Privacy Policy

The wedge.us website and its associated services and content (collectively, the “Website”) are owned and operated by Wedge Operations LLC (“Wedge,” “our,” “us,” “we”), a Delaware limited liability company with its principal place of business in Austin, Texas. Wedge has adopted this Privacy Policy (“Privacy Policy”) to describe how it collects Personal Information when you use the Website and how this information is used. This Privacy Policy applies only to the Website. The Wedge platform, our embedded payment products, and any data Wedge processes on behalf of partner retailers are governed by separate agreements.

Wedge may change, modify, amend, suspend, terminate, or replace this Privacy Policy from time to time and within its sole and absolute discretion. If Wedge changes this Privacy Policy, the effective date above will change. Your continued use of the Website after a change in the effective date constitutes your acceptance of the change.

Definitions

• California Consumer Privacy Act (“CCPA”) means the California statute, as amended by the California Privacy Rights Act (“CPRA”), intended to enhance privacy rights and consumer protection for residents of California.
• General Data Protection Regulation (“GDPR”) means the European Union (“EU”) law on data protection and privacy applicable to individuals within the EU. References to GDPR include the UK GDPR where applicable.
• “Personal Data” under the GDPR means any information relating to an identified or identifiable natural person, including by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
• “Personal Information” as defined under the CCPA means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. For purposes of this Privacy Policy, “Personal Data” is included within this definition.
• “Visitors” means all individuals who access and visit the Website.
• “You,” “Your,” “Yours” means Visitors.

Types of Personal Information We Collect

Wedge does not collect Personal Information about a Visitor unless the Visitor voluntarily provides it. You may provide Personal Information to us when you (a) sign up for special offers, (b) request a meeting through a third-party scheduling tool linked from the Website, or (c) send us an email. In addition, Wedge collects the following information automatically from all Visitors who visit the Website:

• Approximate geolocation derived from your IP address (country level only);
• Your IP address (not stored after the visit ends);
• Your browser and operating-system information;
• Your device information (in aggregate);
• The pages you visit and the order in which you visit them;
• The website that referred you to ours;
• Aggregate, non-identifying analytics data;
• Any other information or analytic data that you voluntarily submit to the Website.

Sources of Personal Information Collection

Wedge collects Personal Information from you through (a) your voluntary submission of information through the Website, (b) requests initiated by you through the Website, (c) the collection and analysis of information about your computer and browsing activities through privacy-first server-side analytics, and (d) other sources permitted by law.

Cookies & Similar Technologies

The Website uses a small number of cookies and similar technologies. Cookies are small text files placed on your device to store data that can be recalled by a web server. The table below sets out how we use different categories of cookies and similar technologies, as well as your options for managing them:

Type of Cookie	Description	Managing Settings
Required Cookies (Strictly Necessary)	Required, or strictly necessary, cookies enable you to navigate the Website and use its features. We use Cloudflare to deliver, secure, and accelerate the Website; Cloudflare may set a small number of strictly-necessary cookies for security and load-balancing purposes.	Because required cookies are essential to operate the Website, there is no option to opt out of these cookies.
Analytics (Privacy-First, Cookieless)	We use Cloudflare Web Analytics to understand how visitors use the Website (pages visited, approximate country, device type, referrer). Cloudflare Web Analytics does not use cookies and does not track visitors across websites or sessions.	Because Cloudflare Web Analytics does not use cookies and does not identify individuals, no opt-out is technically required. You can read more at cloudflare.com/web-analytics.

The Website does not currently run advertising-tracker cookies, behavioral-advertising pixels, or cross-site retargeting technologies. If we change this in the future, we will update this Privacy Policy and the effective date above.

Lawful Basis for Processing (GDPR)

If you are located in the EU, EEA, or UK, our lawful bases under Article 6(1) of the GDPR for processing your Personal Information are:

• Consent (Art. 6(1)(a)) for any optional marketing communications you choose to receive;
• Legitimate interests (Art. 6(1)(f)) for operating, securing, and improving the Website;
• Compliance with legal obligation (Art. 6(1)(c)) for fraud prevention, security, and required record-keeping;
• Contractual necessity (Art. 6(1)(b)) where you have entered or are entering into an agreement with us through the Website.

