Privacy Policy
Privacy Policy
Last updated: 16 July 2026
Hike POS Pty Ltd (ABN 44 168 261 274), referred to as “Hike”, “we”, “us” or “our”, is committed to protecting personal information and handling it responsibly.
This Privacy Policy explains how we collect, use, disclose, store and protect personal information when you:
- visit a Hike website;
- create or use a Hike Account;
- access Hike’s point-of-sale software, applications, APIs or related services;
- communicate with our sales, support or other teams;
- attend an event or participate in a survey or promotion;
- apply to become a partner, reseller or employee;
- purchase hardware or services from us; or
- otherwise interact with Hike.
Together, these are referred to as the “Services”.
This Policy applies to Hike POS products and Services. HikePay is operated by NadaPay Pty Ltd and is subject to a separate HikePay Privacy Policy. Where personal information relates specifically to HikePay, the HikePay Privacy Policy will apply.
Third-party websites, payment providers, integrations and applications have their own privacy practices. This Policy does not govern information processed independently by those third parties.
1. Who This Policy Applies To
This Policy applies to:
Website Visitors: People who visit our websites or interact with our online content.
Customers and Account Owners: Businesses and organisations that subscribe to or purchase Hike products and Services.
Authorised Users: Employees, contractors and other individuals who access the Services through a Customer’s Account.
Customer Contacts: Customers, suppliers, staff and other people whose personal information is entered into the Services by a Hike Customer.
Partners: Resellers, integration providers, consultants and other business partners.
Job Applicants: Individuals who apply for employment or contractor opportunities with Hike.
In this Policy, “you” may refer to any of these individuals, depending on the context.
2. Hike’s Role When Processing Information
Hike may process personal information in different capacities.
When Hike acts as a controller or responsible organisation
Hike generally determines how and why personal information is processed when the information relates to:
- Account registration;
- subscriptions and billing;
- sales and marketing;
- website use and cookies;
- service usage and product analytics;
- security and fraud prevention;
- support and communications;
- partners and suppliers;
- job applicants; and
- compliance with legal obligations.
For this information, Hike generally acts as the controller, business or responsible organisation under applicable privacy laws.
When Hike acts as a processor or service provider
Hike Customers may enter personal information about their own customers, staff, suppliers and other contacts into the Services.
The Customer normally decides:
- what information is collected;
- why it is collected;
- how it will be used;
- who may access it; and
- how long it should be retained.
For this Customer Personal Data, the Customer generally acts as the controller or responsible organisation and Hike acts as its processor or service provider.
Hike processes Customer Personal Data in accordance with:
- the Customer’s lawful instructions;
- the Hike Terms of Use;
- the applicable Data Processing Addendum; and
- applicable privacy and data protection laws.
Individuals seeking to exercise rights concerning information entered by a Hike Customer should normally contact that Customer first. Where appropriate, Hike will assist the Customer with the request.
3. Personal Information We Collect
The information we collect depends on how you interact with us.
3.1 Identity and Contact Information
We may collect:
- name;
- business name;
- job title;
- postal or business address;
- email address;
- telephone number;
- username or account identifier;
- profile photograph;
- signature; and
- preferred language and region.
3.2 Account and Business Information
We may collect:
- business type and industry;
- store, outlet and register information;
- business registration or tax information;
- account permissions and user roles;
- selected products, plans and features;
- onboarding and configuration information;
- subscription status;
- Account preferences; and
- records of administrative actions.
3.3 Billing and Subscription Information
We may collect:
- billing address;
- invoice information;
- subscription and transaction history;
- payment status;
- applicable taxes;
- the last four digits or token associated with a payment method;
- payment provider references; and
- records relating to refunds, credits or billing disputes.
Payment card information used to pay Hike subscription Fees is generally processed by our payment providers. Unless expressly stated for a specific Service, Hike does not intentionally store complete payment card numbers or card security codes.
3.4 Customer and Commerce Data
Customers may enter or generate information through the Services, including:
- customer names and contact details;
- delivery and billing addresses;
- purchase and return history;
- loyalty balances and rewards;
- gift card information;
- customer preferences or notes;
- product, stock and inventory information;
- supplier information;
- sales, refunds and transaction information;
- tax and receipt information;
- staff names, roles and sales activity;
- ecommerce and order information; and
- information imported through an integration.
This information is normally processed by Hike on behalf of the Customer.
3.5 Technical and Device Information
We may automatically collect:
- IP address;
- browser and operating system;
- device type and identifier;
- application version;
- language and time zone;
- approximate location derived from an IP address;
- login times;
- pages and features accessed;
- error, diagnostic and crash information;
- network and connection information;
- cookie and advertising identifiers; and
- security and authentication records.
3.6 Usage and Product Information
We may collect information about:
- how the Services are configured;
- features used;
- actions completed;
- session duration;
- API and integration activity;
- performance and reliability;
- support interactions;
- feature adoption;
- search and navigation activity; and
- feedback and survey responses.
3.7 Communications and Support Information
When you communicate with Hike, we may collect:
- emails and chat messages;
- support tickets;
- call recordings, where permitted by law;
- meeting notes;
- screen-sharing and troubleshooting information;
- files and screenshots you provide;
- feedback and complaints; and
- marketing preferences.
Where calls or meetings are recorded, we will provide notice where required.
3.8 Marketing and Website Information
We may collect:
- pages viewed;
- forms submitted;
- campaigns and advertisements viewed;
- referral source;
- interactions with emails;
- event registrations;
- demo requests;
- cookie preferences; and
- social media interactions.
3.9 Partner and Professional Information
For partners, resellers, developers and suppliers, we may collect:
- business contact information;
- organisation and role;
- contractual and payment information;
- technical credentials;
- partner performance information;
- referral and commission records; and
- communications and meeting notes.
3.10 Recruitment Information
If you apply to work with Hike, we may collect:
- employment and education history;
- qualifications and skills;
- curriculum vitae or resume;
- references;
- interview notes;
- work eligibility information;
- salary expectations;
- background-check information where lawful; and
- other information provided during recruitment.
3.11 Sensitive Information
Hike does not generally require sensitive personal information for the ordinary use of the Services.
You should not provide health information, biometric information, government identifiers, information about race, religion, political opinions, sexual orientation or other sensitive information unless:
- it is genuinely necessary;
- the relevant Service is intended to process it;
- you have a lawful basis to provide it; and
- appropriate protections are in place.
4. How We Collect Personal Information
We may collect personal information:
- directly from you;
- from the Account Owner or another Authorised User;
- when you enter or generate information through the Services;
- through cookies, pixels, logs and similar technology;
- from a Customer that has a relationship with you;
- from payment and billing providers;
- from integration partners and Third-Party Services you connect;
- from resellers, referral partners and consultants;
- from publicly available business directories, websites and registers;
- from social media platforms;
- from event organisers and marketing partners;
- from security, fraud prevention and identity verification providers; and
- during recruitment or reference-check processes.
If you provide personal information about another person, you must have the right to provide it and, where required, inform that person about this Policy.
5. Why We Use Personal Information
We may use personal information to:
Provide and Manage the Services
- create and administer Accounts;
- authenticate users;
- process subscriptions and billing;
- configure and operate the Services;
- synchronise integrations;
- process Customer instructions;
- provide updates and notifications; and
- deliver hardware or professional services.
Provide Support
- respond to questions;
- troubleshoot problems;
- investigate errors;
- manage complaints;
- provide onboarding and training; and
- improve support quality.
Secure the Services
- prevent unauthorised access;
- detect fraud and misuse;
- investigate security incidents;
- protect users and systems;
- enforce our agreements; and
- maintain logs and audit records.
Improve and Develop Products
- understand how features are used;
- identify performance issues;
- test and improve functionality;
- develop new products and features;
- conduct analytics and research;
- create aggregated or de-identified insights; and
- improve automated and artificial-intelligence features.
Where possible, product analytics and research use aggregated or de-identified information.
