Privacy Policy for cHooZFlow
Effective Date: 03/17/2024
This “Privacy Policy” explainshow cHooZFlow LLC (“Company” or “we”) collects, uses, discloses, and otherwiseprocesses personal data on behalf of our customers – typically, merchants (any,a “Merchant”) – in connection with our application, cHooZFlow. cHooZ FlowBusiness Mastercard® is issued by Patriot Bank, N.A., pursuant to a license byMastercard International Incorporated and can be used everywhere Mastercard isaccepted. Mastercard and the circles design are registered trademarks ofMastercard International Incorporated.
The company’s processing ofpersonal data in connection with our application is governed by this PrivacyPolicy and our agreements with Merchants. In the event of any conflict betweenthis Privacy Policy and a customer agreement, the customer agreement willcontrol to the extent permitted by applicable law. This Privacy Policy is not asubstitute for any privacy policy that a Merchant may be required to provide totheir customers, personnel, or other individuals.
USE OF COOKIES
A “cookie” is a string of information that assigns youa unique identifier that we store on your computer. Your browser then providesthat unique identifier to use each time you submit a query to the Site. We usecookies on the Site to, among other things, keep track of services you haveused, record registration information, record your user preferences, keep youlogged into the Site, facilitate purchase procedures, and track the pages youvisit. Cookies help us understand how the Site is being used and improve youruser experience. We do not collect data on minors.
Information we Collect
We may collect personal datafrom or on behalf of Merchants. Merchants determine the scope of the personaldata transferred to us or that we collect, and the information we receive mayvary by Merchant. Typically, the information we collect on behalf of Merchantsincludes:
Information that we collectwhen a Merchant’s customers make a payment when a customer makes a payment viaa POS, we collect information about the transaction, which may include personaldata. Information about transactions includes the payment card used, a nameassociated with the payment card, the location of the merchant’s store, thedate and time of the transaction, the transaction amount, and information aboutthe goods or services purchased in the transaction.
Additional informationMerchants’ customers provide through the POS ancillary to payments.
We may collect additionalinformation ancillary to the payment. This information may include:
· Customers’ email address orphone number, such as when the customer chooses to receive an electronicreceipt
· Customers’ marketingpreferences, such as whether the customer wishes to receive marketingcommunications or newsletters
· Information about participatingcustomers’ activity in a merchant loyalty program
· Customers’ physical address,where needed for delivery of goods or services
· Other information the customerprovides, such as birthdate, interests or preferences, reviews, and feedback
In addition, we collect:[describe additional data collected, if any, after payment is made.
Information that we collectabout Merchants’ personnel
We may collect informationabout Merchants’ personnel and interactions with the POS, such as clock-in andclock-out time and tips earned
Additional information thatMerchants provide to us about their customers or personnel merchants mayprovide us with additional information directly, via access they grant to us,or otherwise. The types of information that merchants may provide to us abouttheir customers include email addresses, phone numbers, and purchase history[describe any other applicable information]. The types of information thatmerchants may provide to us about their personnel include email addresses,phone numbers, shifts, and sales history.
How We Use the Information weCollect
We use the personal data wecollect for or on behalf of Merchants, to provide our services and thefunctionality of our application:
We may also use personal datafor related internal purposes, including:
· To provide information aboutthe application, such as important updates or changes to the application andsecurity alerts
· To measure the performance ofand improve the application
· To respond to inquiries,complaints, and requests for customer support
In addition, the Company mayuse personal data as we believe necessary or appropriate to (a) comply withapplicable laws and lawful requests and legal processes, such as to respond tosubpoenas or requests from government authorities; (b) enforce the terms andconditions that govern our application; (d) protect our rights, privacy, safetyor property, and/or that of you or others; and (e) protect, investigate anddeter against fraudulent, harmful, unauthorized, unethical or illegal activity.
