Flo
Book a demo

Legal

Privacy Policy

Codify Apps Private Limited  ·  Last updated: May 2025

Overview

Flo Cafe POS is self-hosted software. Codify Apps Private Limited does not operate servers that store your business data or your customers' data. The business that installs Flo is fully in control of its own data.

This policy explains what data Codify Apps Private Limited ("we", "us", "our") collects through this website (flopos.com) and the Flo Cafe POS software, and how that data is handled.

Because Flo Cafe POS is self-hosted and open source, most of the data questions that apply to cloud software simply do not apply here — your installation, your data, your rules.

Self-hosted software

Flo Cafe POS is designed to run on infrastructure you control — your own server, tablet, or local network. We have no access to your server, database, or any data stored inside your installation.

What this means:

  • We do not store your sales records, customer lists, menu data, or any business information.
  • We do not receive telemetry, crash reports, or usage analytics from your installation.
  • We cannot access, retrieve, or delete data inside your installation — only you can.
  • Your installation is not connected to any Codify Apps cloud service.

As the operator of a Flo Cafe POS installation, you are the data controller for any personal data you collect through the app (such as customer names or phone numbers for loyalty programmes). You are responsible for handling that data in accordance with applicable privacy laws in your jurisdiction.

Open source

The Flo Cafe POS application is published as free and open-source software on GitHub at github.com/FreeOpenSourcePOS/FloCafe. The full source code is publicly available for inspection, audit, and self-deployment.

When you download a release from GitHub, you interact directly with GitHub's platform. GitHub's own Privacy Statement applies to that interaction. We do not collect information about who downloads the software.

Data inside the app

The following types of data may be created and stored within your own installation of Flo Cafe POS. This data never leaves your server unless you explicitly export or move it.

  • Customer data — names, phone numbers, and email addresses collected for loyalty programmes or receipts.
  • Transaction records — order history, bill amounts, payment methods, and timestamps.
  • Staff accounts — usernames and hashed passwords for staff members you create.
  • Menu and inventory data — item names, prices, stock levels, and categories.
  • Device and session data — local session tokens used to keep staff signed in.

All of the above is stored exclusively on your own infrastructure. As the operator, you are responsible for securing this data, implementing appropriate backups, and complying with any data protection obligations applicable to your business and location.

This website (flopos.com)

When you visit flopos.com, standard web server logs are generated by the hosting provider. These may include your IP address, browser type, referring URL, and the pages you request. These logs are used solely for security and operational purposes and are not linked to any individual identity.

We do not run any third-party analytics scripts, tracking pixels, or advertising networks on this website. We do not use cookies beyond what is strictly necessary for the site to function.

Contact form / email — if you email us at support@flopos.com, we receive your message and email address. We use this only to respond to your enquiry. We do not add you to any mailing list or share your details with third parties.

Third parties

We do not sell, rent, or share personal data with third parties for marketing purposes.

The Flo Cafe POS application supports optional integrations (such as payment gateways and delivery platforms). If you enable these integrations within your installation, the respective third party's own privacy policy governs how they handle data. We have no visibility into those transactions.

This website links to external services including GitHub and WhatsApp. Visiting those links is subject to their respective privacy policies.

Children

This website and software are intended for use by businesses and their staff. We do not knowingly collect personal information from anyone under the age of 13. If you believe a minor has submitted personal information to us, contact us at support@flopos.com and we will delete it promptly.

Your rights

For data held within your own Flo Cafe POS installation, you exercise your rights directly — you have full administrative access to your database and can view, export, correct, or delete any data at any time.

For any personal data you have shared with us directly (such as via email), you may request access, correction, or deletion by writing to support@flopos.com. We will respond within 30 days.

Changes to this policy

We may update this policy from time to time. When we do, we will revise the "Last updated" date at the top of this page. Continued use of the software or this website after changes are posted constitutes acceptance of the updated policy.

Because Flo is open source, any material changes to data practices introduced in the software will be visible in the public commit history on GitHub.

Contact

For any privacy-related questions or requests, contact us at: