menus, menu items, prices, modifiers, sections, tables, and seating layouts.

Order and Transaction Data

We record all orders, including items ordered, quantities, prices, discounts, taxes, payment method (cash or card), and timestamps. We do not store full credit card numbers; payment processing is handled by Stripe.

Staff Information

We store staff member names, PIN numbers (hashed), roles, and permissions you assign within the system.

Customer Contact Information

If you collect customer phone numbers or email addresses for receipts or marketing purposes, we store this information as part of your restaurant data. You are responsible for obtaining proper consent from customers before collecting this data.

Usage and Log Data

We automatically log IP addresses, browser type, pages accessed, time spent, and actions taken within the platform to help us diagnose issues and improve the service.

Device Information

We may collect information about the device you use to access ezpay, including device type, operating system, and unique device identifiers.

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the ezpay service
  • Process your subscription and billing
  • Send transactional emails (account confirmations, billing notices, support)
  • Respond to your inquiries and provide customer support
  • Detect, investigate, and prevent fraud or abuse
  • Comply with legal obligations and enforce our agreements
  • Analyze usage patterns to improve platform features and performance
  • Send service updates and security notices

4. Data Processors

We use the following third-party services to process your data:

Railway

We host our application infrastructure on Railway. Your data, including restaurant information, orders, and staff data, is stored on Railway's servers. Railway is a cloud infrastructure provider that operates data centers with industry-standard security.

Stripe

Payment processing is handled exclusively by Stripe. We do not store or process full credit card details. Stripe securely handles all payment transactions and complies with PCI-DSS standards. For details on how Stripe uses your data, see Stripe's Privacy Policy.

If you choose to save your card for faster checkout, it is stored as a payment method on the restaurant's Stripe account and may be charged for orders you place in the future. You can remove a saved card at any time from your account.

5. Cookies and Session Data

ezpay uses cookies and session tokens to maintain your login state and provide authentication. These cookies are necessary for the service to function and are not used for tracking or advertising purposes. You can manage cookies through your browser settings; however, disabling cookies may prevent the service from functioning properly.

6. Data Retention

We retain your data as long as your account is active. When you delete your account or terminate your subscription, we will retain your data for 30 days to allow for recovery, then delete it from our systems. Backup copies may be retained longer for disaster recovery purposes but will not be accessed for any other reason.

7. Security

We implement industry-standard security measures to protect your data:

  • Encryption of data at rest using AES-256
  • Encryption of data in transit using TLS/HTTPS
  • Passwords are hashed using secure hashing algorithms
  • Multi-tenant isolation to prevent unauthorized cross-account access
  • Regular security audits and vulnerability assessments
  • Limited employee access to customer data on a need-to-know basis

While we implement robust security measures, no system is 100% secure. We cannot guarantee absolute security of your information.

8. User Rights

You have the following rights regarding your data:

Access

You can access and review all data stored in your ezpay account at any time through the platform.

Export

You may request an export of your data in a standard format. Contact us at [email protected] to request your data export.

Deletion

You may request deletion of your account and associated data. Upon termination, we will delete your data within 30 days, except where we are required to retain it by law.

9. Children's Privacy

ezpay is not intended for use by children under the age of 13. We do not knowingly collect personal information from children. If we become aware that a child has provided us with personal information, we will delete such information and terminate the child's account.

10. Changes to This Policy

We may update this Privacy Policy at any time. We will notify you of material changes by updating the "Last updated" date and, if required, by sending you a notice or requesting your consent. Your continued use of the service constitutes acceptance of the updated Privacy Policy.

11. Contact

If you have questions about this Privacy Policy or our privacy practices, please contact us at [email protected].