How Wedge Uses Your Personal Information

We use your Personal Information to:

• Enable your use of the Website;
• Respond to your inquiries and schedule conversations with potential customers;
• Understand how the Website is used and improve it;
• Detect and prevent fraud, abuse, and security incidents;
• Comply with applicable legal, regulatory, and record-keeping obligations;
• Communicate with you about changes to the Website or this Privacy Policy.

Sharing of Your Personal Information

Wedge does not sell or rent your Personal Information. We share Personal Information only:

• With service providers who help us operate the Website (such as our hosting and analytics provider), under contracts that require them to protect the information;
• With Wedge’s parents, subsidiaries, successors, assigns, licensees, and affiliates, where necessary in the ordinary course of business;
• To respond to lawful requests by government authorities, court orders, or subpoenas;
• To protect the rights, property, or safety of Wedge, its employees, contractors, customers, or others;
• To help prevent fraud or violations of applicable law;
• In connection with a merger, acquisition, financing, or sale of all or part of our business; and
• Where you have given consent.

Sub-Processors and Third-Party Services Used by the Website

The wedge.us marketing website relies on the following service providers, each of which has its own privacy policy:

• Cloudflare, Inc. for hosting, content delivery, security, DDoS protection, and privacy-first analytics. cloudflare.com/privacypolicy
• Google Fonts for typography delivery. When your browser loads a webfont from Google Fonts, your IP address is sent to Google for the duration of that request. No tracking cookies are set. policies.google.com/privacy
• Calendly (when you click “Talk to sales” to book a meeting). calendly.com/privacy

If Wedge engages other sub-processors for the Website in the future, we will update this list and the effective date above.

Interest-Based Advertising

The Website does not currently serve interest-based advertising and does not engage in cross-site behavioral advertising. The Website is not designed to respond to “Do Not Track” signals from browsers; however, where the law requires it, we will treat the Global Privacy Control (GPC) signal as a valid opt-out request under applicable U.S. state privacy laws.

Personal Information Transfer and Storage

Your Personal Information is stored and processed on encrypted servers operated by our hosting provider in the United States. By using the Website, you consent to the processing and storage of your Personal Information in the United States.

If you are located in the EU, EEA, UK, or Switzerland, please note that we transfer your Personal Information to the United States. We rely on Standard Contractual Clauses approved under Commission Implementing Decision (EU) 2021/914 (and the UK International Data Transfer Addendum where applicable), together with supplementary measures consistent with the Schrems II decision, as the legal mechanism for those transfers. Where our service providers have separately certified to the EU-U.S. Data Privacy Framework, we may also rely on that certification with respect to data they process on our behalf.

Data Retention

Wedge will retain your Personal Information for as long as reasonably necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, regulatory, tax, accounting, anti-money-laundering, or reporting requirements that apply to a payments-industry company. Where applicable law (including the Bank Secrecy Act) requires longer retention, we will retain Personal Information for the period required. If we anonymize your Personal Information so that it can no longer be associated with you, we may use and retain that information indefinitely without further notice. Even after Wedge deletes Personal Information from its own systems, copies may remain in our sub-processors’ databases; you may consult those sub-processors directly if you would like Personal Information deleted from their systems.

Personal Information Security

Wedge uses commercially reasonable administrative, technical, and physical safeguards to protect your Personal Information from unauthorized access, disclosure, or loss. The Website is delivered over HTTPS using Transport Layer Security (TLS) with modern AES-256-bit encryption. No website, software, or online service is completely safe; no method of transmission or storage is perfectly secure. While we strive to protect your Personal Information, you acknowledge that (i) there are security and privacy limitations of the Internet that are beyond our control, and (ii) the security, integrity, and privacy of any information exchanged between you and the Website cannot be guaranteed.

Data Breach

In the event we become aware that the security of the Website has been compromised or that users’ Personal Information has been disclosed to unrelated third parties as a result of external activity, including, but not limited to, security attacks or fraud, we will take reasonably appropriate measures, including investigation and reporting, as well as notification to and cooperation with law enforcement authorities. We will make reasonable efforts to notify affected individuals if we believe there is a reasonable risk of harm or if notice is otherwise required by law.

