Moneta PayMoneta Pay POS

Privacy Policy

Last updated: April 2026

1. Introduction

Holocorp Ltd ("we", "us", "our") operates the Moneta Pay POS platform, including the website at moneta-pay.app, the customer portal at portal.moneta-pay.app, the POS client software, and the management dashboard (collectively, the "Service").

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. By using the Service, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

Account Information

When you register for an account, we collect:

  • Business name, address, and contact details
  • Account holder name and email address
  • Phone number
  • Tax identification number (e.g., KRA PIN) for fiscal compliance features

Transaction Data

The POS system processes and stores:

  • Order details (items, quantities, prices, timestamps)
  • Payment information (payment method, amount, M-PESA transaction references)
  • Staff activity (waiter assignments, cashier sessions, void records)
  • Expense and deposit records

Transaction data is stored locally on your POS server. If you opt into the Managed Backup add-on, encrypted snapshots are transmitted to our secure cloud storage.

Technical Data

We automatically collect:

  • Hardware ID (for license binding)
  • Server version and configuration metadata
  • License validation requests (timestamp, hardware fingerprint)
  • IP address and network information during VPN registration

Website Analytics

Our marketing website may use standard analytics to understand visitor behavior. No personally identifiable information is shared with third-party analytics providers.

3. How We Use Your Information

We use the information we collect to:

  • Provide the Service — process orders, generate reports, manage licenses, and deliver features you've subscribed to
  • License management — validate licenses, enforce capacity limits, and process renewals
  • Fiscal compliance — submit invoices to tax authorities on your behalf when the ESD feature is enabled
  • Customer support — diagnose issues, provide technical assistance, and respond to inquiries
  • Service improvement — understand usage patterns to improve the product
  • Billing — process subscription payments and manage your account
  • Communication — send service updates, license expiry reminders, and support responses

4. Data Storage and Security

On-Premise Data

Your POS transaction data (orders, payments, staff records, expenses) is stored locally on your restaurant's server. We do not have access to this data unless you explicitly grant access through the Remote Access VPN feature or the Managed Backup add-on.

Cloud Data

Account information, license records, and billing data are stored on our secure cloud infrastructure. Managed Backup snapshots are stored in encrypted cloud storage with a 3-week retention period.

Security Measures

We implement industry-standard security measures including:

  • Encrypted communications (TLS/HTTPS) for all cloud services
  • WireGuard encryption for Remote Access VPN connections
  • Ed25519 digital signatures for license files
  • Encrypted database backups (when using Managed Backup)
  • Role-based access control within the dashboard

5. Data Sharing and Disclosure

We do not sell your data. We may share information in the following circumstances:

  • Tax authorities — fiscal receipt data is submitted to your country's tax authority (e.g., KRA, URA) when the ESD feature is enabled, as required by law
  • Payment processors — transaction references are shared with payment providers (e.g., KopoKopo for M-PESA) to facilitate payment processing
  • Legal requirements — when required by law, court order, or governmental authority
  • Market Intelligence — if you opt into the Market Intelligence add-on, anonymized and aggregated expense data may be used for cross-restaurant benchmarking. No individually identifiable data is shared.

6. Data Retention

  • On-premise data — retained on your server indefinitely, under your control
  • Account data — retained while your account is active and for 12 months after account closure
  • Backup data — retained for 3 weeks (rolling), then permanently deleted
  • License records — retained for the duration of the license plus 12 months

7. Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your account and associated data
  • Export your transaction data from the POS system at any time
  • Opt out of non-essential communications

To exercise these rights, contact us at privacy@moneta-pay.app.

8. Children's Privacy

Our Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website and updating the "Last updated" date. Continued use of the Service after changes constitutes acceptance of the updated policy.

10. Contact Us

If you have questions about this Privacy Policy, contact us at:

Holocorp Ltd
P.O. Box 12901 00100
Nairobi, Kenya
Email: privacy@moneta-pay.app