INTRODUCTIONLast updated: April 30, 2020
INFORMATION WE COLLECT
We may collect information about you in a variety of ways. The information we may collect on the Site includes:
Personal Data. Personal information is any piece of information that is related to an identified or identifiable natural person. When you sign up for an account on the Site, we will collect the following personal information from you:
- your name
- email address.
Non-Personal or Aggregate Information
We may collect data which is anonymous and pseudonymous, including, but not limited to, date when a user joins an event and user’s last login date and time.
HOW WE USE YOUR INFORMATION
Having accurate information about you permits us to provide you with a smooth, efficient, and customized experience. Specifically, we use information collected about you for the purposes of:
- creating and maintaining your account;
- emailing you regarding event activity, your account or order;
- responding to your product and customer service requests;
- enabling user-to-user communications;
- increasing the efficiency and operation of the Site;
- notifying you of updates made to the Site;
- monitoring and analyzing Site usage and trends to improve your experience with the Site;
- offering new products, services, and/or recommendations to you;
- performing other business activities as needed;
- requesting feedback from you and contacting you about your use of the Site; and
- sending you newsletters.
DISCLOSURE OF YOUR INFORMATION
We may share information we have collected about you in certain situations. Your information may be disclosed as follows:
Third-Party Service Providers. We may share your information with third parties that perform services for us or on our behalf, including payment processing, data analysis, email delivery, hosting services, customer service, and email marketing assistance.
The list of all third-party service providers we share your information with:
Crisp - a customer service chatbot that allows us to communicate with users and solve their issues in real time. Crisp allows us to see the city you are accessing the Site from, your IP address, browser type, and device type.
Mailchimp – a marketing automation platform and an email marketing service. MailChimp allows us to send you marketing emails and announcements of product updates.
SendGrid – a transactional email marketing platform that allows us to send email updates and notifications based on user’s actions.
Stripe – a payment company that collects and processes your credit card information.
Stay22 – a platform that allows users to compare hotels side-by-side on the same map.
Interactions with Other Users. If you interact with other users of the Site (for example, by sending invitations to other users, chatting with other users, liking other users’ posts, etc), those users may see your name, profile photo, and any other information/content you voluntarily add to your profile or event page. If you join another user’s event, such user will be able to see your email address as well.
Online Postings. When you post comments, make contributions or otherwise share your content (collectively, “Online Postings”) on the Site your posts may be viewed by all users and may be publicly distributed outside the Site in perpetuity. Therefore, you solely assume all risks associated with the use and sharing of such Online Postings including any reliance on their accuracy, completeness or usefulness by others, or any disclosure of personal information that makes you or any third party personally identifiable.
Feedback. If you leave any feedback or suggestions (“Feedback”) on the Site or in an email to us, you hereby assign to us all rights in the Feedback and agree that we shall have the right to use such Feedback and related information in any manner it deems appropriate. We will treat any Feedback you provide to us as non-confidential and non-proprietary. You agree that you will not submit to us any information or ideas that you consider to be confidential or proprietary.
By Law or to Protect Rights. If we believe the release of information about you is necessary to respond to legal process, to investigate or remedy potential violations of our policies, or to protect the rights, property, and safety of others, we may share your information as permitted or required by any applicable law, rule, or regulation. This includes exchanging information with other entities for fraud protection and credit risk reduction.
Please be advised the Site is hosted in the United States. If you access the Site from the European Union, Asia, or any other region of the world with laws or other requirements governing personal data collection, use, or disclosure that differ from applicable laws in the United States, then through your continued use of the Site, you are transferring your data to the United States, and you expressly consent to have your data transferred to and processed in the United States. We use Amazon Web Services (“AWS”) to safely store your information. AWS is a secure cloud computing environment that supports ninety (90) security standards and compliance certifications.
SECURITY OF YOUR INFORMATION
We use administrative, technical, and physical security measures to help protect your personal information. While we have taken reasonable steps to secure the personal information you provide to us, please be aware that despite our efforts, no security measures are perfect or impenetrable, and no method of data transmission can be guaranteed against any interception or other type of misuse. Any information disclosed online is vulnerable to interception and misuse by unauthorized parties. Therefore, we cannot guarantee complete security if you provide personal information.
POLICY FOR CHILDREN
Children under 13 may not use the Site. Consequently, we do not knowingly collect or solicit personal information from anyone under the age of 13 or knowingly allow such persons to use the Site. If you are under 13 or have not reached the age of consent, please do not attempt to use the Site, place an order, or send any information about yourself to us, or other users of the Site, including your name, address, telephone number, or email address. In the event that we learn that we have collected personal information from an individual under the age of 13, we will delete that information as quickly as possible. If you believe that we might have any information from or about an individual under the age of 13, please contact us as soon as possible.
CONTROLS FOR DO-NOT-TRACK FEATURES
HOW TO CHANGE INFORMATION ABOUT YOU OR TERMINATE YOUR ACCOUNT
You may at any time review or change the information in your account or terminate your account by:
logging into your user account and updating the settings, or
choosing “Delete Account” in your profile settings, or
contacting us using the contact information provided below.
Upon your request to terminate your account, we will deactivate or delete your account and information from our active databases.
OPT OUT OF EMAILS AND COMMUNICATIONS
If you no longer wish to receive correspondence, emails, or other communications from us, you may opt-out by:
Noting your preferences at the time you register for your account on the Site;
Logging into your account settings and updating your preferences;
Contacting us using the contact information provided below.
CALIFORNIA PRIVACY RIGHTSShine the Light Law
California Civil Code Section 1798.83, also known as the “Shine The Light” law, permits our users who are California residents to request and obtain from us, once a year and free of charge, information about categories of personal information (if any) we disclosed to third parties for direct marketing purposes and the names and addresses of all third parties with which we shared personal information in the immediately preceding calendar year. If you are a California resident and would like to make such a request, please submit your request in writing to us using the contact information provided below.
If you are under 18 years of age, reside in California, and have a registered account with the Site, you have the right to request removal of unwanted data that you publicly post on the Site. To request removal of such data, please contact us using the contact information provided below, and include the email address associated with your account and a statement that you reside in California. We will make sure the data is not publicly displayed on the Site, but please be aware that the data may not be completely or comprehensively removed from our systems.California Consumer Privacy Act
If you are California resident, this information applies to you. The California Consumer Privacy Act (“CCPA”) provides California residents with five core rights to data privacy and an effective way to control your personal information:
(1) the right to know what personal information is being collected about you.
(2) the right to know whether your personal information is sold or disclosed and to whom.
(3) the right to say no to the sale of your personal information (“the right to opt out”); We would like to make it clear that we not not sell any personal information of our users for any monetary consideration.
(4) the right to access your personal information; you may access your personal information at any time via your account.
(5) the right to equal service and price, even if you exercise your privacy rights; we never discriminate against our users regardless of whether they exercise their privacy rights or not.
Additionally, you have the right to request that we delete any personal information about you. You may exercise this right by contacting us directly. However, we are not be required to comply with such requests to delete a California user’s personal information if it is necessary for us to maintain the California user’s personal information in order to:
(1) Complete the transaction for which the personal information was collected, provide a good or service requested by the user, or reasonably anticipated within the context of our ongoing business relationship with such user, or otherwise perform a contract between us and the user.
(2) Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity.
(3) Debug to identify and repair errors that impair existing intended functionality.
(4) Exercise free speech, ensure the right of another user to exercise his or her right of free speech, or exercise another right provided for by law.
(5) Comply with the California Electronic Communications Privacy Act pursuant to Chapter 3.6 (commencing with Section 1546) of Title 12 of Part 2 of the Penal Code.
(6) Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the businesses’ deletion of the information is likely to render impossible or seriously impair the achievement of such research, if the consumer has provided informed consent.
(7) To enable solely internal uses that are reasonably aligned with the expectations of the consumer based on the consumer’s relationship with the business.
(8) Comply with a legal obligation.
(9) Otherwise use the user’s personal information, internally, in a lawful manner that is compatible with the context in which the user provided the information.
Conflict resolution under CCPA. Prior to initiating any action against us for statutory damages on an individual or class-wide basis, a California user shall provide us 30 days’ written notice identifying the specific provisions of this title the user alleges have been or are being violated. In the event a cure is possible, if within the 30 days we actually cure the noticed violation and provide the user an express written statement that the violations have been cured and that no further violations shall occur, no action for individual statutory damages or class-wide statutory damages may be initiated against us.
Should you need to exercise any of your rights under CCPA, contact us at email@example.com.
EUROPEAN PRIVACY RIGHTS
European General Data Protection Regulation
If you are a citizen of European Union or the European Economic Area, the following information applies to you. The European General Data Protection Regulation (“GDPR”) is a regulation in EU law on data protection and privacy for all individual citizens of the European Union and the European Economic Area. It also addresses the transfer of personal data outside the EU and EEA areas. Our collection, processing and protecting of personal information of those who access the Site from a European county, is compliant with GDPR. You have the following rights with regard to your personal information:
the right of access (you can request us to provide you verbally or in writing with the type of information we store about you and we have a month to respond to your request);
the right to rectify (amend/correct) any personal information about you that is inaccurate; you can do so by accessing your account on the Site;
the right to erasure (some conditions apply, see Section Data Retention below);
the right to restrict processing your personal information;
the right to data portability; the right to data portability allows users of the Site to obtain and reuse their personal information for their own purposes across different services; you may request us to transmit your personal information directly from our servers to another company’s servers and we will do so where it is technically feasible;
the right to object (for example, you have an absolute right to stop us from using your personal information for direct marketing - read our instructions above); you may express your objection verbally or in writing and we have a month to respond to any such objection; we might still continue processing your personal information if we are able to show that we have a compelling reason for doing so;
the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or that affects you significantly.
We represent and warrant that your personal information is:
processed lawfully, fairly and transparently;
collected only for specific legitimate purposes;
collection of personal data is adequate, relevant and limited to what is necessary;
accurate and kept up to date (with your help);
stored only as long as is necessary; and
is secure and kept confidence.
Data Retention.strong> Generally, your personal information will be erased when (i) it is no longer needed for its original processing purpose, (ii) you withdraw your consent for us to store by deleting your account, (iii) there is no preferential justified reason for the processing of your personal information and you object to our processing of your personal information, or (iv) erasure of your personal information is required in order to fulfill a statutory obligation under the EU law or the right of the EU Member States. Therefore, we will make sure your personal information will be erased under all of the above-mentioned circumstances. You may request us to erase your personal information in writing and we have a month to respond to any such request.
Data Breach Notification.strong> Should there be a personal data breach leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed, we will notify you and appropriate supervisory authority without undue delay and, where feasible, not later than 72 hours after having become aware of it.
If you would like to exercise any of the above rights, please contact us.
1135 N Virgil Ave
Los Angeles, CA 90029
©Guestboard Inc. 2020. All rights reserved.
Guestboard® is a registered trademark of Guestboard Inc. in the United States. Please use this mark only to refer to our services.