Your California Privacy Rights (CCPA / CPRA)

If you are a California resident, you have the following rights under the CCPA, as amended by the CPRA:

Right to Know. You have the right to request, up to twice in a 12-month period, that Wedge disclose, for the prior 12 months: the categories and specific pieces of Personal Information it has collected, used, disclosed, sold, or shared; the categories of sources from which the Personal Information was collected; the business or commercial purpose for collecting it; and the categories of third parties with whom Personal Information has been shared.

Right to Correct. You have the right to request that Wedge correct inaccurate Personal Information that we maintain about you.

Right to Delete. You have the right to request that Wedge delete Personal Information we have collected from you, subject to legal exceptions (including BSA/AML record-keeping where applicable).

Right to Opt-Out of Sale or Sharing. You have the right to opt out of any sale of your Personal Information and any sharing of your Personal Information for cross-context behavioral advertising. Wedge does not sell Personal Information and does not currently share Personal Information for cross-context behavioral advertising.

Right to Limit Use of Sensitive Personal Information. You have the right to direct Wedge to limit the use and disclosure of your sensitive Personal Information to uses necessary to provide the Website.

Right to Non-Discrimination. Wedge will not discriminate against California Visitors for exercising their CCPA / CPRA rights.

Global Privacy Control (GPC). Where you have enabled GPC in your browser or extension, Wedge will treat that signal as a valid opt-out request under California Code of Regulations, title 11, section 7025.

Authorized Agent. You may use an authorized agent to submit a request on your behalf. We may require the authorized agent to provide proof that you have authorized them to act for you and may require you to verify your own identity directly with us.

To exercise your rights under the CCPA / CPRA, please submit a “Request to Know,” “Request to Correct,” “Request to Delete,” or “Request to Opt-Out / Limit” to Wedge by email at privacy@wedge.us or by mail at:

All requests sent via postal mail must be labeled “Your California Privacy Rights” on the envelope or postcard and clearly stated on the actual request. Please include your name, postal address (if you would like a response by postal mail), city, state, and ZIP code. To protect your privacy and maintain security, we may need to verify your identity before responding to your request, including by confirming that the email address or contact information from which you send the request matches your information that we have on file. Authentication based on a valid, government-issued identification document may be required. We will respond within 45 days of receiving a verifiable request, with one 45-day extension where reasonably necessary.

Under California’s “Shine the Light” law, California residents may request information identifying any third-party companies or individuals with whom Wedge has shared their Personal Information for those parties’ direct-marketing purposes during the previous calendar year. You may obtain this information once per year, free of charge, by contacting Wedge at the address above.

We may deny certain requests, or fulfill a request only in part, based on our legal rights and obligations (for example, where we are legally required to retain certain Personal Information).

Your Texas Privacy Rights (TDPSA)

Wedge is a Delaware limited liability company headquartered in Austin, Texas. The Texas Data Privacy and Security Act (TDPSA), Tex. Bus. & Com. Code Chapter 541, gives Texas residents the following rights:

Right to Confirm and Access. You have the right to confirm whether Wedge processes your personal data and to obtain a copy of that data.

Right to Correct. You have the right to request that Wedge correct inaccurate personal data we maintain about you.

Right to Delete. You have the right to request that Wedge delete personal data we have collected from you, subject to legal exceptions.

Right to Portability. You have the right to obtain a copy of your personal data in a portable, readily-usable format that allows you to transmit the data to another controller.

Right to Opt Out. You have the right to opt out of the processing of your personal data for purposes of (a) targeted advertising, (b) the sale of personal data, or (c) profiling in furtherance of decisions that produce legal or similarly significant effects concerning you.

Right to Appeal. If we deny a request, you may appeal that decision by replying to our response. We will respond to your appeal within 60 days.

To exercise your TDPSA rights, email privacy@wedge.us or write to:

We will respond within 45 days of receiving a verifiable request, with one 45-day extension where reasonably necessary. There is no fee for exercising these rights for the first request in any 12-month period.