Hike will not use identifiable Customer Personal Data to train a third-party general-purpose artificial intelligence model unless this is performed at the Customer’s direction or is covered by separate notice, agreement and lawful authority.
Communicate and Market
- provide information you request;
- arrange demonstrations;
- communicate about products, events and offers;
- personalise website content;
- measure marketing effectiveness;
- manage preferences; and
- conduct customer surveys.
Operate Our Business
- manage suppliers and partners;
- maintain financial and corporate records;
- conduct audits;
- manage recruitment;
- protect legal rights;
- evaluate or complete a business transaction; and
- comply with laws and regulatory requirements.
6. Legal Bases for Processing
Where the laws of the European Economic Area, United Kingdom or another jurisdiction require a legal basis, we rely on one or more of the following:
Contract
Processing is necessary to enter into or perform a contract with you, including creating an Account, providing the Services, billing and support.
Legitimate Interests
Processing is necessary for Hike’s legitimate interests or those of another party, including:
- operating and improving the Services;
- securing systems;
- preventing fraud;
- communicating with business customers;
- managing partners and suppliers;
- conducting analytics; and
- protecting legal rights.
We consider the impact on individuals before relying on legitimate interests.
Legal Obligation
Processing is necessary to comply with taxation, accounting, employment, regulatory, court, law-enforcement or other legal requirements.
Consent
We rely on consent where required, including for certain cookies, marketing communications, recordings or sensitive information.
You may withdraw consent at any time. Withdrawal does not affect processing that occurred before consent was withdrawn.
Other Lawful Bases
Where applicable, we may process information to establish or defend legal claims, protect vital interests, or carry out another activity authorised by law.
7. Customer Personal Data
Customers may use Hike to process personal information relating to their own customers, employees, suppliers and other individuals.
The Customer is responsible for:
- determining whether it has a lawful basis to collect and use the information;
- providing legally required notices;
- obtaining consents where necessary;
- configuring appropriate access permissions;
- responding to individual rights requests;
- ensuring its instructions to Hike are lawful;
- selecting appropriate retention periods; and
- complying with laws applicable to its business.
Hike will process Customer Personal Data only:
- to provide and secure the Services;
- in accordance with the Customer’s documented instructions;
- as described in the Agreement and Data Processing Addendum; or
- where required by law.
Hike may use subprocessors to provide infrastructure, support, communications, security, analytics and other functions. Hike requires subprocessors that handle Customer Personal Data to provide appropriate privacy and security protections.
8. When We Disclose Personal Information
We may disclose personal information to the following categories of recipients.
Hike Affiliates and Personnel
Information may be shared with Hike group companies, employees and contractors who need it to perform their responsibilities.
Service Providers and Subprocessors
We may engage providers for:
- cloud hosting and data storage;
- security and fraud prevention;
- customer support;
- email and communications;
- analytics;
- customer relationship management;
- billing and subscription management;
- hardware delivery;
- professional services;
- recruitment; and
- business administration.
These providers may process information only for authorised purposes and subject to appropriate contractual obligations.
Third-Party Integrations
Where a Customer activates an integration, Hike may share information with that integration provider as directed by the Customer.
Once information is received by the third party, the third party’s privacy policy applies to its independent processing.
Payment and Billing Providers
We may disclose billing and transaction information to providers that process subscription payments, invoices or refunds.
Payment services used by a Customer to accept payments from shoppers may be governed by separate terms and privacy policies.
Resellers and Business Partners
Where you interact with Hike through a reseller, referral partner, implementation consultant or other partner, we may share information reasonably necessary to manage that relationship and provide the Services.
Professional Advisers
Information may be disclosed to lawyers, accountants, insurers, auditors and other professional advisers.
Authorities and Legal Disclosures
We may disclose information where reasonably necessary to:
- comply with law, regulation, legal process or court order;
- respond to a lawful government request;
- protect the rights, safety and property of Hike or another person;
- investigate fraud, abuse or security incidents; or
- enforce the Agreement.
