1.1 KiB
1.1 KiB
GDPR & Data Compliance
Version: v0.6.0 Beta
Date: 2026-02-20
Data Types (Typical)
- Transaction data (items, totals, payment method)
- KlubKort account identifiers (card/searchkey) and balance
- Operational logs (system / print agent)
Processing Purpose
- Completing sales and producing receipts
- Maintaining customer account balance (KlubKort)
- Basic operational auditing and troubleshooting
Storage & Retention
- Primary storage is local on the terminal
- Hourly backups are created for recovery and reporting
- Retention should be defined per event (recommended: minimum needed for accounting + troubleshooting)
Security Controls
- Offline-first design (no public POS exposure required)
- Restricted access to SUADMIN and system accounts
- Physical access control to the terminal is required
- Secure tunnel recommended for backup transfer
Recommendations for Operators
- Restrict access to the terminal and admin panels
- Keep Windows user accounts protected
- Verify backups before/after events
- Document retention period and deletion procedure