How Matjar Technologies collects, uses, and protects your data when you use the
WMelons POS app on iOS and Android.
Effective: 19 March 2025
Updated: 19 March 2026
WMelons POS iOS & Android
To provide and improve the WMelons POS service, we collect the following categories of information:
Name, email, phone number, business name, trade licence details, and login credentials to create and manage your merchant account.
Sales records, order amounts, payment method types (card, cash, wallet), product SKUs, and timestamps processed through the POS terminal.
Device model, OS version, unique device identifiers, app version, and crash logs used for diagnostics and compatibility.
Approximate store or outlet location, collected at account setup or when enabled, to support regional tax, currency, and delivery settings.
Feature interactions, session durations, and navigation patterns collected in aggregate to improve platform performance.
We do NOT store full card numbers or CVVs. Payments are handled by PCI-DSS certified partners; we retain only tokenised references.
We use the information collected for the following clearly defined purposes:
• Creating and maintaining your merchant account and POS terminal access.
• Processing and recording sales transactions accurately and in real time.
• Generating financial reports, inventory insights, and analytics dashboards.
• Facilitating delivery and logistics integrations with third-party carrier partners.
• Sending transactional notifications — receipts, alerts, and operational updates.
• Diagnosing technical issues, monitoring uptime, and improving app reliability.
• Complying with UAE and MENA regulatory requirements, including UAE FTA VAT
reporting obligations.
• Preventing fraud, unauthorised access, and other security threats.
• Communicating platform updates and new features (you may opt out at any time).
We process your data only for purposes that are necessary, proportionate, and consistent with this policy. We do not use your data for automated profiling or sell it to advertising networks.
We do not sell, rent, or trade your personal information. We may share data only in the following limited circumstances:
• Service Providers: Trusted third parties supporting platform operations — cloud
infrastructure, payment processing, SMS/email delivery, and analytics — under strict
data processing agreements.
• Delivery Partners: Logistics and carrier partners receive the minimum order and
address data needed to fulfil a delivery.
• Legal Compliance: Where required by applicable UAE law, regulation, court order, or
governmental authority.
• Business Transfers: In the event of a merger, acquisition, or asset sale, your data
may transfer to the successor entity with prior notice.
• With Your Consent: Any sharing beyond the above will only occur with your explicit
consent.
Your data is stored on secure cloud infrastructure with primary servers located in the UAE and the broader MENA region, in compliance with applicable data residency requirements.
• TLS/SSL encryption for all data in transit between the app and our servers.
• AES-256 encryption for sensitive data at rest.
• Role-based access controls limiting data access to authorised personnel only.
• Regular third-party security audits and penetration testing.
• PCI-DSS compliant payment processing infrastructure through certified partners.
• Automated anomaly detection and incident response protocols.
While we employ industry-standard security measures, no system is entirely immune to risk. We encourage merchants to use strong, unique passwords and to enable two-factor authentication on their accounts.
We retain your data for as long as your account is active or as needed to provide services. Specific retention periods apply as follows:
• Transaction Records: Minimum of 5 years in accordance with UAE Federal Tax
Authority (FTA) requirements.
• Account Information: Duration of the active account, plus 2 years following account
closure.
• Usage & Device Logs: Up to 12 months for diagnostic and security purposes.
• Marketing Preferences: Until you withdraw consent or request deletion.
After the applicable retention period, data is securely deleted or anonymised in a manner that prevents re-identification.
Subject to applicable UAE law and data protection regulations, you have the following rights regarding your personal data:
• Access: Request a copy of the personal data we hold about you.
• Correction: Request correction of inaccurate or incomplete information.
• Deletion: Request deletion of your personal data, subject to legal retention
requirements.
• Data Portability: Receive your data in a structured, machine-readable format where
technically feasible.
• Restriction: Request that we limit processing of your data in certain circumstances.
• Objection: Object to processing based on legitimate interests.
• Withdraw Consent: Withdraw any consent previously given for optional processing at
any time.
To exercise any of these rights, please contact us at privacy@matjar.online. We will respond within 30 days of receiving your verified request.
The WMelons POS mobile application does not use browser cookies. However, the app may use the following limited technologies:
• Device Identifiers: Used solely for session authentication and fraud prevention; not
shared with advertising networks.
• Crash Reporting SDKs: Aggregate, anonymised crash data collected to improve app
stability.
• Analytics SDKs: Aggregate usage metrics to understand feature adoption; individual
behaviour is not profiled or sold.
You may opt out of non-essential analytics tracking via the app Settings → Privacy menu at any time.
The WMelons POS app integrates with the following categories of third-party services, each governed by their own privacy policy:
• Payment Gateways: Card processing and digital wallet providers operating under
PCI-DSS certification.
• Delivery & Logistics Providers: Last-mile delivery partners who receive order
fulfillment data.
• Cloud Infrastructure: Hosting and database providers with ISO 27001 certification.
• Communication Services: SMS and email providers for transactional notifications.
• Analytics Platforms: Aggregate app usage analytics providers under anonymised
data agreements.
We vet all third-party partners for data security compliance before integration and maintain data processing agreements with each one.
The WMelons POS application is designed exclusively for business use by merchants and their authorised staff. It is not directed at, nor intended for use by, individuals under the age of 18. We do not knowingly collect personal data from minors. If we become aware that a minor has provided personal information without appropriate consent, we will take prompt steps to delete it. If you believe a minor's data has been collected, please contact us immediately at privacy@matjar.online.
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or business operations. When we make material changes, we will:
• Update the "Last Updated" date at the top of this policy.
• Send an in-app notification to all active merchants at least 14 days before changes
take effect.
• Post the updated policy at wmelons.com/privacy and within the app's Settings section.
Your continued use of the WMelons POS app after the effective date constitutes your acceptance of the changes. If you do not agree, you may close your account and discontinue use of the service.
If you have questions, concerns, or requests relating to this Privacy Policy or your personal data, please reach out through any of the following channels: Matjar Technologies — WMelons
ENQUIRIES: privacy@matjar.online
PHONE: +971 58 590 0479
WEBSITE: wmelons.com
REGISTERED ADDRESS: United Arab Emirates
WMelons · by Matjar Technologies
This privacy policy applies to the WMelons POS application on iOS and Android.
Prepared for Apple App Store & Google Play Store submission · © 2026 All rights reserved.