Search PAR
Get a Demo

California Privacy Rights

Effective Date: August 15, 2025

TABLE OF CONTENTS

  1. INTRODUCTION
  2. CHANGES AND UPDATES TO THE PRIVACY POLICY AND YOUR DUTY TO INFORM US OF CHANGES
  3. IMPORTANT INFORMATION AND WHO WE ARE
  4. PURPOSE OF THIS PRIVACY POLICY
  5. THIRD-PARTY WEBSITES
  6. THE COLLECTION OF PERSONAL INFORMATION
  7. THE SOURCES FROM WHICH WE COLLECT YOUR PERSONAL INFORMATION
  8. HOW WE USE YOUR PERSONAL INFORMATION
  9. CHOICES ABOUT YOUR PERSONAL INFORMATION
  10. CHILDREN’S PRIVACY
  11. DISCLOSURES OF YOUR PERSONAL INFORMATION
  12. INFORMATION SECURITY
  13. INFORMATION RETENTION
  14. COLLECTION AND USE OF BIOMETRIC INFORMATION
  15. CONTACT INFORMATION

SEPARATE PAGES

  1. EEA, UK, & SWITZERLAND PRIVACY RIGHTS
    1. EU-U.S. DATA PRIVACY FRAMEWORK, UK EXTENSION, AND SWISS-U.S. DATA PRIVACY FRAMEWORK
  2. CALIFORNIA PRIVACY RIGHTS
  3. US STATE PRIVACY RIGHTS
  4. CANADA PRIVACY RIGHTS
  5. AUSTRALIA PRIVACY RIGHTS
Effective Date: August 15, 2025

This section generally applies to residents of California whose personal information is subject to the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (together, “CCPA”) and certain exceptions within such laws, as applicable. The provisions below supplement the information provided in the generally applicable portion of our Privacy Policy and apply solely to individuals that are residents of California and qualify as a “Consumer” under the CCPA. This California specific section provides additional information about how we collect, use, disclosure, and otherwise process the personal information of these individuals, either online or offline, within the scope of the CCPA. Any terms defined in the CCPA or as otherwise defined in our Privacy Policy have the same meaning as used in this section.

In most cases, we collect and process personal information solely in our capacity as a service provider or processor to our Business Customers. In that context, we receive personal information from a Business Customer or collect information from you on behalf of a Business Customer for the business purpose of providing Products and Services to such Business Customer and other legally permitted uses. If you are a customer of one of our Business Customers on whose behalf we have collected or processed your personal information, the rights described below do not apply to personal information collected and processed on behalf of such Business Customer. If you have questions or wish to exercise your rights relating to such personal information, please contact that Business Customer directly.

California “Shine the Light” Law

Under California’s “Shine the Light” law, California residents who provide personal information in obtaining products/services for personal, family, or household use are entitled to request and obtain from us once a calendar year information about the consumer information we shared, if any, with other businesses for their own direct marketing uses. If applicable, this information would include the categories of consumer information and the names and addresses of those businesses with which we shared consumer information for the immediately prior calendar year (e.g., requests made in 2024 will receive information regarding 2023 sharing activities).

To obtain this information please send an email message to privacy@partech.com with “Request for California Privacy Information” on the subject line and in the body of your message. We will provide the requested applicable information to you at your e-mail address in response to any need to verify whether these rights apply to you.

Please be aware that not all information sharing is covered by the “Shine the Light” requirements and only information on covered sharing will be included in our response.

CATEGORIES OF PERSONAL INFORMATION PROCESSED

Please refer to the “COLLECTION OF PERSONAL INFORMATION” section of the Privacy Policy.

SOURCES OF PERSONAL INFORMATION

Please refer to the “THE SOURCES FROM WHICH WE COLLECT YOUR PERSONAL INFORMATION” section of the Privacy Policy.

HOW WE USE PERSONAL INFORMATION

Please refer to the “HOW WE USE YOUR PERSONAL INFORMATION” section of the Privacy Policy

PERSONAL INFORMATION SOLD OR SHARED

Please refer to the “SALE OF PERSONAL INFORMATION” section in the US State Privacy Rights page.

CATEGORIES OF PERSONAL INFORMATION DISCLOSED FOR BUSINESS PURPOSES

Below is a summary of the categories of personal information we have collected in the previous 12 months and the categories of third parties with whom we have shared such personal information for business purposes.

