← Back

Privacy Policy

Effective date: March 13, 2026

Cashout Wizard ("we", "us", "our") operates the web application at app.cashoutwizard.com and the website at cashoutwizard.com (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

1. Information We Collect

1.1 Information You Provide

• Account information: When you sign in with Google, we receive your name, email address, and profile picture from your Google account.
• Restaurant data: Restaurant names, employee names, roles, email addresses, phone numbers, and PIN codes you enter into the Service.
• Financial data: Cashout reports including sales figures, tip amounts, and payout records you enter or that are extracted from emailed reports.

1.2 Information Collected Automatically

• Usage data: Pages visited, features used, timestamps, and device type.
• Device tokens: Unique identifiers generated for kiosk devices authorized to access the Service.
• Log data: IP address, browser type, operating system, and referring URLs.

1.3 Information from Third Parties

• Google OAuth: Name, email, and profile image when you authenticate via Google.
• Clover POS: If you connect a Clover account, we access employee data, order data, and shift information through the Clover API.
• Stripe Connect: If you enable direct deposit payouts, Stripe processes bank account details. Bank numbers are tokenized client-side and never touch our servers.
• Email ingestion: If you forward cashout reports to your restaurant's Cashout Wizard email address, we process the email content to extract financial data.

2. How We Use Your Information

• To provide, operate, and maintain the Service.
• To calculate tip distributions and generate cashout reports.
• To authenticate users and manage access to restaurant accounts.
• To process direct deposit payouts to employee bank accounts via Stripe.
• To send transactional emails (invitations, login links, reports).
• To improve the Service, fix bugs, and develop new features.
• To comply with legal obligations.

3. How We Share Your Information

We do not sell your personal information. We may share information with:

• Service providers: Supabase (database and authentication), Cloudflare (hosting and email routing), Resend (transactional email), and Stripe (payment processing).
• Restaurant administrators: Owners and managers of a restaurant can view all employee data and cashout reports for that restaurant.
• Legal requirements: When required by law, subpoena, or government request.

4. Data Storage and Security

Your data is stored on Supabase infrastructure with row-level security policies. All data is encrypted in transit (TLS) and at rest. Employee PINs are stored as one-way cryptographic hashes (bcrypt) and cannot be recovered. Bank account details are tokenized by Stripe and never stored on our servers. We retain data for as long as your account is active or as needed to provide the Service.

5. Your Rights

• Access: You can request a copy of your personal data.
• Correction: You can update inaccurate information through the Service or by contacting us.
• Deletion: You can request deletion of your account and associated data by emailing us.
• Portability: You can export your cashout reports and employee data in CSV format.

6. Cookies and Local Storage

We use browser local storage to persist authentication sessions, device tokens, and theme preferences. We do not use third-party tracking cookies or advertising cookies.

7. Children's Privacy

The Service is not intended for individuals under 16 years of age. We do not knowingly collect personal information from children under 16.

8. International Data Transfers

Your data may be processed in Canada and the United States through our infrastructure providers. By using the Service, you consent to the transfer of information to these countries.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the effective date.

10. Contact Us

If you have questions about this Privacy Policy, contact us at:
[email protected]