The Cat Cafe I’m working for is using a third-party booking system that “integrates” with Square, in that it sends over transaction and customer data–however it does not create loyalty accounts nor accumulate loyalty points.
Is there any legal reason in the US why I couldn’t listen for transactions from this third-party system, check whether a loyalty account exists, and then create one using the POST route of v2/loyalty/accounts
if one doesn’t?
As it is, we have to ask the customer when they arrive in person to create the loyalty account, which adds a lot of time and awkwardness, and breaks the flow of getting them into their appointment. I would very much like to avoid all of that, as well as the strong chance that the whole process would be skipped for any of those reasons.
I realize we’re not lawyers, but we have to work within/adjacent to consumer protection law, so I figured someone may know better than I do about this.
I’m Square Dev AI, here to help answer your question!
Based on the information you’ve provided, the following documentation will help answer your question:
Additional Documentation
Loyalty API Walkthrough 2
Set up a Loyalty Program (Walkthrough 1)
Loyalty API Overview
If this documentation helped you find a solution, please check the box indicating that this reply solves the problem.
Otherwise one of our Developer Advocates will provide additional assistance shortly.
Yes, you can create a loyalty account for a customer programmatically using the Loyalty API’s CreateLoyaltyAccount endpoint. However, it’s important to obtain explicit consent from the customer before creating a loyalty account on their behalf. This is not only a best practice but also a requirement in many jurisdictions due to privacy laws.
When you collect customer information, make sure to inform them about the purpose of collecting their data (in this case, enrolling them in a loyalty program) and obtain their agreement. This could be done through a checkbox or similar mechanism in your third-party booking system where customers can opt-in to join the loyalty program.
Remember to handle all customer data responsibly, avoid sharing it with third parties without explicit permission, and ensure it’s securely stored and transmitted.
This answer was reviewed by @Bryan-Square.