Last updated: March 15, 2026
Welcome to Luppo POS, a cloud-based point of sale solution developed and maintained by Techlup Limited. This Privacy Policy is intended to clearly explain how we collect, use, process, store, share, and protect the personal information of individuals who use the Luppo POS application and any associated services, platforms, or integrations (collectively referred to as the "Service"). We understand that your privacy is important to you, and we are committed to being transparent about our data practices and ensuring that your personal information is handled with the utmost care and responsibility.
This Privacy Policy applies to all users of the Luppo POS application, including business owners, managers, cashiers, and any other individuals who interact with the Service in any capacity. By downloading, installing, accessing, or using Luppo POS, you acknowledge that you have read and understood this Privacy Policy and that you consent to the collection and use of your information as described herein. If you do not agree with any part of this policy, we kindly ask that you discontinue use of the Service and contact us to discuss your concerns.
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or the features of our Service. We encourage you to revisit this page regularly to stay informed. Continued use of the Service after any changes to this policy constitutes your acceptance of the revised terms.
Luppo POS is a product of Techlup Limited, a technology company based in Kenya. We specialize in building smart, efficient, and accessible business management tools tailored for small and medium-sized enterprises across Africa and beyond. Our mission is to empower businesses with technology that simplifies operations, improves customer experiences, and drives growth.
As the data controller for the purposes of this Privacy Policy, Techlup Limited is responsible for determining how and why personal data is processed in connection with the Luppo POS Service. We take this responsibility seriously and are committed to complying with applicable data protection laws, including the Kenya Data Protection Act, 2019, and any other relevant regulations that may apply to our users across different jurisdictions.
If you have any questions about who we are or how to reach us, please refer to the Contact Us section at the end of this document. We are always available to address your concerns and provide clarity on any aspect of our data handling practices.
In order to provide you with a fully functional, personalized, and reliable point of sale experience, Luppo POS collects various categories of information. The nature of the information we collect depends on how you use the Service, the features you access, and the integrations you enable. Below is a detailed breakdown of the types of information we may collect from you.
Account and Identity Information: When you register for a Luppo POS account, we collect information necessary to create and maintain your account. This includes your full name, business name, email address, phone number, and a secure password. For business accounts, we may also collect your business registration details, physical address, tax identification number, and the names and contact details of authorized staff members who will have access to the system. This information is essential for verifying your identity, configuring your account, and ensuring that only authorized individuals can access your business data.
Business and Operational Data: As you use Luppo POS to manage your business, we collect data generated through your day-to-day operations. This includes product and inventory details such as item names, descriptions, prices, categories, stock levels, and supplier information. It also includes sales transactions, refunds, discounts applied, payment methods used, and receipt histories. Additionally, we collect customer records you create within the system, including customer names, contact information, purchase histories, and loyalty program data where applicable. This operational data is the core of your business profile within Luppo POS and is necessary for the Service to function as intended.
Payment and Financial Information: Luppo POS facilitates the processing of payments made by your customers at the point of sale. Depending on the payment methods you enable, we may collect information related to payment transactions, including transaction amounts, payment references, payment method types such as cash, mobile money, or card, and timestamps. We do not store full card numbers or sensitive financial credentials directly. Payment processing is handled through integrated third party payment providers who maintain their own security standards and privacy practices. We strongly encourage you to review the privacy policies of any payment processors integrated with your Luppo POS setup.
Location Information: Luppo POS may request access to your device's location in order to support location-aware features. These features may include automatic store identification when operating multiple branches, regional tax configuration, currency settings, and proximity-based services. Location data may be collected when the application is in use and, in some cases, when it is running in the background if you have granted the necessary permissions. You can manage location permissions through your device settings at any time. Disabling location access may limit the functionality of certain features but will not prevent you from using the core point of sale functions.
Device and Technical Information: To ensure compatibility, diagnose technical issues, and optimize the performance of the application, we automatically collect certain information about the devices on which Luppo POS is installed. This includes the device model and manufacturer, operating system type and version, unique device identifiers, screen resolution, app version, language settings, time zone, and network connection type. This information helps us understand how different devices interact with our application and allows us to deliver updates and improvements that are tailored to the devices our users rely on most.
