EFFECTIVE DATE: January 1, 2023
This “Privacy Notice” describes the practices of the Clover entity identified below and its respective subsidiaries and affiliates (collectively, “Clover”, “we”, “us”, or “our”) and the rights and choices available to individuals, regarding personal data. These Clover entities are members of the Fiserv group of companies. Personal data means any information that identifies or can reasonably be linked with an identifiable individual.
Clover may provide additional or supplemental privacy notices to individuals at the time we collect their data, which will govern how we may process the information provided at that time. We may alter this Privacy Notice as needed to abide by local laws or regulations around the world, such as by providing supplemental information in certain countries. This Privacy Notice does not apply to Clover’s processing of the personal data of its personnel, such as employees and contractors.
We provide important information here for individuals located within Member States of the European Union, countries in the European Economic Area, the United Kingdom, and Switzerland (collectively, “Europe” or “European”).
Table of Contents
We collect personal data about individuals from various sources described below. Where applicable, we indicate whether and why individuals must provide us with personal data, as well as the consequences of failing to do so.
A. Information that we collect when a merchant’s customer interacts with a Clover POS or other Clover payment method
(i) Information that we collect when individuals make a payment
When you make a payment at a merchant using a Clover Point of Sale system (“Clover POS”), the Clover Payment Gateway, the Clover App, the Clover Go App, or any other related payment method that Clover makes available, we collect information about the transaction, which may include personal data. Information about transactions includes the payment card used, name associated with the payment card, electronic signature, name and location of the merchant at which the transaction occurred, date and time of the transaction, transaction amount, and information about the goods or services purchased in the transaction.
(ii) Additional information merchants’ customers may provide through the Clover POS
We may collect additional information, depending on how a merchant configures its Clover POS. This information may include:
(iii) Additional information you may provide through the Clover App and Clover Go Apps
B. Information that we collect from merchants about their customers
Our merchants may provide us with information about their customers. This information may include uploaded email addresses, phone numbers, and purchase history, for instance when we manage promotions or marketing communications or perform other services on behalf of a merchant.
C. Information that we collect about merchants and their personnel
We may collect personal data directly from merchants (including prospective customers) about themselves and their personnel. We may collect information from these parties in a variety of contexts, such as when completing one of our online forms, making an application for one of our products or services, interacting with us on social media, or corresponding with us. The types of information we obtain in these contexts include:
D. Information collected via third-party applications
A merchant may choose to install third-party applications on its Clover POS, much like an individual can install applications on their mobile phone or tablet device. Clover may receive personal data about merchants, merchant’s customers, or merchant’s personnel as a result of the merchant’s use of the third-party application, such as when the application enhances or performs services related to the personal data and returns information to the merchant’s account. We are not responsible for the privacy practices of third-party applications that are run on the Clover POS or the scope or quality of the data that such an application transmits to us; however, we will treat the data we receive from the third-party application in accordance with this Privacy Notice.
E. Information that we collect about job applicants to Clover
We collect information about job applicants, such as name and contact information, professional credentials and skills, educational and work history, and other information of the type included on a resume or curriculum vitae. We may collect this information when an individual provides it to us directly or when another party, such as a recruiter, provides it.
F. Information that we collect from private and publicly accessible sources
We and our service providers may collect information about individuals that is publicly available, including by searching publicly accessible government lists of restricted or sanctioned persons (such as the Specially Designated Nationals And Blocked Persons List), public records databases (such as company registries and regulatory filings), and by searching media and the internet. We and or our third party verification providers may also collect information from private or commercially available sources, such as by requesting reports or information from credit reference and fraud prevention agencies, to the extent permitted under applicable law. We may also maintain pages for our company and our products and services on a variety of third-party platforms, such as LinkedIn, Facebook, Twitter, YouTube, Instagram, and other social networking services. When individuals interact with our pages on those third-party platforms, the third-party’s privacy policy will govern your interactions on the relevant platform. If the third-party platform provides us with information about our pages on those platforms or your interactions with them (e.g. for lead generation purposes), we will treat that information in accordance with this Privacy Notice.
G. Information collected via automated means
When you access our websites or use our mobile applications, we, our service providers, and our partners may automatically collect information about you, your computer or mobile device, and activity on our websites or mobile applications. Typically, this information includes your computer or mobile device operating system type and version number, manufacturer and model, device identifier (such as the Google Advertising ID or Apple ID for Advertising), browser type, screen resolution, IP address, the website you visited before browsing to our website, general location information such as city, state or geographic area; and information about your use of and actions on or in our websites or mobile applications, such as pages or screens you accessed, how long you spent on a page or screen, navigation paths between pages or screens, information about your activity on a page or screen, access times, and length of access. Certain products or services that we provide or which merchants may incorporate into their websites or mobile applications may automatically collect additional information, as may be further described in a separate privacy notice.
Our service providers and business partners may collect this type of information over time and across third-party websites. This information is collected via various mechanisms, such as via cookies, pixels, tags, web beacons, embedded scripts, through our mobile applications, and similar technologies. This type of information may also be collected when you read our HTML-enabled emails. Please refer to our Cookies Notice for more details. You can choose to disable cookies or to opt out of the use of your browsing behavior for purposes of targeted advertising. For opt out instructions, please review the “Targeted online advertising” portion of the “Your Choices” section of this Privacy Notice.
H. Sensitive personal data
In limited circumstances and when permitted by law, we may collect a merchant’s and/or their employee’s biometric data to confirm a merchant’s and/or their employee’s identity, such as when they authenticate a payment or sign into their Clover device using their fingerprint. In some circumstances, we may collect information that may reveal health or medical information, such as when we process transactions at health or medical facilities or pharmacies. In the context of processing employment applications, we may also request sensitive information, such as racial or ethnic origin, where required or permitted by law of the country in which you are applying for employment.
Outside of these contexts or otherwise as we specifically request, we ask that you not provide us with any sensitive personal data (meaning information revealing racial or ethnic origin, political opinions, religion or philosophical beliefs, trade union membership, genetic, health, or biometric information, information about sex life or sexual orientation, or criminal convictions or offenses) through our websites or mobile applications, or otherwise to us.
I. Information received in connection with the Food Ordering Program
Clover provides merchants with a “Food Ordering Program,” which allows consumers to place orders for food, beverages, and other related products (each, a “Food Order”) by delivery or collection. When you place an order via the Food Ordering Program, we may receive information which may include the following:
Clover has also partnered with certain third-party companies (e.g. Google) to enable you to order food online from participating Clover merchants directly from those companies’ products such as Google Search, Google Maps, and Google Assistant. When you use this feature to place an order,
Clover receives the same or similar information as it would when you place an order with the Food Ordering Program on Clover directly.
We use your personal data for the purposes of:
A. Providing our products and services, which includes:
B. For research and development
We use the information we collect for our own research and development purposes, which include:
C. Marketing
We may use your personal data to form a view on what products or services we think you may want or need, or what may be of interest to you.
We may present opportunities when you use a Clover POS to provide your personal data to Clover and merchants to facilitate marketing communications between you and the merchant, and we will send such marketing communication if you agree to receive them.
We may contact merchants and merchant’s personnel with marketing communications using the personal data that the merchant provided to us if the merchant actively expresses interest in making a purchase of Clover products or services or have made a purchase from us and, in any case, have not opted out of receiving that marketing, to the extent permitted by applicable law.
Where required by law, we will get your express opt-in consent before we share your personal data with any company outside the Fiserv group for marketing purposes.
You can ask us to stop sending you marketing messages at any time by contacting us using the details in the Contact us section or clicking on the opt-out link included in each marketing message.
Should you choose to opt out of receiving our marketing messages, we will continue to carry out our other relevant activities using your personal data, including sending non-marketing messages.
D. Managing our recruiting and processing employment applications
We process personal data, such as information submitted to us in a job application, to facilitate our recruitment activities and process employment applications, such as evaluating a job candidate for an employment activity, and monitoring recruitment statistics.
E. Complying with law
We use your personal data as we believe necessary or appropriate to comply with applicable laws, regulations, lawful requests and legal processes, such as to respond to subpoenas or requests from government authorities.
F. Compliance, fraud prevention and safety
We use your personal data as we believe necessary or appropriate to (a) enforce the terms and conditions that govern our products and services; (b) protect our rights, privacy, safety or property, and/or that of you or others; and (c) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity.
G. With your consent
In some jurisdictions, applicable law may require us to request your consent to use your personal data in certain contexts, such as when we use certain cookies or similar technologies or would like to send you certain marketing messages. If we request your consent to use your personal data, you have the right to withdraw your consent any time in the manner indicated when we requested the consent or by contacting us. If you have consented to receive marketing communications from our third party partners, you may withdraw your consent by contacting those partners directly.
H. To create anonymous data
We may create anonymous or aggregated data from your personal data and from other individuals whose personal data we collect. We make personal data into anonymous or aggregated data by excluding information that makes the data personally identifiable to you, and use that anonymous data for our lawful business purposes.
A. Companies within the Fiserv group
We may disclose your personal data to our subsidiaries and corporate affiliates – including those in the Fiserv group of companies – for purposes consistent with this Privacy Notice.
B. Service providers
We employ third party companies and individuals to administer and provide services on our behalf (such as companies that provide customer support, companies that we engage to host, manage, maintain, and develop our website, mobile applications, and IT systems, companies that help us process payments, companies that assist with food delivery on behalf of our Merchants, and companies that help us analyze your usage of our services for product improvement purposes). These third parties may use your information only as directed by Clover in a manner consistent with this Privacy Notice and are prohibited from using or disclosing your information for any other purpose.
C. Merchants and Applications that run on the Clover POS Used by Merchants
When Clover performs services for merchants, it may share personal data with those merchants. For example, Clover may collect information about a merchant’s customers from or on behalf of the merchant, such as when Clover processes payment transactions, and Clover may provide personal data about those customers back to the merchant. When you place a food order via Clover’s “Food Ordering Program,” or when Clover receives your information in connection with an order placed on another company’s website, app or service, we may share that information with the Merchant in order to fulfil your order. We are not responsible for the privacy practices of merchants who use our services.
Third-party applications that a merchant has installed on a Clover POS may be capable of providing instructions to Clover to engage in a transfer of personal data, similar to how a merchant could provide such directions. For example, an application may direct Clover to export data or reports to a third-party cloud storage system. Merchants are responsible for their use of third-party applications, the directions that the application provides to Clover, and Clover’s reliance on those directions. Clover is not responsible for the privacy policy or practices of any third-party application.
D. Participants in the transaction processing chain
Clover shares personal data with companies in the transaction processing chain in connection with processing a payment transaction, such as merchants, banks or other card issuers, card associations, debit network operators and their members.
E. Credit reference, fraud protection, risk management, and identity verification agencies
Clover shares personal data with credit reference, fraud protection, risk management, and identity verification agencies to help guard against, detect, and respond to fraud or money laundering, and/or manage our or merchants’ risk, and ensure we comply with contractual, legal, or regulatory requirements.
F. Professional advisors
We may disclose your personal data to professional advisors, such as lawyers, bankers, auditors and insurers, where necessary in the course of the professional services that they render to us.
G. To comply with laws and law enforcement; protection and safety
Clover may disclose information about you to government or law enforcement officials (including tax authorities) or private parties as required by law, and disclose and use such information as we believe necessary or appropriate to:
(i) Comply with applicable laws, lawful requests, and legal processes, such as to respond to subpoenas or requests from government authorities;
(ii) Enforce the terms and conditions that govern our products and services;
(iii) Protect our rights, privacy, safety or property, and/or that of you or others; and
(iv) Protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity.
H. Business transfers
Clover may sell or transfer some or all of its business or assets, including your personal data, in connection with a business transaction (or potential business transaction) such as a merger, consolidation, acquisition, reorganization or sale of assets or in the event of bankruptcy, in which case we will make reasonable efforts to require the recipient to honor this Privacy Notice.
I. To other parties with your permission or to fulfill a contract they have with you
Clover may transfer your personal data to any third party who is not otherwise covered by the other listed categories above where you have given us permission to do so, or with whom you have entered into a contract when we need to transfer your personal data to that party in order to fulfill that contract.
In this section, we describe the rights and choices available to all users. Users subject to additional jurisdiction-specific disclosures may read additional information about their rights below.
A. Marketing communications
You can ask us to stop sending you marketing messages at any time by contacting us or clicking on the opt-out link included in each marketing message. You may continue to receive service-related and other non-marketing messages. You may unsubscribe from a specific merchants’ communications sent to you via Clover’s technology by clicking “Unfollow” (or a similarly-titled opt-out link).
B. Targeted online advertising
Some of the business partners that collect information about users’ activities on our websites or in our mobile applications may be members of organizations or programs that provide choices to individuals regarding the use of their browsing behavior or mobile application usage for purposes of targeted advertising.
Users may opt out of receiving targeted advertising on websites through participating members of the following organizations or programs:
Users of mobile applications may opt out of receiving targeted advertising in mobile applications through participating members of the Digital Advertising Alliance by installing the AppChoices mobile application, available here, and selecting the user’s choices. In addition, your mobile device settings may provide functionality to limit our, or our partners’, ability to engage in ad tracking or targeted advertising using the Google Advertising ID or Apple ID for Advertising associated with your mobile device.
Please note that we also may work with companies that offer their own opt-out mechanisms and may not participate in the opt-out mechanisms that we linked above.
If you choose to opt-out of targeted advertisements, you will still see advertisements online but they may not be relevant to you. Even if you do choose to opt out, not all companies that serve online behavioural advertising are included in this list, and so you may still receive some cookies and tailored advertisements from companies that are not listed.
C. Do Not Track Signals
Some Internet browsers may be configured to send "Do Not Track" signals to the online services that you visit. We currently do not respond to do not track signals. To find out more about "Do Not Track," please visit http://www.allaboutdnt.com.
D. Choosing not to provide your personal data
Where we request personal data directly from you, you do not have to provide it to us. If you decide not to provide the requested information, in some circumstances we, or merchants who use Clover, may be unable to provide products or services to you. For example, we may be unable to process your transaction.
E. Accessing, modifying or deleting your information
In some jurisdictions, applicable law may provide a right for individuals to access, modify, or delete their personal data. You may contact us directly to request access to, or modification or deletion of, your information. We may not be able to provide access to, or modify or delete, your information in all circumstances.
F. Complaints
If you have a complaint about our handling of your personal data, you may contact our data protection officer using the contact information below. We request that a complaint be made in writing. Please provide details about your concern or complaint so that our data protection officer can investigate it. We will take appropriate action in response to your complaint, which may include conducting internal discussions with relevant business representatives. We may contact you for additional details or clarification about your concern or complaint. We will contact you to inform you of our response to your complaint. You also may have a right to file a complaint with a national or local regulatory agency.
Clover is headquartered in the United States, and it maintains offices and has service providers in other countries, such as the countries listed here. Your personal data may be transferred to the United States or other locations outside of your state, province, country or other governmental jurisdiction where we or our service providers maintain offices and where privacy laws may not be as protective as those in your jurisdiction. If we make such a transfer, we will require that the recipients of your personal data provide data security and protection in accordance with applicable law.
European users should read the important information provided here about transfer of personal data outside of Europe.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We maintain annual compliance with global Payment Card Industry Data Security Standard (PCI DSS) adopted by the payment card brands for all companies that process, store or transmit cardholder data.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
We may link to third-party websites, mobile applications, and other content. Clover is not responsible for the privacy practices of any third party, and this privacy notice does not apply to such third party’s websites, mobile applications, or other content. Clover does not guarantee, approve, or endorse any information, material, services, or products contained on or available through any linked third-party website, mobile application, or other content. Clover is not responsible for any content on third-party properties to which we link. Clover provides links to third-party properties or content as a convenience, and visiting or using linked third-party properties or content is at your own risk.
We will use your personal data for as long as necessary based on why we collected it and what we use it for. This may include our need to satisfy a legal, regulatory, accounting, or reporting requirement.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
In general terms, we will retain your personal data for as long as is necessary for the purposes identified in this Privacy Notice, including to provide our Services, to comply with legal obligations, to enforce and prevent violations of our Terms, to protect against fraudulent activity, and to defend our legal rights, property and users.
A. Controller and Data Protection Officer
Clover is a member of the Fiserv group of companies. Clover Network, LLC is the controller of your personal data for purposes of European and UK data protection law.
Fiserv has appointed a data protection officer (“DPO”) who is responsible for overseeing questions in relation to this Privacy Notice. If you have any questions about this Privacy Notice, including any requests to exercise your legal rights, please contact the DPO using the details set out below:
Data Protection Officer, Fiserv
Email address: dpo@fiserv.com
Postal Address:
Janus House
Endeavour Drive
Basildon
Essex
SS14 3WF
B. Legal bases for processing
If you are based in Europe or the UK, we are required to inform you of the legal bases of our processing of your personal data, which are described in the table below. If you have questions about the legal basis of how we process your personal data, you may contact us using the information provided in the section above.
Processing Purpose (click here for details) Details regarding each processing purposes listed below are provided in the section above titled "How we use your personal data" | Legal basis |
Providing our products and services | Processing is necessary to perform the contract governing our provision of the products or services or to take steps that you request prior to signing up for the Services. In addition, when we process personal data on merchants’ customers, these purposes constitute our legitimate interests. |
Marketing; For research and development; Managing our recruiting and processing employment applications; Compliance, fraud prevention and safety; To create anonymous data | These processing activities constitute our legitimate interests. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). In some cases, marketing may be based on your consent – such as where you provide your email address to us for the specific purpose of receiving our or merchants’ marketing communications |
To comply with law | Processing is necessary to comply with our legal obligations |
With your consent | Processing is based on your consent. Where we rely on your consent you have the right to withdraw it anytime in the manner indicated in the Service or by contacting us via the following link here |
C. Use for new purposes
We may use your personal data for reasons not described in this Privacy Notice where permitted by law and the reason is compatible with the purpose for which we collected it.
D. Automated decisions, credit reference agencies and fraud prevention agencies
We sometimes make automated decisions based on your personal data (whether provided by you or collected by us from third parties such as credit reference and fraud prevention agencies). We will only do this where it is required in connection with a contract, authorized by law, or based on your explicit consent. You can contact us for more information on automated decision making. Please also see the “Your individual legal rights” section below.
E. Your individual legal rights
Under certain circumstances, individuals in Europe, the UK and Brazil have rights under data protection laws in relation to their personal data. If you are located in Europe, UK or Brazil, you may ask us to take the following actions regarding personal data that we hold:
Restriction You may ask us to suspend our use of your personal data in the following scenarios:
Transfer/Portability. Where it is possible, we will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to personal data provided by you which you initially provided consent for us to use or where we used the information to perform a contract with you.
Automated decision making. You have the right not to be subject to automated decision making (e.g., profiling) that significantly affects you. The exercise of this right is not available to you in the following cases:
However, in the first two cases set out above, you still have the right to obtain human intervention in respect of the decision, to express your point of view and to contest the decision.
You can submit requests to exercise these rights by contacting the Fiserv Privacy Office using the following link here. We may need to request specific information from you to help us confirm your identity and ensure you are entitled to exercise a right in respect of your personal data, for example, a merchant identification number or account number. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
There may be legal or other reasons why we cannot, or are not obliged to, fulfill a request to exercise your rights. We will use available lawful exemptions to your individual rights to the extent appropriate. If we decline your request, we will tell you why, subject to legal restrictions.
You will not have to pay a fee to exercise any of your rights relating to your personal data. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We will respond to all legitimate requests promptly and, in any event, within any timeframes prescribed by applicable law. In general, we must respond to queries within one month from the receipt of the request, so it is important that requests are identified and submitted using the following link here as soon as possible. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated. Any transmission of your personal data will be handled in a secure manner.
You also have the right to make a complaint at any time to a supervisory authority (for more information go to https://edpb.europa.eu/about-edpb/board/members_en).
G. Cross-border data transfer
We transfer your personal data within the Fiserv group, including outside of Europe and the UK. Whenever we transfer your personal data out of Europe or the UK within the Fiserv group to countries not deemed by the European Commission to provide an adequate level of protection for personal data, the transfer will be based on our EU or UK Binding Corporate Rules, as applicable, copies of which can be found here, or one of the lawful transfer mechanisms identified below as may be appropriate.
When we transfer personal data outside of Europe, within the group where the Binding Corporate Rules do not apply, or to third parties in countries not deemed by the European Commission to provide an adequate level of protection for personal data, the transfer will be made pursuant to:
- A contract approved by the European Commission (called “Standard Contractual Clauses”);
- The recipient’s Binding Corporate Rules;
- The consent of the individual to whom the personal data relates; or
- Other mechanisms or legal grounds as may be permitted under applicable European law
Please contact us if you would like to receive further information on the specific mechanism used by us when transferring your personal data out of Europe.
The information provided in this “Information for California Residents” section only applies to California residents. This notice describes how we collect, use and disclose your Personal Information (as defined in the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act, or “CCPA”), and your rights with respect to that Personal Information.
Your California privacy rights
As a California resident, you have the rights listed in the section above titled Accessing, correcting or deleting your information. However, these rights are not absolute, and we may decline your request as permitted by the CCPA.
You are entitled to exercise the rights described above free from discrimination. This means that we will not penalize you for exercising your rights by taking actions such as by denying you goods or services, increasing the price/rate of goods or services, decreasing the service quality, or suggesting that we may penalize you as described above for exercising your rights.
How to exercise your rights
If you are a California resident, you may exercise your access, correction, and deletion rights as follows:
Sale or Sharing of Personal Information for cross-context behavioral advertising
Our websites and online services may use analytics and advertising tools that enable our analytics and marketing partners to collect and disclose internet or other electronic network activity information based on your activity across our services and sites, including to analyze your usage of our services and to serve you advertisements that are relevant to you (collectively, “cross-context behavioral advertising”). However, please note that we do not knowingly sell or share the Personal Information of consumers under 16 without consent.
You have the right to opt-out of our sale or sharing of your Personal Information using our opt-out tool located in the bottom right-hand corner of your screen.
Personal information that we collect, use and disclose
The chart below summarizes our collection, use and disclosure of Personal Information during the last 12 months. We describe the sources through which we collect your Personal Information in the section above titled The Personal Data We Collect, and describe the purposes for which we collect, use, and disclose this information in section above titled How We Use Your Personal Data and The Parties With Whom We Share Your Personal Data.
Processing Purpose (click here for details) Details regarding each processing purposes listed below are provided in the section above titled "How we use your personal data" | Legal basis |
Providing our products and services | Processing is necessary to perform the contract governing our provision of the products or services or to take steps that you request prior to signing up for the Services. In addition, when we process personal data on merchants’ customers, these purposes constitute our legitimate interests. |
Marketing; For research and development; Managing our recruiting and processing employment applications; Compliance, fraud prevention and safety; To create anonymous data | These processing activities constitute our legitimate interests. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). In some cases, marketing may be based on your consent – such as where you provide your email address to us for the specific purpose of receiving our or merchants’ marketing communications |
To comply with law | Processing is necessary to comply with our legal obligations |
With your consent | Processing is based on your consent. Where we rely on your consent you have the right to withdraw it anytime in the manner indicated in the Service or by contacting us via the following link here |
Please note that we may also disclose personal information for our Everyday Business Purpose and to comply with law, for compliance, fraud prevention, and safety purposes; in the event of business transfers; and to our professional advisors, and as further described above in Section 3 of this Privacy Notice.
We will retain your Personal Information as set forth above.
Glossary
Categories of Personal Information | Examples of Elements Within the Category |
Biometric Information | An individual’s physiological, biological or behavioral characteristics, including information pertaining to an individual’s DNA, that is used or is intended to be used, singly or in combination with each other or with other identifying data, to establish an individual’s identity. Biometric information includes, but is not limited to, imagery of the iris, retina, fingerprint, face, hand, palm, vein patterns, and voice recordings, from which an identifier template, such as a face print, a minutiae template, or a voiceprint, can be extracted, and keystroke patterns or rhythms, gait patterns or rhythms, and sleep, health, or exercise data that contain identifying information. |
Commercial Information | Commercial information, including records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. |
Financial Information | Bank account number, debit or credit card numbers, insurance policy number, and other financial information. |
Geolocation Data | Precise location, e.g., derived from GPS coordinates or telemetry data. |
Identifiers | Real name, alias, postal address, unique personal identifier, customer number, email address, account name other similar identifiers. |
Inferences | Inferences drawn from any personal information collected to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. |
Government-issued ID | Social security number, driver’s license, passport, or other government-issued ID, including an ID number or image. |
Medical Information | Personal information about an individual’s health or healthcare, including health insurance information. |
Internet or Network Information | Browsing history, search history, and information regarding a consumer’s interaction with an Internet website, application, or advertisement. |
Online Identifiers | An online identifier or other persistent identifier that can be used to recognize a person, family or device, over time and across different services, including but not limited to, a device identifier; an Internet Protocol address; cookies, beacons, pixel tags, mobile ad identifiers, or similar technology; customer number, unique pseudonym, or user alias; telephone numbers, or other forms of persistent or probabilistic identifiers (i.e., the identification of a person or a device to a degree of certainty of more probable than not) that can be used to identify a particular person or device. |
Professional or Employment Information | Information relating to a person's current, past or prospective employment or professional experience (e.g., job history, performance evaluations), and educational background. |
Protected Classification Characteristics | Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). Racial or ethnic origin, religious or philosophical beliefs, genetic data, and personal information collected and analyzed concerning a consumer’s sex life or sexual orientation are considered to be sensitive personal information under the CCPA. |
Sensory Information | Audio, electronic, visual, thermal, olfactory, or similar information. |
Every-day Business Purposes | This means the use of personal information for our operational purposes, or other notified purposes, which may include: auditing relating to counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards, helping to ensure security and integrity to the extent the use of the consumer’s personal information is reasonably necessary and proportionate for these purposes, debugging to identify and repair errors that impair existing intended functionality, short-term transient use including, but not limited to, non personalized advertising shown as part of a consumer’s current interaction with us, performing services on behalf of a business, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, providing storage, or providing similar services on behalf of the business, providing advertising and marketing services (other than cross-contextual behavioral advertising), undertaking internal research for technological development and demonstration, and undertaking activities to verify or maintain the quality or safety of our products and services and to improve, upgrade, or enhance our products and services. |
Sensitive Personal Information
We do not use or disclose Sensitive Personal Information except for purposes for which you do not have a right to limit the use and disclosure of Sensitive Personal Information under the CCPA. For example, we may use Sensitive Personal Information to provide you products or services you have requested.
The information provided in this “Information for Virginia Residents” section only applies to residents of the Commonwealth of Virginia acting in an individual or household context. It does not apply to the data or Virginia residents acting in a commercial or employment context. This notice describes the rights you may have with respect to your personal data under the Virginia Consumer Data Protection Act, or “VCDPA”). We describe the categories of personal data that we process and disclose to third parties,the purposes for which we process personal data, and the categories of third parties that we disclose personal data to in the sections above titled The Personal Data We Collect, How We Use Your Personal Data, The Parties With Whom We Share Your Personal Data, and the Personal information that we collect, use and share sub-section of the Information for California Residents section.
As a Virginia resident, you may have the rights listed in the section above titled Accessing, correcting or deleting your information. However, these rights are not absolute, and we may decline your request as permitted by the VCDPA.
How to exercise your rights
If you are a Virginia resident, you may exercise your access, correction and deletion rights as follows, by:
You can also appeal a denial of your request through the requests portal, or by email to dpo@fiserv.com
We reserve the right to modify this Privacy Notice at any time. We encourage you to periodically review this page for the latest information on our privacy practices. If we make material changes to this Privacy Notice, we will notify you by updating the date of this Privacy Notice and posting it on our website and in app stores where our mobile applications covered by this Privacy Notice are available for download. We may (and, where required by law, will) also provide notification of changes in another way that we believe is reasonably likely to reach you, such as via e-mail (if you have an account where we have your contact information) or another manner through our website or mobile applications.
Any modifications to this Privacy Notice will be effective upon our posting of the new terms and/or upon implementation of the new changes (or as otherwise indicated at the time of posting). In all cases, your continued use of our products or services after the posting of any modified Privacy Notice indicates your acceptance of the terms of the modified Privacy Notice.
If you have any questions, concerns, or complaints about this Privacy Notice or our privacy practices, or to request access to your personal data, you may contact our Data Protection Officer at dpo@fiserv.com.
We also maintain a Data Privacy Hotline, which is available 24 hours per day from the United States, at +1 855-499-9920. The Hotline is the most appropriate contact for an urgent concern, such as to report a suspected data breach regarding your personal data; or, if you are a merchant, data of your customers.
For questions about your credit or debit card or your purchase, please contact the financial institution that issued your card or the merchant.
*Promotional offer valid from October 1, 2024, through January 31, 2025. This offer is available for qualified customers who have not had a merchant services account processed by First Data Merchant Services LLC within six months. New accounts are subject to standard credit approval and underwriting requirements. Offer is valid for one $500 rebate for a Clover Flex, Mini, Station Solo, Station Duo point-of-sale hardware device purchase —or— Offer is valid for one $500 rebate for a Clover Flex, Mini, Station Solo, Station Duo point-of-sale hardware device subscription. The offer does not include the Clover Go or Clover Compact devices. The rebate will be applied to the merchant’s deposit account as follows: the $500 rebate will be initiated within approximately 60 days after the account begins processing transactions. To be eligible for the purchase rebate, the merchant must (1) purchase a Clover Flex, Mini, Station Solo, Station Duo point-of-sale hardware device; (2) must be credit approved between 10/1/24 and 1/31/25; (3) sign a merchant processing agreement; and (4) activate account within 30 days from approval date. To be eligible for the subscription rebate, merchant must (1) subscribe for a Clover Flex, Mini, Station Solo, Station Duo or Kiosk point-of-sale hardware device; (2) sign up for 36- or 48-month subscription term; (3) must be credit approved between 10/1/24 and 1/31/25; (4) sign a merchant processing agreement; and (5) activate account within 30 days from approval date. Additional fees apply to certain Clover apps’ software components, services and activated accounts, and are not included in the monthly subscription fee. Additional fees related to the hardware subscription may apply. All terms and conditions apply, including, without limitation, all applicable early termination fees and monthly minimums. Only one offer per eligible business tax ID. Eligibility is subject to review and determination by First Data Merchant Services LLC in its sole discretion. Offer not valid with any other offer and subject to change without notice. Terms and conditions apply.
**Offer valid for new First Data Merchant Services LLC customers only. Offer requires new enrollment in First Data Merchant Services LLC payment processing and an active merchant processing account. Certain restrictions and exclusions apply. Merchant account is subject to credit approval. Offer subject to change without notice. New merchant account is subject to credit approval and requires entering into a merchant processing agreement. The Walmart eGift card has a maximum value of $100 and is sent through email within 7–10 business days after merchant activates its account. Rates are valid for Walmart Business members only. First Data Merchant Services LLC is solely responsible for the promotion and fulfillment of the Walmart eGift Card.
©2024 Clover Network, LLC. The Clover name and logo are registered trademarks owned by Clover Network, LLC and are registered or used in the U.S. and many foreign countries. All trademarks, service marks and trade names referenced in this material are the property of their respective owners. Use of Clover requires a Merchant Processing Agreement.