Clover Platform Docs

Clover Privacy Policy Template

Clover requires app developers to adopt and maintain a privacy policy that applies to your Clover app that discloses to merchants your app’s data collection, use, and sharing. The privacy policy is intended to enable merchants to make appropriate disclosures to their customers in the merchant’s own privacy policy.

For your convenience, Clover provides a sample privacy policy as a reference to help you and/or your legal counsel prepare a privacy policy. Ultimately, it is your decision what your privacy policy says. Clover cannot provide legal advice. This sample privacy policy assumes that your business does not already have a privacy policy; if you already have a privacy policy and you choose to adopt this privacy policy in addition, you and/or your legal counsel should ensure there are no inconsistencies between this policy and any other policy that you maintain.

This sample privacy policy assumes that you are (a) collecting, using, and disclosing personal data only for the sole and exclusive benefit of the merchant that has installed the app; and (b) not determining the purposes or means of processing personal data, or otherwise using personal data for your own purposes. If either assumption is not true (such as in the case of an app where the consumer independently registers with your service outside of the Clover POS), this sample privacy policy is not appropriate for use.

The green-highlighted language below is intended to provide information to help you and/or your legal counsel identify appropriate disclosures for your unique business. The yellow-highlighted language below is intended to identify information that you should fill in.

If you use this sample privacy policy as the template for your own privacy policy, before finalizing the document, please be sure that:

  • The policy fully and accurately describes your privacy practices and does not omit any material information; and
  • You erase all highlighted language in the document and this introduction.

📘

NOTE

The statements you make in a Privacy Policy carry legal significance, and we suggest that you consult with an attorney before issuing or revising any privacy policy.

Sample Privacy Policy for [App Name]

Effective Date: [INSERT DATE ADOPTED]

This “Privacy Policy” explains how [APP DEVELOPER LEGAL NAME] (“Company” or “we”) collects, uses, discloses, and otherwise processes personal data on behalf of our customers – typically, merchants (any, a “Merchant”) – in connection with our application, [APP NAME], which runs on the Clover Point of Sale system (“Clover POS”). This Privacy Policy does not apply to Company’s privacy practices in any other context.
Company’s processing of personal data in connection with our application is governed by this Privacy Policy and our agreements with Merchants. In the event of any conflict between this Privacy Policy and a customer agreement, the customer agreement will control to the extent permitted by applicable law.
This Privacy Policy is not a substitute for any privacy policy that a Merchant may be required to provide to their customers, personnel, or other individuals.

Information We Collect

We may collect personal data from or on behalf of Merchants. Merchants determine the scope of the personal data transferred to us or that we collect, and the information we receive may vary by Merchant. Typically, the information we collect on behalf of Merchants includes:

Information that we collect when a Merchant’s customers make a payment

When a customer makes a payment via a Clover POS, we collect information about the transaction, which may include personal data. Information about transactions includes the payment card used, name associated with the payment card, the location of the merchant’s store, date and time of the transaction, transaction amount, and information about the goods or services purchased in the transaction.

In addition, we collect: [describe additional data collected, if any, when payment is made.]

Additional information Merchants’ customers provide through the Clover POS ancillary to a payment

We may collect additional information ancillary to the payment. This information may include:

  • Customers’ email address or phone number, such as when the customer chooses to receive an electronic receipt
  • Customers’ marketing preferences, such as whether the customer wishes to receive marketing communications or newsletters
  • Information about participating customers’ activity in a merchant loyalty program
  • Customers’ physical address, where needed for delivery of goods or services
  • Other information the customer provides, such as birthdate, interests or preferences, reviews, and feedback

In addition, we collect: [describe additional data collected, if any, after payment is made.]

Information that we collect about Merchants’ personnel

We may collect information about Merchants’ personnel and interactions with the Clover POS, such as clock-in and clock-out time and tips earned [describe any other applicable information].

Additional information that Merchants provide to us about their customers or personnel

Merchants may provide us with additional information directly, via access they grant to us, or otherwise. The types of information that merchants may provide to us about their customers include email addresses, phone numbers, and purchase history [describe any other applicable information]. The types of information that merchants may provide to us about their personnel include email addresses, phone numbers, shifts, and sales history [describe any other applicable information].

How We Use the Information We Collect

We use the personal data we collect for or on behalf of Merchants, to provide our services and the functionality of our application: [Describe the application’s uses of personal data]

We may also use personal data for related internal purposes, including:

  • To provide information about the application, such as important updates or changes to the application and security alerts
  • To measure performance of and improve the application
  • To respond to inquiries, complaints, and requests for customer support

In addition, Company may use personal data as we believe necessary or appropriate to (a) comply with applicable laws and lawful requests and legal processes, such as to respond to subpoenas or requests from government authorities; (b) enforce the terms and conditions that govern our application; (d) protect our rights, privacy, safety or property, and/or that of you or others; and (e) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity.

