Privacy Notice for Users Who Do Not Apply or Sign Up for a Square Account or Other Services

For users who DO apply or sign up for a Square Account, click here.

Posted on: 16 April 2018

Effective Date: 25 May 2018

This Privacy Notice describes how Squareup International Ltd., with its office at Fumbally Square, Fumbally Lane, Dublin 8, Ireland, and our affiliates (collectively, ‘Square,’ ‘we,’ and ‘us’) collect, use, disclose, transfer, store, retain or otherwise process your information when you access or use in any manner any Square services (including, but not limited to when you make a payment at a Square Seller, request a digital receipt or Square invoice, use an Online Store or any Square API product), through Square’s website or applications (collectively, “Services”); or otherwise contact or interact with us, even if you have not applied for a Square account or downloaded one of our applications.

This Privacy Notice does not describe the practices of other users of our Services, including Sellers that may collect information from you when you interact with them through our Services, and we encourage you to ask them about their privacy practices before providing any information to them.

This Privacy Notice applies to your use of our Services, and covers information collected in connection with your access to and use of our Services. Please read this Privacy Notice carefully.

Our Privacy Notice explains:


We need to collect certain information about you to provide you with the Services or the support you request. The type of information we collect can vary depending on the country from which you access our Services. Additionally, you can choose to voluntarily provide information to us.

Information You Provide to Access our Services

We collect information you upload or send to or through our Services (including information you provide when you request delivery of a digital receipt, such as your name, email address, and phone number). We also collect information you provide when you participate in contests or promotions offered by Square or our partners, respond to our surveys, upload content, make a payment at a Square Seller, otherwise communicate with us, or otherwise use or access the Services.

We collect the following information about you when you use our Services. This information is necessary for us to provide the Services to you and to allow us comply with applicable regulations, including but not limited to anti-money laundering laws. Without it, we will not be able to provide you with the requested Services.

The information that we collect from you includes:

  • Identification information. Your name, email address, postal code, phone number, signature, and authentication credentials (for example, information you use to login to your account).
  • Financial information. Bank account information and payment card numbers.
  • Transaction information. When you use our Services to make or record payments, or request delivery of a digital receipt, we collect information about when and where the transactions occur, the names of the transacting parties, a description of the transactions, the payment or transfer amounts, billing and shipping information, and the devices and payment methods used to complete the transactions.

Information You Provide to Enhance Your Experience

You can choose to provide us with additional information in order to obtain a better user experience when using our Services. This additional information will be processed with your consent and/or to provide you with services you request:

  • Other information you provide. We collect information that you voluntarily provide to us, including your survey responses; participation in contests, promotions, or other marketing lead forms or devices; suggestions for improvements; referrals; or any other actions performed on the Services.

Information We Automatically Collect From Your Use of our Services

We automatically collect information about you and the devices you use to access the Services, such as your computer, mobile phone, or tablet to pursue our legitimate interest, in particular:

  • to provide, improve, develop and protect our content, products services and applications;
  • to personalise our website, products and Services for you;
  • to use third parties to check the validity of the sort code, account number and card number you submit in order to detect and prevent fraud;
  • to monitor accounts to prevent, investigate and/or report fraud, terrorism, misrepresentation, security incidents or crime, in accordance with applicable laws.

The information we collect includes:

  • Location Information. The location of your device if you pay with Apple or Android Pay. You can disable collection of location information by changing the preferences on your mobile device or by choosing to pay with a payment instrument other than Apple or Android Pay.
  • Device Information. Information about your device, including your hardware model, operating system and version, unique device identifier, mobile network information, and information about the device’s interaction with our Services.
  • Use Information. Information about how you use our Services, including your access time, “log-in” and “log-out” information, browser type and language, country and language setting on your device, and Internet Protocol (“IP”) address, the domain name of your Internet service provider, other attributes about your browser, mobile device and operating system, any specific page you visit on our platform, content you view, features you use, the date and time of your visit to or use of the Services, your search terms, the website you visited before you visited or used the Services, data about the way you interact with our Services, and other clickstream data.
  • Customer Information. Information you provide to a Seller using our Services, including, for example if you are a buyer who provides a Seller with information such as your email address, phone number, payment information, or other information.

