Legal

Privacy Policy

Last updated: May 17, 2026. This policy explains how store records, roles, exports, proof uploads, consent choices and support requests stay controlled.

Privacy Policy visual showing store data, access roles, export logs, saved consent and a protected ready state inside a controlled data boundary.
Contact privacyView terms

Tillzen Systems, Inc. ("Tillzen," "we," "us," or "our") provides closeout-control software for restaurant teams. This policy covers tillzen.ca, app.tillzen.ca, product dashboards, public forms and related support work. It explains what data we collect, why we collect it, who receives it and what choices are available.

Customer operating records are business records controlled by the customer organization. Individual users should route workplace record questions through their employer or authorized account administrator when the customer controls the underlying record.

1. Information We Collect

Account and Contact Data

  • Name, email address, company, role, region, store scope and login credentials.
  • Demo, pilot, privacy, support and security messages submitted through forms or email.
  • Billing and order details when a customer buys a paid subscription. Payment card handling is performed by payment processors when configured; Tillzen should not store full card numbers.

Operating Records and Product Data

  • Store names, store identifiers, business dates, shifts, cash counts, safe counts, cash gaps, deposit amounts, tip records, employee names, employee hours, employee initials/signatures, payout details, review status, notes, reason codes and approval history.
  • Photos or images submitted as proof, such as POS slips, deposit proof and signature images.
  • Generated artifacts such as PDFs, spreadsheets, export file names, upload status, sync status and audit timestamps.
  • Device, browser and app data needed for secure sign-in, synchronization, crash/error reporting and abuse prevention.
  • The checked Cashout24 mobile app source does not request physical device location permission. Store names and store identifiers are business records used for work routing.
  • Restaurant-system or provider data authorized by the customer, including point-of-sale, Lightspeed, Microsoft, SharePoint, email relay, or other integration data where enabled.

Website, Analytics and Diagnostics Data

  • Pages visited, CTA clicks, form outcomes, referrers, approximate location, device type, browser type and performance signals from Vercel Web Analytics on the public website.
  • Error reports, stack context, redacted URLs, release, environment and diagnostic metadata from Sentry where configured for the dashboard or product application.
  • Security and session data such as IP address, timestamps, authentication state, cookies, local storage, CAPTCHA or anti-abuse results and audit logs.

2. How We Use Information

  • Provide the service, including closeout capture, offline app storage, sync, review queues, alerts, reports, exports and support.
  • Authenticate users, enforce role and store scope, prevent abuse, investigate incidents and maintain audit history.
  • Operate customer-authorized integrations, including Microsoft, SharePoint, Lightspeed, email relay, backend sync and other configured provider flows.
  • Send transactional or relationship messages, such as credential setup, password reset, digest, alert, pilot, support and service notices.
  • Improve reliability and usability using first-party product telemetry, aggregate public-site analytics and redacted error reports.
  • Send marketing only where permitted. Marketing emails must include an unsubscribe method and the required sender information.
  • Comply with law, enforce agreements, protect rights and respond to lawful requests.

3. How We Disclose Information

We do not sell personal information for money. The current checked public website implementation does not include Google Analytics, Meta Pixel, ad-network pixels, or remarketing tags. If those tools or any cross-context behavioral advertising tools are added later, this policy and the required opt-out controls must be updated before deployment.

We disclose information only as needed for the service and for the purposes described here:

  • To authorized users inside the customer organization according to role, store, region and account scope.
  • To service providers that host, secure, monitor, deliver, or support the service, including providers such as Vercel, Sentry, Microsoft, Auth0, Lightspeed, cloud hosting, email delivery and Stripe or other payment providers where configured.
  • To restaurant systems, finance tools, SharePoint, email recipients, or other customer-authorized destinations selected by the customer or administrator.
  • To professional advisers, legal authorities, or buyers in a business transfer when reasonably necessary and allowed by law.
  • With consent or at the direction of the customer or authorized user.

4. California Privacy Notice

California residents may have rights to know, access, correct, delete and opt out of certain uses of personal information. California law treats some disclosures for cross-context behavioral advertising as "sharing" even when no money changes hands. Tillzen does not currently deploy ad pixels or cross-context behavioral advertising tags on the checked public website or dashboard source.

If Tillzen later uses Google Analytics advertising features, Meta Pixel, remarketing pixels, or similar targeted-advertising tools, Tillzen must provide a clear "Do Not Sell or Share My Personal Information" path, honor applicable opt-out preference signals such as Global Privacy Control where required and update this policy before those tools run.

To exercise California privacy rights, email privacy@tillzen.com with the request type and enough information to verify the request. If your request relates to customer-controlled workplace records, we may direct the request to the customer organization.

5. EU, UK and International Privacy Rights

Where GDPR, UK GDPR, or similar law applies, Tillzen processes personal data under legal bases such as contract performance, legitimate interests, consent and legal obligation. Applicable rights may include access, correction, deletion, portability, restriction, objection and withdrawal of consent.

Tillzen is based in Canada and may process data in Canada, the United States and other countries where providers operate. When personal data is transferred internationally, Tillzen uses contractual and security safeguards appropriate to the service and the customer agreement.

6. Data Retention

Customer Data is retained for the subscription or pilot term and for the export, audit, backup, legal and dispute periods described in the customer agreement or required by law. A default public-policy expectation is that customer export access remains available for 30 days after termination unless the applicable agreement says otherwise.

Account, support, billing, audit, security, diagnostic and marketing records may be retained for as long as reasonably needed for service operations, compliance, fraud prevention, dispute resolution and business records. Aggregated or de-identified data may be retained when it cannot reasonably identify a person or customer.

7. Security

  • Role and scope controls for customer, region, store and user access.
  • Transport security, authentication, session controls, anti-abuse checks and monitored error reporting.
  • Storage and sync safeguards designed to preserve operating data while limiting unauthorized access.
  • Redaction of sensitive diagnostic data before sending error reports where supported by the current implementation.
  • Operational incident review and customer support processes.

No electronic service can be guaranteed completely secure. Users and customer administrators remain responsible for account access, device security and correct role assignment.

8. Marketing Email Choices

Transactional and relationship messages are needed to operate the service. Promotional messages may be sent only where permitted and must include a working unsubscribe method, a truthful subject line and required sender information, including a valid physical mailing address.

You may opt out of marketing by using the unsubscribe link in a marketing message or by emailing privacy@tillzen.com. Opting out of marketing does not stop operational, security, billing, support, or service messages.

Billing questions for business subscriptions can be sent to moodie.allam@gmail.com.

9. Children's Privacy

The service is not directed to children under 18. Tillzen does not knowingly collect personal information from children. If we learn that child data was submitted outside a customer-controlled workplace record, we will take appropriate steps to delete it.

10. Changes to This Policy

We may update this policy to reflect product, provider, legal, or product changes. Material changes will be posted with a new last-updated date and, when appropriate, communicated through the service, email, or consent controls.

11. Contact Us

If you have questions, concerns, or requests about this policy or our data practices, contact:

Tillzen Systems, Inc.

Privacy Team

Ottawa, ON, Canada

Email: privacy@tillzen.com

See also: Terms of Service | Cookie Policy