Legal · Privacy

Your data, handled with care.

This policy explains — in plain language — what AloraPay collects, why, and the control you have over it. No dense legalese, just a clear account of how we treat your information and your guests'.

Last updated June 4, 2026Plain-language summary included
The short version

We never sell your data

Not to advertisers, not to data brokers, not to anyone. Full stop.

Card data never touches us

Payments are tokenized by PowerTranz. We never see or store full card numbers.

You stay in control

Access, export, or delete your information at any time — just ask.

01

Who this covers

This policy applies to two groups: the restaurants and operators who use AloraPay to run their venue, and the guests who scan a table QR to order and pay. We collect different information from each, and we treat both with the same care.

If you're a guest, the restaurant you're dining with is the owner of your order data. AloraPay processes it on their behalf — we don't build guest marketing profiles.

02

What we collect

We collect only what's needed to take an order, settle a bill, and run the dashboard. Here's the full list, grouped by who it comes from.

From restaurants

  • Account details — business name, address, contact name, email, and phone.
  • Operational data — menus, tables, orders, and settlement records.
  • Payout details — the bank account where we settle your funds.

From guests

  • Order details — the items selected at a table and the amount paid.
  • Payment confirmation — a tokenized reference from PowerTranz, never the card number.
  • Optional contact — an email only if a guest asks for a receipt.
Technical & device data we log

Like most web services, we automatically log a small amount of technical data to keep the service secure and working: IP address, browser type, device type, and timestamps of activity. We use this for fraud prevention, debugging, and aggregate analytics — never to identify individual diners.

03

How we use it

Every use of your data ladders up to running the platform. We never repurpose it for advertising.

  • To take orders, process payments, and settle funds to your account.
  • To power your dashboard, reporting, and reconciliation.
  • To detect fraud, prevent abuse, and keep the platform secure.
  • To provide support and send essential service notices.
04

Who we share with

We share data only with the partners required to deliver the service — and only the minimum they need.

PowerTranz
Our payment gateway. Processes card transactions and tokenizes card data.
Cloud infrastructure
Hosting and storage providers that run the platform under strict data agreements.
Legal authorities
Only when required by law, and only the specific data legally requested.

We do not sell your data and we never share it with advertisers or data brokers.

05

Your rights

You're in control of your information. At any time you can:

  • Access a copy of the data we hold about you.
  • Correct anything that's inaccurate or out of date.
  • Export your data in a portable format.
  • Delete your account and associated data, subject to legal retention rules.

To exercise any of these, email privacy@alorapay.com and we'll respond within 30 days.

06

How long we keep it

We keep data only as long as it's useful or legally required.

Account data
For as long as your account is active, then deleted on request.
Transaction records
Retained as required by financial regulations (typically 7 years).
Technical logs
Rotated and deleted on a rolling short-term basis.
07

Contact us

Questions about your privacy, or want to exercise a right? Reach our team directly.

AloraPay Privacy Team

Email: privacy@alorapay.com

Port of Spain, Trinidad & Tobago