Category of Personal Information

Categories of Third Parties to Whom We Disclosed Personal Information for a Business Purposes

Identifiers
  • Service providers, such as providers of accounting services, audit services, IT services, financing/due diligence for the purchase of our Products and Services and equipment installation,  maintenance or support services; and
  • usiness Customers in connection with the provision of Products and Services and requested transactions;
  • Business Partners in connection with the provision of Products and Services and requested transactions; and
  • Entities involved in a corporate reorganization, merger, or acquisition and their representatives.

Financial information
  • Service providers, such as providers of payment processing services, and financing/due diligence for the purchase of our Products and Services.

Commercial information
  • Service providers, such as providers of accounting services, audit services, IT services, payment processing services, financing for the purchase of our Products and Services and equipment installation, maintenance or support services.

Internet activity information
  • Service providers, such as providers of marketing services; and
  • Business Customers in connection with the provision of Products and Services and requested transactions.

Geolocation information
  • Service providers, such as providers of IT services; and
  • Business Customers in connection with the provision of Products and Services and requested transactions.

Sensory Information (Audio, electronic, visual, or similar information)
  • Service providers, such as providers of marketing services; and
  • Business Customers in connection with the provision of Products and Services and requested transactions.

Professional or Employment Information
  • Affiliates, Business Customers, and Business Partners; and
  • Service providers, such as providers of marketing services and IT services.

Inferences from PI Collected
  • Service providers, such as providers of marketing services and IT services; and
  • Business Customers in connection with the provision of Products and Services.

Sensitive Personal Information

Social security numbers.
  • Service providers, such as providers of IT services; and
  • Affiliates and Business Customers.
Biometric information used for uniquely identifying a consumer or employee of our Business Customer through the use of our Products and Services.
  • Service providers, such as providers of IT services; and
  • Affiliates and Business Customers.

SENSITIVE PERSONAL INFORMATION

We do not use or disclose Sensitive Personal Information for purposes other than the following:

  • To detect security incidents that compromise the availability, authenticity, integrity, and confidentiality of stored or transmitted personal information;
  • To resist malicious, deceptive, fraudulent or illegal actions; and
  • To provide Products and Services on behalf of our Business Customers, such as providing storage, or providing similar services on behalf of our Business Customers.

CALIFORNIA PRIVACY RIGHTS

CCPA grants you specific rights, subject to certain exceptions, including the following:

  • Right to Access Personal Information. Upon a verifiable request, made through one of the methods provided in the “CONTACT INFORMATION” section below, we will disclose to you the items listed below:
    • The categories of personal information we have collected about you;
    • The categories of sources from which the personal information was collected;
    • The business purpose behind collecting the personal information;
    • The categories of third parties with whom we have shared the information; and
    • The specific personal information we have collected about you.
  • Right to Opt Out of Sale or Sharing. You have the right to opt out of any “sales” of your personal information (as “sale” is defined by CCPA).

Online Selling or Sharing. Third-party digital businesses (“Third-Party Digital Businesses”) may associate cookies and other tracking technologies that collect personal information about you on our Sites, or otherwise collect and process personal information that we make available about you, including digital activity information. These Third-Party Digital Businesses use this information for several purposes, including to track activity across websites, to infer information about visitors, and to provide visitors with personalized content. The CCPA also allows California residents to opt-out of the use of personal information from different businesses or services to provide targeted advertisements, which the CCPA defines as “sharing.”

If you want to opt-out of the “sale” or “sharing” of such personal information, exercise a separate opt-out request on our consent management platform (“CMP”) here.  Our CMP enables you to exercise such an opt-out request and enable certain cookie preferences on your device. You must exercise your preferences on each of our Sites you visit, from each browser you use, and on each device that you use. Because your browser opt-out is designated by a cookie, if you clear or block cookies, your preferences will no longer be effective and you will need to enable them again via our CMP. Please also refer to our Cookie Policy for other ways to exercise preferences regarding Third-Party Digital Businesses. Beware that if you use ad-blocking software, our cookie banner may not appear when you visit our Sites and you may have to use the link above to access the CMP.

Under the CCPA, “opt-out preference signals” (“OOPS”) are signals sent by a platform, technology, or mechanism, enabled by individuals on their devices or browsers, that communicate the individual’s choice to opt-out of the sale and sharing of personal information. To use an OOPS, you can download an internet browser or a plugin to use on your current internet browser and follow the settings to enable the OOPS. We have configured the settings of our CMP to receive and process OOPS on our Sites. We process OOPS with respect to sales and sharing that may occur in the context of collection of personal information by tracking technologies online by Third-Party Digital Businesses, discussed above, and apply it to the specific browser on which you enable OOPS. We currently do not, due to technical limitations, process OOPS for opt-outs from sales and sharing in other contexts (e.g., non-cookie personal information).

