EU-U.S. Privacy Shield
RevPAR Collective Inc. participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework. RevPAR Collective Inc. is committed to subjecting all personal data received from European Union (EU) member countries, in reliance on the Privacy Shield Framework, to the Framework's applicable Principles. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce's Privacy Shield List.
RevPAR Collective Inc. is responsible for the processing of personal data it receives, under the Privacy Shield Framework, and subsequently transfers to a third-party acting as an agent on its behalf. RevPAR Collective Inc. complies with the Privacy Shield Principles for all onward transfers of personal data from the EU, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Framework, RevPAR Collective Inc. is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, RevPAR Collective Inc. may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third-party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Information we Collect
We collect Personal Information from Users when they register to access the Commons, including name, e-mail address and other work-related contact information that they voluntarily provide to us (e.g., work address, phone number and job title). In addition, Users or their Partner Administrators may post Personal Information relating to the User to the Partner Directory portion of the Commons, including name, work address, email address and phone number, and job title. By utilizing the Commons, Users agree to provide, or allow their Partner Administrator to provide, this information to us for inclusion in the Partner Directory. Users who do not wish to be listed in the Partner Directory may send a written request to email@example.com to remove their information from the Partner Directory.
Technologies such as: cookies or similar technologies are used by RPC and our marketing partners, affiliates, and analytics providers. These technologies are used in analyzing trends, administering the site, tracking Users' movements around the site and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual as well as aggregated basis.
As is true of most websites, we also gather certain information regarding a User's visit automatically and store it in log files in order to understand traffic patterns and compile aggregated data about Commons usage. This information may include internet protocol (IP) addresses, browser type, internet service provider (ISP), the duration of session, the URL of Commons pages visited and referring/exit pages, operating system, date/time stamp, and clickstream data.
We may combine this automatically collected log information with other information we collect about you. We do this to improve services we offer you and to improve marketing, analytics, and site functionality. The collected information is not used for any other purpose.
We partner with third-party providers to either display advertising on our website or to manage our advertising on other sites. Our third-party providers may use technologies such as cookies to gather information about your activities on this website and other sites in order to provide you advertising based upon your browsing activities and interests. The cookies generated from the advertisements do not contain Personal Information and may remain on your hard drive three or more years unless you delete them. If you wish to not have this information used for the purpose of serving you interest-based ads, you may opt-out by visiting the Digital Advertising Alliance's self-regulatory opt-out page (https://optout.aboutads.info/) or the Your Online Choices site (https://www.youronlinechoices.eu/) if you are located in the European Union. Please note this does not opt you out of being served ads; you will continue to receive generic ads. Where we use third parties to provide advertising, email marketing or similar services, each such third party will have its own opt-out process, which it will manage and control. You will need to follow those procedures to opt out of the services they provide.
When you register as a User of the Commons you have the opportunity to create a profile. By doing so you are specifically consenting to our collection and use of any Personal Information you provide to us, the terms of this Policy and our Terms.
Also, when you register as a User you may be given a choice to receive email messages and/or newsletters about product updates, improvements, or partner events. We use third-party service providers to send our partner communications and marketing email. There are no cookies in the email; however, they contain e-tags which permit you to share the email via social sites to which you subscribe. In addition, when you click on a link to the Commons included in the email, a persistent cookie is placed on your computer. This cookie is used to measure the effectiveness of our email marketing efforts, better understand how our users navigate through the Commons, and enhance the user experience. To that end, we collect a variety of information about how you interact with our email communications, including how many times the email is opened and/or clicked, the browser type used, operating system, user email program, etc. The cookie sent by our service providers will remain on your hard drive for 30 days after the last time you clicked on the coded link in the email or until you delete it.
At any time you can choose to no longer receive commercial or promotional emails or newsletters from us by using the email address associated with your account to send an email to firstname.lastname@example.org with the word 'Unsubscribe' in the subject line or following the opt-out process below. You also will be given the opportunity, in any commercial email that we send to you, to opt out of receiving such messages in the future. It may take up to ten (10) days for us to process an opt-out request. We may send you other types of transactional and relationship email communications, such as service announcements, administrative notices, and surveys, without offering you the opportunity to opt out of receiving them. Please note that changing information in your account or otherwise opting out of receipt of promotional email communications will only affect future activities or communications from us.
