Privacy Policy
TABLE OF CONTENTS
- INTRODUCTION
- CHANGES AND UPDATES TO THE PRIVACY POLICY AND YOUR DUTY TO INFORM US OF CHANGES
- IMPORTANT INFORMATION AND WHO WE ARE
- PURPOSE OF THIS PRIVACY POLICY
- THIRD-PARTY WEBSITES
- THE COLLECTION OF PERSONAL INFORMATION
- THE SOURCES FROM WHICH WE COLLECT YOUR PERSONAL INFORMATION
- HOW WE USE YOUR PERSONAL INFORMATION
- CHOICES ABOUT YOUR PERSONAL INFORMATION
- CHILDREN’S PRIVACY
- DISCLOSURES OF YOUR PERSONAL INFORMATION
- INFORMATION SECURITY
- INFORMATION RETENTION
- COLLECTION AND USE OF BIOMETRIC INFORMATION
- CONTACT INFORMATION
SEPARATE PAGES
INTRODUCTION
ParTech, Inc. and its subsidiaries PAR Payment Services, LLC, AccSys, LLC, and Punchh, Inc., (collectively referred to as “PAR,” “us,” “we,” or “our” as the context may require) respect the privacy of our business customers, employees of business customers, guests, and visitors (collectively, “you” and “your”) and are committed to protecting your personal information. This Privacy Policy (the “Privacy Policy”) applies to information collected through the websites and mobile applications that we operate (collectively, the “Sites”) or online and offline in our provision of hardware, software, software as a service, and data services to the restaurant and retail industries (collectively, the “Products and Services”) and does not cover any information collected by third parties (unless specifically stated).
For purposes of this Privacy Policy, “personal data” or “personal information” means any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. It does not include information that cannot reasonably be used to infer information about, or otherwise be linked to, a particular consumer, such as deidentified or aggregated information. We reserve the right to convert, or permit others to convert, your personal information into deidentified information or aggregate information, and may elect not to treat publicly available information as personal information, to the extent permitted by applicable law. We will not attempt to reidentify information that we maintain as aggregated or deidentified.
By accessing or using the Sites, using our Products and Services, or otherwise providing us with personal information, you agree to the terms and conditions of this Privacy Policy and any updates we make to it. If you do not agree to the terms and conditions of this Privacy Policy, then please do not access or use the Sites, use our Products and Services, or otherwise provide us with your information. Please note, however, that if you choose to limit the information that you provide to us while using the Sites or our Products and Services, you may not be able to use or participate in certain features of the Sites or our Products and Services.
Certain portions of this Privacy Policy also apply to other personal information collected or maintained by PAR, for example, under “EEA, UK, & SWITZERLAND PRIVACY RIGHTS,” “US STATE PRIVACY RIGHTS,” “CANADA PRIVACY RIGHTS,” and “sections below. If you are located in the European Union (the “EU”), or if your personal information otherwise may be subject to the requirements of the General Data Protection Regulation (Regulation (EU) 2016/679, or “GDPR”), and other applicable regulations, please review carefully the “EEA, UK, & SWITZERLAND PRIVACY RIGHTS ” below for more information on how PAR collects and processes your personal information in accordance with these laws. If you are a resident of California, Colorado, or Virginia, please see “US STATE PRIVACY RIGHTS” below for more specific information about your privacy rights under U.S. Privacy Laws, including the California Consumer Privacy Act, as amended (including, by the California Privacy Rights Act) (together, the “CCPA”), the Colorado Privacy Act, the Virginia Consumer Data Protection Act, Chapter 603A of the Nevada Revised Statutes, and all laws implementing, supplementing or amending the foregoing, including regulations promulgated thereunder (collectively, “U.S. Privacy Laws”).
CHANGES AND UPDATES TO THE PRIVACY POLICY AND YOUR DUTY TO INFORM US OF CHANGES
We regularly review our Privacy Policy. We reserve the right to alter, modify, update, add to, subtract from or otherwise change this Privacy Policy at any time. We will use your personal information in a manner consistent with the Privacy Policy in effect at the time we collected your personal information. Your continued use of the Sites or our Products and Services after we make changes is deemed to be your acknowledgment of those changes and you are responsible for periodically visiting the Sites and this Privacy Policy to check for any changes.
