Privacy Policy

Privacy for shop owners and cashier teams.

Last updated: 17 June 2026

1. What the product does

MoMo Pay Mirror helps a shop owner forward MoMo Pay confirmation SMS details to authorized staff. Admins can see totals and shop analytics. Cashiers only receive limited payment confirmation details needed to serve customers.

2. Data we collect

  • Owner and staff account details: name, email, hashed password, role, and shop membership.
  • Shop details: shop name, merchant code if provided, webhook secret, invite records, and subscription status.
  • Payment confirmation details parsed from SMS: transaction ID, amount, customer name if present, customer phone if present, timestamp, and raw SMS for audit/debugging.
  • Billing details needed to start or verify subscription payments, such as phone number, amount, transaction reference, and provider response.

3. Data we do not need

We do not ask for MoMo PINs, wallet passwords, bank passwords, or SIM credentials. Cashiers must never receive owner PINs, balances, webhook secrets, or admin-only totals.

4. How we use data

We use data to authenticate users, enforce roles, mirror payment confirmations, prevent duplicate transactions, provide admin reporting, support subscriptions, and troubleshoot service issues.

5. Role-based privacy

Access is role-based. Admins and managers can access shop setup, reporting, and totals. Cashiers should only access recent payment confirmations for the shops they belong to. Backend routes enforce these limits server-side.

6. Storage and hosting

The Nuxt application is hosted on Cloudflare Pages. Database data is stored in Neon Postgres. Subscription requests are sent to the configured Paypack payment worker. Secrets are stored as server environment variables and are not exposed to the browser.

7. Retention and deletion

For the MVP, transaction history is retained for operational audit and reporting. Shop owners may request export or deletion of their shop data unless retention is required for fraud prevention, billing, dispute handling, or legal obligations.

8. Contact

For privacy requests, use the owner/admin support channel configured for your deployment. This page is a starter policy and should be reviewed before commercial launch.