Your data, handled with care.
We believe in complete transparency about how we collect, use, and protect the data you trust us with. This policy explains everything in plain language.
Last updated: June 20, 2026 · Effective: June 20, 2026
Overview
Puffer ("we", "us", or "our") provides a point-of-sale, inventory, and business analytics platform for cafes and commercial workspaces. This Privacy Policy describes how we collect, process, store, and protect the information you and your organization provide when using our services.
By using Puffer, you agree to the collection and use of information as described in this policy. If you do not agree, please discontinue use of the service.
Data We Collect
We collect the following categories of information:
Account & Organization Data
Name, email address, phone number, business name, business type, subscription plan, and billing information. This is required to operate your account.
Business Operations Data
Orders, products, categories, pricing, sales transactions, expenses, inventory levels, staff members, customer records, and daily analytics snapshots. This is the core data Puffer stores on your behalf to deliver the service.
Usage & Session Data
IP addresses, device type, browser type, session duration, feature usage patterns, interaction events, and privacy-masked session replay. Used for security, debugging, and improving the platform.
Authentication Data
Email or Google Sign-In identifiers, authentication tokens, session tokens, IP addresses, and user-agent information used to sign you in and protect your account. Identity credentials are managed by Firebase Authentication and our authentication service.
Uploaded Content
Product images, organization logos, and other files you choose to upload. These files are stored using Cloud Storage for Firebase.
How We Use Your Data
Your data is used for the following purposes:
- ✓Providing, operating, and maintaining the Puffer platform
- ✓Processing payments and managing your subscription
- ✓Sending transactional communications (receipts, alerts, system updates)
- ✓Detecting and preventing fraud, abuse, and security incidents
- ✓Improving platform stability and fixing bugs
- ✓Generating your own analytics dashboards and reports
- ✓Complying with applicable laws and regulations
We do not use your business data for targeted advertising. We do not sell your data to third parties.
Aggregated Insights Program
We intend to introduce optional benchmark features that help business owners understand how their performance compares to industry trends - for example, average order value across similar businesses, typical peak hours for a café, or common product pricing patterns.
To power these features, Puffer may use anonymized, aggregated versions of your business data (orders, sales, pricing, product categories). Here is exactly what that means:
✓ What we DO
- Compute statistical averages across many businesses
- Strip all identifying information before aggregation
- Show you how your metrics compare to anonymized benchmarks
- Apply k-anonymity - no data is used unless a minimum group size is met
✗ What we DON'T do
- Share your specific data with any other business
- Reveal your individual orders, customers, or revenue
- Sell aggregated data to third parties
- Use your data in ways not described here
Your organization's data is only ever a small, indistinguishable contribution to a much larger statistical pool. No other business can identify your data within any benchmark result.
Opting Out of Aggregated Insights
Participation in the Aggregated Insights Program is optional. You may opt out at any time from your organization's Settings panel, under Settings → Data & Privacy.
When you opt out:
- →Your data is excluded from all future aggregation runs immediately
- →Historical contributions are removed from aggregate pools on the next scheduled refresh
- →You lose access to industry benchmark features (future) that require aggregated data
- →No other features are affected
Data Sharing & Third Parties
We do not sell, rent, or trade your data. We disclose data to service providers only as needed to operate, secure, support, measure, and communicate about Puffer.
Google / Firebase
Puffer uses Firebase Authentication, Google Sign-In, Cloud Firestore, and Cloud Storage for core app functionality. Depending on how you use Puffer, Google processes account identifiers, authentication metadata, IP addresses, device information, business records, and uploaded files to provide those services. Google generally acts as our processor or service provider under its applicable Firebase and Google Cloud terms.
Vercel
Our hosting and deployment platform. Request logs and edge network metadata are processed by Vercel.
PostHog
Our product analytics provider. PostHog processes page views, feature interactions, device metadata, and account or organization identifiers when a user is signed in. Session replay may be used to diagnose usability issues; form input values are masked.
Resend
Our transactional email provider. Resend processes recipient names, email addresses, email content, and delivery metadata for invitations, account messages, and service reminders.
Legal obligations
We may disclose data if required by law, court order, or to protect the rights and safety of Puffer, its users, or the public.
Business transfer
In the event of a merger, acquisition, or sale of assets, user data may be transferred. You will be notified in advance.
Learn more on our Data Compliance & Security page and in Google's Firebase privacy and security information.
International Data Processing
Puffer and its service providers may process data in countries other than the country where you live or operate. Those countries may have different data-protection laws. When a provider processes data internationally, the transfer is governed by the provider's applicable contractual safeguards and data-processing terms.
Google, Vercel, PostHog, and Resend maintain their own infrastructure, subprocessors, and transfer mechanisms. Their current terms and locations may change over time; their official privacy documentation is the authoritative source for those details.
Security
We implement industry-standard security measures to protect your data:
- ✓All data is encrypted in transit using TLS 1.2+
- ✓Authentication credentials are managed through Firebase Authentication and protected in transit
- ✓Firestore Security Rules enforce strict per-organization data isolation
- ✓JWT tokens with short expiry windows for session management
- ✓Firebase Authentication for identity management
- ✓Role-based access control (RBAC) limits staff access to appropriate data
- ✓Multi-tenant architecture ensures your data cannot be accessed by other organizations
No method of electronic storage or internet transmission is 100% secure. While we strive to protect your data, we cannot guarantee absolute security. In the event of a data breach that affects your rights, we will notify you within 72 hours of becoming aware.
Your Rights
Depending on your jurisdiction, you may have the following rights regarding your personal data:
Access
Request a copy of the personal data we hold about you.
Rectification
Correct inaccurate or incomplete personal data.
Erasure
Request deletion of your data, subject to legal retention requirements.
Portability
Receive your data in a machine-readable format.
Restriction
Limit how we process your data in certain circumstances.
Objection
Object to processing based on legitimate interests.
To exercise any of these rights, contact us at privacy@pufferpos.com. We will respond within 30 days.
Data Retention
We retain your data for as long as your account is active. When you cancel your subscription or delete your organization, we will delete your business data within 90 days, except where retention is required by law (e.g., financial records may be retained for up to 7 years).
Service-provider backups and security logs may remain for a limited additional period while backup cycles expire or when retention is required to prevent fraud, investigate abuse, resolve disputes, or meet legal obligations. Transactional email and analytics records use retention periods appropriate to their operational purpose and provider configuration.
Aggregated, anonymized data derived from your account (if you have not opted out) may be retained indefinitely as it contains no personally identifiable information.
Contact Us
If you have questions about this Privacy Policy or how we handle your data:
Privacy Team
privacy@pufferpos.com