Legal

Privacy Policy.

We collect only what we need to run Wusooly, and we tell you exactly what we do with it. No surprises.

Last updated: May 9, 2026

Who we are

"Wusooly" ("we", "us", "our") provides a point-of-sale platform that includes a web dashboard for merchants and mobile applications for staff and managers. This policy describes how we handle personal information across all of those surfaces.

If you operate a business on Wusooly, you are the data controller for the customer information you collect through our products, and we act as your data processor for that information.

Information we collect

Account information

When you sign in through ZIQX (our identity provider) we receive your name, email, and a stable user identifier. We do not see or store your ZIQX password.

Business information

Information you enter about your organisation, branches, staff, tax configuration, and sales activity. This is the data that powers your dashboard and your point-of-sale terminals.

Device information

When you use our mobile apps we collect a Firebase Cloud Messaging push token (so we can deliver notifications), basic device model and OS version, an app install identifier, and crash diagnostics if the app misbehaves.

Usage information

Anonymous, aggregated usage signals such as which screens you opened, which features you tapped, and approximate session duration. We use this to understand which features earn their keep and which need work.

Information we do not collect

We do not collect your contacts, photos, microphone, or precise GPS location. We do not sell personal information. We do not use third-party advertising networks.

How we use your information

  • To authenticate you and keep your session secure.
  • To run your business — display sales, manage staff, calculate tax, sync between your terminals and the dashboard.
  • To deliver push notifications about events you opted into (orders, alerts, reminders).
  • To diagnose crashes and bugs, so the next release is more stable than the last.
  • To understand product usage in aggregate so we can prioritise the right work.
  • To communicate with you about your account, billing, and material changes to the service.

Service providers we rely on

We use the following third parties to deliver Wusooly. Each is contractually bound to handle data only on our instructions and cannot use it for their own purposes.

  • Google Firebase — push notifications (Cloud Messaging), crash reporting (Crashlytics), product analytics (Analytics), and remote configuration. Firebase processes the data described under "Device information" and "Usage information" above.
  • ZIQX Identity — sign-in. ZIQX verifies your identity and returns a token to Wusooly; we never see your ZIQX credentials.
  • Cloud hosting — to run our backend services and store your business data.

Where data is stored

Your data is stored on managed cloud infrastructure with encryption in transit (HTTPS/TLS) and at rest. Authentication tokens on your device are stored in the platform's secure keychain (iOS Keychain / Android Keystore).

How long we keep it

We retain your business data for as long as your account is active. If you delete your account, we delete or anonymise your personal information within 30 days, except where we are required to retain it to comply with law, resolve disputes, or enforce our agreements (for example, transaction records may be kept for the period required by tax law).

Crash and analytics data is retained according to Firebase defaults (typically up to 14 months for analytics, 90 days for individual crash events).

Your rights

Depending on where you live you have rights over the personal data we hold about you, which may include:

  • The right to access a copy of your data.
  • The right to correct data that is inaccurate.
  • The right to delete your data.
  • The right to export your data in a portable format.
  • The right to object to or restrict certain processing.
  • The right to withdraw consent where consent was the basis.

To exercise any of these rights, email us at privacy@wusooly.com.

Children

Wusooly is built for businesses and is not directed at children under 13. We do not knowingly collect information from children. If you believe a child has provided us with personal data, email us and we will remove it.

Notifications and analytics opt-out

You can disable push notifications at any time from your device settings. You can ask us to disable analytics and crash reporting for your account by emailing privacy@wusooly.com; this will not affect your ability to use the product.

Security

We use TLS for every API call, role-based access on the backend, audit logs for sensitive admin actions, and the platform's secure storage for tokens. No system is perfectly secure — if you discover a vulnerability, please report it to security@wusooly.com.

Changes to this policy

When we make material changes we will update the "Last updated" date at the top of this page and, where the change is significant, notify you in-app or by email before it takes effect. Continued use of Wusooly after a change means you accept the revised policy.

Contact

Questions about privacy, data, or this policy? Reach us at privacy@wusooly.com. For everything else, see our contact page.

See also our Terms of Service.