Effective: November 16, 2020
1. Introduction and scope
This Privacy Statement describes how A&B POS Solutions, Inc. and its subsidiaries and affiliates (collectively “AB Go eats”, “we”, “us” and/or “our”) collects and manages your personal information (i.e. any information that relates to an identified or identifiable individual) as part of providing our Services (defined below). This Statement primarily covers:
Merchants: businesses that have expressed interest in using the Services or have contracted with AB POS to provide the Services within their restaurants;
Merchant Employees: employees of our Merchants that use the Services; and
Guests: individuals that use the Services at one of our Merchant’s restaurants or directly through AB POS.
In addition to the groups above, this Statement also covers individuals that visit our websites, including https://abposus.com (referred to generally as our “Websites”) and our third-party business partners.
Please note that certain locations where we operate have laws that require us to share specific privacy information and practices with individuals in those locations. To that end, this Privacy Statement is comprised of two sections – a generally applicable statement and a location-specific addendum. Where there are variations for a specific location or additional information that is required to be provided under the applicable country or state law, individuals in that location can refer to the applicable addendum. Links to the pertinent sections, can be found below:
United States (California)
Please note that our Merchants are independent third parties that maintain their own business practices and policies outside of their relationship with AB and their use of the Services. As a result, unless provided otherwise in this Statement, we are not responsible for the privacy policies or data practices of our Merchants, who may maintain separate policies and practices. If you are a Merchant Employee, your employer is responsible for providing any additional required notices or information to you regarding its privacy practices outside of this Statement.
By using the Services and/or providing us with your personal information, you acknowledge that your personal information will be processed and used in the manner set out in this Privacy Statement. We may amend this Statement from time to time in line with the “Updates to this Privacy Statement” section below. To the extent permitted by law, your continued use of the Services and Websites constitutes your acceptance to those amendments and the updated Statement.
Here are a few other terms we use throughout this Privacy Statement that you should know:
“Services” refers to services and products (including both hardware and software) developed by us from time-to-time, including:
our core point-of-sale (POS) system;
payment processing services;
our application programming interfaces (“APIs”);
associated modules provided as part of our POS system, such as our loyalty, marketing, delivery and Toast Payroll and Team Management modules;
our digital ordering services, such as online ordering, pickup and delivery services, contactless order and pay at the table functionality, gift cards and our mobile application(s);
accounts created through our digital ordering services (“Digital Ordering Account(s)”);
other mobile application(s) developed as part of the Services, including our Merchant and Merchant Employee-facing mobile applications; and
Merchant financing, card products and other financial products offered by Toast or its business partners (collectively referred to as the “Services”).
Please note that certain Services may be facilitated through our Websites. “You” and/or “your” is a Merchant, a Merchant Employee, a Guest, a visitor to one of our Websites or other covered data subject.
3. Personal information we collect
What personal information we collect will depend on the nature of your interaction with the Services and our Websites. While some information is collected automatically or through sources outside of AB POS, most is collected when you use our Services or our Websites. A breakdown of the collection has been provided in the sections below.
Personal information collected through the Services
If you are a Merchant, we will collect personal information from you in connection with your service agreement and use of the Services, including, as applicable,
date of birth; and
As part of our application process and agreement to provide the Services, we will also collect additional information such as your tax identification number, national identification number (e.g. Social Security number or passport number), your drivers’ license details as well as your banking and payment card information.
If you are a business partner that is looking to integrate with AB POS, we will also collect information such as your name and contact details as part of your application to integrate with our Services.
B. Merchant Employees
If you are a Merchant Employee, we collect personal information about you through your use of the Services. This includes:
employee identification number;
date of birth; and
information relating to your role, such as your job title, wage rates and salary and hours worked.
To the extent you are employed by a Merchant that uses the AB POS Payroll and Team Management module, we may also collect:
your Social Security number or other national identification number;
banking information as part of payroll;
your professional and educational history;
tax documentation such as your W2 and 1095 tax forms;
your benefit elections;
driver’s license information (e.g. number, state, expiration);
your dependent and beneficiary information.
