Privacy Policy
Effective date: 10 June 2026
This Privacy Policy explains how Shukrans ("we", "us", "our") collects, uses, and protects information when you use the Shukrans mobile application (the "App") and the related back-office services (collectively, the "Service"). The App is a business tool used by store staff and administrators to operate a point-of-sale and inventory workflow; it is not directed to children.
1. Who controls your data
The data controller is Shukrans. The organization that licenses the App and operates your account ("your organization") is also a controller of any business data its users enter into the App. Questions about a specific account should first be directed to your organization's administrator.
2. Information we collect
Account information you provide. When your organization creates a user for you, we store:
- Your name and email address
- Your assigned role (super admin, admin, manager, staff, or cashier) and default branch
- A hashed password (we never store passwords in plain text)
- Authentication tokens issued when you sign in
Business data you enter. The App stores the records you and your colleagues create as part of normal business use, including:
- Products and inventory data (catalogue, SKUs, prices, stock levels)
- Customer records you add (names and optional contact information)
- Sales transactions, orders, payments, expenses, payables, and receivables
- Daily-sales summaries and approvals
- Market requests, deliveries, and related buyer workflow data
Photos. The App lets you take or select photos to attach to certain records — primarily receipt photos for expenses and product photos for the catalogue. These images are uploaded to our servers and associated with the record you attached them to.
Device and log information. Like most network applications, our servers automatically receive limited technical information when the App communicates with them, including IP address, request timestamps, the API endpoint requested, and a basic user-agent string. We use this only for security, debugging, and rate-limiting.
Bluetooth printer pairing (local only). If you pair a Bluetooth ESC/POS receipt printer, the printer identifier is stored locally on your device so the App can reconnect. Pairing data is not sent to our servers.
3. Permissions the App may request
- Camera — to capture receipt and product photos.
- Photo library — to select existing photos to attach to a record.
- Bluetooth — to connect to a paired thermal receipt printer.
- Internet / network state — to communicate with our backend.
You can revoke any of these permissions at any time in your device settings; the related feature will then be unavailable until the permission is restored.
4. How we use the information
- To provide the App's core point-of-sale, inventory, and reporting functions.
- To authenticate you and keep your session secure.
- To process receipt and product images you choose to scan with the in-app AI assistant (see Section 5).
- To debug errors, prevent abuse, and improve reliability.
- To comply with applicable laws and respond to lawful requests.
We do not use your data to serve advertising, build advertising profiles, or share with advertising networks.
5. AI-assisted scanning
The App includes optional features that use an artificial-intelligence model to read receipts and product images (for example, to pre-fill an expense form from a receipt photo, or to bulk-add catalogue products from a photo). When you trigger one of these features, the image you selected is transmitted to Anthropic, PBC (our AI provider) for processing, and the structured result is returned to the App and saved with the record you were editing.
Anthropic acts as a data processor for these requests. According to Anthropic's commercial terms, inputs and outputs from the API are not used to train Anthropic's models. You can avoid using the AI features entirely by entering data manually.
6. How we share information
We share data only in the following limited circumstances:
- Within your organization. Records you create are visible to other users in your organization in accordance with the role and menu permissions your administrator has configured.
- With our infrastructure providers. We host the backend on Amazon Web Services (database, application servers, and storage). They process data on our behalf under industry-standard contractual safeguards.
- With Anthropic, only for AI-assisted scanning, as described in Section 5.
- When required by law, such as in response to a lawful court order or to protect the safety of users.
We do not sell personal information.
7. Data retention
We retain business records for as long as your organization's account is active, plus a reasonable additional period for backups, audit, and dispute resolution. When your organization closes its account, we will delete or anonymize its data within a commercially reasonable period, except where applicable law requires longer retention (for example, tax or accounting records).
You can ask your organization's administrator to delete individual records (customers, expenses, etc.) on your behalf. Administrators can delete users they manage.
8. Data security
- API traffic is encrypted in transit with HTTPS.
- The database is hosted on Amazon RDS with TLS-encrypted connections.
- Passwords are stored as one-way hashes.
- Access to backend systems is restricted to authorized personnel.
No internet-connected system is perfectly secure. We will notify affected users and, where required, regulators of any data breach that materially affects their personal information.
9. Children
The App is a workplace tool intended for use by adults employed by or contracted with a business that has licensed Shukrans. The App is not directed to children under 13, and we do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us so we can remove it.
10. Your rights
Depending on where you live, you may have the right to:
- Access the personal information we hold about you.
- Request that we correct inaccurate information.
- Request that we delete your information (subject to legal retention requirements).
- Object to or restrict certain processing.
- Lodge a complaint with your local data-protection authority.
To exercise any of these rights, contact us at the email address below. We may need to verify your identity before acting on a request.
11. International transfers
Our backend is hosted in the Asia Pacific (Singapore) region. If you access the App from elsewhere, your information will be transferred to and processed in Singapore (and, for AI-assisted scanning, in the regions where Anthropic operates its API). We rely on standard contractual safeguards for these transfers where applicable law requires them.
12. Changes to this policy
We may update this Privacy Policy from time to time. When we make a material change, we will update the "Effective date" above and, where practical, notify you within the App. Continued use of the App after the change takes effect constitutes acceptance of the updated policy.
13. Contact us
Questions, requests, or complaints about this Privacy Policy or our handling of your information can be sent to:
Shukrans
Email: support@shukrans.com