What we keep,
and what we don't.

This policy applies to the Merchant Line platform — our website, operator dashboard, point-of-sale apps, ticketing surfaces, and any related services provided by Merchant Line LLC (“we,” “us,”).

It covers three groups of people:

• Operators — venue owners and managers who hold a Merchant Line account.
• Staff users — cashiers, gate staff, and other employees an operator invites to the platform.
• Customers — ticket buyers and walk-up purchasers at venues running on Merchant Line.

For customer interactions, the operator is the data controller and we are the processor. For operator and staff accounts, we are the controller.

We collect what's needed to operate the platform — nothing more.

Account data. Operator name, business entity, contact email, phone, billing address, and authentication credentials. For staff, the email and role assigned by the operator.

Transaction metadata. Order line items, totals, timestamps, location, station ID, and a Stripe payment identifier. We see the last four digits of a card and the network — we do not see the full card number, magnetic stripe, or CVV.

Ticket buyer data. Email address (required for receipts and ticket delivery), and optionally a name and phone number if the operator's event collects them. Ticket codes themselves are signed JWTs — they are not stored as PII.

Device and log data. Hardware model, OS version, app version, IP address, network type, crash traces, and operational telemetry (queue depth, sync state, scan latency).

Support communications. Anything you send us through email, our in-app help, or a scheduled call.

We use information to:

• Run the service — accept payments, issue tickets, scan at the gate, reconcile at close.
• Authenticate users and protect accounts.
• Send transactional communications — receipts, ticket delivery, dispute notices, and service alerts.
• Provide customer support and investigate operational incidents.
• Detect and prevent fraud, abuse, and chargeback patterns.
• Improve reliability and product quality through aggregate metrics.
• Meet legal, tax, and accounting obligations.

We do not sell personal information. We do not share data with advertising networks. We do not build profiles of ticket buyers for resale.

We share information only with vendors that help us operate the service, with operators about their own customers, and where the law requires it.

Each subprocessor is bound by a written data-processing agreement. We do not transfer customer data outside the United States.

Our marketing site uses one first-party cookie for session continuity and a privacy-respecting analytics tool (server-side, no fingerprinting, IPs truncated). We do not use third-party advertising cookies.

The operator dashboard uses cookies and local storage strictly for authentication and to remember UI preferences. Disabling them will break login.

Customer ticket pages use a single short-lived session cookie tied to the in-progress order. There is no cross-site tracking.

We keep data only as long as we need it to provide the service or to meet a legal requirement.

Depending on where you live, you may have the right to:

• Access the personal information we hold about you.
• Correct information that is inaccurate or out of date.
• Delete information, subject to retention obligations above.
• Receive a portable copy of your data in a machine-readable format.
• Opt out of any non-essential processing.
• Appeal a decision we make on a request.

If you are a ticket buyer, please contact the operator first — they hold the relationship. If you can't reach them, write to us at privacy@merchantline.co and we will route the request.

Operators and staff users can submit requests directly through the dashboard or by emailing the same address. We respond within 30 days.

California (CCPA/CPRA): we do not sell or share personal information for cross-context behavioral advertising. You have the right to know, delete, correct, and limit use.

EU/UK: we do not knowingly process EU or UK personal data. If you reach our service from outside the US, your data is processed in the United States.

We protect data with TLS 1.3 in transit, AES-256 at rest, MFA for all admin accounts, per-tenant database isolation, and continuous logging. Card data is out of scope by design — see our Security & Compliance page for the full picture.

If we ever experience a breach that affects you, we will notify the relevant operator within 72 hours and follow up with affected individuals where required by law.

Merchant Line is built for venue operators and is not directed at children under 13. We do not knowingly collect personal information from children. If a parent or guardian believes their child has provided us with information, please contact us and we will delete it.

If we materially change how we collect or use information, we will update the date at the top of this page and notify operators by email at least 14 days before the change takes effect. Past versions are kept on request.

Privacy questions, requests, or complaints — write to us. A real person reads everything that comes in.