NAMAA Clover POS App Privacy Policy

This Privacy Policy explains how Namaa Loyalty Rewards ("Namaa," "we," "us," or "our") collects, uses, discloses, stores, and protects information in connection with the NAMAA Loyalty Rewards application that runs on Clover point-of-sale devices (the "Clover App"). This Privacy Policy applies only to the Clover App and related merchant-facing services used with Clover POS.

The Clover App helps participating merchants connect Clover registers to the NAMAA loyalty platform, pair devices, scan customer loyalty barcodes, verify loyalty status, display limited customer loyalty insights to the merchant, and link eligible checkout activity to a customer's loyalty account.

This Privacy Policy does not replace the privacy policy that a merchant may be required to provide to its own customers, personnel, or other individuals. Merchants are responsible for providing all required privacy notices and obtaining all required permissions or consents for their own use of Clover, NAMAA, loyalty programs, customer data, and point-of-sale systems.

1. Roles and Scope

When a merchant installs and uses the Clover App, Namaa processes merchant, device, scan, loyalty, and customer-related information to provide the Clover App and related loyalty services. Depending on the information and context, Namaa may act as a service provider or processor for the merchant, and may also act as an independent business or controller for limited platform operations such as security, fraud prevention, support, compliance, analytics necessary to operate the service, and maintaining the NAMAA loyalty platform.

2. Information We Collect

2.1 Merchant and business information

• Merchant name, merchant identifier, store or business profile information, and Clover merchant identifiers.
• Business contact information provided during merchant onboarding or support.
• Clover app installation, pairing, and connection status.

2.2 Clover device and pairing information

• One-time pairing code submitted by the merchant or device user.
• Device identifier, device label, paired merchant identifier, pairing timestamp, and device token.
• Local device settings such as whether compact scan overlay, keyboard scanner mode, or Clover payment-screen scan mode is enabled.
• Diagnostic events related to pairing, scanner readiness, tender setup, and scan handling.

2.3 Scan, barcode, and loyalty information

• NAMAA customer loyalty barcode values or short-lived barcode tokens scanned through Clover-supported scanners.
• Scan source, scan time, scan result, and limited scan diagnostics needed to verify or troubleshoot scans.
• Customer loyalty identifiers, customer display name when available, point balance, estimated loyalty value, visit count, last visit date, redemption or discount result, and related loyalty status returned by the NAMAA platform.
• Information needed to link a loyalty scan to an eligible checkout, such as merchant identifier, customer loyalty identifier, transaction time, and checkout context.

2.4 Clover POS information

• Information received from Clover APIs or Clover device broadcasts that is needed to operate scanner, merchant, tender, and loyalty-linking features.
• Limited checkout or transaction metadata if needed to award, verify, adjust, or audit loyalty points.

2.5 Support and communications

• Messages, support requests, diagnostics, screenshots, or logs that a merchant chooses to send to us for support.
• Administrative records needed to respond to support, compliance, or security requests.

3. Information We Do Not Intend to Collect

• We do not collect or store full payment card numbers through the Clover App.
• We do not collect card verification codes, bank account credentials, or payment account passwords.
• We do not use the Clover App to sell customer personal information.
• We do not use Clover App scan data for third-party advertising.
• We do not intentionally collect sensitive personal information unless it is necessary to operate the requested loyalty functionality or comply with law.

4. How We Use Information

We use information collected through the Clover App to:

• Pair Clover devices to the correct merchant account.
• Authenticate registered Clover devices using device tokens.
• Receive and verify NAMAA loyalty barcode scans.
• Display customer loyalty status, points, visits, and scan results to merchant staff during checkout.
• Link eligible checkout activity to a customer loyalty account.
• Award, redeem, reverse, adjust, or audit loyalty points where applicable.
• Enable optional scanner modes, compact overlays, and Clover payment-screen scan flows.
• Detect, prevent, investigate, and respond to fraud, abuse, unauthorized access, scanner misuse, and security incidents.
• Provide merchant support, diagnostics, troubleshooting, and service communications.
• Maintain, improve, and secure the Clover App and NAMAA platform.
• Comply with legal, regulatory, Clover, Fiserv, App Market, and contractual obligations.

5. How We Share Information

We may share information only as needed to provide and protect the Clover App and related services:

• With the installing merchant: We display loyalty scan results and limited customer loyalty insights to the merchant using the Clover App.
• With Clover and Fiserv: We exchange information with Clover or Fiserv as needed for Clover App installation, permissions, APIs, device operation, app review, compliance, support, billing where applicable, and App Market requirements.
• With service providers: We use vendors such as hosting, database, infrastructure, monitoring, communications, and support providers. These providers may process information only to help us operate the service and must protect it appropriately.
• With the NAMAA platform: The Clover App communicates with NAMAA backend services to verify barcodes, device tokens, merchant accounts, customer loyalty status, and point activity.
• For legal and safety reasons: We may disclose information when required by law, subpoena, court order, governmental request, Clover or Fiserv policy, or when we believe disclosure is reasonably necessary to protect rights, safety, property, users, merchants, customers, or the integrity of the service.
• Business transfers: If Namaa is involved in a merger, acquisition, financing, restructuring, bankruptcy, or sale of assets, information may be transferred as part of that transaction subject to appropriate protections.

6. Data Security

We use administrative, technical, and organizational safeguards designed to protect information handled by the Clover App. These safeguards include HTTPS/TLS transport, device-token-based authentication, server-side authorization checks, signed or short-lived barcode tokens where applicable, restricted backend access, database access controls, and local secure storage for Clover device tokens where supported by the device.

No method of transmission, processing, or storage is completely secure. We cannot guarantee absolute security, and merchants must also maintain reasonable physical, account, employee, and device security for their Clover devices and merchant accounts.

7. Data Retention

We retain information for as long as reasonably necessary to provide the Clover App, maintain accurate loyalty records, support merchants, comply with legal and Clover obligations, resolve disputes, enforce agreements, maintain audit records, and protect against fraud or abuse. Short-lived barcode tokens and temporary diagnostic data may expire or be deleted more quickly. Some transaction, loyalty, accounting, security, or audit records may be retained after a device is unpaired or merchant account is closed if retention is reasonably necessary for legal, compliance, dispute, security, or business purposes.

8. Merchant Responsibilities

Merchants using the Clover App are responsible for:

• Using the Clover App only for lawful business and loyalty-program purposes.
• Providing any privacy notices required by law to customers, employees, contractors, and other individuals.
• Obtaining any permissions or consents required for loyalty scans, customer enrollment, customer rewards, and data sharing.
• Configuring Clover devices, scanners, employees, and permissions appropriately.
• Protecting access to Clover devices, Clover accounts, NAMAA accounts, pairing codes, and merchant credentials.
• Using customer information only for authorized loyalty-program and business purposes.

9. Customer Privacy Rights

Individuals may have rights under privacy laws, such as rights to access, correct, delete, receive a copy of, restrict, or object to certain processing of personal information. Because merchants often control the customer relationship and determine how they operate their loyalty programs, customers should first contact the merchant with questions about a merchant's loyalty program or use of customer information. Customers and merchants may also contact Namaa using the contact information below.

10. California and Other U.S. Privacy Disclosures

We do not sell personal information collected through the Clover App, and we do not share such information for cross-context behavioral advertising. We may disclose identifiers, commercial information, device information, internet or network activity information, and support information to service providers, merchants, Clover, Fiserv, and other parties described in this Privacy Policy for the business and operational purposes described above.

11. International Transfers

The Clover App and NAMAA services may be operated from the United States or other locations where our providers operate. Information may be transferred to, stored in, or processed in locations outside the jurisdiction where a merchant or customer is located. We take steps designed to protect information as described in this Privacy Policy.

12. Children's Privacy

The Clover App is intended for use by merchants and merchant staff, not by children. The Clover App is not directed to children under 13, and we do not knowingly collect personal information directly from children under 13 through the Clover App.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The updated version will be indicated by an updated effective date and will be effective when posted, unless a later date is stated. Merchants should review this Privacy Policy periodically.

14. Contact Us

If you have questions about this Privacy Policy or the Clover App's privacy practices, contact:

Namaa Loyalty Rewards
Email: privacy@namaa.app
Support: support@namaa.app