Data Processing Addendum.
For B2B prospects who need a DPA on file. Plain-language summary below; signed version available on request.
Policy version 2026-05-28.1 · Last updated 2026-05-28
1. Roles
You (the merchant) are the controller of personal data about your customers and staff that resides in your Loyverse account. SKANDAN PTE. LTD. (operating VentaLens) is the processor, acting on your documented instructions when we read that data via the Loyverse API.
2. Categories of personal data
- Customer: an opaque customer reference id may appear on a receipt. We do not ingest customer names, contact details, visit counts, or spend history. No email, phone, address, or PIN.
- Employee: id and display name only. No contact details, and no role/permission data.
- Merchant account-holder: email, locale, timezone. Sign-in is passwordless (Google or magic link) — no password is set or stored.
3. Categories of data subjects
- Your customers — referenced only by an opaque id on receipts; no customer records are stored
- Your employees (id + display name only)
- You and your team's user accounts on VentaLens
4. Sub-processors
We engage the following sub-processors to deliver VentaLens. By accepting this DPA you authorise their use.
| Sub-processor | Purpose | Region | Data |
|---|---|---|---|
| Supabase Inc. | PostgreSQL database, file storage, user authentication | Singapore (ap-southeast-1) | All customer data: receipts, items, accounts, audit logs |
| Fly.io | Application hosting and HTTPS termination | Singapore (sin) | All data in transit through the application servers |
| Stripe, Inc. | Payment processing for subscriptions | United States + global | Customer email and last-4 of card; full PAN never leaves Stripe |
| Sendinblue / Brevo | Transactional email (welcome, trial nudges, receipts) | European Union | Customer email + send templates; emails purged after 30 days |
| Functional Software, Inc. (Sentry) | Application error monitoring | United States | Error traces with PII automatically scrubbed before send |
| Loyverse SIA | Source POS — your data originates here and we read it | European Union (Latvia) | Sales receipts, items, employees (we read; we do not write) |
| FormSubmit.co | Marketing-site contact form delivery | United States | Name, email and message submitted through the public contact form |
We notify you by email at least 14 days before adding a new sub-processor, giving you time to object.
5. International transfers
Sub-processors outside Singapore and the EU (Stripe, Sentry, and FormSubmit.co — all US-headquartered) operate under the EU Standard Contractual Clauses (SCCs) and Singapore PDPA-equivalent safeguards. For any prospect requiring a country-specific DPA addendum, email [email protected] .
6. Security measures
- TLS 1.3 in transit, AES-256 at rest
- Postgres Row-Level Security for tenant isolation
- Encrypted Loyverse access tokens
- Passwordless authentication (Google OAuth or one-time magic link) — no passwords to store or leak
- Stripe webhooks signed and verified; idempotency on every retryable mutation
- Audit log on every privileged action
- Singapore-region hosting (data residency)
7. Breach notification
We notify affected controllers within 72 hours of becoming aware of a personal-data breach, with the nature of the breach, categories and approximate number of records affected, likely consequences, and mitigation actions.
8. Data return + deletion
On contract termination or request, we return your data via export and delete it from our systems within 30 days, including backups (which roll over within 7 days).
9. Audits
You may request our SOC-2 report (planned 2027) or a written response to a privacy questionnaire. We respond within 14 days.
Request a signed DPA
Need a signed copy with your company name on it? Email [email protected] with "DPA" in the subject. We send within one business day.
Ready to see your numbers clearly?
Connect Loyverse in 60 seconds. No credit card, cancel any time.