Privacy Policy

Last updated: March 20, 2026

Scalebit Inc. (“Scalebit,” “we,” “us,” or “our”) respects your privacy. This Privacy Policy describes how we collect, use, store, and protect your information when you use the Scalebit platform and services.

1. Information We Collect

Account Information

When you create an account, we collect your name, email address, restaurant name, and password (securely hashed). We do not store your password in plain text.

POS Data

When you connect your POS account (Square, Toast, or Clover) via OAuth, we access and store: sales transactions, order line items, menu catalog items and pricing, employee labor hours and shift data, and inventory levels. This data is used exclusively to provide P&L calculations and AI-powered insights.

Invoice Data

When you upload vendor invoices, we process the images using AI optical character recognition (OCR) to extract vendor names, item names, quantities, and prices. Invoice images are processed and stored securely.

Usage Data

We automatically collect information about how you interact with the Service, including pages visited, features used, browser type, and device information. This helps us improve the product.

2. How We Use Your Information

  • To calculate and display daily profit and loss statements
  • To generate AI-powered recommendations for menu pricing, labor optimization, and cost reduction
  • To process vendor invoices and track food costs
  • To send daily P&L digest emails and weekly AI reports
  • To detect cost anomalies and send alerts
  • To process subscription payments through Stripe
  • To improve and develop new features for the Service
  • To communicate with you about your account and the Service

3. Data Sharing

We do not sell your personal or business data to third parties. We share data only with:

  • POS Providers (Square, Toast, Clover): We access your POS data via their APIs with your explicit authorization
  • OpenAI: Transaction data summaries (no personally identifiable information) are sent to generate AI recommendations
  • Stripe: Payment information is processed securely by Stripe; we do not store your credit card details
  • Resend: Your email address is shared with our email provider to deliver notifications
  • Supabase: Our database infrastructure provider, hosting data on US-based servers

4. Data Security

We implement industry-standard security measures to protect your data:

  • All data is encrypted in transit using TLS 1.3
  • Data at rest is encrypted using AES-256 encryption
  • POS access tokens are stored encrypted and never exposed to the frontend
  • We host all data on US-based infrastructure (AWS via Supabase)
  • We conduct regular security reviews and follow OWASP best practices

5. Data Retention

We retain your data for as long as your account is active. If you cancel your subscription, we retain your data for 90 days in case you reactivate. After 90 days, we permanently delete your restaurant data. Account information (email, name) is retained for legal compliance for up to 3 years after account deletion.

6. Your Rights

You have the right to:

  • Access your data at any time through the dashboard
  • Export your data in standard formats
  • Delete your account and all associated data
  • Revoke POS access at any time through your POS provider's dashboard
  • Opt out of marketing emails (transactional emails about your account cannot be opted out)

7. Cookies

We use essential cookies for authentication and session management. We use analytics cookies (via PostHog) to understand product usage. We do not use advertising or tracking cookies. You can disable non-essential cookies in your browser settings.

8. Children's Privacy

Scalebit is designed for business use and is not intended for individuals under 18 years of age. We do not knowingly collect data from minors.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email and a notice on the Service. Your continued use after changes constitutes acceptance.

10. Contact

For privacy questions, data requests, or concerns, contact us at privacy@scalebit.app.