myPOS.pk | Pakistan’s Trusted POS Software Provider
Last Reviewed: June 2026
myPOS is committed to maintaining the confidentiality, integrity, and availability of customer information and software systems. As a provider of POS Software, Cloud and Offline POS, Inventory Management, FBR POS Integration, FBR Digital Invoicing, and Business Automation Solutions, we recognise that the data passing through our systems is central to the daily operations of the businesses we serve.
This Security Policy outlines the measures myPOS takes to protect customer data, secure its software, and manage risks associated with its technology infrastructure. We ask that all customers read this policy and understand their own responsibilities in maintaining a secure operating environment.
1. Purpose of This Policy
This Security Policy defines how myPOS approaches information security across its products, platforms, and operations. It applies to all myPOS software solutions, including cloud-based and offline POS systems, inventory and retail management tools, restaurant and salon software, pharmacy management systems, and government-integrated solutions such as FBR POS Integration and PRA Integration.
The purpose of this policy is to describe the security practices in place, set expectations for our customers, and demonstrate our commitment to responsible data handling. This policy does not form a legally binding service level agreement but reflects our genuine commitment to operating securely and transparently.
2. Information Security Principles
The myPOS security framework is guided by three core principles:
Confidentiality: Customer data, business records, and transaction information are treated as confidential. Access to this information is restricted to authorised personnel and is not disclosed to third parties except where required by law or necessary for service delivery.
Integrity: myPOS takes measures to protect the accuracy and completeness of data processed through its systems. Controls are in place to prevent unauthorised modification of records, transactions, and configuration settings.
Availability: We aim to maintain the availability of our software and services so that businesses can operate without unnecessary interruption. Where planned maintenance or unplanned outages occur, we work to restore services as quickly as reasonably possible.
3. Data Protection Measures
myPOS implements a range of controls to protect customer data within its systems:
• Access Controls: Access to internal systems and customer data is restricted based on defined roles and operational requirements.
• User Authentication: myPOS software requires user login credentials before granting access to business data and system functions.
• Role-Based Permissions: Business owners can configure different access levels for staff, ensuring employees only interact with the parts of the system relevant to their responsibilities.
• Password Protection: User accounts are protected by passwords. Customers are encouraged to enforce strong password practices within their organisations.
• Secure Data Storage: Data stored within myPOS cloud systems is maintained on hosted infrastructure with access restrictions and standard storage security practices in place.
myPOS does not claim to provide impenetrable or absolute security. Our controls are designed to reflect reasonable and current industry practices appropriate for business management software.
4. Network and Infrastructure Security
myPOS implements reasonable technical safeguards to protect the network and infrastructure supporting its cloud services. These include:
• Firewalls to restrict unauthorised network access.
• Network monitoring to detect unusual activity or potential threats.
• System hardening practices to reduce unnecessary exposure.
• Regular application of security updates and patches to supported systems.
• Restricted administrative access limited to authorised personnel.
For offline POS installations, network security within the customer’s premises is the responsibility of the customer. myPOS recommends that customers secure their local networks and restrict physical access to devices running myPOS software.
5. Software Security
myPOS follows software development and maintenance practices aimed at reducing security vulnerabilities in its products. These practices include:
• Internal testing procedures prior to releasing updates and new features.
• Identification and remediation of known software bugs and security issues.
• Release of software updates to address vulnerabilities and improve stability.
• Version management to ensure customers have access to supported, up-to-date software.
Customers are encouraged to apply available software updates in a timely manner. Running outdated versions of any software, including myPOS, may increase exposure to known vulnerabilities that have been addressed in later releases.
6. Customer Account Security
The security of individual business accounts depends significantly on the actions taken by the customer. Customers are responsible for:
• Protecting login credentials and not sharing passwords with unauthorised individuals.
• Managing user accounts, including removing access for staff who are no longer employed or authorised.
• Restricting physical access to devices and terminals running myPOS software.
• Reporting suspected unauthorised access, data breaches, or unusual system behaviour to myPOS promptly.
myPOS recommends that customers review active user accounts periodically and enforce strong password policies within their organisations. Failure to manage account access appropriately may expose business data to avoidable risk.
7. Data Backup and Recovery
myPOS cloud-based solutions benefit from server-side backup procedures maintained as part of the hosting infrastructure. For offline POS installations, backup functionality may be available within the software, allowing customers to schedule regular local backups of their data.
