Privacy Notice

This "Privacy Notice" describes the practices of the Clover entity identified below and its respective subsidiaries and affiliates (collectively, "Clover", "we", "us", or "our") and the rights and choices available to individuals, regarding personal data. These Clover entities are members of the Fiserv group of companies. Personal data means any information that identifies or can reasonably be linked with an identifiable individual.

If your country of residence is:

• the UK or an EU Member State (such as Austria, Ireland, Germany, or the Netherlands) then your Clover entity is Marketplace Merchant Solutions Limited, trading as Clover ™
• Australia then your Clover entity is First Data Merchant Solutions Australia Pty Limited
• Singapore then your Clover entity is Fiserv Merchant Solutions Pte Ltd
• In any other country in which Clover operates (including the US and Canada) your Clover entity is Clover Network, LLC.

Clover may provide additional or supplemental privacy notices to individuals at the time we collect their data, which will govern how we may process the information provided at that time. We may alter this Privacy Notice as needed to abide by local laws or regulations around the world, such as by providing supplemental information in certain countries. This Privacy Notice does not apply to Clover's processing of the personal data of its personnel, such as employees and contractors.

We provide important information here for individuals located within Member States of the European Union, countries in the European Economic Area, the United Kingdom, and Switzerland (collectively, "Europe" or "European").

Table of Contents

1. The personal data we collect
2. How we use your personal data
3. The parties with whom we share your personal data
4. Your rights and choices
5. International transfers
6. How we keep your data safe
7. Links to other websites
8. How long will you use my personal data
9. Additional information for European and UK users
10. Information for California Residents
11. Information for Residents of Virginia
12. Changes to this Notice
13. Contact us

1. The personal data we collect

We collect personal data about individuals from various sources described below. Where applicable, we indicate whether and why individuals must provide us with personal data, as well as the consequences of failing to do so.

A. Information that we collect when a merchant's customer interacts with a Clover POS or other Clover payment method

(i) Information that we collect when individuals make a payment

When you make a payment at a merchant using a Clover Point of Sale system ("Clover POS"), the Clover Payment Gateway, the Clover App, the Clover Go App, or any other related payment method that Clover makes available, we collect information about the transaction, which may include personal data. Information about transactions includes the payment card used, name associated with the payment card, electronic signature, name and location of the merchant at which the transaction occurred, date and time of the transaction, transaction amount, and information about the goods or services purchased in the transaction.

(ii) Additional information merchants' customers may provide through the Clover POS

We may collect additional information, depending on how a merchant configures its Clover POS. This information may include: Your email address or phone number, for example, if you choose to receive an electronic receipt or opt-in to receive marketing communications; Your marketing preferences; Information about your participation in a merchant's loyalty program, if offered and if you choose to participate; Other information you choose to enter into the Clover POS, such as your birthdate, interests or preferences, reviews, and feedback.

(iii) Additional information you may provide through the Clover App and Clover Go Apps

When you use the Clover App, Clover Go App or other Clover branded applications, you may provide your name, email address, phone number, account password, bank account information, payment card information, billing address, or other information you may choose to provide. If you consent to the Clover App accessing your location information, we will collect information about your precise location in accordance with your device settings.

B. Information that we collect from merchants about their customers

Our merchants may provide us with information about their customers. This information may include uploaded email addresses, phone numbers, and purchase history, for instance when we manage promotions or marketing communications or perform other services on behalf of a merchant.

C. Information that we collect about merchants and their personnel

We may collect personal data directly from merchants (including prospective customers) about themselves and their personnel. The types of information we obtain include: Contact information; Profile information; Demographic details; Information about individuals' affiliation with a legal entity; Government-issued identification numbers (to the extent permitted under applicable law); Feedback and correspondence; Financial account information; Information about merchants and transactions; Information related to a merchant's use of Clover products or services; Information about a merchant's personnel and their interaction with the Clover POS; Marketing information.

D. Information collected via third-party applications

A merchant may choose to install third-party applications on its Clover POS. Clover may receive personal data about merchants, merchant's customers, or merchant's personnel as a result of the merchant's use of the third-party application. We are not responsible for the privacy practices of third-party applications; however, we will treat the data we receive in accordance with this Privacy Notice.

E. Information that we collect about job applicants to Clover

We collect information about job applicants, such as name and contact information, professional credentials and skills, educational and work history, and other information of the type included on a resume or curriculum vitae.

F. Information that we collect from private and publicly accessible sources

We and our service providers may collect information about individuals that is publicly available, including from government lists, public records databases, and media and the internet. We may also collect information from private or commercially available sources, such as credit reference and fraud prevention agencies, to the extent permitted under applicable law. When individuals interact with our pages on third-party platforms (e.g. LinkedIn, Facebook, Twitter, YouTube, Instagram), the third-party's privacy policy will govern your interactions on that platform.

G. Information collected via automated means

When you access our websites or use our mobile applications, we, our service providers, and our partners may automatically collect information about you, your computer or mobile device, and activity on our websites or mobile applications. This may include device type, browser type, IP address, general location, and information about your use of our websites or applications. This information is collected via cookies, pixels, tags, web beacons, embedded scripts, and similar technologies. Please refer to our Cookies Notice for more details.

H. Sensitive personal data

In limited circumstances and when permitted by law, we may collect biometric data, health or medical information, or other sensitive information. Outside of these contexts, we ask that you not provide us with any sensitive personal data through our websites or mobile applications.

2. How we use your personal data

We use your personal data for the purposes of: A. Providing our products and services (operating, improving, and providing our products and services; fulfilling transactions; managing our relationship with you; communicating with you; personalizing our services; maintaining records; checking for fraud; administering and protecting our business; providing support). B. Research and development (developing or improving our products and services; analytics and reporting). C. Marketing (forming a view on products or services that may be of interest; sending marketing communications where permitted; you can opt out at any time). D. Managing our recruiting and processing employment applications. E. Complying with law. F. Compliance, fraud prevention and safety. G. With your consent (where required by law; you may withdraw consent at any time). H. To create anonymous data for our lawful business purposes.

3. The parties with whom we share your personal data

We may share your personal data with: A. Companies within the Fiserv group. B. Service providers who administer and provide services on our behalf. C. Merchants and applications that run on the Clover POS used by merchants. D. Participants in the transaction processing chain (merchants, banks, card associations, etc.). E. Credit reference, fraud protection, risk management, and identity verification agencies. F. Professional advisors (lawyers, bankers, auditors, insurers). G. Government or law enforcement as required by law; to enforce our terms; to protect rights, privacy, safety or property; to deter fraudulent or illegal activity. H. Recipients in connection with business transfers (e.g. merger, sale of assets, bankruptcy). I. Other parties with your permission or to fulfill a contract.

4. Your rights and choices

A. Marketing communications: You can ask us to stop sending you marketing messages at any time by contacting us or clicking the opt-out link in each message. B. Targeted online advertising: You may opt out through participating members of organizations such as the Network Advertising Initiative (USA), Digital Advertising Alliance (USA), and similar bodies in other regions. C. Do Not Track: We currently do not respond to do not track signals. D. Choosing not to provide your personal data: Where we request personal data directly from you, you do not have to provide it; in some circumstances we or merchants may be unable to provide products or services. E. Accessing, modifying or deleting your information: In some jurisdictions you may have the right to access, modify, or delete your personal data. Contact us to make a request. A reasonable fee may be charged for an access request. F. Complaints: You may contact us with any complaint about our handling of your personal data using the contact details in section 13 below. You may also have the right to file a complaint with a national or local regulatory agency.

5. International transfers

Clover is headquartered in the United States and has offices and service providers in other countries. Your personal data may be transferred to the United States or other locations where privacy laws may not be as protective as those in your jurisdiction. If we make such a transfer, we will require that recipients provide data security and protection in accordance with applicable law. European users should read the important information provided about transfer of personal data outside of Europe.

6. How we keep your data safe

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. We limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. We maintain annual compliance with the Payment Card Industry Data Security Standard (PCI DSS). We have procedures to deal with any suspected personal data breach and will notify you and any applicable regulator where we are legally required to do so.

7. Links to other websites

We may link to third-party websites, mobile applications, and other content. Clover is not responsible for the privacy practices of any third party, and this privacy notice does not apply to such third party's websites, applications, or content. Visiting or using linked third-party properties is at your own risk.

8. How long will you use my personal data

We will use your personal data for as long as necessary based on why we collected it and what we use it for, or as required or permitted by applicable laws. We consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process your personal data, and applicable legal requirements. In general, we will retain your personal data for as long as is necessary for the purposes identified in this Privacy Notice.

9. Additional information for European and UK users

Clover Network, LLC is the controller of your personal data for purposes of European and UK data protection law. If you have questions or wish to exercise your legal rights, contact us: Email: sales@soireeinc.com | Postal: Soireeinc, 1510 Randolph St. Ste 208, Carrollton, TX 75006. If you are in Europe or the UK, you may have rights including: Access; Correction; Erasure; Object; Restriction; Transfer/Portability; Withdraw consent; and rights regarding automated decision making. You can submit requests by contacting us using the details in section 13 below. You also have the right to make a complaint to a supervisory authority. Cross-border transfers out of Europe/UK are made pursuant to EU/UK Binding Corporate Rules, Standard Contractual Clauses, or other lawful mechanisms.

10. Information for California Residents

California residents have specific rights under the CCPA/CPRA regarding their Personal Information, including access, correction, and deletion rights. You may exercise these rights by contacting us at sales@soireeinc.com, visiting our contact page, or calling +1 214-831-4739. You are entitled to exercise these rights free from discrimination. Our websites and online services may use analytics and advertising tools that enable partners to collect information for cross-context behavioral advertising; you have the right to opt out where we provide an opt-out mechanism. We describe the categories of personal information we collect, use, and disclose in this Privacy Notice.

11. Information for Residents of Virginia

Virginia residents may have rights under the VCDPA regarding their personal data. You may exercise access, correction, and deletion rights by contacting us at sales@soireeinc.com, visiting our contact page, or calling +1 214-831-4739. You can appeal a denial of your request by emailing us at sales@soireeinc.com.

12. Changes to this Privacy Notice

We reserve the right to modify this Privacy Notice at any time. We encourage you to periodically review this page for the latest information. If we make material changes, we will notify you by updating the date of this Privacy Notice and posting it on our website and in app stores. We may also provide notification via e-mail or another manner. Your continued use of our products or services after the posting of any modified Privacy Notice indicates your acceptance of the modified terms.

13. Contact us

If you have any questions, concerns, or complaints about this Privacy Notice or our privacy practices, or to request access to your personal data, please contact Soireeinc:

Email: sales@soireeinc.com

Phone: +1 214-831-4739

Address: 1510 Randolph St. Ste 208, Carrollton, TX 75006

You can also reach us through our contact page.

For questions about your credit or debit card or your purchase, please contact the financial institution that issued your card or the merchant.