Your Privacy Rights in Other U.S. States

If you are a resident of Virginia, Colorado, Connecticut, Utah, Oregon, Montana, Iowa, Tennessee, Indiana, Delaware, New Jersey, New Hampshire, Kentucky, Minnesota, Maryland, or Rhode Island, you may have rights under your state’s consumer privacy law (including the Virginia Consumer Data Protection Act, the Colorado Privacy Act, the Connecticut Data Privacy Act, and the Utah Consumer Privacy Act). These rights generally include the right to access, correct, or delete your Personal Information; the right to obtain a portable copy; the right to opt out of targeted advertising, sale, and certain profiling; and the right to appeal a denial of any of these requests.

To exercise any of these rights, email privacy@wedge.us. We will respond within the time period required by your state’s law (typically 45 days). If we deny your request, you may appeal by replying to our response.

Your EU / UK Privacy Rights (GDPR)

If you are located in the EU, EEA, UK, or Switzerland, you have the following rights under the GDPR (and the UK GDPR where applicable):

• Right of access to the Personal Data we hold about you (Art. 15);
• Right to rectification of inaccurate Personal Data (Art. 16);
• Right to erasure (“right to be forgotten”) (Art. 17);
• Right to restrict processing (Art. 18);
• Right to data portability (Art. 20);
• Right to object to processing based on legitimate interests or for direct marketing (Art. 21);
• Right to withdraw consent at any time, where processing is based on your consent (Art. 7(3)); and
• Right to lodge a complaint with a supervisory authority (Art. 77).

To exercise any of these rights, email privacy@wedge.us. You may also contact your local data-protection authority directly.

Purchase or Sale of the Website or Other Assets

Wedge may purchase other businesses or sell components of its business, including the Website. In the event Wedge purchases another business or sells any component of its business, your Personal Information will continue to be used consistent with the terms of this Privacy Policy. In some cases, Personal Information is one of the business assets transferred when all, or substantially all, of our assets are acquired or otherwise transferred. You acknowledge and agree that such transfers may occur and that any acquirer of our assets, including the Website, may continue to use your Personal Information for the purposes for which it was supplied by you.

Marketing

Wedge may send marketing messages, communications, and offers to you, including by email. You are free to opt out of any such marketing communications and offers at any time. To update your preferences, limit the communications you receive from us, or submit a request, please contact us using the methods in the “Contact and Notices” section. You can also unsubscribe from our marketing mailing lists by following the “Unsubscribe” link in our emails.

How to Stop Wedge from Collecting Your Personal Information

You can stop Wedge from collecting your Personal Information, or have your Personal Information deleted, by contacting Wedge at privacy@wedge.us. You can also adjust your web browser settings to limit or turn off cookies or other tracking techniques, or stop using the Website.

Your Obligations

If information you have shared with us changes, please let us know at privacy@wedge.us so we can keep our records accurate.

Minors

The Website is not directed to children under the age of 13, and Wedge does not knowingly collect Personal Information from children under 13 in violation of the Children’s Online Privacy Protection Act (COPPA), 15 U.S.C. § 6501 et seq. As a stricter business policy, the Website is not intended for or directed to Visitors under the age of 18, and Wedge will not knowingly collect Personal Information from anyone under 18. We additionally do not knowingly market to or sell the Personal Information of consumers we know to be under 16 without affirmative authorization, as required by California Civil Code § 1798.120(c). Where appropriate, Wedge takes reasonable measures to determine that users are adults of legal age. If you believe Personal Information of a child has been inadvertently provided to us, please contact privacy@wedge.us and we will promptly take steps to remove that information.

Contact and Notices

All questions, concerns, notices, and requests regarding this Privacy Policy may be submitted to Wedge at:

Changes and Amendments

We reserve the right to modify this Privacy Policy at any time, as permitted by applicable law, effective upon posting an updated version on the Website. When we update this Privacy Policy, we will revise the effective date above. Continued use of the Website after such changes constitutes your consent to those changes. If you do not agree to the new terms, please discontinue use of the Website and contact us at privacy@wedge.us.

Waiver of Jury Trial; Class Action

To the fullest extent permitted by law, you and Wedge expressly and irrevocably waive any right to trial by jury in any legal proceeding directly or indirectly arising out of or relating to this Privacy Policy. By accepting the terms of this Privacy Policy, and to the extent permitted by applicable law, you agree that any claims or disputes arising under this Privacy Policy will be brought only on an individual basis and not as a plaintiff or class member in any purported class.