Usage and Behavioral Data: We collect information about how you interact with the Luppo POS application. This includes the features you use most frequently, the sequence of actions you take within the app, session duration, the number of transactions processed per session, and the settings you configure. This data helps us understand user behavior patterns, identify areas of the application that may benefit from improvement, and develop new features that align with the real needs of our users. Usage data is analyzed in aggregate form wherever possible to protect individual privacy.
Communications and Support Data: If you contact our support team, submit feedback, or communicate with us through any channel, we collect and retain the content of those communications along with your contact details and any attachments or screenshots you provide. This information is used to resolve your issue, improve our support processes, and maintain a record of our interactions. We may also use feedback you provide to inform product development decisions.
Offline Data: Luppo POS is built with an offline-first architecture that allows you to continue processing transactions even when your internet connection is unavailable. During offline periods, all transaction data is stored securely on your local device. When connectivity is restored, this data is automatically synchronized with our servers to ensure consistency across all your devices and branches. The offline data stored on your device is protected by the security measures built into your operating system, and we recommend enabling device-level encryption and screen lock features to further safeguard this information.
The information we collect serves a variety of purposes, all of which are aimed at delivering a high-quality, reliable, and personalized experience to our users. We process your information only where we have a lawful basis to do so, which may include your consent, the necessity of processing for the performance of a contract with you, compliance with a legal obligation, or our legitimate interests in operating and improving the Service.
Providing and Operating the Service: The primary purpose for which we use your information is to deliver the core functionality of Luppo POS. This includes setting up and managing your account, enabling transaction processing, maintaining your product catalog and inventory records, generating reports and analytics, and ensuring seamless offline and online synchronization. Without collecting and processing the information described in this policy, we would be unable to provide you with a functional point of sale system.
Personalization and Configuration: We use the information you provide to personalize your Luppo POS experience. This includes configuring the system to reflect your business name, logo, currency, tax settings, and operational preferences. Personalization also extends to remembering your most frequently used features and presenting relevant information in a way that streamlines your daily workflow. Our goal is to ensure that every time you open Luppo POS, the system feels tailored to your specific business needs.
Communication and Notifications: We use your contact information to send you important communications related to your account and the Service. This includes transaction confirmations, account security alerts, system updates, maintenance notifications, and changes to our terms or policies. Where you have opted in, we may also send you product updates, tips for getting the most out of Luppo POS, and information about new features or promotions. You can manage your notification preferences within the application settings or by contacting us directly.
Technical Support and Issue Resolution: When you contact our support team or when we detect an issue with your account or the application, we use your information to investigate and resolve the problem. This may involve reviewing your transaction history, device information, log data, and any details you share with our support team. Our goal is to resolve every issue as quickly and effectively as possible, and access to relevant data is essential to achieving that goal.
Analytics and Product Improvement: We analyze usage data and behavioral patterns to understand how our users interact with Luppo POS and to identify opportunities for improvement. This analysis informs our decisions about which features to prioritize, how to redesign workflows that may be causing friction, and where to invest our development resources. We rely heavily on anonymized and aggregated data for this purpose, and we take care to ensure that individual users cannot be identified from the analytical insights we generate.
Security and Fraud Prevention: We use the information we collect to monitor for suspicious activity, detect potential fraud, and protect the integrity of your account and transactions. This includes analyzing login patterns, flagging unusual transaction volumes, and verifying the authenticity of account actions. Our security measures are designed to protect both you and the broader Luppo POS ecosystem from unauthorized access and misuse.
Legal and Regulatory Compliance: In some cases, we are required by law to collect, retain, or disclose certain information. We use your data as necessary to comply with applicable laws and regulations, respond to lawful requests from government authorities, and fulfill our obligations as a registered business entity. This may include retaining transaction records for tax and audit purposes, reporting suspicious financial activity as required by anti-money laundering regulations, and cooperating with law enforcement investigations where legally mandated.