How We Share Information
We may share personal data thatwe collect with:
· The Merchant from whom or onwhose behalf we collected the personal data
· The platform on which ourapplication runs
· With third parties as aMerchant may direct
· With third-party serviceproviders that help us manage and improve the application
· With Company subsidiaries andcorporate affiliates for the purposes described in this Privacy Policy or inour agreement with a Merchant
The company may disclosepersonal data to government or law enforcement officials or private parties asrequired by law and disclose and use such information as we believe necessaryor appropriate to (a) comply with applicable laws and lawful requests and legalprocesses, such as to respond to subpoenas or requests from governmentauthorities; (b) enforce the terms and conditions that govern our application;(d) protect our rights, privacy, safety or property, and/or that of you orothers; and (e) protect, investigate and deter against fraudulent, harmful,unauthorized, unethical or illegal activity.
Company may sell or transfer some or all of itsbusiness or assets, including your personal data, in connection with a businesstransaction (or potential business transaction) such as a merger,consolidation, acquisition, reorganization, or sale of assets or in the eventof bankruptcy, in which case we will make reasonable efforts to require therecipient to honor this Privacy Policy.
Your Rights and Choices
Data Subject Rights
To the extent that applicablelaw provides individuals with rights pertaining to their personal information,such as to review and request changes to their personal information,individuals should contact the Merchant with any requests pertaining to theMerchant’s use of our application. To the extent that POS is responsible forresponding to data subject rights requests under applicable law. The companywill assist a Merchant, or POS, as applicable, in responding to such requestssubject to our contract with a Merchant or POS.
Complaints
If you have a complaint aboutour handling of personal data, you may contact us via the contact informationprovided below.
Updates
We reserve the right to modifythis Privacy Policy at any time. We will notify you of updates by updating thedate of this Privacy Policy.
Contact Us
You may contact us with anyquestions, comments, or complaints, about this Privacy Policy or our privacypractices via info@choozflow.com
Additional Information forMerchants Located in Europe
Controller
The company is a data processoracting for and on behalf of the Merchant that has installed our application ontheir POS. That Merchant is the controller of personal data that we process onits behalf.
Legal Bases for Processing
The company processes personaldata as directed or permitted by the Merchant that uses our application. TheMerchant is responsible for establishing a legal basis for our processing ofpersonal data for or on behalf of the Merchant.
Cross Border Data Transfer
When we transfer personal dataoutside of Europe to countries not deemed by the European Commission to providean adequate level of protection for personal data, we make the transferpursuant to one of the following transfer mechanisms:
· A contract approved by theEuropean Commission (sometimes called “Model Clauses” or “Standard ContractualClauses”);
· The EU-US Privacy Shield;
· The recipient’s BindingCorporate Rules;
· The consent of the individualto whom the personal data relates; or
· Other mechanisms or legalgrounds as may be permitted under applicable European law.
You may contact us withquestions about our transfer mechanism.
Data Retention
Subject to our agreement with aMerchant, Company retains personal data for as long as necessary to (a) provideour products and services; (b) comply with legal obligations; (c) resolvedisputes, and (d) enforce the terms of any agreement we may have with aMerchant. You may contact us for additional information about our dataretention practices in connection with the application.
Data Subject Rights
Under certain circumstances,data subjects in Europe have certain rights relating to their personal data,which include the rights to request from the Controller (a) access to the datasubject’s personal data; (b) correction of incomplete or inaccurate personaldata; (c) erasure of personal data; (d) restriction of processing concerningthe data subject; and (e) that the controller provides a copy of the datasubject’s personal data that the data subject provided to the controller in astructured, commonly used and machine-readable format. Data subjects may alsoobject to a controller’s processing of personal data under certain circumstances.Where the processing is based on a data subject’s consent, the data subject hasthe right to withdraw consent at any time; however, the withdrawal of consentwill not affect the lawfulness of processing based on consent before itswithdrawal. Data subjects may also file a complaint with a supervisoryauthority. You may view contact information for supervisory authoritiesat https://edpb.europa.eu/about-edpb/board/members_en. Data subjects in Europeshould direct any rights request to the appropriate Controller.