WaterPos is a Point-of-Sale system for water vending businesses, built on the Internet Computer
— a decentralized blockchain infrastructure. Your data is stored in canister smart contracts, not on traditional
servers. This means your data benefits from the security and availability guarantees of the Internet Computer
protocol.
1 Information We Collect
We collect the following categories of information when you use WaterPos:
Account Information
Full name, email address, and phone number (used for account registration and OTP verification)
Your Internet Computer principal (a cryptographic identity tied to your login)
Business Information
Store name, location, and operating hours
Device names and meter reading records
Sales records, payment records, and receivables
Customer names, phone numbers, and email addresses you add to your customer directory
Product names and stock levels
Usage Information
Actions you take within the application (sales created, payments recorded, reports viewed)
Timestamps of transactions and logins
2 How We Use Your Information
We use the information we collect to:
Provide, operate, and maintain the WaterPos application
Authenticate your identity and prevent unauthorised access
Send OTP verification codes via SMS or email when you log in
Send subscription renewal reminders and business reports via SMS and email
Generate daily, weekly, and monthly business reports for your store
Process and record M-Pesa payment callbacks from Safaricom
Improve the application based on aggregate usage patterns
We do not use your data for advertising, sell it to third parties, or share it for marketing
purposes.
3 Data Storage and Security
Your data is stored in canister smart contracts on the Internet Computer blockchain. Key
security properties include:
No single point of failure — data is replicated across independent nodes in a subnet
Principal-based access control — only authenticated principals can access their store's
data
OTP rate limiting — login attempts are limited to prevent brute-force attacks
Encryption in transit — all communication with the canister uses HTTPS/TLS
Stable memory persistence — data survives canister upgrades automatically
Despite these measures, no system is 100% secure. We encourage you to use a strong, unique email address and
keep your phone number up to date for OTP delivery.
4 Sharing of Information
We do not sell, trade, or rent your personal information. We may share information only in the following
circumstances:
Notification service — we share your email and phone number with our notification service
canister solely to deliver OTP codes, subscription reminders, and business reports that you request
M-Pesa service — payment callback data is received from Safaricom's M-Pesa service via our
M-Pesa integration canister
Legal obligation — if required by Kenyan law, a court order, or a lawful request from a
government authority
5 M-Pesa Payment Data
When your store has M-Pesa integration enabled, Safaricom may send us payment callbacks (C2B confirmations)
containing:
Transaction reference numbers
Transaction amounts
Payer phone numbers and names (as provided by Safaricom)
Transaction timestamps
This data is stored in your store's M-Pesa payment records and used solely for payment reconciliation. We do
not share it with any third party beyond what is described in Section 4.
6 Cookies and Local Storage
The WaterPos application uses browser local storage to persist your Ed25519 cryptographic
identity between sessions. This allows you to remain logged in without re-entering your OTP each visit.
We do not use tracking cookies, advertising pixels, or third-party analytics scripts. The
landing page (waterpos.app) makes zero external HTTP requests.
7 Your Rights
You have the following rights regarding your data:
Access — you may request a summary of the personal data we hold about you
Correction — you may update your account details within the application at any time
Deletion — you may request deletion of your account and associated personal data by
contacting us
Portability — you may export your sales and business data from within the application's
reports
Objection — you may object to processing of your data for purposes beyond core service
delivery
We retain your data for as long as your account is active or as needed to provide the service. Specifically:
Sales and transaction records are retained indefinitely to support historical business reporting
OTP and login rate-limit records are automatically purged after 15 minutes to 1 hour
If you request account deletion, we will remove your personal identifiers within 30 days
Note that due to the nature of blockchain infrastructure, some on-chain state may persist in historical
snapshots even after deletion.
9 Children's Privacy
WaterPos is a business management tool intended for adults operating water vending businesses. We do not
knowingly collect personal information from individuals under 18 years of age. If you believe a minor has
provided us with personal data, please contact us immediately.
10 Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will update the effective date at the top
of this page. For material changes, we will notify store owners via email. Continued use of WaterPos after a
policy update constitutes acceptance of the revised policy.
11 Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy, please contact us: