Privacy Policy

Maestro Application — Clover Platform

Orchatect Inc.

Effective Date: March 6, 2026

 

This Privacy Policy explains how Orchatect Inc. ("Company" or "we") collects, uses, discloses, and otherwise processes personal data on behalf of our customers — typically, merchants ("Merchant" or "Merchants”) in connection with our application, Maestro, which runs on the Clover Point of Sale system ("Clover POS"). This Privacy Policy applies specifically to Maestro's use on the Clover platform and does not apply to Orchatect's privacy practices in any other context.

Company's processing of personal data in connection with our application is governed by this Privacy Policy and our agreements with Merchants. In the event of any conflict between this Privacy Policy and a Merchant agreement, the Merchant agreement will be controlled to the extent permitted by applicable law.

This Privacy Policy is not a substitute for any privacy policy that a Merchant may be required to provide to their customers, personnel, or other individuals.

 

1.  Information We Collect

We may collect personal data from or on behalf of Merchants. Merchants determine the scope of the personal data transferred to us or that we collect, and the information we receive may vary by Merchant.

 

1.1  Transaction and Sales Data

When a customer makes a payment via a Clover POS, we collect information about the transaction, which may include personal data. This includes: the payment card used, name associated with the payment card, the location of the Merchant's store, date and time of the transaction, transaction amount, and information about the goods or services purchased.

We also collect historical sales data and transaction records for the purpose of providing multi-location management, reporting, and analytics through the Maestro platform.

 

1.2  Inventory and Item Data

We collect inventory information from the Merchant's Clover account, including item names, descriptions, prices, categories, modifiers, and stock levels. This data is used to provide cross-location inventory visibility and management within Maestro.

 

1.3  Customer Data

We may collect information ancillary to payments or provided directly by the Merchant about their customers. This may include:

• Email address or phone number (e.g., for electronic receipts)
• Marketing preferences
• Loyalty program activity
• Physical address (where needed for delivery)
• Other information customers provide, such as birthdate, preferences, reviews, or feedback

 

1.4  Employee and Personnel Data

We may collect information about Merchants' personnel and their interactions with the Clover POS, including clock-in and clock-out times, tips earned, shift data, sales history, and employee identifiers. This data supports workforce and operations management features within Maestro.

 

1.5  Additional Merchant-Provided Data

Merchants may provide us with additional data directly, via access they grant to us through the Clover OAuth authorization flow, or otherwise. This includes customer contact information, purchase history, and personnel records as described above.

 

2.  How We Use the Information We Collect

We use the personal data we collect for or on behalf of Merchants to provide the core services and functionality of the Maestro application, including:

• Multi-location sales reporting and analytics
• Inventory tracking and management across locations
• Employee scheduling, performance, and workforce management
• Customer relationship and loyalty program management
• Cross-platform data aggregation and business intelligence dashboards We may also use personal data for related internal purposes, including:
• Providing information about the application, such as important updates, changes, and security alerts
• Measuring performance and improving the application
• Responding to inquiries, complaints, and customer support requests

In addition, Company may use personal data as necessary or appropriate to: (a) comply with applicable laws, lawful requests, and legal processes; (b) enforce the terms and conditions governing our application; (c) protect our rights, privacy, safety, or property, and that of Merchants or others; and (d) protect, investigate, and deter against fraudulent, harmful, unauthorized, or illegal activity.

 

3.  How We Share Information

We may share personal data that we collect with:

• The Merchant from whom or on whose behalf we collected the personal data
• The platform on which our application runs, the Clover You may view Clover's Privacy Notice here.
• Third parties as a Merchant may direct
• Third-party service providers that help us manage and improve the application
• Company subsidiaries and corporate affiliates for the purposes described in this Privacy Policy or in our agreement with a Merchant

Company may disclose personal data to government or law enforcement officials or private parties as required by law, and as necessary or appropriate to: (a) comply with applicable laws and legal processes;

(b) enforce the terms and conditions governing our application; (c) protect our rights, privacy, safety, or property; and (d) protect, investigate, and deter against fraudulent, harmful, or illegal activity.

Company may sell or transfer some or all of its business or assets, including personal data, in connection with a business transaction such as a merger, consolidation, acquisition, reorganization, or sale of assets, or in the event of bankruptcy. In such cases, we will make reasonable efforts to require the recipient to honor this Privacy Policy.

 

4.  Your Rights and Choices

4.1  Data Subject Rights

To the extent that applicable law provides individuals with rights pertaining to their personal data — such as the right to review or request changes to their personal data — individuals should contact the Merchant with any requests pertaining to the Merchant's use of our application.