Information We Collect from Other Sources

We also collect information about you from third parties to pursue our legitimate interest and to comply with applicable law (including but not limited to anti-money laundering laws):

  • Identity Verification. Information from third parties and publicly available sources.
  • Credit, Compliance and Fraud. We can collect information about you from third parties in connection with any credit investigation, credit eligibility, identity or account verification process, fraud detection, or collection procedure, or as may otherwise be required by applicable law. This includes, without limitation, the receipt and exchange of account or credit-related information with any credit reporting agency or credit bureau, where lawful, and any person or corporation with whom you have had, currently have, or may have a financial relationship, including without limitation past, present, and future places of employment, financial institutions, and personal reporting agencies.

Minors’ Information

Our Services are general audience services not directed at individuals under the age of 18. If we obtain actual knowledge that any information we collect has been provided by an individual under the age of 18, we will promptly delete that information.


We collect information about you when you request to engage with our Services for a variety of uses based on different reasons. For example, some of the information we collect from you we need to enable use to deliver the Services to you, sometimes we are required by law and regulations to collect and process this information about you, at other times, we consider it is in our legitimate business interests to collect and process this information, taking into consideration your privacy right.

We use information about you for a number of purposes:

Providing, Improving and Developing our Services

  • Determining whether the Services are available in your country. We process Location Information where you have requested use of the Services. Without this information, we cannot confirm whether we are able to offer the Services to you.
  • Processing or recording payment transactions or money transfers, and otherwise providing you with the Square products and features you choose to use. Without this information we would not be able to provide the Services requested by you. Information required for these reasons include:
    • Identification Information;
    • Transaction Information; and
    • Contact Information
  • Displaying your historical transaction or appointment information. Without this information we would not be able to provide the Services requested by you.
  • Providing, maintaining and improving our Services. It is in our legitimate business interests to continue to maintain our product and service offering to individuals in order to keep running our business.
  • Developing new products and Services. It is in our legitimate business interests to continue to improve our product and service offering to individuals in order to develop and grow our business.
  • Delivering the information and support you request, including digital receipts, invoices and scheduling information. We need to communicate with you to fulfil our own obligations or meet your requests and us and we need to use your contact and other information in order to deliver this information to you. If you do not provide this information, we will not be able to meet your requests.
  • Improving, personalising and facilitating your use of our Services.
  • Measuring, tracking and analysing trends and usage in connection with your use or the performance of our Services. We want to understand how current products and Services are used in order to develop and enhance our products in our legitimate interests. In order to ensure that our legitimate business interests of striving to deliver a consistent, secure and continuous service are met, we need to carry out certain analytics on the performance of our Services.

Communicating with You About our Services

  • Sending you information we think you may find useful or which you have requested from us about our products and services. We send you information about services you use because it is in our legitimate interest to do so. We will only send you notifications regarding promotional information where we have your consent to do so. Please see below for further information.
  • Conducting surveys and collecting feedback about our Services. We do this to pursue our legitimate interests to understand if the Services are helpful to you and to evaluate the effectiveness of any updates we provide.

Protecting our Services and Maintaining a Trusted Environment

  • Investigating, detecting and preventing or reporting fraud, misrepresentations, security breaches or incidents, other potentially prohibited or illegal activities. We do this as we are required by law to ensure effective fraud prevention processes are in place. We also do this to prevent our Services being misused for fraudulent activities which is in our legitimate interests as a provider of the Services and other payment processing services.
  • Protecting our, our Sellers’, or your rights or property, or the security or integrity of our Services. We do this to comply with applicable law and for our legitimate interest in protecting the security and integrity of our Services.
  • Enforcing our Terms of Service or other applicable agreements or policies. This is necessary in order to fulfil the obligations between you and us under the those agreements or policies.
  • Verifying your identity. We need to verify your identity to comply with our contractual obligations, applicable law, and / or for our legitimate interest in protecting the security and integrity of our Services.
  • Complying with any applicable laws or regulations, or in response to lawful requests for information from the government or through legal process. We do this as required by law.
  • Fulfilling any other purpose disclosed to you in connection with our Services.
  • We can also contact you to resolve disputes, collect fees and provide assistance with our Services.