It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your relationship with us by contacting us (see “Contact Information,” below).
IMPORTANT INFORMATION AND WHO WE ARE
PURPOSE OF THIS PRIVACY POLICY
This Privacy Policy provides you with information on how PAR collects and processes your personal information, including any information provided to us by customers who use and operate our Products and Services (our “Business Customers”) or that you may provide directly to us when you:
- contact us for information on our Products and Services;
- purchase products from our Business Customers;
- purchase Products or Services from us;
- join one of our online communities (e.g., PAR Brink POS User Community); and
- connect with us via social media (e.g., Facebook).
In most cases, we collect and process personal information solely in our capacity as a service provider (or “processor” for purposes of the GDPR and certain U.S. Privacy Laws) to our Business Customers. In that context, we receive personal information about you from a Business Customer or collect information from you on behalf of a Business Customer for the business purpose of providing Products and Services to such Business Customer and other legally permitted uses. If you are a customer of one of our Business Customers on whose behalf we have collected or processed your personal information, the rights described below do not apply to personal information collected and processed on behalf of such Business Customer. If you have questions or wish to exercise your rights relating to such personal information, please contact that Business Customer directly.
This Privacy Policy does not apply to our job applicants, current employees, former employees, or independent contractors (collectively, “Personnel”); however, our California-based Personnel may obtain a separate privacy notice that applies to them by contacting our human resources department through the PAR Hub or via email at par_benefits@partech.com.
It is important that you read this Privacy Policy together with any other privacy policy or fair processing policy we may provide on specific occasions when we are collecting or processing personal information about you so that you are fully aware of how and why we are using your personal information.
THIRD-PARTY WEBSITES
Some components of the Sites are operated by third parties or may include links to third-party websites, plug-ins and applications, and are therefore subject to additional terms found in the policies of those third parties. Clicking on those links or enabling those connections may allow third parties to collect or share information about you. We do not control these third-party websites and are not responsible for their privacy policies. When you leave our Sites, we encourage you to read the privacy policy of any third-party website you may visit.
THE COLLECTION OF PERSONAL INFORMATION
The categories of personal information we have collected about you in the previous 12 months and the purposes for which we used such personal information are as follows. The numbers listed under the column “Purposes for Collection” correspond to the purposes described in Section 4 below.
| Category of Information | Description | Purposes for Collection |
| Identifiers | First name, last name, social security number, username or similar identifier, password, date of birth, title, address, email address and telephone numbers. | 1, 2, 3, 4, 5, 6, 7 and 8 |
| Financial Information | Account information, payment preference and payment and gift card details. | 1, 2, 3, 4, 5 and 7 |
| Commercial Information | Information about payments to and from you and other details of Products and Services you have purchased from us, and your preferences in receiving marketing from us and our third parties and your communication preferences. | 1, 3, 4, 5, 6, and 8 |
| Internet Usage Information | Information such as internet protocol (IP) address, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access the Sites or our Products and Services. | 1, 2, 3, 4, 5, 7 and 8 |
| Geolocation information | Information such as longitude and latitude from your IP address or mobile device when using our mobile apps or mobile apps developed by us for our Business Customers that may provide location of the device you are using. | 2 |
| Sensory Information (Audio, electronic, visual, or similar information) | Profile pictures, customer testimonials, videos, meetings with customers or potential customers. | 2 and 8 |
| Professional or Employment Information | Job title, business address, or other professional information. | 1, 3, 5, 6, 7 and 8 |
| Inferences from PI Collected | Information drawn from any of the above-referenced personal information to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. | 2 |
| Sensitive Personal Information | We also collect the following categories of sensitive information, referred to herein collectively as “Sensitive Personal Information”: | |
| 1 and 2 | |
| Internet or Other Electronic Network Activity Information | Equipment, browsing actions and patterns, cookies and other similar technologies. We collect this personal information by using cookies and other similar technologies. |
As permitted by U.S. Privacy Laws, we also collect, use and share “Aggregated Information” such as statistical or demographic information for any legal purpose. Aggregated Information could be derived from your personal information but is not considered personal information under applicable laws, as this information will not directly or indirectly reveal your identity. For example, we may aggregate your personal information to calculate the percentage of users accessing a specific feature of our Sites, Products or Services, or as a consumer of one of our Business Customers through our Products or Services to provide certain data analytics to our Business Customers. However, if we combine or connect Aggregated Information with your personal information so that it can directly or indirectly identify you, we treat the combined information as personal information that will be used in accordance with this Privacy Policy. We may share or use anonymized information in any manner we choose. Anonymized information, which is also referred to as de-identified or non-personal information, is information assembled into groupings that can no longer be reasonably used to identify you or your organization.