While myPOS takes reasonable steps to support data continuity, customers are strongly advised to maintain independent backups of all critical business records. This includes transaction histories, inventory data, customer records, and any other information essential to business operations. myPOS cannot guarantee complete data recovery in all circumstances, and independent backups remain the most reliable protection against data loss.
8. FBR and Government Integrations
myPOS supports integration with government tax systems including FBR POS Integration, FBR Digital Invoicing, and PRA Integration. These integrations allow businesses to fulfil their tax reporting obligations by transmitting data to government-operated systems.
Customers should be aware that government systems such as FBR and PRA operate independently of myPOS. Their availability, security, and performance are outside our control. myPOS cannot guarantee the uptime, data handling practices, or security of any government-operated system or third-party portal.
myPOS is not responsible for interruptions, data handling, or security incidents originating within FBR, PRA, or any other government-operated system. Customers should direct questions regarding government system security to the relevant authorities.
myPOS will make reasonable efforts to maintain compatibility with government system requirements as they are updated, and will communicate significant changes to affected customers where possible.
9. Third-Party Services
To deliver its software and services, myPOS may engage third-party providers, which can include cloud hosting and infrastructure providers, email and communication services, and SMS notification providers. These providers are selected with regard to their reliability and maintain their own security policies and practices.
myPOS does not share customer data with third parties for marketing purposes. Where third-party providers process customer data as part of service delivery, they do so within the scope of their role and in accordance with their own applicable policies. myPOS is not liable for the security practices of independent third-party providers.
10. Security Incident Management
In the event of a suspected security incident affecting myPOS systems or customer data, our team will take reasonable steps to investigate the matter, contain and mitigate the risk, restore affected systems or services where possible, and review internal controls to reduce the likelihood of recurrence.
Customers who become aware of suspected security incidents, data breaches, or unauthorised access involving their myPOS accounts should contact us immediately using the details provided in Section 15 of this policy. Prompt reporting assists in containing potential incidents and protecting affected data.
myPOS will manage incidents with appropriate urgency and care. Notification obligations in the event of a security incident will be assessed in accordance with applicable legal requirements.
11. Employee and Contractor Access
Access to myPOS internal systems, infrastructure, and customer information is restricted to employees and contractors who require that access to perform their responsibilities. Access rights are reviewed and adjusted in line with changes to roles or employment status.
Staff with access to customer data are expected to handle that information with care and in accordance with myPOS’ internal policies. Access to sensitive systems is not granted by default and is subject to business justification.
12. Customer Responsibilities
myPOS provides tools and controls to support a secure operating environment, but security is a shared responsibility. Customers are expected to:
• Maintain secure, updated devices and operating systems for all terminals running myPOS software.
• Install myPOS software updates as they become available.
• Protect login credentials and enforce strong password practices within their organisations.
• Maintain independent backups of critical business data.
• Restrict access to myPOS terminals to authorised staff only.
• Report any suspected security issues, unusual activity, or data concerns to myPOS promptly.
• Follow general cybersecurity best practices appropriate for their business environment.
myPOS is not liable for security incidents that result from a customer’s failure to follow reasonable security practices or implement available updates.
13. Limitations of Security
No software, system, or security measure can guarantee complete protection against all cyber threats, unauthorised access attempts, service disruptions, hardware failures, human error, or emerging security risks. myPOS implements reasonable safeguards appropriate to its operating environment and the nature of its services, but cannot warrant that its systems will be free from all vulnerabilities or incidents at all times. Customers should operate with this understanding and take appropriate independent measures to protect their business data.
14. Policy Updates
myPOS may update this Security Policy from time to time to reflect changes in our practices, technology, legal requirements, or business operations. When material changes are made, we will endeavour to notify active customers through appropriate channels, such as email or an in-software notice.
We encourage customers to review this policy periodically. Continued use of myPOS software following an update to this policy constitutes acceptance of the revised terms.
15. Contact Information
If you have questions about this Security Policy, wish to report a security concern, or need to contact our team regarding a suspected incident, please use the following details:
Email: info@mypos.pk
Phone / WhatsApp: +92 322 4765528
Website: https://mypos.pk
Our Commitment to Security
Security is not a feature at myPOS. It is a responsibility we take seriously across every product we build and every customer we serve. Whether your business processes retail transactions, manages restaurant operations, runs a salon, or fulfils FBR tax reporting obligations, you can trust that myPOS is working to protect the integrity and confidentiality of your business data. We are committed to continuous improvement of our security practices and to being a reliable technology partner for businesses across Pakistan.
myPOS.pk | info@mypos.pk | +92 322 4765528