Where legally permitted, we will seek to notify the affected Customer before disclosing Customer Personal Data in response to a compulsory request.
Business Transactions
Information may be disclosed in connection with a proposed or completed merger, acquisition, financing, restructuring, sale of assets or similar business transaction.
The recipient will be required to handle the information consistently with applicable law.
With Your Consent or Direction
We may disclose information where you request or consent to the disclosure.
9. Sale and Sharing of Personal Information
Hike does not sell personal information in exchange for money.
We may use analytics and advertising providers to understand website activity, measure campaigns and display relevant advertising.
Under some United States state privacy laws, the use of certain advertising cookies or pixels may be considered a “sale”, “sharing” or use for “targeted advertising”, even where no money is exchanged.
Where applicable, you may opt out through:
- the cookie preference tool on our website;
- browser privacy settings;
- a recognised opt-out preference signal such as Global Privacy Control, where supported; or
- a privacy request submitted to Hike.
We do not knowingly sell or share the personal information of individuals under 16 for targeted advertising.
10. Cookies and Similar Technologies
Hike uses cookies, pixels, local storage, software development kits and similar technologies.
These technologies may be used to:
- keep you signed in;
- remember preferences;
- provide essential website functionality;
- maintain security;
- analyse website and product usage;
- diagnose performance issues;
- measure marketing campaigns; and
- provide relevant advertising.
Cookies may be:
Strictly Necessary Cookies: Required for security and website functionality.
Preference Cookies: Used to remember settings and choices.
Analytics Cookies: Used to understand website and Service usage.
Advertising Cookies: Used to measure advertising and provide relevant content.
Where required by law, non-essential cookies will be used only after consent.
You may manage cookies through our cookie preference tool and your browser settings. Blocking certain cookies may affect functionality.
More information may be provided in a separate Cookie Notice.
11. Marketing Communications
We may send marketing communications where:
- you have provided consent;
- you have requested information;
- you have an existing business relationship with Hike; or
- applicable law otherwise permits the communication.
You may unsubscribe from marketing emails by using the unsubscribe link or contacting us.
You may opt out of marketing text messages by following the instructions in the message.
Opting out of marketing will not prevent Hike from sending necessary account, billing, support, security or service communications.
12. International Data Transfers
Hike operates internationally and uses service providers located in multiple countries.
Personal information may be processed in Australia and in other countries where Hike, its affiliates or service providers operate.
These countries may have privacy laws that differ from those in your location.
Where required by law, Hike uses appropriate safeguards for international transfers. These may include:
- transferring information to a country recognised as providing adequate protection;
- contractual protections;
- the European Commission’s Standard Contractual Clauses;
- the United Kingdom International Data Transfer Agreement or UK Addendum;
- legally recognised certification or transfer frameworks;
- obtaining consent where appropriate; or
- another lawful transfer mechanism.
Hike also requires relevant service providers to implement appropriate security and confidentiality measures.
13. Data Retention
Hike retains personal information only for as long as reasonably necessary for the purposes described in this Policy.
Retention periods depend on:
- the type of information;
- whether an Account remains active;
- the Customer’s configuration and instructions;
- contractual requirements;
- taxation and accounting obligations;
- security and fraud-prevention needs;
- dispute and limitation periods;
- backup cycles; and
- applicable law.
Account, subscription and billing records may be retained after an Account closes where necessary for legal, accounting, audit and dispute purposes.
Customer Personal Data is retained in accordance with the Terms of Use, Data Processing Addendum and Customer instructions.
After termination, Customer Personal Data may remain available for a limited export period and may then be deleted or de-identified.
Information may remain temporarily in secure backups until overwritten through ordinary backup cycles.
Where information is no longer required, we take reasonable steps to delete, destroy or de-identify it.
14. Data Security
Hike uses reasonable technical and organisational measures designed to protect personal information against:
- unauthorised access;
- misuse;
- interference;
- loss;
- alteration;
- destruction; and
- unauthorised disclosure.