Use of Personal Information
We may use Personal Information provided by Users at the time of registration and/or added to the Partner Directory to: (a) establish and maintain Partner and authorized User Accounts; (b) confirm the identity of, and provide Commons access to, authorized Users of our Partners' Accounts; (c) update and maintain our internal records regarding partner hotels and their employees, and (d) communicate with Users regarding the Commons, the Stash Hotel Rewards program, our partner hotels and/or other matters that we believe may be of interest to you.
Third-party Access to Personal Information
We do not sell, rent or trade your Personal Information with third parties for their promotional purposes. Your contact information as contained in the Partner Directory will be viewable by other Users (i.e., employees of other partner hotels).
We may also use third-party service providers to provide specific business support services to us which may involve limited access to User Personal Information (e.g., e-mail service providers). In the event that we use an such service providers, we require them to use the information only to provide the contracted services and prohibit them using the information for any other purpose and from transferring the information to another party except as needed to provide the contracted services.
We reserve the right to disclose your Personal Information to other parties (a) when you consent to the disclosure, (b) when we believe that it is necessary to protect our rights or the security of the Commons, the Stash Hotel Rewards website at http://www.stashrewards.com or our Members, (c) as required by law, or (d) when we believe that it is necessary to comply with a judicial proceeding, court order, or legal process served on us.
We also may disclose User Personal Information to other third parties in conjunction with entering into an agreement for the sale of our stock or assets or if we are involved in bankruptcy proceedings. The recipient of Personal Information following such actions may have privacy policies that differ from those in this policy.
Security and Integrity
We will take reasonable steps to protect the Personal Information collected from Users from loss and unauthorized access or disclosure. The Commons is password protected and Partner Administrators have the ability to add additional permission layers to limit the content within the Commons that their Users can access. When you enter Personal Information on our registration forms or within your Account, we encrypt that information using secure socket layer technology (SSL). We, and the service providers maintaining or otherwise handling such Personal Information on our behalf, have put in place appropriate physical, electronic and managerial procedures to safeguard and secure the Personal Information from loss, misuse, unauthorized access or disclosure, alteration or destruction. For example, electronically stored Personal Information is stored on a secure network with firewall protection, and access to our electronic information systems requires user authentication via password or similar means. We also employ access restrictions, limiting the scope of employees who have access to Personal Information. Nevertheless, any information transmitted over the Internet may be subject to breaches of security and we cannot guarantee the security of information you send to or receive from us. Any electronic transmissions that you submit or accept are at your own risk. If you have any questions about security on our Commons, you can email us at email@example.com.
Social Media Features
The Commons offers privately accessible blogs and community forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. To request removal of your Personal Information from our blog or community forums, contact us at firstname.lastname@example.org. In some cases, we may not be able to remove your Personal Information, in which case we will let you know if we are unable to do so and why. Alternatively, if you used a third-party application to post such information, you can remove it, by either logging into the said application and removing the information or by contacting the appropriate third-party application.
We display personal testimonials of Users on our site in addition to other endorsements. With your consent we may post your testimonial along with your name. If you wish to update or delete your testimonial, you can contact us at email@example.com.
Users have the choice not to complete and submit a personal profile to us and/or to opt out of receiving promotional electronic communications from us. Users can opt out of promotional electronic communications by following the directions contained in such communications or by changing their communications preferences at the Manage Account portion of the Commons here. Users will need their User ID and password to access this portion of the Commons.
The Commons is hosted in the United States. If you choose to use the Commons from the European Union or other regions of the world with laws governing data collection and use that may differ from U.S. law, then please note that you are transferring your Personal Information outside of those regions to the United States for storage and processing. Also, the Commons may transfer your data from the U.S. to other countries or regions in connection with storage and processing of data, fulfilling your requests, and operating the service. By providing any information, including Personal Information, to RevPAR Collective, you consent to such transfer, storage, and processing.
Do Not Track
Other Terms and Conditions
Your access to and use of the Commons and services are also subject to our Terms.
