Customer API EU permissions

Published: May 13th, 2019

Europe

In the EU, we are changing how much customer data is accessed by apps using the Customers endpoint. These changes will be enforced in the coming months.

Every element in the Customers endpoint is considered PII. PII collection, storage, and use is regulated by laws applicable to the region(s) where 3rd party developer apps and their partner merchants operate in.

Data minimization and new permissions

Clover is introducing new permissions to access each data element in the Customers endpoint.

📘

NOTE

We are not making any changes to the format of the Customers API endpoint. As long as the required permissions are in place, data can still be accessed by apps using the same calls.

Customer records

Based on payment type and a customer's choice to share their data, Clover devices may create a customer record. This record may reveal email addresses, phone numbers, home/business addresses, purchase history, and other data points that directly or indirectly identify an individual.

Before we grant access to customer records, we want to ensure that this access is a necessity for each reviewed app.

Current permissions and limits

With our current CUSTOMERS_R and CUSTOMERS_W permission structure, your app has access to all customer data. Moving forward, if we learn that your app requires just these permissions, your app’s access to the Customer endpoint will be reduced to the following subset of PII:

  • id (Customer UUID)
  • merchant.id (Merchant UUID)
  • firstName
  • lastName
  • customerSince

New permissions

For the customer data elements not listed above, we are introducing new required permissions.
These permissions to the Customers endpoint will be granted at the field-level. This level of granularity will enable your app to retrieve only the PII it needs to function, helping both you and Clover minimize the data accessed and shared to what is needed.

You must request for the following permissions to receive field-level access to each respective data element of the Customers endpoint:

ElementRequired permission
addressesCUSTOMERS_ADDRESS_R
CUSTOMERS_ADDRESS_W
emailAddressesCUSTOMERS_EMAIL_R
CUSTOMERS_EMAIL_W
phoneNumbersCUSTOMERS_PHONE_R
CUSTOMERS_PHONE_W
cardsCUSTOMERS_CARDS_R
CUSTOMERS_CARDS_W
marketingAllowedCUSTOMERS_MARKETING_R
CUSTOMERS_MARKETING_W
metadata.businessNameCUSTOMERS_BUSINESSNAME_R
CUSTOMERS_BUSINESSNAME_W
metadata.dobYear
metadata.dobMonth
metadata.dobDay
CUSTOMERS_BIRTHDATE_R
CUSTOMERS_BIRTHDATE_W
metadata.noteCUSTOMERS_NOTE_R
CUSTOMERS_NOTE_W

For example, if an app has just the CUSTOMERS_EMAIL_R permission, the response will include the customer’s email address and will exclude all other fields in each Customer object.

Data rights

These changes will not directly affect you or your application/integration, nor will it affect your obligations under applicable data privacy legislation. For instance, you are still required to respond to and facilitate data access requests that come to you from those Clover merchants, merchant employees, or customers of those merchants.

For more on data access requests, please review the helpful information for the UK (individual customer rights) and the rest of the EU (Data protection under GDPR).

Data retention

Clover will disable access to a customer record after a fixed time of not having meaningful interactions with the customer or customer record. The fixed time will be identified at a later time.