Measures may include:
- encryption in transit and, where appropriate, at rest;
- authentication and access controls;
- role-based permissions;
- logging and monitoring;
- vulnerability management;
- backup and recovery processes;
- staff confidentiality and training;
- incident response procedures; and
- security requirements for service providers.
No system or transmission method is completely secure. Hike cannot guarantee absolute security.
If we become aware of a data breach, we will investigate and take action in accordance with applicable law. This may include notifying affected Customers, individuals and regulators where legally required.
15. Your Privacy Rights
Depending on your location and applicable law, you may have the right to:
- request confirmation that we process your personal information;
- access personal information;
- correct inaccurate or incomplete information;
- request deletion;
- request restriction of processing;
- object to certain processing;
- receive information in a portable format;
- withdraw consent;
- opt out of direct marketing;
- opt out of sale, sharing or targeted advertising;
- limit certain uses of sensitive personal information;
- appeal a decision concerning a privacy request; and
- complain to a privacy or data protection regulator.
These rights may be subject to legal exceptions.
Submitting a Request
Requests may be submitted by contacting Hike using the details in Section 24.
Please use the subject line “Privacy Request”.
We may request information reasonably necessary to:
- verify your identity;
- confirm your authority to act for another person;
- identify the relevant Account or information; and
- protect personal information against unauthorised disclosure.
We will respond within the period required by applicable law.
Where we process information on behalf of a Hike Customer, we may refer the request to that Customer.
Hike will not discriminate against you for exercising a privacy right.
16. Account Information
Authorised Users may be able to view and update certain Account information through the Services.
The Account Owner is responsible for maintaining accurate user details and access permissions.
To request correction of information that cannot be changed through your Account, contact Hike support.
17. Artificial Intelligence Features
Where a Hike feature uses artificial intelligence or automated technology, we may process:
- prompts and instructions;
- information provided to the feature;
- generated responses or outputs;
- feedback;
- usage and diagnostic information; and
- relevant Customer Content needed to provide the requested function.
This information may be processed by approved technology providers acting as Hike subprocessors.
You should not submit sensitive or confidential information to an AI feature unless the feature is intended to process it and you have lawful authority to do so.
Hike may use aggregated or de-identified information to improve automated features.
Unless separately disclosed, Hike does not use solely automated processing to make decisions about individuals that produce legal or similarly significant effects.
18. Children’s Information
The Services are intended for businesses and are not directed to children.
Hike does not knowingly collect personal information directly from children under 16 through its websites for the purpose of creating a Hike Account.
A Hike Customer may use the Services to process information relating to younger individuals. In that situation, the Customer is responsible for ensuring that the collection and processing are lawful.
If you believe a child has provided personal information directly to Hike without appropriate authorisation, please contact us.
19. Third-Party Websites and Services
Our websites and Services may contain links to third-party websites, social media platforms or applications.
Hike is not responsible for the privacy, security or content of those third parties.
You should review their privacy policies before providing personal information.
20. Regional Privacy Information
20.1 Australia
Hike handles personal information in accordance with the Australian Privacy Act 1988 and the Australian Privacy Principles where they apply.
You may request access to or correction of personal information held by Hike.
If you make a privacy complaint, we will investigate and aim to respond within 30 days.
If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner.
20.2 European Economic Area, United Kingdom and Switzerland
If you are located in the European Economic Area, United Kingdom or Switzerland:
- Hike POS Pty Ltd is generally the controller for personal information described in Section 2 under “When Hike acts as a controller”;
- Hike generally acts as processor for Customer Personal Data;
- our legal bases are described in Section 6;
- you may have rights of access, correction, deletion, restriction, objection and portability;
- you may withdraw consent at any time;
- you may object to direct marketing at any time; and
- you may complain to the data protection authority in your country.
Where information is transferred outside the EEA, United Kingdom or Switzerland, Hike will use an applicable lawful transfer mechanism.
20.3 United States
Depending on your state, you may have rights to:
- know the categories and specific pieces of personal information collected;
- know the sources and purposes of collection;
- know the categories of recipients;
- request access, correction or deletion;
- obtain a portable copy;
- opt out of sale, sharing or targeted advertising;
- limit certain uses of sensitive personal information;
- appeal a decision; and
- receive equal service when exercising your rights.
