Privacy Policy

Data Archos enforces multi-tenant data isolation at the database architecture layer, not just the application layer. Every client’s POS signals, transaction histories, store definitions, and inventory levels reside in a physically or logically partitioned database. There is no shared table structure that could lead to accidental cross-tenant data exposure.

All data in transit is encrypted using bank-grade TLS 1.3 protocol, and all data at rest is encrypted using AES-256 bit encryption. Regular vulnerability scans, continuous compliance checks, and automated penetration testing run weekly to secure our infrastructure against unauthorized access.

We ingest transactional and POS operational data strictly to provide retail intelligence, forecasting, and decision support services. This data includes store sales files, SKU catalogs, inventory snapshots, PO logs, and metadata fields mapped from your POS systems (such as Square, Shopify, Lightspeed, or GoFrugal).

We collect corporate information from demo requests and billing interactions, including name, corporate email address, job title, phone number, and location count. This contact information is never sold, traded, or used for third-party advertising sequences.

Data Archos utilizes essential, functional, and analytical cookies to remember user sessions, secure portal access, and optimize user experience:

• Essential Cookies: These cookies are critical to load the admin console, authorize API sessions, and verify system permissions. The application cannot function without these cookies.
• Functional Cookies: Used to persist theme preferences (such as light or dark theme) and local configuration mappings.
• Analytical Cookies: Anonymized metrics on dashboard navigation paths and telemetry statistics. These metrics do not capture customer transaction contents or PII.

You can manage cookie options directly inside your web browser’s privacy settings panel. Disabling functional or analytical cookies will not disrupt landing page navigation, but it may affect authentication persistency inside client portals.

We operate regional cloud infrastructures to comply with regional data residency demands. By design, your operational retail data stays inside your designated region:

• United States: Transactions processed and stored in AWS US-East or US-West.
• Canada: Data stored central and protected under PIPEDA compliance rules.
• United Kingdom: Data isolated inside AWS London region to meet GDPR requirements.

Cross-border data mirroring is prohibited unless explicitly authorized by the tenant account owner for redundancy configuration.

Data Archos is compliant with GDPR (General Data Protection Regulation), CCPA/CPRA, and PIPEDA requirements. Operating teams have the right to inspect, export, restrict, or purge database entries relating to corporate accounts or personal metadata at any time.

Data purging requests are processed immediately and are hard-deleted from our live transaction tables and system logs within 30 business days.

For inquiries about our encryption protocols, data isolation schemes, or cookie preferences, please contact our Data Protection Officer directly: