.png){kind=logo}
Last Updated: 23 May 2026
Tri Tech Technology is committed to protecting the privacy of its users and handling personal data with transparency, integrity, and accountability. This Privacy Policy is designed to comply with the following:
Pakistan Electronic Transactions Ordinance 2002. Our data collection, processing, and storage practices conform to Pakistan's foundational legislation governing electronic commerce, digital services, and data integrity in electronic transactions.
Prevention of Electronic Crimes Act 2016 (PECA). We maintain data security standards and cybersecurity practices consistent with Pakistan's legislation on the prevention of electronic crimes and the protection of digital systems and data.
Pakistan Personal Data Protection Framework. We adhere to the principles of lawful, fair, and transparent processing as they apply under Pakistan's evolving data protection regulatory framework, including applicable provisions of the Personal Data Protection Act and associated regulations.
Pakistan Software Export Board (PSEB) Compliance. Tri Tech Technology is a software company operating as a registered partnership in Pakistan and maintains compliance with PSEB operational and regulatory standards applicable to SaaS platform providers.
If you have questions about our compliance posture or wish to exercise your data rights, please contact us at legal@tritechtechnologyllc.com.
This Privacy Policy explains how Tri Tech Technology (also referred to as TTT, we, us, or our) collects, uses, shares, retains, and protects personal information when you use our SaaS loyalty and rewards platform and our TTT POS point-of-sale software (together referred to as the Services).
We take the privacy of our users seriously. This policy is structured to explain, in clear and complete terms, what personal information we collect, the purposes for which we process it, the legal grounds on which that processing is conducted, how and when it may be shared, and what rights you hold with respect to it. If any aspect of this policy is unclear, we encourage you to contact us directly before using the Services.
Tri Tech Technology is the data controller responsible for personal information collected through the Services. Our principal place of business is at 30 Civic Center, Block D2, Lahore, Punjab, Pakistan 54000.
This Privacy Policy applies to:
Subscribers. Businesses and individuals who register for and use the Platform under a paid or trial subscription to create, manage, and operate digital loyalty, rewards and point-of-sale system/programmes.
Users. Employees, administrators, team members, and other individuals authorised by a Subscriber to access and operate the Platform under a Subscriber account.
Customers. End users of a Subscriber's loyalty programme who enrol in, earn rewards through, or redeem points or benefits from a Campaign delivered via the Platform.
Website visitors. Individuals who access the Platform website or marketing pages without registering for an account.
Support contacts. Individuals who contact TTT by email, in-app chat, or other channels for assistance, enquiries, or information.
When you register for the Services or complete the onboarding process, we collect your name, email address, business name, phone number, and business address. We also collect your account password, which is stored in encrypted form, along with your business type, industry, subscription plan selection, and any brand assets, campaign settings, or programme configuration details you provide during setup.
Payments are processed through cheque, bank transfer or by Stripe, Inc. on our behalf. We do not store or handle your complete card details. We receive from Stripe only what is necessary to manage your account, including payment confirmation status, the last four digits of your card, billing name and address, and subscription renewal records. Stripe operates as an independent data controller under its own privacy policy and PCI DSS Level 1 compliance standards.
When you use the Platform, we automatically collect information about your activity and the device you are using. This includes the features and pages you access, actions you perform within the Dashboard, session duration and frequency, browser type, operating system, IP address, and approximate location derived from that IP address. We also collect error logs and diagnostic data to maintain Platform performance.
When you contact us by email or through our designated contact information, we collect and retain the content of your messages, any attachments you share, your contact details, and records of our responses. This information is used solely to resolve your enquiry and maintain service quality.
Geolocation is our flagship feature which is owned and controlled by Google LLC and Apple Inc. We do not collect your device's GPS coordinates or real-time location. Any geographic data you enter is used solely to power search results within the Platform and is used just for geolocation advertising or behavioural profiling.
We may receive limited information from third-party services integrated with the Platform. If you use Google Single Sign-On, we receive your name, email address, and profile identifier from Google. Stripe provides payment confirmation and fraud risk signals related to your subscription. We do not purchase or acquire personal data from data brokers or unrelated third parties.
We use the information we collect to provide and maintain the Services, process your subscription payments, guide you through account setup and onboarding, and keep your Dashboard functioning correctly. When you contact us, we use your information to respond to support requests and resolve technical issues. Data collected through the Platform is also used to understand how it is being used in aggregate, so we can improve its performance, reliability, and usability over time.