We process this information given our legitimate interest providing you with our Services, to measure the adequate performance of our contract with you, and to comply with applicable laws.

Advertising and Marketing

  • Marketing of our Services;
  • Communicating with you about opportunities, products, services, contests, promotions, discounts, incentives, surveys, and rewards offered by us and select partners;
  • If we send you marketing emails, each email will contain instructions permitting you to “opt out” of receiving future marketing or other communications.

We will only process your information for these purposes where we have your consent to do so.

Digital Receipts

  • If you provide a Square Seller with your contact information to receive receipts via email or text message, we and that Seller may store the email address or phone number you provide. We use your email address or phone number to send you a receipt for your purchase, to send you promotional messages from Sellers you have visited when we have your consent to do so, to automatically send you digital receipts for future purchases you make from other Sellers. When you submit or share information through a receipt (such as submitting feedback), we may share that information with Sellers and you may receive responses. This notice does not describe the practices of Sellers that may receive or collect information from you. We encourage you to ask them about their privacy practices before providing any information to them.

Each receipt will contain instructions permitting you to “opt out” of receiving future automatic digital receipts.

Other Uses

  • For any other purpose disclosed to you in connection with our Services from time to time. If we intend to process your personal data for a purpose other than that set out above, we will provide you with information prior to such processing and will obtain your consent where necessary.

Some of our processes for how we use your information can involve profiling, automated processing and automated decisions. We need to do this to meet our own contractual obligations, to comply with applicable law (i.e., for fraud prevention purposes or where we are have a good faith belief we are under a legal or regulatory obligation to do so), and as it’s in our legitimate business interests to engage in such automated processing. For example:

  • Identity verification: We engage in profiling and automated processing, both directly and through the use of third party identification verification parties, to verify your identity (so we can confirm you appear to be who you say you are). We set out more information on this above and how this affects you. If we cannot identify you, we may not be able to provide the Services to you. This identity verification check will be based on the information you provide to us and the results we get for the third party verification services (which is limited to the result of the check).
  • Fraud and crime detection and prevention: We have developed processes, for the purposes set out above, to check that our Services are not being used for fraudulent purposes. We will consider information you provide to access our Services, information you provide to enhance your experience, information we automatically collect from your use of our Services, and information we collect from other sources. We regularly check that our processes are up to date and implemented robustly and fairly to ensure that we can deliver the Services to you and that they are safe to use. If we believe in good faith that our fraud and crime prevention processing detects activities or use of our Services which could be used for fraudulent or criminal activities, we may not be able to provide the Services to you.
  • Product development and creation: We can process the information you provide to us, the information we collect from your use of our Services and the information we obtain from third parties automatically to improve our products and develop new products. The information we use will help us to understand what is important to our users, and how we can create better products and services.
  • Marketing: with your consent we can process the information you provide to us, the information we collect from your use of our Services and the information we obtain from third parties automatically to market new products and services to you by using cookies to serve ads to you or by delivering adverts in our applications or on our websites.


We share information about you as follows:

With Other Users of our Services with Whom You Interact

  • With other users of our Services with whom you interact through your own use of our Services. This is necessary to provide our Services to you and fulfil our obligations in our Terms of Service, as well as in our legitimate interest to do so. For example, we share information when you make or accept a payment, appointment, or money transfer using our Services.

With our Affiliates

  • With our group companies, including our parent company, Square, Inc., and other affiliates, for the purposes outlined above. This is necessary to provide our Services to you and in our legitimate interest to do so.

With Third Parties

  • With third parties to provide, maintain, and improve our Services, including service providers who access information about you to perform services on our behalf (e.g., identity verification, fee collection services and fraud prevention – including Cifas), as well as financial institutions, payment networks, payment card associations, credit bureaus, partners providing services on Square’s behalf, and other entities (including First Data) in connection with Services.
  • With third parties that run advertising campaigns, contests, special offers, or other events or activities in connection with our Services.

Business Transfers and Corporate Changes

  • Because it is in our legitimate interest to do so, we reserve the right to disclose and transfer all information related to the Services, including personal information:
    • To a subsequent owner, co-owner, or operator of one or more of the Services; or
    • In connection with (including, without limitation, during the negotiation or due diligence process of) a corporate merger, consolidation, or restructuring; the sale of substantially all of our stock and/or assets; financing, acquisition, divestiture, or dissolution of all or a portion of our business; or other corporate change.

Safety and Compliance with Law

  • If we believe that disclosure is reasonably necessary (i) to comply with any applicable law, regulation, legal process or governmental request (e.g., from tax authorities, law enforcement agencies, etc.); (ii) to enforce or comply with our General Terms or other applicable agreements or policies; (iii) to protect our or our customers’ rights or property or the security or integrity of our Services; or (iv) to protect us, users of our Services or the public from harm, fraud or potentially prohibited or illegal activities
  • With your consent. For example:
    • At your direction or as described at the time you agree to share;
    • When you authorise a third party application or website to access your information.

Aggregated and Anonymised Information

  • We also may share (within our group of companies or with third parties) aggregated and anonymised information that does not specifically identify you or any individual user of our Services.


We generally retain your information only as long as reasonably necessary to provide you the Services or to comply with applicable law.

However, we can retain copies of information about you and any transactions or Services in which you may have participated for a period of time that is consistent with applicable law, applicable statute of limitations or as we believe is reasonably necessary to comply with applicable law, regulation, legal process, or governmental request, to detect or prevent fraud, to collect fees owed, to resolve disputes, to address problems with our Services, to assist with investigations, to enforce our General Terms or other applicable agreements or policies, or to take any other actions consistent with applicable law.


We use various technologies to collect information when you access or use our Services, including placing a piece of data, commonly referred to as a “cookie,” or similar technology on your device and using web beacons. Cookies are small data files that are stored on your hard drive or in your device memory when you visit a website or view a message. Among other things, cookies support the integrity of our registration process, retain your preferences and account settings, and help evaluate and compile aggregated statistics about user activity. We may begin collecting information about you or from activity on devices you use as soon as you use our Services. By using our Services, you permit us to collect and use your information from activity on devices you use in accordance with this Privacy Notice. For more information and to learn how to block or delete cookies used in the Services, please see below.

Certain cookies we use last only for the duration of your web or application session and expire when you close your browser or exit the application. Other cookies are used to remember you when you return to use the Services and, as such, will last longer.

We may use cookies to:

  • Remember that you have visited us or used the Services before. This allows us to identify the number of unique visitors we receive, so that we can provide enough capacity to accommodate all of our users.
  • Customise elements of the promotional layout and/or content of our Services.
  • Collect data about the way you interact with our Services (e.g., when you use certain features or upload attachments).
  • Allow our business partners (including third parties) to use these tracking technologies to track your behaviour on our behalf on our Platform (including when you use multiple devices) and on partner websites.
  • Collect anonymous statistical information about how you use the Services (including the length of your web or application session) and the location from which you access the Services, so that we can improve the Services and learn which elements and functions of the Services are most popular with our users.

Some of the cookies used in the Services are set by us, and others are set by third parties who deliver services on our behalf.

Most web and mobile device browsers are set to automatically accept cookies by default. However, you can change your browser settings to prevent automatic acceptance of cookies, or to notify you each time a cookie is set.

You also can learn more about cookies by visiting, which includes additional useful information on cookies and how to block cookies on different types of browsers and mobile devices. Please note, however, that by blocking or deleting cookies used in the Services, you may not be able to take full advantage of the Services.

Type of Cookies Description and further information
Essential Cookies Essential cookies are cookies that enable you to navigate and use all the features in the Services provided by us. For example, without these, you would not be able to navigate between pages on the website.
Functionality Cookies These cookies enable us to remember you have used our Services before, preferences you may have indicated and information you have provided to us to give you a customised experience. For example, this would include ensuring the continuity of your registration process.
Performance and Analytical Cookies This information is used to make sure our Services can cope with the volume of users, to help us correct errors in the Services and to measure use across our Services. These cookies help us understand if you have used our Services before so we can identify the number of unique users we receive. They also help us understand how long you spend using our Services and from where you have accessed the Services, so that we can improve the Services and learn about the most popular aspects of the Services.
Retargeting or Advertising Cookies We use third parties, for example, Google Analytics, to analyse statistical information from users of the Site. We might be able to associate such information with other information which we collect from you once we receive it from a third party. These cookies collect information about the pages you visit and also other information about other websites you visit. This information is only collected by reference to the cookie identifier that you are using. For more information visit

We also collect information using web beacons. Web beacons are electronic images that can be used in our Services or emails. We use web beacons to deliver cookies, track the number of visits to our website, understand usage and campaign effectiveness, and determine whether an email has been opened and acted upon.


We can use third-party service providers to provide site metrics and other analytics services. These third parties can use cookies, web beacons, and other technologies to collect information, such as your IP address, identifiers associated with your device, other applications on your device, the browsers you use to access our Services, webpages viewed, time spent on webpages, links clicked, and conversion information (e.g., transactions entered into). This information can be used by Square and third-party service providers on behalf of Square to analyse and track usage of our Services, determine the popularity of certain content, and better understand how you use our Services. The third-party service providers that we engage are bound by confidentiality obligations and other restrictions with respect to their use and collection of your information.

This Privacy Notice does not apply to, and we are not responsible for, third-party cookies, web beacons, or other tracking technologies, which are covered by such third parties’ privacy policies. For more information, we encourage you to check the privacy policies of these third parties to learn about their privacy practices. For more information about targeted advertising specifically, please visit

Examples of our third-party service providers to help deliver our Services or to connect to our Services include:

These third party service providers make use of cookies to implement their services.


Personal Information

If you reside in Europe, you have the right under certain circumstances:

  • to be provided with access to your personal data held by the data controller (the Square Seller);
  • to request the rectification or erasure of your personal data held by the data controller (your Square Seller);
  • to request that the data controller (your Square Seller) cease processing your data;
  • to request that the data controller (your Square Seller) restrict the processing of your personal data (while we verify or investigate your concerns with this information, for example);
  • to object to profiling activities based on legitimate interests;
  • to object to solely automated processing; and
  • to request that your data be transferred to a third party (data portability).

In addition, where you have provided your consent to our processing of personal data, you can withdraw this at any time.

In order to exercise any of these rights (including the right to withdraw your consent), please email We may need to verify your identity before granting access or otherwise changing or correcting your information.

Promotional Communications

You can choose to receive promotional messages from Square when you first interact with our Services or by making a request to us using the contact details below. You can opt out of receiving promotional messages from Square at the time we collect your information by following the instructions on screen or in those messages or by informing the caller that you would not like to receive future promotional calls. Opting out of receiving communications may impact your use of the Services. If you decide to opt out, we can still send you non-promotional communications, such as digital receipts that you request.


Square operates internationally and many of our systems are based in the United States which has different data protection standards to the European Union. When we transfer your personal data to our affiliates outside the European Economic Area (EEA), we make use of standard contractual clauses which have been approved by the European Commission. For a list of the countries in which we operate, please see

We also use standard contractual clauses when we transfer your personal data to third parties outside the EEA or we adopt other means to ensure that adequate safeguards are applied to your personal data, such as a relevant third party’s Privacy Shield certification or binding corporate rules (approved by EU data protection authorities and put in place to protect your personal data). First Data and Master Card have implemented binding corporate rules.

You may obtain a copy of any of the documents we use to protect your personal data when it is transferred outside the EEA by contacting us via email


We change this Privacy Notice from time to time by posting a revised version and updating the ‘Effective Date’ above. The revised version will be effective on the “Effective Date” listed. If you disagree with these changes, you may stop using our Services at any time. Your continued use of our Services constitutes your acceptance of any changes to this Privacy Notice.


Please contact our Privacy Department with any questions or concerns regarding this Privacy Notice. Please mark your questions or concerns, FAO: Data Protection Officer.

Squareup International Ltd. Fumbally Square Fumbally Lane Dublin 8, Ireland

If you have any questions or concerns regarding our notice or if you believe our notice or applicable laws relating to the protection of your personal information have not been respected, you can file a complaint with our Privacy Department listed above and we will respond to let you know who will be handling your matter and when you can expect a further response. We can request additional details from you regarding your concerns and may need to engage or consult with other parties in order to investigate and address your issue. We will keep records of your request and any resolution.

If your request or concern is not satisfactorily resolved by us, you can approach your local data protection authority (see