Effective Date: November 25, 2025
This “Privacy Policy” explains how [Ocelot - Espace de vente] (“Company” or “we”) collects, uses, discloses, and otherwise processes personal data on behalf of our customers – typically, merchants (any, a “Merchant”) – in connection with our application, Ocelot - Espace de vente, which runs on the Clover Point of Sale system (“Clover POS”). This Privacy Policy does not apply to Company’s privacy practices in any other context.
Company’s processing of personal data in connection with our application is governed by this Privacy Policy and our agreements with Merchants. In the event of any conflict between this Privacy Policy and a customer agreement, the customer agreement will control to the extent permitted by applicable law.
This Privacy Policy is not a substitute for any privacy policy that a Merchant may be required to provide to their customers, personnel, or other individuals.
We may collect personal data from or on behalf of Merchants. Merchants determine the scope of the personal data transferred to us or that we collect, and the information we receive may vary by Merchant. Typically, the information we collect on behalf of Merchants includes:
When a customer makes a payment via a Clover POS, we collect information about the transaction, which may include personal data. Information about transactions includes the payment card used, name associated with the payment card, the location of the merchant’s store, date and time of the transaction, transaction amount, and information about the goods or services purchased in the transaction.
In addition, we collect: basic checkout-related customer data required to complete the sale within Ocelot – Espace de vente, such as product line items, discounts applied, loyalty identifiers (if applicable), and internal transaction identifiers generated by the Ocelot system.
We do not collect full payment card numbers or CVV codes.
Additional information that customers of the Merchant provide through the Clover POS ancillary to a payment
We may collect additional information ancillary to the payment. This information may include:
• Customers’ email address or phone number, such as when the customer chooses to receive an electronic receipt
• Customers’ marketing preferences, such as whether the customer wishes to receive marketing communications or newsletters
• Information about participating customers’ activity in a merchant loyalty program
• Customers’ physical address, where needed for delivery of goods or services
• Other information the customer provides, such as birthdate, interests or preferences, reviews, and feedback.
We may collect information about Merchants’ personnel and interactions with the Clover POS, such as clock-in and clock-out time and tips earned, employee identifier, role/permissions within Ocelot, POS interaction logs, and performance metrics related to sales and checkout operations.
Merchants may provide us with additional information directly, via access they grant to us, or otherwise. The types of information that merchants may provide to us about their customers include email addresses, phone numbers, and purchase history customer account identifiers created within Ocelot, loyalty program status, store credit or gift card balances, notes related to customer service, and order history across online and in-store channels... The types of information that merchants may provide to us about their personnel include email addresses, phone numbers, shifts, and sales history, user permissions, assigned store locations, and internal notes related to operations or technical support.
We use the personal data we collect for or on behalf of Merchants, to provide our services and the functionality of our application:
Ocelot – Espace de vente uses personal data to process sales transactions, manage product catalogs, synchronize inventory, manage employee permissions, enable customer receipts, support loyalty features, generate reports, and ensure proper operation of the POS system integrated with Clover.
We may also use personal data for related internal purposes, including:
In addition, Company may use personal data as we believe necessary or appropriate to (a) comply with applicable laws and lawful requests and legal processes, such as to respond to subpoenas or requests from government authorities; (b) enforce the terms and conditions that govern our application; (c) protect our rights, privacy, safety or property, and/or that of you or others; and (d) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity.
We may share personal data that we collect with:
Company may disclose personal data to government or law enforcement officials or private parties as required by law, and disclose and use such information as we believe necessary or appropriate to (a) comply with applicable laws and lawful requests and legal processes, such as to respond to subpoenas or requests from government authorities; (b) enforce the terms and conditions that govern our application; (c) protect our rights, privacy, safety or property, and/or that of you or others; and (d) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity.
Company may sell or transfer some or all of its business or assets, including your personal data, in connection with a business transaction (or potential business transaction) such as a merger, consolidation, acquisition, reorganization or sale of assets or in the event of bankruptcy, in which case we will make reasonable efforts to require the recipient to honor this Privacy Policy.
To the extent that applicable law provides individuals with rights pertaining to their personal information, such as to review and request changes to their personal information, individuals should contact the Merchant with any requests pertaining to the Merchant’s use of our application. To the extent that Clover is responsible for responding to data subject rights requests under applicable law, individuals may contact Clover with applicable requests as explained in Clover’s Privacy Notice, https://www.clover.com/privacy-policy. Company will assist a Merchant, or Clover, as applicable, in responding to such requests subject to our contract with a Merchant or Clover.
If you have a complaint about our handling of personal data, you may contact us via the contact information provided below.
We reserve the right to modify this Privacy Policy at any time. We will notify you of updates by updating the date of this Privacy Policy.
You may contact us with any questions, comments, or complaints, about this Privacy Policy or our privacy practices via:
ProgExpert Inc.
905, rue de Nemours, Bureau 215
Québec (QC) G1H 6Z5
Canada
Phone: 418-476-7886
Email: info@progexpert.com
Company is a data processor acting for and on behalf of the Merchant that has installed our application on their Clover POS. That Merchant is the controller of personal data that we process on its behalf. Clover is also a controller of personal data in some circumstances. Clover’s Privacy Notice is available at https://www.clover.com/privacy-policy.
Company processes personal data as directed or permitted by the Merchant that uses our application. The Merchant is responsible for establishing a legal basis for our processing of personal data for or on behalf of the Merchant.
When we transfer personal data outside of Europe (or the UK) to countries not deemed by the European Commission to provide an adequate level of protection for personal data, we make the transfer pursuant to one of the following transfer mechanisms:
You may contact us with questions about our transfer mechanism.
Subject to our agreement with a Merchant, Company retains personal data for as long as necessary to (a) provide our products and services; (b) comply with legal obligations; (c) resolve disputes; and (d) enforce the terms of any agreement we may have with a Merchant. You may contact us for additional information about our data retention practices in connection with the application.
Under certain circumstances, data subjects in Europe and the UK have certain rights relating to their personal data, which include the rights to request from the Controller (a) access to the data subject’s personal data; (b) correction of incomplete or inaccurate personal data; (c) erasure of personal data; (d) restriction of processing concerning the data subject; and (e) that the controller provide a copy of the data subject’s personal data that the data subject provided to the controller in a structured, commonly used and machine-readable format. Data subjects may also object to a controller’s processing of personal data under certain circumstances. Where processing is based on a data subject’s consent, the data subject has the right to withdraw consent at any time; however, the withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal. Data subjects may also file a complaint with a supervisory authority. You may view contact information for supervisory authorities at https://edpb.europa.eu/about-edpb/board/members_en. Data subjects in Europe or the UK should direct any rights request to the appropriate Controller.
As a Canadian resident, you have the rights listed below. However, these rights are not absolute, and we may decline your request as permitted by the CCPA.
Information. You can request the following information about how we have collected and used your Personal Information during the past 12 months:
Access. You can request a copy of the Personal Information that we maintain about you.
Deletion. You can ask us to delete the Personal Information that we maintain about you.
Nondiscrimination. You are entitled to exercise the rights described above free from discrimination. This means that we will not penalize you for exercising your rights by taking actions such as by denying you goods or services, increasing the price/rate of goods or services, decreasing the service quality, or suggesting that we may penalize you as described above for exercising your rights. However, the CCPA allows us to charge you a different price or provide a different service quality if that difference is reasonably related to the value of the Personal Information we are unable to use.
You may exercise your California privacy rights as follows:
You can request to exercise your information, access and deletion rights in the following ways:
We do not sell, as defined under CCPA, your Personal Information to third parties.
In the preceding twelve (12) months, we have not sold any personal information.
The chart below summarizes our collection, use and sharing of Personal Information during the last 12 months before the effective date of this Privacy Policy. We describe the sources through which we collect your Personal Information in section above titled The Personal Data We Collect, and describe the purposes for which we collect, use, sell and share this information in section above titled How We Use Your Personal Data and The Parties With Whom We Share Your Personal Data.
| Category | Do we collect this information? | Do we share this information for business purposes? |
|---|---|---|
| Identifiers | Yes | Yes |
| Online Identifiers | Yes | Yes |
| Protected Classification Characteristics | No | No |
| Commercial Information | Yes | Yes |
| Biometric Information | No | No |
| Internet or Network Information | No | No |
| Geolocation Data | No (only store location, not live tracking) | No |
| Sensory Information | No | No |
| Professional or Employment Information | Yes | Yes |
| Education Information | No | No |
| Inferences | No | No |
| Financial Information | Yes — limited to last 4 digits, card type, and transaction metadata only | Yes |
| Medical Information | No | No |
| Category | Definition |
|---|---|
| Biometric Information | An individual’s physiological, biological or behavioral characteristics, including DNA, that can be used, singly or in combination with each other or with other identifying data, to establish an individual’s identity. Includes imagery of iris, retina, fingerprint, face, hand, palm, vein patterns, voice recordings, keystroke patterns, gait patterns, sleep/health/exercise data, etc. |
| Transaction History | Products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. |
| Financial Information | Bank account number, debit or credit card numbers, insurance policy number, and other financial information. |
| Geolocation Data | Precise location, e.g., derived from GPS coordinates or telemetry data. |
| Identifiers | Real name, alias, postal address, unique personal identifier, customer number, email address, account name, and similar identifiers. |
| Government-issued ID | Social security number, driver’s license, passport, or other government-issued identification, including an ID number or image. |
| Medical Information | Personal information about an individual's health or healthcare, including health insurance information. |
| Internet or Network Information | Browsing history, search history, and information regarding a consumer’s interaction with an Internet site, application, or advertisement. |
| Online Identifiers | An online or persistent identifier used to recognize a person, family, or device across different services (e.g., IP address, cookies, device ID, customer number, alias, telephone numbers). |
| Physical Description | Physical characteristics or descriptions (e.g., hair color, eye color, height, weight). |
| Professional or Employment Information | Information relating to a person's employment or professional background (e.g., job history, performance evaluations, educational background). |
| Protected Classification Characteristics | Characteristics protected under law, such as age (40+), race, color, ancestry, national origin, citizenship, religion, marital status, disability, sex, gender identity/expression, pregnancy, sexual orientation, veteran status, or genetic information. |
| Sensory Information | Audio, electronic, visual, thermal, olfactory, or similar information. |
905, rue de Nemours, Bureau 215
Québec (QC) G1H 6Z5
Canada
Phone: 418-476-7886
Email: info@progexpert.com
Tous droits réservés
© Copyright 2026