We use your contact details to send transactional communications relevant to your account, such as renewal reminders, billing confirmations, and Platform updates. Where you have opted in, we may also send marketing communications about new features or offers. You can unsubscribe from marketing emails at any time using the link in any such message.
We process your information where necessary to detect fraud, prevent unauthorised access, and protect the Platform and its users from abuse. We also retain and process certain records to meet our legal and regulatory obligations under applicable Pakistani and international law.
We will not sell your personal information to any third party, at any time, for any purpose.
Our processing of personal information is conducted on the following legal grounds, each applied to the specific processing activities described.
Contractual Necessity. Processing that is required in order to perform the Services you have subscribed to and to fulfil our obligations under the Terms of Service. This includes account provisioning and management, payment processing, session authentication, and delivery of all Platform features. Without this processing, we cannot provide the Services.
Legitimate Interests. Processing carried out in pursuit of our legitimate business interests, where we have assessed that those interests are not overridden by your fundamental rights and freedoms. This includes improving, securing, and maintaining the Platform; detecting and preventing fraud; understanding usage patterns to develop better features; and maintaining the operational integrity of the Services. We conduct and document proportionality assessments for all processing based on legitimate interests.
Legal Obligation. Processing that is necessary to comply with applicable laws, including tax reporting requirements, anti-money laundering obligations, regulatory record-keeping, and responses to lawful requests from courts or government authorities operating under Pakistani or applicable international law.
Consent. Processing based on your affirmative opt-in, including the receipt of marketing communications and the activation of non-essential cookie and storage technologies. Where we rely on consent, you may withdraw it at any time without affecting the lawfulness of processing carried out before that withdrawal. Withdrawal of consent does not affect the continued processing of your information on other legal grounds.
We share personal information only in the limited and defined circumstances described below. We do not sell, rent, trade, or otherwise disclose personal information to third parties for their own commercial purposes.
Service Providers. We engage carefully selected third-party vendors and processors who process personal data on our behalf, solely to enable TTT to deliver the Services. All service providers are bound by contractual data processing obligations requiring them to process personal data only in accordance with our documented instructions and to implement appropriate technical and organisational security measures. Our current primary service providers include:
Legal Requirements. We may disclose personal information to courts, government authorities, regulatory bodies, or law enforcement agencies in Pakistan or other jurisdictions where we are required to do so by applicable law, court order, subpoena, or other binding legal process. Where disclosure is legally permissible and not prohibited by the requesting authority, we will provide advance notice to the affected party.
Business Transfers. In the event that TTT is involved in a merger, acquisition, corporate restructuring, or sale of all or substantially all of its business or assets, personal information held by TTT may be transferred to the acquiring or successor entity as part of the transaction. We will provide advance notice of any such transfer and of any material changes to this Privacy Policy that result from it.
With Your Consent. In any circumstances not described in this section, TTT will seek and obtain your prior informed consent before disclosing your personal information to any third party.
TTT POS. The Platform integrates with TTT POS, our proprietary point-of-sale software. Where a Subscriber uses both products, Customer data, transaction records, loyalty points activity, and reward redemptions are synchronised between TTT POS and the Platform in real time. This data sharing is first-party and is not disclosed to any external party. The data processed through this integration is subject to this Privacy Policy.
Stripe. We use Stripe, Inc. to process all subscription payments on the Platform. Stripe operates as an independent data controller and is PCI DSS Level 1 certified. See the Stripe Privacy Policy.
Intercom. We use Intercom, Inc. to power the in-app support messenger within the Dashboard. Intercom processes support conversations and session data to deliver the support service. See the Intercom Privacy Policy.
Google reCAPTCHA. We use Google reCAPTCHA v3 on login, registration, and form pages to distinguish human users from automated bots. Interaction data is sent to Google for risk analysis and is not used for advertising. See the Google Privacy Policy.
We use cookies, local storage, and session storage technologies on the Platform to support authentication, application state management, user preferences, and third-party integrations. For a comprehensive description of every specific technology we use, including its name, purpose, classification, provider, and retention period, and for information on how to manage your preferences, please refer to our Cookie Policy.
