Privacy Policy
POS PH (https://posph.blackpeak.digital) Operated by Blackpeak Digital
Last updated: July 10, 2026
POS PH is a point-of-sale system built for cafes, restaurants, and retail shops in the Philippines. We respect your privacy and are committed to protecting the personal data you entrust to us. This Privacy Policy explains what data we collect, why we collect it, how we protect it, and the rights you have under Republic Act No. 10173 (the Data Privacy Act of 2012), its Implementing Rules and Regulations, and the issuances of the National Privacy Commission (NPC).
By creating an account or using POS PH, you agree to the practices described in this policy.
1. Who This Policy Covers
- Business owners and their staff who sign up for and use POS PH.
- Customers of those businesses whose information (such as loyalty program details or online orders) is recorded in POS PH by the business they transact with.
Our role under the Data Privacy Act. For the account information of business owners and staff, Blackpeak Digital acts as the personal information controller. For the customer and employee data that a business records inside POS PH (loyalty members, staff time records, orders), that business is the personal information controller, and Blackpeak Digital acts as a personal information processor — we process that data only to provide the service and only on the business's behalf.
2. Information We Collect
We collect only the information needed to run the service:
Account information
- Business name, email address, and login credentials (passwords are handled by our authentication provider and are never visible to us in plain text)
- Subscription plan and payment reference details (e.g., a payment reference number). We do not collect or store your card or e-wallet credentials.
Staff information (entered by the business owner)
- Staff names, roles, and PINs
- Time records (clock-in/clock-out) and cashier shift records
Customer information (entered by the business or its customers)
- Loyalty program details: customer name, email address, loyalty points, and QR code
- Online orders placed through a store's ordering page
Business records
- Sales transactions, products, inventory, expenses, and reports
Technical information
- Basic device and browser information, and application logs used to keep the service running and to diagnose problems
We do not collect sensitive personal information as defined by the Data Privacy Act (such as health, government ID numbers, or biometric data), and we ask that you do not enter such information into POS PH.
3. Why We Collect It
We process personal data only for the following purposes, based on the performance of our contract with you, your consent, and our legitimate interest in operating a secure and reliable service:
- To create and manage your account and verify your identity when you sign in
- To provide the core features of POS PH: point of sale, kitchen display, inventory, staff time records, loyalty program, online ordering, and reports
- To process and confirm subscription payments
- To respond to support requests
- To maintain security, prevent fraud and abuse, and keep audit records of important account actions
- To comply with legal obligations
We will never sell your personal data, and we do not use it for third-party advertising.
4. How We Store and Protect Your Data
Your data is stored on Google Firebase / Google Cloud Platform, a leading cloud provider with industry-standard security certifications. Because Google's servers may be located outside the Philippines, your data may be transferred and stored abroad; when this happens, it remains protected in accordance with the Data Privacy Act, and we ensure our providers offer a comparable level of protection.
Security measures include:
- Encryption in transit — all connections to POS PH use HTTPS/TLS
- Encryption at rest on our cloud provider's infrastructure
- Access controls — each business's data is isolated, and role-based permissions limit what owners, managers, and staff can see
- Audit logging of significant account actions
No system is completely secure, but we work to protect your data using reasonable and appropriate organizational, physical, and technical measures as required by the Data Privacy Act.
5. Sharing of Data
We share personal data only with:
- Service providers that are necessary to run POS PH (such as Google Firebase for hosting, database, and authentication), and only to the extent needed to provide the service
- Government authorities, when required by law, court order, or a lawful request
We do not share, rent, or sell your data to anyone else.
6. Data Retention
We keep your data for as long as your account is active. If you cancel your subscription or ask us to delete your account, we will delete your personal data within a reasonable period, except where we are required to retain certain records to comply with legal, tax, or accounting obligations. Business owners can delete individual records (such as loyalty customers or staff) at any time from within the app.
7. Your Rights Under the Data Privacy Act
As a data subject under Philippine law, you have the right to:
- Be informed about how your data is collected and processed
- Access the personal data we hold about you
- Correct inaccurate or outdated data
- Erase or block data that is unlawfully processed or no longer necessary
- Object to processing, including processing for direct marketing
- Data portability — obtain a copy of your data in a commonly used electronic format
- Damages — be compensated for damages caused by unlawful processing
- File a complaint with the National Privacy Commission (https://privacy.gov.ph)
To exercise any of these rights, contact us using the details in Section 11. We will respond within a reasonable time and in accordance with the periods required by the NPC.
If you are a customer of a business that uses POS PH (for example, a loyalty member of a cafe), please direct your request to that business first, since it controls your data. We will assist the business in fulfilling your request.
8. Cookies and Local Storage
POS PH uses browser local storage and service workers to keep you signed in and to make the app work offline. We do not use third-party advertising or tracking cookies.
9. Children's Privacy
POS PH is a business tool and is not directed at children. We do not knowingly collect personal data from minors. If you believe a minor's data has been entered into the service without proper consent, contact us and we will remove it.
10. Data Breach Notification
In the event of a personal data breach that is likely to give rise to a real risk of serious harm, we will notify the National Privacy Commission and the affected data subjects within seventy-two (72) hours of knowledge of the breach, as required by the Data Privacy Act and NPC rules.
11. Contact Us
For privacy questions, requests, or concerns, contact:
- Blackpeak Digital — Data Protection Officer
- Email: 20.pasiliao.jayvee@gmail.com - jayvee@blackpeak.digital
- Website: https://blackpeak.digital
12. Changes to This Policy
We may update this policy from time to time. When we make material changes, we will update the "Last updated" date above and, where appropriate, notify you inside the app or by email. Continued use of POS PH after changes take effect means you accept the updated policy.