Privacy Policy

Your data, handled with care.

We believe in complete transparency about how we collect, use, and protect the data you trust us with. This policy explains everything in plain language.

Last updated: June 20, 2026 · Effective: June 20, 2026

Overview

Puffer ("we", "us", or "our") provides a point-of-sale, inventory, and business analytics platform for cafes and commercial workspaces. This Privacy Policy describes how we collect, process, store, and protect the information you and your organization provide when using our services.

By using Puffer, you agree to the collection and use of information as described in this policy. If you do not agree, please discontinue use of the service.

Plain language summary: We store and process account and business data to run Puffer. Core functionality uses Firebase services on Google Cloud, so relevant data is shared with Google for authentication, database, storage, security, and service delivery. We do not sell, rent, or trade your data.

Data We Collect

We collect the following categories of information:

Account & Organization Data

Name, email address, phone number, business name, business type, subscription plan, and billing information. This is required to operate your account.

Business Operations Data

Orders, products, categories, pricing, sales transactions, expenses, inventory levels, staff members, customer records, and daily analytics snapshots. This is the core data Puffer stores on your behalf to deliver the service.

Usage & Session Data

IP addresses, device type, browser type, session duration, feature usage patterns, interaction events, and privacy-masked session replay. Used for security, debugging, and improving the platform.

Authentication Data

Email or Google Sign-In identifiers, authentication tokens, session tokens, IP addresses, and user-agent information used to sign you in and protect your account. Identity credentials are managed by Firebase Authentication and our authentication service.

Uploaded Content

Product images, organization logos, and other files you choose to upload. These files are stored using Cloud Storage for Firebase.

How We Use Your Data

Your data is used for the following purposes:

  • Providing, operating, and maintaining the Puffer platform
  • Processing payments and managing your subscription
  • Sending transactional communications (receipts, alerts, system updates)
  • Detecting and preventing fraud, abuse, and security incidents
  • Improving platform stability and fixing bugs
  • Generating your own analytics dashboards and reports
  • Complying with applicable laws and regulations

We do not use your business data for targeted advertising. We do not sell your data to third parties.

Aggregated Insights Program

This section describes a planned future feature. The Aggregated Insights Program is not yet active. When launched, you will be notified and given the opportunity to opt in or out before any aggregation occurs.

We intend to introduce optional benchmark features that help business owners understand how their performance compares to industry trends - for example, average order value across similar businesses, typical peak hours for a café, or common product pricing patterns.

To power these features, Puffer may use anonymized, aggregated versions of your business data (orders, sales, pricing, product categories). Here is exactly what that means:

✓ What we DO

  • Compute statistical averages across many businesses
  • Strip all identifying information before aggregation
  • Show you how your metrics compare to anonymized benchmarks
  • Apply k-anonymity - no data is used unless a minimum group size is met

✗ What we DON'T do

  • Share your specific data with any other business
  • Reveal your individual orders, customers, or revenue
  • Sell aggregated data to third parties
  • Use your data in ways not described here

Your organization's data is only ever a small, indistinguishable contribution to a much larger statistical pool. No other business can identify your data within any benchmark result.

Opting Out of Aggregated Insights

Participation in the Aggregated Insights Program is optional. You may opt out at any time from your organization's Settings panel, under Settings → Data & Privacy.

Opting out has no effect on core Puffer features. Your POS, orders, inventory, analytics dashboard, customer management, expenses, and all reporting remain fully functional. The only features that become unavailable are the optional benchmark comparisons that rely on aggregated data from the broader Puffer network.

When you opt out:

  • Your data is excluded from all future aggregation runs immediately
  • Historical contributions are removed from aggregate pools on the next scheduled refresh
  • You lose access to industry benchmark features (future) that require aggregated data
  • No other features are affected

Data Sharing & Third Parties

We do not sell, rent, or trade your data. We disclose data to service providers only as needed to operate, secure, support, measure, and communicate about Puffer.

Google / Firebase

Puffer uses Firebase Authentication, Google Sign-In, Cloud Firestore, and Cloud Storage for core app functionality. Depending on how you use Puffer, Google processes account identifiers, authentication metadata, IP addresses, device information, business records, and uploaded files to provide those services. Google generally acts as our processor or service provider under its applicable Firebase and Google Cloud terms.

Vercel

Our hosting and deployment platform. Request logs and edge network metadata are processed by Vercel.

PostHog

Our product analytics provider. PostHog processes page views, feature interactions, device metadata, and account or organization identifiers when a user is signed in. Session replay may be used to diagnose usability issues; form input values are masked.

Resend

Our transactional email provider. Resend processes recipient names, email addresses, email content, and delivery metadata for invitations, account messages, and service reminders.

Legal obligations

We may disclose data if required by law, court order, or to protect the rights and safety of Puffer, its users, or the public.

Business transfer

In the event of a merger, acquisition, or sale of assets, user data may be transferred. You will be notified in advance.

Learn more on our Data Compliance & Security page and in Google's Firebase privacy and security information.

International Data Processing

Puffer and its service providers may process data in countries other than the country where you live or operate. Those countries may have different data-protection laws. When a provider processes data internationally, the transfer is governed by the provider's applicable contractual safeguards and data-processing terms.

Google, Vercel, PostHog, and Resend maintain their own infrastructure, subprocessors, and transfer mechanisms. Their current terms and locations may change over time; their official privacy documentation is the authoritative source for those details.

Security

We implement industry-standard security measures to protect your data:

  • All data is encrypted in transit using TLS 1.2+
  • Authentication credentials are managed through Firebase Authentication and protected in transit
  • Firestore Security Rules enforce strict per-organization data isolation
  • JWT tokens with short expiry windows for session management
  • Firebase Authentication for identity management
  • Role-based access control (RBAC) limits staff access to appropriate data
  • Multi-tenant architecture ensures your data cannot be accessed by other organizations

No method of electronic storage or internet transmission is 100% secure. While we strive to protect your data, we cannot guarantee absolute security. In the event of a data breach that affects your rights, we will notify you within 72 hours of becoming aware.

Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

Access

Request a copy of the personal data we hold about you.

Rectification

Correct inaccurate or incomplete personal data.

Erasure

Request deletion of your data, subject to legal retention requirements.

Portability

Receive your data in a machine-readable format.

Restriction

Limit how we process your data in certain circumstances.

Objection

Object to processing based on legitimate interests.

To exercise any of these rights, contact us at privacy@pufferpos.com. We will respond within 30 days.

Data Retention

We retain your data for as long as your account is active. When you cancel your subscription or delete your organization, we will delete your business data within 90 days, except where retention is required by law (e.g., financial records may be retained for up to 7 years).

Service-provider backups and security logs may remain for a limited additional period while backup cycles expire or when retention is required to prevent fraud, investigate abuse, resolve disputes, or meet legal obligations. Transactional email and analytics records use retention periods appropriate to their operational purpose and provider configuration.

Aggregated, anonymized data derived from your account (if you have not opted out) may be retained indefinitely as it contains no personally identifiable information.

Contact Us

If you have questions about this Privacy Policy or how we handle your data:

Stop guessing.
Start seeing everything.

Start a 14-day free trial today. Set up in 5 minutes, get real-time insights from the first order, and pay only when you're convinced.

14-day free trial · No credit card required · Cancel anytime