We retain personal information only for as long as necessary for the purposes it was collected. Account and registration information is kept for the duration of your subscription and for 2 years after closure. Billing and transaction records are retained for 7 years to meet tax and accounting requirements. Support records are kept for 3 years, security and audit logs for 12 months, and usage data for up to 26 months in anonymised form. When data is no longer needed, it is securely deleted or permanently anonymised.
We take the security of your personal information seriously. All data transmitted between your browser and the Platform is encrypted in transit, and personal information stored in our databases is encrypted at rest. Access to personal data within our organisation is restricted on a need-to-know basis. Payment processing is handled entirely by Stripe's PCI DSS Level 1 certified infrastructure, and we do not store card details. In the event of a data breach that affects your personal information, we will notify you and the relevant authorities without undue delay.
TTT is headquartered and primarily operates from Pakistan. Personal information is primarily stored and processed within Pakistan. However, certain third-party service providers we engage, including Stripe, Intercom, and Google, may process data in the United States, the European Union, or other jurisdictions as part of their service delivery.
Where personal information is transferred outside Pakistan, TTT takes steps to ensure that it remains adequately protected, consistent with applicable Pakistani law and international data protection standards. These steps may include entering into contractual data transfer agreements with third-party processors containing appropriate data protection obligations, and selecting processors who maintain internationally recognised security certifications.
Subscribers operating in jurisdictions with specific cross-border data transfer requirements, including EU member states and countries with formal adequacy or transfer frameworks, are responsible for ensuring that their own legal bases for international transfer are in place when processing Customer data through the Platform.
You have the right to access, correct, or delete the personal information we hold about you. You may also request that we restrict or stop processing your data, request a portable copy of your data, or withdraw consent where processing is based on consent. You have the right to object to processing for direct marketing at any time.
To exercise any of these rights, contact us at legal@tritechtechnologyllc.com. We will respond within 3 business days. We may ask you to verify your identity before processing your request.
Subscribers may request deletion of their Platform account by submitting a written request to info@tritechtechnologyllc.com from the email address registered to the primary account holder. Upon receiving and validating a deletion request:
Deletion of a Subscriber account does not constitute fulfilment of data erasure requests with respect to Customer personal data. As the data controller for Customer data, the Subscriber retains independent data controller responsibilities for Customer information collected through the Platform and must manage Customer data rights requests directly.
The Services are designed exclusively for commercial use by businesses and are not directed toward, intended for, or appropriate for use by individuals under the age of 18. TTT does not knowingly collect, solicit, or store personal information from anyone under 18 years of age.
If we become aware that personal information has been inadvertently collected from an individual under 18, whether as a Subscriber, User, or through any other means, we will take prompt and appropriate steps to delete that information from our systems without undue delay. If you believe that we have, or may have, collected information from a person under 18, please contact us immediately at info@tritechtechnologyllc.com so that we may investigate and take corrective action.
Tri Tech Technology is a software company operating as a registered partnership, established in Lahore, Punjab, Pakistan. Our data handling, privacy, and security practices are designed to comply with the laws and regulatory standards applicable to SaaS platform providers in Pakistan, including:
TTT maintains registration and compliance with applicable Pakistani authorities, including the Pakistan Software Export Board (PSEB), and operates in accordance with PSEB standards applicable to software services exporters. We engage with regulatory guidance issued by Pakistan's Ministry of Information Technology and Telecom (MoITT) and adopt best practices for data protection and cybersecurity as they are developed in the Pakistani regulatory environment.
We may update this Privacy Policy periodically to reflect changes in our data practices, the features and integrations of the Services, or the applicable legal and regulatory requirements in Pakistan or other relevant jurisdictions. When we make changes that are material, meaning they meaningfully affect how we collect, use, or share your personal information, we will:
We encourage you to review this Privacy Policy periodically to stay informed about how we handle your personal information. Your continued use of the Services after the effective date of any update constitutes your acceptance of the revised policy. Where a change is material and you do not accept it, you may terminate your Subscription in accordance with clause 4.5 of the Terms of Service.
For any questions, concerns, or formal rights requests relating to this Privacy Policy or our personal data handling practices, please contact us through any of the following channels. We aim to acknowledge and provide a substantive response to all privacy enquiries within 5 business days.
Tri Tech Technology
30 Civic Center, Block D2, Lahore, Punjab, Pakistan 54000