 

To the extent that Clover is responsible for responding to data subject rights requests under applicable law, individuals may contact Clover with applicable requests as explained in Clover's Privacy Notice at https://www.clover.com/privacy-policy. Company will assist a Merchant, or Clover, as applicable, in responding to such requests subject to our contract with a Merchant or Clover.

 

4.2  Retention Period

Once the contractual or service agreement with a Merchant has ended or terminated, we do not retain personal information related to the services provided beyond what is necessary for legal or regulatory purposes, or for the establishment, exercise, or defense of legal claims.

 

4.3  Data Deletion

Upon termination of the contractual or service agreement, we will promptly delete or anonymize all personal information collected or processed during the term of the agreement, except where retention is necessary for legal or regulatory compliance.

 

4.4  Minors

We do not knowingly collect personal information from individuals under the age of 18 without verifiable parental consent. If we become aware that we have inadvertently collected personal information from a minor without appropriate consent, we will take prompt steps to delete such information.

 

4.5  Complaints

If you have a complaint about our handling of personal data, please contact us using the contact information provided in Section 6 below.

 

4.6  Updates

We reserve the right to modify this Privacy Policy at any time. We will notify you of updates by updating the effective date of this Privacy Policy.

 

5.  Additional Information for Merchants Located in Canada

For Merchants located in Canada, we comply with applicable Canadian privacy legislation, including the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy laws.

We collect, use, and disclose personal information only for the purposes identified in this Privacy Policy, and only with the knowledge and consent of the individual, except where otherwise required or permitted by law. Individuals have the right to access their personal information held by us, subject to certain exceptions permitted by law, and to request correction of inaccurate information.

To exercise your rights under Canadian privacy law, or to raise a privacy concern, please contact our Privacy Officer at privacy@orchatect.com.

 

6.  Your California Privacy Rights (CCPA)

As a California resident, you have the following rights, subject to certain limitations:

• Information: You can request information about how we have collected and used your Personal Information during the past 12 months, including the categories collected, sources, business purposes, and third parties with whom we share it.
• Access: You can request a copy of the Personal Information we maintain about
• Deletion: You can ask us to delete the Personal Information we maintain about
• Nondiscrimination: You are entitled to exercise these rights free from

 

6.1  How to Exercise Your Rights

To submit a request, you may:

• Email us at: privacy@orchatect.com
• Call us toll-free at: 1-866-672-4283
• Write to us at: 2100 N Greenville Ave Suite 1100, Richardson, TX 75082

We will verify your identity before processing requests. You may also submit requests on behalf of your minor child under age 13 or designate an authorized agent by providing written authorization.

 

6.2  Sale of Personal Information

We do not sell, as defined under the CCPA, your Personal Information to third parties. In the preceding twelve (12) months, we have not sold any personal information.

 

6.3  Personal Information We Collect, Use, and Share

The table below summarizes our collection and sharing of personal information during the last 12 months:

 

Category	Do we collect?	Do we share?
Identifiers	Yes	No
Online Identifiers	Yes	No
Protected Classification Characteristics	No	No
Commercial Information	Yes	No
Biometric Information	No	No
Internet or Network Information	Yes	No
Geolocation Data	Yes	No
Sensory Information	No	No
Professional or Employment Information	Yes	No
Education Information	No	No
Inferences	Yes	No
Financial Information	Yes	No
Medical Information	No	No

 

7.  Glossary

 

Category	Definition
Identifiers	Real name, alias, postal address, unique personal identifier, customer number, email address, account name and other similar identifiers.
Online Identifiers	Device identifier, IP address, cookies, mobile ad identifiers, customer number, pseudonym, user alias, telephone numbers, or other persistent identifiers.
Commercial Information	Products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
Financial Information	Bank account number, debit or credit card numbers, insurance policy number, and other financial information.
Geolocation Data	Precise location, e.g., derived from GPS coordinates or telemetry data.

 

Internet or Network Information	Browsing history, search history, and information regarding a consumer's interaction with an Internet website, application, or advertisement.
Professional or Employment Information	Information relating to a person's current, past or prospective employment or professional experience (e.g., job history, performance evaluations), and educational background.
Inferences	Inferences drawn from any of the information described above to create a profile about a consumer reflecting the consumer's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

8. Contact Us

You may contact us with any questions, comments, or complaints about this Privacy Policy or our privacy practices:

• Email: privacy@orchatect.com
• Phone: 1-866-672-4283
• Address: 9201 Warren Pkwy Ste 200, Frisco, TX 75035
• Website: https://orchatect.com

 

 

This policy applies specifically to Maestro on the Clover platform. For our general privacy policy covering all platforms, please visit orchatect.com/privacy