Please note that the actual personal information collected will depend on the specific AB POS Payroll and Team Management services that you or your employer has elected to use. Please contact your employer for additional information.
We collect information from you through your use of the Services (as provided and developed by us from time to time), which includes the creation of a Digital Ordering Account, your use of our online ordering features and mobile application(s) and other related products such as our pickup, delivery and order and pay at the table services. We may also collect and/or receive your personal information when you place an order with, make a purchase from (including gift cards), or otherwise complete a transaction with our Merchants or participate in their respective loyalty programs.
Depending on which Service you have used, personal information collected may include:
contact details such as your phone number and email;
your address and other general location details;
your payment card information, such as the brand, card number, security code and expiration date;
transaction information and details (e.g. history of goods/services ordered, date, payment method and amount of payment);
your date of birth (if you choose to provide it);
information about your vehicle (for users of our curbside pickup service);
account and profile information such as your username and password;
if you are a member of a Merchant’s loyalty program, information in relation to your points balance and redemptions; and
your feedback in relation to your experience at our Merchants’ establishments (if you choose to provide it).
In all cases, the actual personal information collected will vary depending on the Services being used.
Personal information collected through our Websites
In addition to using the Services, we may also collect personal information when you visit our Websites and request information about our Services, download a white paper, schedule a product demo or subscribe to our blog or podcast. This personal information may include:
Certain information may also be collected automatically when you visit our Websites. For more information, please see the section of this Statement entitled “Information collected automatically”.
Please note that additional information beyond what is described here will be collected (described in the Merchant section above) as part of our online Merchant application process or through our e-commerce Website.
Personal information collected from other sources
Depending on whether you are a Merchant, a Merchant Employee, a Guest or a visitor to one of our Websites, we may also collect personal information about you from third parties including our business partners, data providers, identity verification services, credit bureaus (if applicable) and credit card companies. We may also collect information from you that is publicly available. For example, if you interact with us through various social media channels.
Information collected automatically
We collect information automatically when you visit our Websites, use our mobile application(s) or use our online services such as online ordering. Information collected automatically by cookies, web beacons or other similar technologies (described in the “Cookies and other tracking technologies” section of this Statement) may include:
information about your device, such as your device type/model, number and device ID (e.g. MAC address);
information about your browser, settings (e.g. language) and operating system;
your internet protocol (IP) address (including in some instances, your perceived location);
unique advertising identifiers;
transactional and purchase information; and
browsing and usage activity, such as the referring domain, what websites/content you have viewed or actions you have taken on a particular website.
Depending on the Services being used or the websites you access, we may also collect geolocation information through your devices. For example, we may show you what restaurants in your area are available within our mobile application(s). This information may be collected via GPS, Bluetooth, cellular or WiFi technologies. You can adjust your settings at the device or browser level to disable the use of these technologies.
4. How we use personal information
We use personal information to:
To provide, maintain and support our Services, including
to provide updates, support and training related to the Services;
to determine the suitability of individuals in relation to their use of certain Services;
for contracting and agreement purposes;
to process transactions and payments through the Services;
to enable our Merchants and our Merchants Employees to access and use the Services, including information that you have provided as part of using the Services; and
to provide online services, including verifying your identity, as well as diagnosing technical and service issues.
To manage our business and for internal operational purposes, including
analyzing the performance of our Services;
creating and developing analytics for the benefit of our business and the business of our Merchants;
research purposes, including the development of new products;
assessing the effectiveness of Services; and
improving our Services and Websites.
To personalize your experience, including
using transactional data and order histories to provide recommendations when using our Services or those of our Merchants; and
using analytics and profiling technology to personalize your online experience on our Websites.
To advertise and market to you, including
sending you marketing communications, either directly or through a third party, in relation to our existing or new Services that we think might interest you; and
enabling our Merchants, either directly or through a third party, to advertise their products and services to you.
Any communications sent to you pursuant to this section shall either be permitted under the applicable law or with your consent. Please see the “Your rights and choices” section of this Statement for more details on opting out of these communications and updating your preferences.
To communicate with you or provide information you have requested, including
to provide notifications in relation to your purchases;
sending you white papers and other materials from our Websites;
providing you with our newsletter, podcast and other subscription materials;
sending you digital receipts; and
responding to feedback that you have provided in relation to your experience using one of our products or Services or those of our Merchants.
For legal, compliance and security-related purposes, including to
secure and protect our network and systems;
identify and protect against fraud and other crimes;
establish, exercise or defend legal claims;
fulfilment of our contractual obligations; and
monitor and report compliance issues.
5. How we share information
AB POS may share personal information as part of providing the Services and for the purposes described within this Statement. This includes:
with our Merchants and our Merchant’s Employees for the purposes of providing the Services to you, fulfilling your requests and for the other purposes described in this Statement;
with our business partners (including our integration partners) in order to provide, maintain and improve and expand our Services;
with our parent, subsidiary, or affiliate companies, agents (if any) for the purposes outlined above;
with third parties to provide, maintain, and improve our Services, including service providers who access information about you to perform services on our behalf, such as hosting and information technology services, payment services, identity verification and fraud prevention services, marketing and advertising services, data analytics and personalization services and customer support services. Please note:
If you are a Merchant Employee whose employer is using the AB POS Payroll and Team Management module, we will share your information with benefits, payroll and other employment-related service providers.
If you are a Merchant that applies for financing through AB POS platform, we will share your information (including personal information) with the lender. As part of the application, a credit report will also be requested from third-party credit bureaus to determine your eligibility for such financing.
in connection with, or during the negotiation of, any merger, sale of company stock or assets, financing, acquisition, divestiture, or dissolution of all or a portion of our business; or
if we believe it is necessary to:
protect our rights or property, or the security or integrity of our Services or our Websites;
enforce the terms of our terms of service or other applicable agreements or policies;
protect us, users of our Services, or the public from harm or potentially prohibited or illegal activities;
investigate, detect, and prevent fraud, security breaches; or
comply with any applicable law, regulation, legal process, or governmental request.
We may also share aggregated and/or anonymized information derived from the Services that does not directly identify you, including device information and information derived from cookies and log files with third parties for the purposes described in this Statement.
6. Retention of personal information
We retain personal information as long as reasonably necessary to provide the Services, carry out the purposes described in this Statement or as otherwise required in order to comply with our records retention periods (which reflect the applicable law). For example, we may retain information about users of our Services in order to comply with our legal and regulatory obligations or to protect our interests as part of providing the Services.
7. Cookies and other tracking technologies
Cookies: A small text file placed and saved in your browser when you access our Websites and potentially the websites of our Merchants, business partners and other third parties. We use both session cookies (i.e. cookies that are stored only for a specific website visit) and persistent cookies (i.e. cookies that are stored beyond a specific website visit) to provide the Services and for the purposes described in this Statement. These cookies may be set by us (first party cookies) or set by third parties that collect information on our behalf (third party cookies), such as Google Analytics.
Web beacons: A small graphic file placed on a website (or websites) or email that tracks your activity and monitors your behavior. We use web beacons within our Services to collect usage and performance data.
As part of using the Services, we use these technologies as well as similar technologies within our Services and across our Websites. Examples include:
to provide our Services (e.g. authentication within the check-out process);
to uniquely identify you and/or your device;
to store your preferences as part of providing the Services;
for personalization and targeted advertising purposes (including across your devices and applications);
for security and fraud-prevention purposes;
to analyze and monitor the performance of our Services;
to improve and develop new Services; and
to understand your use of the Services over time.
We implement appropriate administrative, technical, and organizational security measures to protect your personal information against unauthorized access, disclosure, damage or loss. However, even though we have taken measures to protect your personal information, we cannot guarantee that the collection, transmission and storage of personal information will always be completely secure.
Our Services are not targeted or directed at children under the age of 13, and we do not intend to, or knowingly, collect or solicit personal information from children under the age of 13. If you have reason to believe that a child under the age of 13 has provided personal information to us, we encourage the child’s parent or guardian to contact us as described in the “How to Contact Us” section of this Statement to request that we remove the information from our systems. If we learn that any personal information we collected has been provided by a child under the age of 13, we will promptly delete that personal information.