Privacy Policy

Effective Date: January 1, 2022 


This “Privacy Policy” explains how A2Z POS, INC. (collectively, “Company” “A2Z POS”, “we”, “us”, or “our”) collects, uses, discloses, and otherwise processes business and personal data on behalf of our customers – typically, merchants “Merchant” – in connection with our application, [A2Z POS], which runs on the A2Z Point of Sale system (“A2Z POS”). This Privacy Policy does not apply to Company’s privacy practices in any other context.  

The company’s processing of business and personal data in connection with our application is governed by this Privacy Policy and our agreements with Merchants. In the event of any conflict between this Privacy Policy and a customer agreement, the customer agreement will control to the extent permitted by applicable law. 

This Privacy Policy is not a substitute for any privacy policy that a Merchant may be required to provide to their customers, personnel, or other individuals.  

Information We Collect 

We may collect business and personal data from and on behalf of Merchants. Merchants determine the scope of the business and personal data transferred to us or that we collect, and the information we receive may vary by Merchant. Typically, the information we collect on behalf of Merchants includes: 

Information that we collect when a Merchant’s customers make a payment 

When a customer makes a payment via a Clover Payment Device, we collect information about the transaction, which may include business and personal data. Information about transactions includes the payment card used, name associated with the payment card, the location of the merchant’s store, date and time of the transaction, transaction amount, and information about the goods or services purchased in the transaction.  

Additional information Merchants’ customers provide through the A2Z POS ancillary to a payment 

We may collect additional information ancillary to the payment. This information may include: 

  • Customers’ email address or phone number, such as when the customer chooses to receive an electronic receipt  
  • Customers’ marketing preferences, such as whether the customer wishes to receive marketing communications or newsletters 
  • Information about participating customers’ activity in a merchant loyalty program 
  • Customers’ physical address, where needed for delivery of goods or services 
  • Other information the customer provides, such as birthdate, interests or preferences, reviews, and feedback 

Information that we collect about Merchants’ personnel 

We may collect information about Merchants’ personnel and interactions with the A2Z POS, such as clock-in and clock-out time and tips earned. 

Additional information that Merchants provide to us about their customers or personnel 

Merchants may provide us with additional information directly, via access they grant to us, or otherwise. The types of information that merchants may provide to us about their customers include email addresses, phone numbers, and purchase history. The types of information that merchants may provide to us about their personnel include email addresses, phone numbers, social security numbers, marital statuses, number of dependents, other claim dependents, employment eligibility status, date of birth, shifts, and sales history. 

How We Use the Information We Collect 

We use the business and personal data we collect for or on behalf of Merchants, to provide our services and the functionality of our application: 

We may also use business and personal data for related internal purposes, including: 

  • To provide information about the application, such as important updates or changes to the application and security alerts 
  • To measure the performance of and improve the application 
  • To respond to inquiries, complaints, and requests for customer support 

In addition, the Company may use business and personal data as we believe necessary or appropriate to (a) comply with applicable laws and lawful requests and legal processes, such as to respond to subpoenas or requests from government authorities; (b) enforce the terms and conditions that govern our application; (c) protect our rights, privacy, safety or property, and/or that of you or others; and (d) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity. 

We use your business and personal data for the purposes of: 

  1. Providing our products and services, which includes:
  • Operating, evaluating, maintaining, improving, and providing the features and functionality of our products and services 
  • Managing our relationship with you or your company 
  • Carrying out our obligations, and exercising our rights, under our agreement with you or your company 
  • Communicating with you regarding your account with us, if you have one, including by sending you service-related emails or messages (e.g., messages regarding account verification, changes or updates to the functionality of our products or services, technical and security notices and alerts, and support and administrative messages) 
  • Facilitating communications between merchants’ customers and merchants regarding marketing messages and preferences 
  • Personalizing the manner in which we provide our products and services 
  • Maintaining records for merchants regarding their personnel’s interaction with and use of the A2Z POS (e.g., clock-in and clock-out time) 
  • Maintaining records for merchants of their customers’ purchase activity and history 
  • Administering and protecting our business 
  • Providing support and maintenance for our products and services, including responding to your service-related requests, questions, and feedback 
  1. For research and development
  • We use the information we collect for our own research and development purposes, which include: 
  • Developing or improving our products and services 
  • Developing and creating analytics and related reporting, such as regarding industry and fraud trends 
  1. Marketing
  • We may use your business and personal data to form a view on what products or services we think you may want or need, or what may be of interest to you. 
  • We may present opportunities when you use a A2Z POS to provide your business and personal data to a third party to facilitate marketing communications. 
  • We may contact merchants and merchant’s personnel with marketing communications using the business and personal data that the merchant provided to us if the merchant actively expresses interest in making a purchase of A2Z POS products or services or have made a purchase from us and, in any case, have not opted out of receiving that marketing, to the extent permitted by applicable law. 
  • Where required by law, we will get your express opt-in consent before we share your business and personal data with any company outside the A2Z POS and its affiliates and subsidiaries for marketing purposes. 
  • You can ask us to stop sending you marketing messages at any time by contacting us using the details in the Contact us section or clicking on the opt-out link included in each marketing message. 
  • Should you choose to opt-out of receiving our marketing messages, we will continue to carry out our other relevant activities using your business and personal data, including sending non-marketing messages. 
  1. D. Complying with law
  • We use your business and personal data as we believe necessary or appropriate to comply with applicable laws, lawful requests, and legal processes, such as to respond to subpoenas or requests from government authorities. 
  1. E. Compliance, fraud prevention, and safety
  • We use your business and personal data as we believe necessary or appropriate to (a) enforce the terms and conditions that govern our products and services; (b) protect our rights, privacy, safety or property, and/or that of you or others; and (c) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity. 
  1. F. With your consent
  • In some jurisdictions, applicable law may require us to request your consent to use your business and personal data in certain contexts, such as when we use certain cookies or similar technologies or would like to send you certain marketing messages. If we request your consent to use your business and personal data, you have the right to withdraw your consent at any time in the manner indicated when we requested the consent or by contacting us. If you have consented to receive marketing communications from our third-party partners, you may withdraw your consent by contacting those partners directly. 
  1. G. To create anonymous data
  • We may create anonymous data from your business and personal data and from other individuals whose business and personal data we collect. We make business and personal data into anonymous data by excluding information that makes the data personally identifiable to you, and use that anonymous data for our lawful business purposes. 

 

How we keep your data safe 

We have put in place appropriate security measures to prevent your business and personal data from being accidentally lost, used, or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your business and personal data to those employees, agents, contractors, and other third parties who have a business need to know. They will only process your business and personal data on our instructions and they are subject to a duty of confidentiality.  

We have put in place procedures to deal with any suspected business and personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so. 

How We Share Information 

We may share business and personal data that we collect with: 

  • The Merchant from whom or on whose behalf we collected the business and personal data 
  • The platform on which our application runs, the A2Z POS.  
  • With Clover and you may view Clover’s Privacy Notice here. 
  • With third parties as a Merchant may direct 
  • With third-party service providers that help us manage and improve the application 
  • With Company subsidiaries and corporate affiliates for the purposes described in this Privacy Policy or in our agreement with a Merchant 

The company may disclose business and personal data to government or law enforcement officials or private parties as required by law, and disclose and use such information as we believe necessary or appropriate to (a) comply with applicable laws and lawful requests and legal processes, such as to respond to subpoenas or requests from government authorities; (b) enforce the terms and conditions that govern our application; (c) protect our rights, privacy, safety or property, and/or that of you or others; and (d) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity. 

Company may sell or transfer some or all of its business or assets, including your business and personal data, in connection with a business transaction (or potential business transaction) such as a merger, consolidation, acquisition, reorganization or sale of assets or in the event of bankruptcy, in which case we will make reasonable efforts to require the recipient to honor this Privacy Policy.  

Links to other websites 

We may link to third-party websites, mobile applications, and other content. A2Z POS is not responsible for the privacy practices of any third party, and this privacy notice does not apply to such third party’s websites, mobile applications, or other content. A2Z POS does not guarantee, approve, or endorse any information, material, services, or products contained on or available through any linked third-party website, mobile application, or other content. A2Z POS is not responsible for any content on third-party properties to which we link. A2Z POS provides links to third-party properties or content as a convenience, and visiting or using linked third-party properties or content is at your own risk. 

Your Rights and Choices 

Data Subject Rights 

To the extent that applicable law provides individuals with rights pertaining to their business and personal information, such as to review and request changes to their business and personal information, individuals should contact the Merchant with any requests pertaining to the Merchant’s use of our application. To the extent that A2Z POS is responsible for responding to data subject rights requests under applicable law, individuals may contact A2Z POS with applicable requests as explained in this A2Z POS Privacy Policy. The company will assist a Merchant, or Clover, as applicable, in responding to such requests subject to our contract with a Merchant or Clover.  

Complaints 

If you have a complaint about our handling of business and personal data, you may contact us via the contact information provided below.  

Updates 

We reserve the right to modify this Privacy Policy at any time. We will notify you of updates by updating the date of this Privacy Policy. 

Contact Us 

You may contact us with any questions, comments, or complaints, about this Privacy Policy or our privacy practices via: [INSERT CONTACT DETAILS], Insert Phone #, Email, and PO Box 

Your California privacy rights 

As a California resident, you have the rights listed below. However, these rights are not absolute, and we may decline your request as permitted by the CCPA (California Consumer Privacy Act of 2018).  

Information. You can request the following information about how we have collected and used your business and personal information during the past 12 months: 

  • The categories of business and personal information that we have collected. 
  • The categories of sources from which we collected business and personal information. 
  • The business or commercial purpose for collecting and/or selling business and personal information. 
  • The categories of third parties with whom we share business and personal information. 
  • Whether we have disclosed your business and personal information for a business purpose, and if so, the categories of business and personal information received by each category of the recipient. 
  • Whether we’ve sold your business and personal information; and, if so, the categories of business and personal information received by each category of the recipient. 
  • Access. You can request a copy of the business and personal information that we maintain about you. 
  • Deletion. You can ask us to delete the business and personal information that we maintain about you. 
  • Nondiscrimination. You are entitled to exercise the rights described above free from discrimination. This means that we will not penalize you for exercising your rights by taking actions such as by denying you goods or services, increasing the price/rate of goods or services, decreasing the service quality, or suggesting that we may penalize you as described above for exercising your rights. However, the CCPA allows us to charge you a different price or provide a different service quality if that difference is reasonably related to the value of the business and personal information we are unable to use. 

How to exercise your rights 

You may exercise your California privacy rights as follows: 

Right to information, access, and deletion 

You can request to exercise your information, access, and deletion rights in the following ways: 

  • Call 1-800 [INSERT TOLL-FREE NUMBER] Insert A2Z Phone # 
  • Identity verification. The CCPA requires us to verify the identity of the individual submitting the request before providing a substantive response to the request. A request must be provided with sufficient detail to allow us to understand, evaluate and respond. The requester must provide sufficient information to allow us to reasonably verify that the individual is the person about whom we collected information. A request may also be made on behalf of your child under 13. 
  • Authorized agents. California residents can empower an “authorized agent” to submit requests on their behalf. We may require the authorized agent to have a written authorization confirming that authority. 

Sale of business and personal information 

We may sell, as defined under CCPA, your business and personal information to third parties. 

In the preceding twelve (12) months, we have not sold any business and personal information. 

Tracking Technologies and Cookies  

e last 12 months before the effective date of this Privacy Policy. We describe the sources through which we collect your business and personal information in section above titled The business and personal data we collect, and describe the purposes for which we collect, use, sell and share this information in section above titled How We Use Your business and personal data and the parties with whom we share your business and personal data. 

Category (see the glossary below for definitions) 

Do we collect this information? 

Do we share this information for business purposes? 

Identifiers 

[Yes] 

[Yes] 

Online Identifiers 

[Yes] 

[Yes] 

Protected Classification Characteristics 

[Yes] 

[Yes] 

Commercial Information 

[Yes] 

[Yes] 

Biometric Information 

[Yes] 

[Yes] 

Internet or Network Information 

[Yes] 

[Yes] 

Geolocation Data 

[Yes] 

[Yes] 

Sensory Information 

[Yes] 

[Yes] 

Professional or Employment Information 

[Yes] 

[Yes] 

Education Information 

[Yes] 

[Yes] 

Inferences 

[Yes] 

[Yes] 

Financial Information 

[Yes] 

[Yes] 

Medical Information 

[Yes] 

[Yes] 

Glossary 

Category 

Definition 

Categories of Personal Information 

Date Elements within the Category 

Biometric Information 

An individual’s physiological, biological or behavioral characteristics, including DNA, that can be used, singly or in combination with each other or with other identifying data, to establish an individual’s identity. Biometric information includes, but is not limited to, imagery of the iris, retina, fingerprint, face, hand, palm, vein patterns, and voice recordings, from which an identifier template, such as a face print, a minutiae template, or a voiceprint, can be extracted, and keystroke patterns or rhythms, gait patterns or rhythms, and sleep, health, or exercise data that contain identifying information. 

Transaction History 

Products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. 

Financial Information 

Bank account number, debit or credit card numbers, insurance policy number, and other financial information. 

Geolocation Data 

Precise location, e.g., derived from GPS coordinates or telemetry data. 

Identifiers 

Real name, alias, postal address, unique personal identifier, customer number, email address, account name other similar identifiers. 

Government-issued ID 

Social security number, driver’s license, passport, or other government-issued ID, including an ID number or image. 

Medical Information 

Personal information about an individual’s health or healthcare, including health insurance information. 

Internet or Network Information 

Browsing history, search history, and information regarding a consumer’s interaction with an Internet website, application, or advertisement. 

Online Identifiers 

An online identifier or other persistent identifier that can be used to recognize a person, family or device, over time and across different services, including but not limited to, a device identifier; an Internet Protocol address; cookies, beacons, pixel tags, mobile ad identifiers, or similar technology; customer number, unique pseudonym, or user alias; telephone numbers, or other forms of persistent or probabilistic identifiers (i.e., the identification of a person or a device to a degree of certainty of more probable than not) that can be used to identify a particular person or device. 

Physical Description 

An individual’s physical characteristics or description (e.g., hair color, eye color, height, weight). 

Professional or Employment Information 

Information relating to a person’s current, past or prospective employment or professional experience (e.g., job history, performance evaluations), and educational background. 

Protected Classification Characteristics 

Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). 

Sensory Information 

Audio, electronic, visual, thermal, olfactory, or similar information. 

[Insert contract information with address, phone, email]  Insert A2Z infoÂ