Luppo POS employs an offline-first data architecture, which means that a significant portion of your data is stored locally on your device. This approach ensures that the application remains fully functional even in environments with unreliable internet connectivity, which is a common reality for many businesses across Kenya and the wider region. Local data storage is managed by the application and is subject to the security protections provided by your device's operating system.
In addition to local storage, data that has been synchronized with our servers is stored in secure cloud infrastructure. We use reputable cloud service providers who implement industry-standard security measures, including physical security controls, network security, encryption at rest and in transit, and regular security audits. Our cloud infrastructure is configured to ensure high availability and data redundancy, minimizing the risk of data loss.
We retain your personal information for as long as your account remains active or for as long as is necessary to provide you with the Service. Beyond the period of active use, we may retain certain categories of data for longer periods where required by law or where retention is necessary to resolve disputes, enforce our agreements, or protect our legal interests. Transaction records, for example, may be retained for up to seven years in accordance with Kenyan tax and accounting regulations.
When data is no longer needed and there is no legal obligation to retain it, we take appropriate steps to securely delete or anonymize it. Deletion processes are carried out in a manner that ensures the data cannot be reconstructed or recovered. If you request the deletion of your account, we will process your request promptly and inform you of any data that must be retained for legal reasons.
We treat your personal information with strict confidentiality and do not sell, rent, or trade it to third parties for their own commercial purposes. However, there are specific circumstances in which we may share your information with others, as described below.
Service Providers and Technology Partners: To operate and maintain Luppo POS, we work with a number of trusted third party service providers who perform functions on our behalf. These may include cloud hosting providers, database management services, payment processing partners, email and SMS delivery platforms, analytics tools, and customer support software. Each of these providers is carefully vetted and is required to handle your data in accordance with our instructions and applicable data protection laws. They are not permitted to use your data for any purpose other than providing services to us.
Payment Processors: When your customers make payments through Luppo POS, the transaction data is processed by integrated payment gateway providers. These providers operate under their own terms and privacy policies and are independently responsible for the security of payment data processed through their systems. We do not store sensitive payment credentials such as full card numbers, PINs, or CVVs. We strongly recommend reviewing the privacy policies of all payment processors enabled in your Luppo POS configuration.
Business Transfers: In the event that Techlup Limited undergoes a merger, acquisition, restructuring, or sale of all or part of its assets, your personal information may be transferred to the acquiring entity as part of that transaction. We will notify affected users via email or in-app notification prior to any such transfer and will ensure that the receiving party is bound by privacy commitments that are at least as protective as those set out in this policy.
Legal Obligations and Law Enforcement: We may disclose your personal information where we are required to do so by law or in response to a valid legal request from a competent authority, such as a court order, regulatory directive, or law enforcement request. We will only disclose the minimum amount of information necessary to comply with the legal obligation and will, where permitted by law, notify you of the request before complying.
Protection of Rights and Safety: We reserve the right to disclose your information where we believe it is necessary to investigate, prevent, or take action in response to suspected illegal activity, fraud, threats to physical safety, violations of our Terms of Service, or situations involving risk of harm to any person. Such disclosures will be made in good faith and in a manner proportionate to the risk involved.
Luppo POS is designed to integrate with a range of third party platforms and services to extend its functionality and provide a more comprehensive business management experience. These integrations may include mobile money platforms, banking APIs, accounting software, inventory management tools, e-commerce platforms, and communication services. When you enable an integration, you may be sharing certain data with the third party platform involved in that integration.
Each third party service integrated with Luppo POS operates independently and under its own privacy policy and terms of service. We are not responsible for the data practices of these third parties and cannot guarantee the security or appropriateness of their privacy measures. Before enabling any integration, we encourage you to carefully review the privacy policy of the third party service in question. If you have concerns about a particular integration, you can disable it from your Luppo POS settings at any time.
We make reasonable efforts to partner only with reputable and trustworthy third party providers. As part of our vendor selection process, we evaluate the security practices and data handling policies of potential partners to ensure they meet our standards. However, ultimate responsibility for third party services rests with the providers of those services, and we encourage users to exercise their own due diligence.
