Cosoft Data Security Policy

As the developers of Aura, a leading South African Point-of-Sale software suite for takeaway, delivery and sit-down restaurants, we at Cosoft understand the value of digital property. Nothing is more important to us than the integrity of the unique and valuable data stored in your database.

In this light, we have updated our Data Security policy in order to better protect your data, and help defend it against fraud, tampering or manipulation. We are enacting the following Best Practises for our support staff with respect to store data. These policies are designed to safeguard your data and are non-negotiable:

  1. No overrings will be performed by Cosoft staff. Our staff can advise on the use of the software, but will not in any way over-ring or otherwise cancel or remove a sale. This must be done by a store employee/owner with the requisite permissions.

  2. No Till or Shop Cashup unlocks will be performed by Cosoft Staff on request - Once a till or a shop cashup has been locked, it can be printed as a final financial statement. If the till is unlocked, previously printed reports will become inaccurate. Any mistakes or corrections must be noted on the report in writing by the store staff.

  3. No Time or Date changes will be performed by Cosoft Staff. - Changing the date compromises Data integrity and is a technique often used to obscure mistakes or even fraud. Cosoft takes the stance that if there was a problem preventing a sale from being posted in the cashup of it’s particular date, then the corresponding cashup report is serving it’s purpose to highlight that. This includes for orders that had to be rung up on the following day after they were captured manually because of a system problem, loadshedding, a fire or any other reason.

  4. No stock entry edits will be performed by Cosoft staff under any circumstances - This includes capturing of new new or existing Stock Take, Purchase, Return or Manufacturing entries. Any operational data input must be done by a store employee/owner with the requisite permissions.

  5. No Customer details will be modified by Cosoft staff - Any customer detail captured or edited must be done by a store employee/owner with the requisite permissions.

  6. No Database modifications to operational data will be performed by Cosoft Staff on request - In the event that data is changed directly or indirectly as a result of corrective actions by our support team, a reference number, description of events, and before and after reports will be sent to the store franchisee.

  7. Cosoft Staff will not use, edit, insert or change a user’s password - Any password captured or edited must be done by a store employee/owner with the requisite permissions. This is a requirement of the POPI act which we must strictly follow. 

    1. Password change requests must be sent via email after which they will be done remotely.

    2. Forgotten passwords will be reset rather than retrieved.

    3. In the event that there are no users with correct permissions or all permissions get reset, a new user may be inserted into the database, which must be removed after correct permissions or users have been restored.

 

These practices will allow you to feel assured that your data integrity will always remain intact. In addition, less time spent on these kinds of requests from stores mean more time for our support staff to give attention to all necessary support calls - which means less time waiting in the support queue and more time with a fully operational and secure Aura Point of Sale system, helping us to help you be a better business.