During the preceding 12 months, Hike may have collected the following categories of information:
- identifiers;
- customer and business records;
- commercial information;
- internet and network activity;
- approximate geolocation;
- professional and employment information;
- audio, electronic or visual information;
- account credentials and other sensitive information; and
- inferences drawn from usage and marketing information.
These categories are described more fully in Section 3.
Hike may disclose relevant categories to service providers, affiliates, integration partners and professional advisers for the purposes described in this Policy.
Hike does not sell personal information for money. Advertising and analytics activities may be treated as sharing or targeted advertising under certain state laws, as explained in Section 9.
You may appoint an authorised agent to submit a request. We may require evidence of the agent’s authority and may verify your identity directly.
20.4 Canada
Where Canadian privacy law applies, Hike handles personal information in accordance with applicable federal and provincial privacy requirements.
You may request access to and correction of personal information and may challenge Hike’s compliance through the contact process in this Policy.
Hike may process information outside Canada, where it may be accessible to courts, law-enforcement or government authorities under local law.
20.5 New Zealand
Where New Zealand’s Privacy Act applies, you may request access to or correction of personal information.
You may complain to the New Zealand Office of the Privacy Commissioner if your concern is not resolved.
20.6 Singapore
Where Singapore’s Personal Data Protection Act applies, Hike will collect, use and disclose personal data for notified or otherwise lawful purposes.
You may request access or correction and may withdraw consent, subject to legal and contractual limitations.
20.7 Hong Kong
Where Hong Kong’s Personal Data (Privacy) Ordinance applies, personal data will be collected for lawful purposes and will not be excessive in relation to those purposes.
You may request access to or correction of personal data.
20.8 South Africa
Where the Protection of Personal Information Act applies, you may request access, correction or deletion and may object to certain processing.
You may submit a complaint to South Africa’s Information Regulator.
20.9 Nigeria
Where Nigerian data protection law applies, you may have rights relating to access, correction, deletion, restriction, objection and portability.
You may submit a complaint to the Nigeria Data Protection Commission.
20.10 India, Thailand, Japan, Bahrain and Other Locations
Where local privacy laws apply, Hike will respect mandatory rights and requirements under those laws.
Depending on your location, you may have rights to:
- receive information about processing;
- access and correct information;
- request deletion;
- withdraw consent;
- object to certain uses;
- request transfer or portability; and
- complain to the relevant authority.
Additional notices or consent may be provided where required for a specific location or Service.
20.11 Mainland China
Where the Personal Information Protection Law of the People’s Republic of China applies, additional notices, consent and cross-border transfer requirements may apply.
Individuals may have rights relating to access, correction, deletion, restriction, explanation and withdrawal of consent, subject to applicable law.
21. Complaints
If you have a concern about how Hike handles personal information, contact us using the details in Section 24.
Please provide:
- your name and contact information;
- the Account or business involved;
- a description of the concern;
- relevant dates or correspondence; and
- the outcome you are seeking.
We will investigate and respond within the timeframe required by applicable law.
You may also complain to the privacy or data protection regulator in your location.
22. Changes to This Policy
Hike may update this Policy to reflect changes in:
- our Services;
- our processing activities;
- technology;
- legal requirements; or
- our service providers and business operations.
The updated Policy will be posted on the Hike website with a revised “Last updated” date.
Where a change is material, we will provide reasonable notice through email, your Account, the Services or our website.
23. Language
Translations of this Policy may be provided for convenience.
Unless applicable law requires otherwise, the English version is the controlling version if there is an inconsistency between translations.
24. Contact Us
For privacy questions, requests or complaints, contact:
Hike POS Pty Ltd
ABN 44 168 261 274
Level 15, 28 Freshwater Place
Southbank VIC 3006
Australia
Email: hello@hikeup.com
Subject line: Privacy Request
Support: Through your Hike Account or the Hike support portal