THE SOURCES FROM WHICH WE COLLECT YOUR PERSONAL INFORMATION
We use different sources and methods to collect personal information from and about you, including through:
- Direct interactions. You may give us personal information in our capacity as a service provider or processor to our Business Customers or for our own permitted purposes, by filling in forms or by corresponding with us by mail, phone, email or otherwise. This includes personal information you provide when you:
- inquire about, purchase or request support for our Products or Services;
- register for one of our communities;
- request marketing to be sent to you;
- connect with us via social media;
- participate in a promotion or survey; or
- give us feedback or contact us.
- Interactions with our Business Customers. We may collect personal information that you provide to our Business Customers, in our capacity as a service provider or processor, when you:
- place orders for food and drink;
- purchase or redeem a gift card;
- sign up for a Business Customer’s loyalty or online ordering program; or
- work as an employee of our Business Customer, including scanning your finger on a point-of-sale device that we have provided to our Business Customer.
- Automated technologies or interactions. As you interact with our Sites or our Products and Services, we will automatically collect personal information about your equipment, browsing actions and patterns. We collect this personal information by using cookies and other similar technologies. We may use third party analytics services like Google Analytics to provide us with a clearer picture of how you use the Sites or our Products and Services, including when you view specific pages or take specific actions on the Sites or use certain features or functionality within our Products and Services. If you wish to learn more about our information collection process, please see our Cookie Statement for further details.
- Affiliates, third parties or publicly available sources. We may receive personal information about you from our affiliates and various third parties, either in our capacity as a service provider or processor to our Business Customers or for our own permitted purposes, as set out below:
- from affiliated companies controlled by, controlling or under common control with PAR;
- from analytics providers;
- from search information providers;
- from providers of technical, payment and delivery services such as banks;
- from third-party service providers or processors of our Business Customers that integrate with our Products and Services on behalf of our Business Customers;
- from data brokers, event sponsors (e.g., tradeshows) or aggregators; and
- from publicly available sources, such as government and administrative bodies.
HOW WE USE YOUR PERSONAL INFORMATION
We will only use your personal information in accordance with applicable global privacy laws and as directed by our Business Customers, where we are acting as a service provider or processor, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us (See “Contact Information,” below). If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so, to the extent required under applicable law. Please note that we may process your personal information without your knowledge or consent, in compliance with this Privacy Policy, where this is required or permitted by law.
We will use your personal information for the following lawful business and commercial purposes, in accordance with the practices described in this Privacy Policy and based upon the legal basis set forth:
| Processing Activity | Legal basis |
| 1. Provide the Products and Services and to register and administer accounts for Business Customers for use of our Sites and our Products and Services; | Our legitimate interests (allowing us to fulfill our contractual obligations with our Business Customers). |
| 2. Provide support; diagnose, repair and track service and quality issues with our Products and Services; authenticate your identity; verify eligibility for certain Business Customer programs; respond to requests, complaints, and inquiries; and otherwise facilitate your relationship with our Business Customers; | Our legitimate interests (allowing us to fulfill our contractual obligations with our Business Customers). Our legitimate interests (improving our products and services, ensuring security and increasing our sales). |
| 3. For our own internal business purposes, such as to evaluate or audit the usage and performance of the Products and Services; evaluate and improve the quality of the Products and Services and design new products and services; internal research and analytics purposes; catalog your responses to surveys or questionnaires; or maintain internal business records; | Our legitimate interests (design new products and services in line with customer preferences to increase our sales).
