Privacy Policy
Last Revised: August 14, 2025
Introduction
This Privacy Policy describes how InControl Solutions Inc. (“InControl,” “we,” “us,” “our”) collects, uses, and discloses personal information when you use our websites https://www.incontrolpos.com, https://myposinfo.com, and https://iposio.com (including any subdomains, each a “Website”), and when you interact with us by email, text, or other electronic means (including technical support).
By accessing or using the Websites, you agree to this Privacy Policy. If you do not agree, please do not use the Websites.
Capitalized terms used in our Client Terms/EULA or Data Processing Addendum (“DPA”) have the meanings given there for those documents’ subject matter.
Scope
This Policy applies to information we collect:
- on the Websites; and
- in email, text, and other electronic messages between you and the Websites (including support).
It does not apply to information collected:
- offline or through other InControl websites that do not link to this Policy; or
- by third parties (including apps or content that may link to or be accessible from the Websites), or through our products where a customer is the controller and our DPA governs processing.
Notice at Collection: What We Collect, Why, and How Long We Keep It
We may collect the categories of personal information below. We retain personal information only as long as necessary for the purposes described or as required by law, then delete or de-identify it. Retention may vary by system and legal requirements; typical ranges are shown.
| Category | Examples | Sources | Purposes (Why we use it) | Typical Retention |
|---|---|---|---|---|
| Identifiers | Name, business email, business address, phone | You; your employer | Account setup, support, service communications, fraud/security | Life of account + up to 3 years after closure (longer if required) |
| Commercial info | Subscription details, purchases, transactions | You; billing systems | Billing, account management, support, audit | 7 years (accounting/legal) |
| Internet/electronic activity | IP address, device/OS, pages viewed, logs, cookies | Your browser/device | Site functionality, debugging, security, analytics | Up to 13 months (analytics/logs); shorter for session cookies |
| Financial info | Tokenized payment ID, last 4 digits (full card/bank kept by processors) | You; payment processors | Accept payments, prevent fraud | We store tokens/last-4 only; processors retain per their policies |
| Audio/visual | Support call recordings (if applicable) | You | Training, quality assurance, dispute resolution | Up to 2 years unless needed longer for disputes |
| Inferences | Preferences from usage | Derived internally | Improve Websites/support experience | Up to 13 months (or de-identified) |
| Sensitive PI | Account login + password | You | Account authentication and security only | Life of account; rotated/deleted per policy |
Sensitive PI. We do not use Sensitive Personal Information for purposes other than providing the requested services, ensuring security/integrity, and complying with law. We do not use it to infer characteristics about you.
Sources of Personal Information
- Directly from you (forms, support, account setup).
- Automatically via cookies and similar technologies when you use any Website.
- From third parties (e.g., payment processors, hosting/IT providers) consistent with this Policy.
How We Use Personal Information
We use personal information to:
- operate, secure, and improve the Websites and support experience;
- provide information, products, or services you request;
- send service notices (e.g., invoices, renewals, policy updates);
- send promotional emails about our own products or services (you can opt out at any time; see Marketing Communications below);
- prevent fraud, debug, and maintain information security;
- comply with law, enforce agreements, and protect our rights.
We may de-identify or aggregate data for analytics and service improvement. We do not attempt to re-identify de-identified data.
Marketing Communications (Promotional Emails)
We may email you about new products, features, and services. You can unsubscribe at any time using the link in the message or by emailing info@incontrolpos.com. We will continue to send service/transactional emails (e.g., billing, security notices) even if you opt out of marketing.
Cookies & Similar Technologies
We use cookies and similar technologies for site functionality, security, and analytics. You can control cookies in your browser. If you disable cookies, some features may not work.
Do Not Track. Because there is no industry standard for DNT, we currently do not respond to DNT signals.
Opt-out preference signals: We do not sell or “share” personal information and we do not engage in targeted advertising (cross-context behavioral ads). If this changes, we will update this Policy, honor opt-out preference signals (e.g., Global Privacy Control) where required, and provide a “Your Privacy Choices” link.
How We Disclose Personal Information
We do not sell or share personal information (as defined by applicable U.S. state privacy laws). We disclose personal information to:
- Service providers/processors that support our business (e.g., hosting, IT/security, analytics, customer support, payment processing) under contracts that restrict use to our instructions and require confidentiality. (Our payment processors may include WePay/Chase; see their privacy policy for details.)
- Affiliates (if any) for the purposes described in this Policy.
- Legal, safety, and compliance purposes (e.g., to comply with law or valid legal process, or to protect rights, safety, and security).
- Business transfers, such as a merger, acquisition, financing, reorganization, or sale of assets.
- With your direction or consent.
We do not allow service providers to use your personal information for their own purposes.
Your Privacy Choices and Rights
Depending on your state of residence, you may have the right to:
- Access/know the personal information we hold about you;
- Correct inaccurate personal information;
- Delete personal information;
- Data portability (receive a copy in a portable format);
- Opt out of “sale,” “sharing,” or targeted advertising (not applicable today because we do not engage in these activities);
- Limit use of Sensitive PI to permitted purposes (we already limit use as noted above);
- Appeal a decision we make about your request.
How to exercise your rights.
Email info@incontrolpos.com or use our Privacy Request Form (if available on the Websites). We will verify your identity (e.g., name, email, business zip, limited account details). Authorized agents may submit requests with proof of authority and, where required, consumer verification.
Response timelines.
We aim to respond within 45 days (may extend an additional 45 days where permitted). If we deny or partially deny, we’ll explain why and how to appeal. Appeals are reviewed by a different team; we respond to appeals within 45 days (or the shorter period required by your state).
California: We do not “sell” or “share” personal information and do not use Sensitive PI for non-exempt purposes. If this changes, we will provide a “Your Privacy Choices” link and honor opt-out preference signals.
Colorado/Connecticut/Virginia/Utah and other U.S. state laws: We recognize applicable state rights; where thresholds do not apply to us, we will still strive to honor reasonable requests.
Security
We maintain administrative, technical, and physical safeguards designed to protect personal information. No method of transmission or storage is 100% secure; we cannot guarantee absolute security.
Your role. Keep your account credentials confidential. If you believe your account has been compromised, contact us immediately at info@incontrolpos.com.
Data Retention
We retain personal information only as long as reasonably necessary for the purposes described, to comply with legal obligations (e.g., tax/audit), to resolve disputes, and to enforce agreements. Where feasible, we delete or de-identify data when it is no longer needed.
Children’s Information
The Websites are not directed to, and we do not knowingly collect personal information from, anyone under 18. If we learn we collected such information without consent, we will delete it.
Third-Party Websites and Services
The Websites may link to third-party sites/services. We are not responsible for their privacy practices. Review their policies before sharing information.
Changes to This Policy
We may update this Policy from time to time. If we make material changes, we will post an updated Policy with a new “Last Revised” date and, when required, provide additional notice. Your continued use of the Websites after changes means you accept the revised Policy.
Contact Us
Questions, privacy requests, or to opt out of marketing emails: info@incontrolpos.com
Mailing address: InControl Solutions Inc., 14205 SE 36TH ST., Suite #100, Bellevue, WA 98006, USA