Upon request, RPC will provide you with information about whether we hold, or process on behalf of a third-party, any of your Personal Information. To request this information please contact us via firstname.lastname@example.org.
Please note that in an effort to prevent the unauthorized disclosure of Personal Information, you may be required to provide proof of identity in order to access Personal Information. If, upon review, you wish to deactivate your User profile or update your Personal Information, you may do so by making the change on your Manage Account page or by emailing email@example.com. We will respond to your request to access within 30 days. In some instances, however, information that you request to be removed may be retained in certain files for a period of time in order to troubleshoot problems. In addition, some types of information may be stored indefinitely on back-up systems or within log files due to technical constraints or financial or legal requirements. Therefore, you should not always expect that all of your Personal Information will be completely removed from our databases in response to your request
We will retain your information for as long as your User account is active or as needed to provide you services. If you wish that we no longer use your information to provide you services, contact us at firstname.lastname@example.org. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
Terms Applicable to Data from E.U. Member Countries
If we collect Personal Information from E.U. residents in a manner subject to the General Data Protection Regulation then, in addition to the above, the following terms shall also apply to our collection, use and retention of that information:
Compliance with Privacy Shield Principles: When handling information from residents of the E.U. member countries, we strive to comply with the E.U.-U.S. Privacy Shield Framework principles (Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability) regarding the collection, use and retention of Personal Information from European Union member countries. However, our compliance with these principles may be limited (a) to the extent necessary to meet applicable national security, public interest, or law enforcement requirements or (b) by statute, governmental regulation, or case law. If there is a conflict between the policies set forth below and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield List at https://www.privacyshield.gov/list.
Basis for Collection: As set out above, we collect and process Personal Information for which you have given your express consent at the time of collection. For example, we collect Personal Information when you elect to create an account on the Commons. We also collect and process Personal Information to improve our services, to deliver services and perform obligations under contracts we have with you, and to comply with our own legal obligations.
Sensitive Data: We do not collect sensitive data, for example biometric data, health data, or data revealing racial or ethnic origin, from visitors to the Commons.
Authorized Transfer: We also may disclose Personal Information for other purposes or to other third parties when you have consented to or requested such disclosure. Please be aware that we will disclose Personal Information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. We are not liable for appropriate onward transfers of personal data to third parties.
Data Processors: We may retain third parties to process or analyze personal Information we collect from the Commons. For example, the Commons may be maintained or hosted by a third-party service provider, a promotion may be administered by a sales promotion agency, and/or products may be fulfilled by a wholesaler. These suppliers and other third parties that provide services for us are contractually obligated not to use Personal Information about you except as we authorize.
Profiling: We may analyze Personal Information we have collected about you to create a profile of your interests and preferences so that we can contact you with information that is relevant to you. We may make use of additional information about you when it is available from external sources to help us do this effectively. We may also use Personal Information about you to detect and reduce fraud and credit risk.
Your Rights: Your rights include: (a) the right to withdraw your consent to the processing of Personal Information about you to which you have previously given consent; (b) the right to object to processing of Personal Information about you for the purpose of direct marketing and other purposes based on our legitimate interest; (c) the right to request information about the Personal Information we collect, how we process it and with whom we share it; (d) the right, in some cases, to require erasure of the Personal Data about you stored with us; and (e) the right to have incorrect Personal Information about you corrected or removed. If you wish to exercise any of these rights, contact us at member support.
If you request to have incorrect Personal Information removed, we may retain some of your Personal Information as necessary for the purposes of our legitimate business interests or in furtherance of public interests in accordance with the Privacy Shield Principles. Any Personal Information you have shared publicly with others may continue to be publicly visible on the Commons.
You also have the right to obtain a copy of the Personal Information we have about you, although we reserve the right to charge a fee for this depending on the nature and frequency of your request(s) and our cost to provide the information.
Enforcement and Disputes: In compliance with the E.U.-U.S. Privacy Shield, we commit to resolve complaints about your privacy and our collection or use of your Personal Information. If you do not receive timely acknowledgement of your request or have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third-party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
In addition to the above, you may complain to your home data protection authority and can invoke binding arbitration for some residual claims not resolved by other redress mechanisms. Contact details for the E.U. data protection authorities can be found at http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.