|
| 4. To administer and protect the Sites (including troubleshooting, data analysis, testing, system maintenance, support, reporting, and hosting of data); to deliver relevant content to you on the Sites; to use data analytics to improve the Sites and experiences; | Our legitimate interests (to protect our company and customers against fraud and any other illicit activities and to design products and services in line with customer preferences to increase our sales). |
| 5. To make suggestions and recommendations to you about third-party products or services that may be of interest to the Business Customer you represent; | Consent. |
| 6. To enable you to participate in surveys; | The execution of a contract. |
| 7. To prevent fraud, such as using personal information about you obtained through our Products and Services and from our Business Customers, and for identity verification services to confirm your identity and detect, prevent, and respond to security incidents or other malicious, deceptive, fraudulent, or illegal activity; and | Our legitimate interests (to protect our company and customers against fraud and any other illicit activities and ensure the security of our products and services). |
| 8. For marketing, such as for contextual ad customization or to market the Products and Services or the services of our affiliates, Business Customers, or other third parties. We may use personal information we collect to send you newsletters, surveys, questionnaires, promotions, or information about events. | Our legitimate interests (to promote our brand and increase our sales). Consent. |
| 9. Disclose your personal information to other group companies and Service Providers. | Our legitimate interests (to organize our business in line with our commercial and economic interests and to design new products and services in line with customer preferences to increase our sales). Consent. |
| 10. Disclose your personal information to third parties in connection with the sale, purchase, merger, reorganization, liquidation, or dissolution of the company, or under similar circumstances. | Our legitimate interests (to organize our business in line with our commercial and economic interests).
|
| 11. Disclose your personal information to Law enforcement and other government agencies. | To comply with legal obligations. |
If we ask you to provide personal information to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not (as well as of the possible consequences if you do not provide your personal information). Similarly, if we collect and use your personal information in reliance on our legitimate interests (or those of any third party), we will make clear to you at the relevant time what those legitimate interests are.
You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us.
Generally (please see above), we do not rely on consent as a legal basis for processing your personal information although we will get your consent before sending third party direct marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by contacting us.
Note that we may process your personal information for more than one lawful ground depending on the specific purpose for which we are using your information.
CHOICES ABOUT YOUR PERSONAL INFORMATION
You have choices about how we use your information. Please understand that if you choose not to disclose information to us, it may affect your ability to use some features of the Site, Products, or Services. We have established the following ways for you to control your personal information that you have shared with us:
- Promotional Offers from Us. You will receive promotional communications from us if you have requested information from us or purchased Products or Services from us and you have not opted out of receiving that marketing.
- Marketing Messages. You will receive marketing messages from us if you have provided your contact information to us. You can ask us or third parties to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you or by contacting us at any time. Where you opt-out of receiving these marketing messages, this will not apply to personal information collected by us from any of the other sources specified in Section 3.
- Cookies. You can set your browser to refuse all or some browser cookies, or to alert you when our Sites set or access cookies. If you disable or refuse cookies, please note that some parts of the Sites may become inaccessible or not function properly. For more information, please see our Cookie Statement.
- Do-Not-Track. Many web browsers include a Do Not Track (“DNT”) feature or setting that signals your preference not to have information about your online browsing activities monitored and collected. However, there is currently no uniform standard for recognizing and implementing the DNT signals. As such, we do not monitor or respond to DNT browser requests. If a standard is adopted that we must follow in the future, then we will inform you about that practice in a revised version of this Privacy Policy.
CHILDREN’S PRIVACY
We recognize the importance of children’s safety and privacy on the Internet. For this reason, we do not knowingly sell or share (as “share” is defined by the CCPA) any information, including personal information, from children under 16 years of age. If you think we may have unknowingly collected personal information of an individual under 16 years old, please contact us (See “Contact Information,” below). We encourage parents to monitor their children’s Internet usage and/or to use web filtering technology to supervise their children’s access to the Internet.
DISCLOSURES OF YOUR PERSONAL INFORMATION
We may share your personal information with the parties set out below for the purposes set out in Section 4 above, and in some cases, legal authorities.
- ”Affiliates” includes parents, subsidiaries, business units, and other companies that share common ownership with us.
- Service providers. Third parties acting as processors who provide services to us, including: (a) IT and system administration services (e.g., hosting); (b) marketing and advertising services; (c) financing for the purchase of our Products and Services; or (d) support, equipment installation or maintenance in connection with our Products and Services and third-party service providers or processors of our Business Customers that integrate with our Products and Services on behalf of our Business Customers.
- Business Customers. Our customers, for which we act as a service provider or processor in connection with providing the Products and Services. Examples of Business Customers to whom we may disclose Personal Information are restaurants, retailers, and their franchisees (including their respective service providers and processors).
- Business Partners. Resellers of our Products and Services to Business Customers (“Business Partners”).
- Professional advisers. Third parties acting as processors or joint controllers, including lawyers, bankers, auditors and insurers who provide consultancy, banking, legal, insurance and accounting services.
- Parties to a corporate transaction. In the event that we enter into, or intend to enter into, a transaction that alters the structure of our business, such as a reorganization, merger, sale, joint venture, assignment, transfer, change of control, or other disposition of all or any portion of our business, assets or stock, we may share personal information with third parties in connection with such transaction. Any other entity which buys us or part of our business will have the right to continue to use your personal information, but only in the manner set out in this Privacy Policy unless you agree otherwise.
- Law enforcement and other government agencies. We may share information with third parties such as law enforcement or other government agencies to comply with law or legal requirements; to enforce or apply our Website Terms of Use and other agreements; and to protect our, our users,’ or third parties’ rights, data, property or safety.
- We may share your information for other purposes pursuant to your consent or at your direction.
- Authorized Representative. If another individual is managing your account on your behalf (for example, an employee managing the account of a manager), as authorized by you or as a personal representative under applicable law, that person can view all Personal Information about you.
INFORMATION SECURITY
We have put in place reasonable security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.
However, no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially reasonable means to protect your personal information, we cannot guarantee absolute security. If you have reason to believe that your personal information is no longer secure (for example, if you feel that the security of your account has been compromised), please contact us immediately at privacy@partech.com.
INFORMATION RETENTION
The length of time for which we retain each category of personal information described above depends on the purposes for which we collected and use it and our requirements to retain it in order to comply with applicable laws. We keep your personal information for no longer than reasonably necessary to achieve the purposes for which it was collected or processed, including to comply with our legal obligations, resolve disputes, enforce our agreements, and other legitimate and lawful business purposes. The criteria used to determine the period of time we retain such personal information includes the nature and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of the personal information, as well as on the basis of applicable legal, regulatory, tax, accounting or other requirements (such as applicable statutes of limitation).
COLLECTION AND USE OF BIOMETRIC INFORMATION
Our Business Customers may use certain equipment (finger scanners) made by other companies that obtain information from a scan of a user’s finger in connection with our subscription software services. The scan reads certain characteristics of the user’s finger, and a hexadecimal string of random letters and numbers (token) is generated and retained within PAR’s subscription software services on behalf of our Business Customers. Our subscription software services do not retain any fingerprints or the characteristics of the user’s finger. Our Business Customer has the ability to remove this token when a user is no longer employed by the Business Customer. When our Business Customer provides notice that the user should be deleted from the subscription software services, our policy is to delete the user’s information, including the token, promptly upon receipt of that notice. In no event will the token be kept beyond the earlier of: (a) one (1) month from our receipt of notice from the Business Customer that the user should be deleted from the subscription software services; and (b) three (3) years since the user’s last use of the token.
CONTACT INFORMATION
For general questions or comments, we can be reached by telephone at: (315) 738-0600 or 1-800-448-6505, option #5; by facsimile at: (315) 735-4191; by email at: privacy@partech.com or by mail at ParTech, Inc., PAR Technology Park, 8383 Seneca Turnpike, New Hartford, New York, 13413 USA, Attention: Privacy Compliance.
If you are seeking to exercise your privacy rights under U.S. Privacy Laws, you may call us at 1-800-448-6505, option #5 or by visiting the Your Privacy Choices webpage.
If you are having trouble viewing or accessing this Privacy Policy or need it made available to you in an alternative format, please contact us at privacy@partech.com.
