Last updated: 10 April 2025 · Effective: 10 April 2025
Surreal POS is an offline-first app. Your business and sales data is stored locally on your device and is never transmitted to our servers unless you explicitly enable cloud features.
Surreal POS ("the App") is developed and operated by
Source Gambit ("we", "us", or "our"). The App is a
point-of-sale application available on the Google Play Store and Apple
App Store under the package identifier
com.sourcegambit.surrealpos.
This Privacy Policy explains how we collect, use, and protect information when you use our App. By installing or using Surreal POS, you agree to the practices described in this policy.
The core functionality of Surreal POS operates entirely on-device. The following data is created and stored locally using an encrypted embedded database (WatermelonDB) and never leaves your device unless you choose to export it:
When you activate a license or interact with our licensing system, we may collect:
We use Firebase (by Google) for crash reporting and app analytics. Firebase may automatically collect:
If you contact our support team, we receive whatever information you choose to share (e.g., your name, email address, description of your issue).
| Purpose | Legal Basis | Data Used |
|---|---|---|
| Provide and operate the App | Contractual necessity | All locally stored business data |
| License validation | Contractual necessity | License key, device ID |
| Crash reporting & bug fixing | Legitimate interest | Anonymous crash logs, device info |
| App improvement & analytics | Legitimate interest | Anonymous usage events |
| Customer support | Contractual necessity | Information you send us |
| Legal compliance | Legal obligation | As required by applicable law |
We do not use your data for advertising, profiling, or any purpose beyond those listed above.
All your business data (products, sales, customers) is stored in a local database on your device. We implement the following security measures:
Firebase services (crash reporting, analytics) are hosted on Google Cloud infrastructure and comply with Google's security standards. No personally identifiable information or business transaction data is sent to Firebase.
Support requests sent to us are stored securely in our internal systems and are accessible only to authorised Source Gambit staff.
Surreal POS integrates the following third-party services. Each has its own privacy policy:
| Service | Provider | Purpose |
|---|---|---|
| Firebase Crashlytics | Google LLC | Crash reporting and diagnostics |
| Firebase Analytics | Google LLC | Anonymous app usage analytics |
| Google Play Services | Google LLC | App delivery (Android) |
| Apple App Store | Apple Inc. | App delivery (iOS) |
We do not sell, trade, or rent your personal information to any third party. We do not use advertising SDKs.
Surreal POS requests the following device permissions. Each permission is used only for the stated purpose:
Used exclusively for scanning product barcodes at the point of sale. The camera is only activated when you explicitly open the barcode scanner. No images or video are captured, stored, or transmitted.
Allows you to select product images or your business logo from your device's photo library. Images are stored locally within the app and are not uploaded to any server.
Used to save PDF receipts and exported sales reports to your device's local storage so you can share them via email, messaging apps, or print.
Required for license verification and Firebase crash/analytics reporting. The app functions fully without an internet connection; internet is not required for any sales operation.
Surreal POS is a business application intended for users aged 16 and older. We do not knowingly collect personal information from children under 13 (or the applicable age of digital consent in your jurisdiction). If you believe a child has provided personal information through the App, please contact us at the address below and we will delete that information promptly.
Depending on your location, you may have the following rights regarding your personal data:
To exercise any of these rights, contact us at the address in Section 12. We will respond within 30 days.
Because your sales and business data is stored locally on your device, you are always in full control of it. You can view, edit, export, or delete all on-device data at any time within the app.
On-device data: Retained until you delete it within the app or uninstall the app. Uninstalling the app on Android or iOS removes all locally stored application data.
Crash and analytics data: Retained by Firebase for up to 90 days in accordance with Google's data retention policies, after which it is automatically deleted.
Support communications: Retained for up to 2 years from the date of your last interaction with us, then securely deleted.
License records: Retained for the duration of your license and for up to 1 year after expiry for legal and dispute resolution purposes.
Your on-device business data never leaves your device. Technical data sent to Firebase may be processed in the United States or other countries where Google operates data centres. Google participates in standard contractual clauses and other mechanisms to ensure adequate protection of personal data transferred internationally.
We may update this Privacy Policy from time to time. We will notify you of material changes by:
Continued use of the App after changes take effect constitutes your acceptance of the updated policy. We encourage you to review this policy periodically.
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Source Gambit
Email:
support@sourcegambit.com
Support: support page
We aim to respond to all privacy-related enquiries within 30 days.