Privacy Policy
Last updated: March 1, 2026
1. Data We Collect
We collect only the data necessary to provide our services: business information (name, tax ID, IBAN), contact details (email, phone), and transaction data. Customer card data is processed directly by our payment processor (CyberSource) and is never stored on our systems.
2. How We Use Your Data
Your data is used only for: processing payments, verifying your account, communicating with you about our services, and fulfilling legal obligations. We never sell your data to third parties.
3. Data Security
We use banking-grade encryption (TLS 1.3, AES-256) to protect your data. Our platform is PCI DSS certified and undergoes regular security audits.
4. Your Rights
You have the right to: access your data, request its correction, request its deletion, and restrict its processing. For any request, contact us at privacy@nextpos.al.
5. Data Retention
Transaction data is retained for 7 years per legal requirements. Account data is kept as long as your account is active. After closure, data is deleted within 90 days.
6. Contact
For any privacy-related questions, contact us at privacy@nextpos.al or by mail at our address in Tirana, Albania.