The Luppo POS mobile and desktop application does not rely on traditional browser cookies for its core functionality. However, certain components of the Service, including web-based dashboards, admin portals, and integrated third party tools, may use cookies, local storage, session tokens, pixel tags, or similar tracking technologies to maintain session state, remember your preferences, and collect anonymous usage statistics.
Cookies used in connection with Luppo POS can generally be categorized as follows. Essential cookies are necessary for the basic operation of the Service and cannot be disabled without affecting functionality. Preference cookies remember your settings and personalization choices to provide a more consistent experience across sessions. Analytics cookies collect anonymous data about how you use the Service, which we use to understand usage patterns and improve the application. Third party cookies may be set by integrated services and are governed by the privacy policies of those services.
You can manage cookie preferences through your browser or device settings. Most browsers allow you to refuse cookies, delete existing cookies, or be notified when a cookie is set. Please note that disabling certain types of cookies may affect your ability to use some features of the Service. For mobile app users, tracking preferences can be managed through your device's privacy settings, including the option to limit ad tracking or reset your advertising identifier.
The security of your personal information is a top priority for us. We have implemented a comprehensive set of technical, administrative, and physical safeguards designed to protect your data from unauthorized access, accidental loss, alteration, disclosure, or destruction. Our security practices are informed by industry standards and are continuously reviewed and updated to address emerging threats.
At the technical level, all data transmitted between the Luppo POS application and our servers is encrypted using Transport Layer Security (TLS) protocols. Data stored in our cloud infrastructure is encrypted at rest using industry-standard encryption algorithms. Access to production systems and databases is restricted to authorized personnel only, and all access is logged and monitored. We use multi-factor authentication for administrative access to our infrastructure and conduct regular security assessments to identify and remediate vulnerabilities.
At the application level, Luppo POS employs role-based access controls that allow business owners to define the level of access granted to each staff member. This ensures that sensitive data, such as financial reports and customer records, is accessible only to those with a legitimate need. Audit logs are maintained to track significant actions taken within the system, providing accountability and traceability.
Despite our best efforts, it is important to acknowledge that no security system is completely impenetrable. The internet and electronic storage systems inherently carry some degree of risk, and we cannot guarantee the absolute security of your data. In the event of a data breach that poses a significant risk to your rights and freedoms, we will notify affected users and relevant regulatory authorities in a timely manner in accordance with applicable laws. We will also take immediate steps to contain the breach, assess the impact, and implement measures to prevent recurrence.
We also encourage you to take responsibility for the security of your own account. This includes using a strong, unique password, enabling two-factor authentication if available, keeping your device's operating system and the Luppo POS application updated to the latest versions, and being cautious about sharing your login credentials with others. If you suspect that your account has been compromised, please contact us immediately at support@techlup.co.ke.
We believe that you should have meaningful control over your personal information. Depending on your location and the applicable laws governing your use of the Service, you may have a number of rights with respect to the personal data we hold about you. We are committed to honoring these rights and providing you with the tools and information you need to exercise them.
Right of Access: You have the right to request a copy of the personal information we hold about you. This includes information about the categories of data we collect, the purposes for which it is processed, the parties with whom it is shared, and the period for which it will be retained. We will respond to access requests within a reasonable timeframe and provide your data in a clear and understandable format.
Right to Rectification: If any of the personal information we hold about you is inaccurate, incomplete, or out of date, you have the right to request that we correct it. You can update much of your account information directly through the Luppo POS settings. For information that cannot be updated through the application, please contact us and we will make the necessary corrections promptly.
Right to Erasure: In certain circumstances, you have the right to request that we delete your personal information. This right applies where the data is no longer necessary for the purposes for which it was collected, where you withdraw consent and there is no other legal basis for processing, or where the data has been unlawfully processed. Please note that we may be required to retain certain data for legal, regulatory, or contractual reasons even after you request deletion, and we will inform you of any such limitations.
Right to Restrict Processing: You may request that we restrict the processing of your personal information in certain circumstances, such as when you contest the accuracy of the data or when you have objected to processing and we are considering your objection. During the period of restriction, we will continue to store your data but will not process it for other purposes without your consent.
