Developer Privacy Policy
Effective Date: April 22, 2025
This Privacy Policy describes how we at Subtotal Inc. (“Subtotal”, “we”, “our”, or “us”) collect, use, and share information about our business customers (“Developers,” “you,” or “your”) when you use our website, online tools, applications, or services (collectively, “Services”), or otherwise interact with us. This Policy does not apply to information we collect about end users — for example, when they connect their retailer accounts to Developer apps or websites through Subtotal. Please see our End User Privacy Policy for information about our practices regarding end user data.
Your use of Subtotal’s Services is subject to our Developer Services Agreement, which incorporates this Privacy Policy. Any terms we use in this Privacy Policy without defining them have the definitions given to them in the Developer Services Agreement.
We may update this Policy from time to time. We will alert you of material changes by giving notice on the Subtotal website, by sending you an email, and/or by some other means. By using the Services after any changes to this Policy have been posted, you agree to all of the changes.
Information We Collect
Information you provide. We collect information that you provide directly to us. For example, you provide certain personal information when you create a Developer Account, enter into a contractual relationship with us (individually or on behalf of your company), fill out a “contact us” form, enroll in billing, or otherwise communicate with us. The types of information we collect include:
- Developer Account Information. We collect personal information that you provide when you register for a Developer Account, including account credentials (such as your password), professional information (such as your company name, company URL, and job title), and identifiers (such as your name, email address, and phone number).
- Payment Information. We collect payment information that you provide when you sign up for our Services. We use third-party payment processors to process the payments you make to us. As such, you provide payment information directly to the third-party processor. You should review the processor’s privacy notice to learn how they treat your personal information. We receive only the last 4 digits of your credit card number and transaction-related information such as payment date, amount, card type, device type, and IP address.
- Customer Information. We collect information that you provide to us or authorize us to access regarding your customers, including but not limited to customer identifiers, transaction history, and order identifiers, and item-level purchase details. This information is collected and processed solely for the purpose of providing you with our Services.
- Product Information. We collect and process information regarding your products, including product identifiers (such as barcodes, SKUs, and UPCs), product names, and related metadata, in order to enable accurate matching of external retail purchases and for other purposes in connection with our Services.
- Communications. When you contact us through any mode of communication, such as email or a “contact us” form on our website, we may collect your name, email address, address, phone number, company name, account ID, and other personal information you provide to us.
Information we collect when you link your own retailer account. Developers who use our Services often link their own retailer accounts to test and evaluate our technology. If you do this, you should review our End User Privacy Policy for details on how we collect and handle that information.
Information we collect automatically when you use our Services. When you use our Services, we collect the following information:
- Log Information. We collect information that your browser or device automatically sends when you use our Services. Log information includes your IP address, browser type and settings, the date and time of your request, and how you interact with our Services.
- Device Information. We collect information about the device you use to interact with our Services, such as the name of the device, the hardware model and operating system, IP address, domain server, the date and time of your interaction with the Services, timezone setting and location, and other technical information about the device. The information we collect may depend on the type of device you use and its settings.
- Location Information. We may determine the general area from which your device accesses our Services based on information such as its IP address.
- Cookies and Similar Technologies. As described more fully in our Cookie Policy, we use cookies and other related technologies in operating our Services.
Information we collect from other sources. We may collect information about you from other sources, such as vendors who help us identify new potential customers, including your name, email address, and social media profile URL.
How We Use Your Information
We may use the information we collect for the following purposes:
- To fulfill our contractual obligations and provide the Services you have requested;
- To operate, improve, and personalize our Services;
- To promote and sell our Services;
- To track opportunities and generate leads;
- To bill you for our Services;
- To respond to your communications with us, including support requests;
- To communicate with you about our products, services, offers, and events;
- To send you legal and technical notices, updates, security alerts, and messages about your account;
- To prevent and investigate fraud and other illegal activities;
- To monitor, test, and update our Services, and diagnose and fix technical problems;
- To maintain the security and integrity of our Services and property;
- To enforce our contractual rights, resolve disputes, and protect the rights, privacy, safety, and property of Subtotal and others; and
- To comply with our legal obligations.
How We Share Your Information
We share your information as follows:
- With services providers, contractors, and business partners who provide services for us, such as payment processors, web hosting providers, data storage providers, email and messaging communications providers, analytics providers, and customer relationship and support providers;
- With advertisers and other third parties who use cookies and related technologies to collect information about your use of the Services (see our Cookie Policy for more details);
- To comply with our legal obligations and with legal or regulatory processes (such as subpoenas);
- To prevent fraud, malicious activity, and other privacy and security-related concerns or otherwise protect the rights, property, and safety of Developers, end users, Merchants, Subtotal, and others;
- With third parties in relation to a change in ownership or control of all or a part of our business, such as a merger, acquisition, bankruptcy, or reorganization; and/or
- Between and among Subtotal and our current and future parents, affiliates, and subsidiaries.
We may also collect, use, and share aggregated, de-identified, or anonymized information that does not identify you personally for any purpose permitted by law.
The following table explains how we have collected and shared personal information in the last 12 months.
| Categories of Personal Information | Sources of Personal Information | Parties with whom Personal Information May Be Shared |
|---|---|---|
| Developer account information | Information you provide | Payment processors Analytics providers |
| Account credentials | Information we collect automatically when you use our Services | Web hosting and data storage providers |
| Professional information | Information we collect when you link your own retailer account | Email and messaging communications providers |
| Identifiers | Information we collect from other sources | Customer relationship management providers |
| Payment information | Customer support providers | |
| Customer information | Fraud prevention and security services providers | |
| Product information | Advertisers and third parties who collect information through cookies | |
| Communications | ||
| Log information | ||
| Device information | ||
| Location information | ||
| Network activity information |
Data Security
We seek to protect your personal information from unauthorized access, use, and disclosure. We make reasonable efforts to maintain physical, technical, and administrative security measures appropriate to the risk associated with the processing of your information. Unfortunately, no data transmission or storage system is completely secure.
Data Retention
We retain your personal information for as long as necessary to provide our Services and to fulfill the purposes for which we collected the information, including for the purposes of complying with our legal obligations, resolving disputes, and collecting fees. When establishing a retention period for specific categories of information, we consider who we collected the information from, our need for the information, our reason for collecting the information, and the amount and sensitivity of the information.
If we aggregate, de-identify, or anonymize information such that it can no longer be used to identify you personally, we may use that information indefinitely without further notice to you.
Your Rights and Choices
Your Choices:
- Developer Account Information. You may update your Developer Account information by logging into your account on our website or by contacting us.
- Cookies. You can find more information about how we use cookies and your related choices in our Cookie Policy.
- Marketing Communications. You may opt out of receiving marketing emails from Subtotal by following the instructions in those emails. If you opt out, we may still send you other types of emails, such as legal notices and support, service, and other emails regarding your account.
Your Rights: Regardless of where you live, we recognize, and you may exercise, the following rights with respect to your information, subject to applicable exceptions provided by law:
- Information: To request information about the categories of personal information we have collected about you, the sources from which we collected the information, and how we have used and shared your information during the past 12 months;
- Access: To access a copy of the information we have collected from and about you during the past 12 months;
- Deletion: To request that we delete the information we have collected from and about you;
- Opt Out: To request that we limit the use and disclosure of your information; and
- Nondiscrimination: To exercise these rights free from discrimination.
Exercising Your Rights: You can exercise the rights described in this section by submitting a request to support@subtotal.com. You may be required to provide additional information to confirm your identity before we can respond to your request. If an authorized agent submits a request on your behalf, we may ask for a valid power of attorney to verify that the agent has written authority to submit requests on your behalf. In certain cases, we may be required or permitted by law to deny your request.
Contact Us
If you have any questions or comments about this Privacy Policy, our collection and use of your personal information, or your choices and rights regarding such collection and use, please contact us at:
https://www.subtotal.com/
support@subtotal.com
100 Church Street, Suite 800
New York, NY 10007