Offline Selling or Sharing. With respect to our “sale” or “sharing” of personal information other than that collected by cookies and other tracking technology, we will, upon a verifiable request made through one of the methods provided in the “Contact Information” section below, not allow your personal information to be “sold” or “shared,” as those terms are defined by CCPA.

  • Right to Delete. Upon a verifiable request, made through one of the methods provided in the “CONTACT INFORMATION” section below, we will delete personal information we have collected directly from you and direct our service providers and processors to delete your personal information from their records.
  • Right to Correct. Upon a verifiable request, made through one of the methods provided in the “CONTACT INFORMATION” section below, we will correct inaccurate personal information that we maintain about you.

We will not discriminate against you for exercising any of your privacy rights.

INVOKE PRIVACY RIGHTS

To submit individual rights requests, please refer to the “CONTACT INFORMATION” section of the Privacy Policy. You may also designate an authorized agent to exercise these rights on your behalf by following the process described in “AUTHORIZED AGENTS” below.

You may request access to your personal information twice in any 12-month period, measured from the date we receive your first request. If you submit a request to obtain your personal information more than twice in any 12-month period, we will either: (i) proceed with honoring your request; or (ii) deny your request in writing.

Consistent with CCPA and our interest in the security of your personal information, we will not deliver to you your Social Security number or other government-issued ID number, financial account number, biometric information, or an account password together with security questions or answers in response to a privacy rights request.

VERIFICATION

In order for you to exercise your privacy rights, we will need to obtain certain information from you to verify your identity. For a report of the specific personal information we have collected about you, you must provide us with three of the following pieces of information in order for us to verify your identity:  

  • full name;
  • email address;
  • loyalty club number with our Business Customer;
  • zip code; or
  • mobile telephone number.

You also must provide us with a signed declaration, under penalty of perjury, that you are who you say you are.

For a report of the categories of personal information we have collected about you, for a request to delete your personal information, or for a request to opt out of the sale of your personal information, you must provide us with two of the above-referenced pieces of information in order for us to verify your identity.

Where necessary, we may request additional information about you so that we can verify your identity. Where we did not already hold that information, we will use it only for the purpose of verifying your identity and to process your request.

AUTHORIZED AGENTS

You may use an authorized agent to exercise your privacy rights on your behalf. Authorized agents may demonstrate that the agent has authority to exercise rights on the requesting consumer’s behalf by submitting supporting documentation to privacy@partech.com. At a minimum, we will require evidence of the agent’s identity (via passport or driver’s license submission), and at least one of the following evidencing proof of your legal authority to act on the behalf of the individual who is the subject of this request:

  • Written authorization signed by the consumer;
  • Certified copy of a Power of Attorney; or
  • Evidence of parental responsibility.

Whenever you interact with us on behalf of another individual or entity, such as by providing or accessing personal information about another individual, you represent that your interactions and exchanges comply with applicable laws. You shall have sole responsibility for any violation of applicable laws as a result of a failure to obtain any necessary consent from such individual.

TIMING 

We will respond to requests to delete and requests to access your personal information within 45 calendar days, unless we need more time, in which case we will notify you and may take up to 90 calendar days total to respond to your request.  We will respond to requests to opt out of the sale of your personal information within 15 business days.

CHANGES AND UPDATES

We will update this section from time to time. When we make changes to this section, we will change the “Last updated” date at the beginning of this section. All changes shall be effective from the date of publication unless otherwise provided in the notification.

CONTACT

If you need to contact PAR, please refer to the “CONTACT INFORMATION” section on the main Privacy Policy.

Tiffany Disher, General Manager, MENU North America

Tiffany Disher

General Manager, MENU North America

Tiffany Disher, General Manager, MENU North America, an omni-channel ordering solution to futureproof restaurant’s growing digital sales needs. Before taking on this new role in January 2023, she was an integral part of Punchh’s growth story. She has advised hundreds of customers over the past eight years on their loyalty strategies both from a base program standpoint as well as ongoing marketing strategies. Before Punchh, Tiffany worked for Schlotzsky’s where she supported the brand marketing team by leading loyalty, eClub, R&D, Franchise advisory council and marketing analytics. Tiffany has her Bachelor’s of Science in Economics from University of Oregon and Master’s in Business with a specialty in Marketing from Baylor University. An avid golfer, hiker and mom of two small children, Tiffany spends her limited free time entering into baking competitions.