Right to Data Portability: Where processing is based on your consent or on a contract, and where processing is carried out by automated means, you have the right to receive a copy of your personal data in a structured, commonly used, and machine-readable format. You may also request that we transmit your data directly to another controller where technically feasible.
Right to Object: You have the right to object to the processing of your personal data where we are relying on legitimate interests as the legal basis for processing. If you object, we will cease processing unless we can demonstrate compelling legitimate grounds that override your interests, or unless processing is necessary for the establishment, exercise, or defense of legal claims.
Right to Withdraw Consent: Where processing is based on your consent, you have the right to withdraw that consent at any time. Withdrawal of consent will not affect the lawfulness of processing carried out before the withdrawal. To withdraw consent, please contact us or adjust your settings within the application.
To exercise any of the rights described above, please contact us at support@techlup.co.ke. We will respond to your request within 30 days. In some cases, we may need to verify your identity before processing your request to ensure that personal data is not disclosed to unauthorized individuals.
Luppo POS is a business management tool designed exclusively for use by adults and organizations. The Service is not intended for use by children under the age of 18, and we do not knowingly collect personal information from minors. Our registration process requires users to confirm that they are of legal age and have the authority to enter into binding agreements on behalf of themselves or their organization.
If we become aware that we have inadvertently collected personal information from a child under the age of 18, we will take immediate steps to delete that information from our records. If you are a parent or legal guardian and believe that your child has provided us with personal information without your consent, please contact us at support@techlup.co.ke and we will investigate and respond promptly.
Techlup Limited is based in Kenya, and the Luppo POS Service is primarily designed for use within Kenya and the East African region. However, because we use cloud infrastructure and third party service providers that may be located in other countries, your personal information may be transferred to, stored, or processed in countries outside Kenya. When such transfers occur, we take steps to ensure that your data is protected in accordance with this Privacy Policy and applicable data protection laws.
Where we transfer data to countries that may not have equivalent data protection laws, we rely on appropriate safeguards such as contractual clauses, data processing agreements, or other mechanisms recognized under applicable law to ensure that your rights are protected. If you have questions about international data transfers and the safeguards we use, please contact us.
We reserve the right to update, modify, or replace this Privacy Policy at any time. Changes may be made to reflect updates to our data practices, new features or integrations added to Luppo POS, changes in applicable laws or regulations, or feedback received from users. We are committed to keeping you informed of any changes that may affect your rights or the way we handle your information.
When we make significant changes to this Privacy Policy, we will notify you through one or more of the following methods: an in-app notification displayed prominently within Luppo POS, an email sent to the address associated with your account, or a notice posted on our website. The updated policy will include a revised effective date at the top of the document. We encourage you to review this Privacy Policy regularly to stay informed about how we are protecting your information.
Your continued use of Luppo POS after the effective date of a revised Privacy Policy constitutes your acceptance of the updated terms. If you do not agree with any changes to the policy, you should discontinue use of the Service and contact us to discuss your options.
This Privacy Policy is governed by and construed in accordance with the laws of Kenya, including the Kenya Data Protection Act, 2019, and any subsidiary legislation or regulations issued thereunder. By using Luppo POS, you agree that any disputes arising from or relating to this Privacy Policy or our data handling practices will be subject to the exclusive jurisdiction of the competent courts of Kenya.
If you have a complaint about how we handle your personal information, we encourage you to contact us directly in the first instance so that we can attempt to resolve your concern. If you are not satisfied with our response, you may have the right to lodge a complaint with the Office of the Data Protection Commissioner of Kenya or any other relevant supervisory authority in your jurisdiction.
We welcome any questions, concerns, requests, or feedback you may have regarding this Privacy Policy or our data protection practices. Transparency and open communication are central to how we operate, and we are committed to addressing your inquiries promptly and thoroughly.
You can reach our team through the following contact details:
Company: Techlup Solutions
Product: Luppo POS
Email: support@techlup.co.ke
Our support team is available during standard business hours, Monday through Friday. We aim to respond to all privacy-related inquiries within three business days. For urgent matters related to account security or suspected data breaches, please mark your message as urgent and we will prioritize your request accordingly.