How We Share Information

We may share personal data that we collect with:

  • The Merchant from whom or on whose behalf we collected the personal data
  • The platform on which our application runs, the Clover POS. You may view Clover’s Privacy Notice here.
  • With third parties as a Merchant may direct
  • With third party service providers that help us manage and improve the application
  • With Company subsidiaries and corporate affiliates for the purposes described in this Privacy Policy or in our agreement with a Merchant

Company may disclose personal data to government or law enforcement officials or private parties as required by law, and disclose and use such information as we believe necessary or appropriate to (a) comply with applicable laws and lawful requests and legal processes, such as to respond to subpoenas or requests from government authorities; (b) enforce the terms and conditions that govern our application; (d) protect our rights, privacy, safety or property, and/or that of you or others; and (e) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity.
Company may sell or transfer some or all of its business or assets, including your personal data, in connection with a business transaction (or potential business transaction) such as a merger, consolidation, acquisition, reorganization or sale of assets or in the event of bankruptcy, in which case we will make reasonable efforts to require the recipient to honor this Privacy Policy.

Your Rights and Choices

Data Subject Rights

To the extent that applicable law provides individuals with rights pertaining to their personal information, such as to review and request changes to their personal information, individuals should contact the Merchant with any requests pertaining to the Merchant’s use of our application. To the extent that Clover is responsible for responding to data subject rights requests under applicable law, individuals may contact Clover with applicable requests as explained in Clover’s Privacy Notice, https://www.clover.com/privacy-policy. Company will assist a Merchant, or Clover, as applicable, in responding to such requests subject to our contract with a Merchant or Clover.

Complaints

If you have a complaint about our handling of personal data, you may contact us via the contact information provided below.

Updates

We reserve the right to modify this Privacy Policy at any time. We will notify you of updates by updating the date of this Privacy Policy.

Contact Us

You may contact us with any questions, comments, or complaints, about this Privacy Policy or our privacy practices via: [INSERT CONTACT DETAILS]

Additional Information for Merchants Located in Europe

Controller

[IF YOU HAVE APPOINTED A DATA PROTECTION OFFICER AND/OR AN EU REPRESENTATIVE UNDER THE GDPR, YOU SHOULD IDENTIFY THE RELEVANT PARTIES AND CONTACT DETAILS HERE, IN ADDITION TO THE CONTACT INFORMATION PROVIDED BELOW.]
Company is a data processor acting for and on behalf of the Merchant that has installed our application on their Clover POS. That Merchant is the controller of personal data that we process on its behalf. Clover is also a controller of personal data in some circumstances. Clover’s Privacy Notice is available at https://www.clover.com/privacy-policy.

Legal Bases for Processing

Company processes personal data as directed or permitted by the Merchant that uses our application. The Merchant is responsible for establishing a legal basis for our processing of personal data for or on behalf of the Merchant.

Cross Border Data Transfer

When we transfer personal data outside of Europe to countries not deemed by the European Commission to provide an adequate level of protection for personal data, we make the transfer pursuant to one of the following transfer mechanisms:

  • A contract approved by the European Commission (sometimes called “Model Clauses” or “Standard Contractual Clauses”);
  • The EU-US Privacy Shield;
  • The recipient’s Binding Corporate Rules;
  • The consent of the individual to whom the personal data relates; or
  • Other mechanisms or legal grounds as may be permitted under applicable European law.

You may contact us with questions about our transfer mechanism.

Data Retention

Subject to our agreement with a Merchant, Company retains personal data for as long as necessary to (a) provide our products and services; (b) comply with legal obligations; (c) resolve disputes; and (d) enforce the terms of any agreement we may have with a Merchant. You may contact us for additional information about our data retention practices in connection with the application.

Data Subject Rights

Under certain circumstances, data subjects in Europe have certain rights relating to their personal data, which include the rights to request from the Controller (a) access to the data subject’s personal data; (b) correction of incomplete or inaccurate personal data; (c) erasure of personal data; (d) restriction of processing concerning the data subject; and (e) that the controller provide a copy of the data subject’s personal data that the data subject provided to the controller in a structured, commonly used and machine-readable format. Data subjects may also object to a controller’s processing of personal data under certain circumstances. Where processing is based on a data subject’s consent, the data subject has the right to withdraw consent at any time; however, the withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal. Data subjects may also file a complaint with a supervisory authority. You may view contact information for supervisory authorities at https://edpb.europa.eu/about-edpb/board/members_en. Data subjects in Europe should direct any rights request to the appropriate Controller.

Updated about a year ago


Clover Privacy Policy Template


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.