Last modified: June 19, 2019
Capitalized terms not defined here are in the Revinate Terms and Conditions of Use at www.revinate.com/terms (as applicable the “Agreement”).
Privacy Shield Certification
Revinate participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. We are committed to subjecting all personal data received from European Union (EU) member countries and Switzerland, respectively, in reliance on each Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Frameworks, and to view our certification, visit the U.S. Department of Commerce’s Privacy Shield web site. [https://www.privacyshield.gov]
Under the Privacy Shield Framework Revinate is responsible for the processing of personal data it receives and subsequently transfers to a third party acting as an agent on its behalf. Revinate complies with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Framework, Revinate is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Under certain conditions, more fully described on the Privacy Shield website https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.
1. Types of Data We Collect From You
We collect Personal Data from you when you use the Services. “Personal Data” means any information relating to an identified person or a person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that person.
1.1 Data You Provide to Us. We receive and store any information you provide to us through the Services. For example, we collect Personal Data from you, such as your user name, password, first and last name, title, company name, e-mail address, telephone number, and postal address (i) when you create an account, (ii) when you submit Personal Data through the Services, or (iii), if you contact us for more information regarding our Services.
If you contact us by e-mail or through a form on the Services, we may collect your name and e-mail address, as well as any other content included in the e-mail or that you submit to us.
When you download and use our Services, we automatically collect information on the type of device you use, operating system version, and the device identifier (or “UDID”). We do not ask for, access or track any location based information from your mobile device at any time while downloading or using our Mobile Apps or Services.
1.2 Data Our Customers Provide to Us. Some of our products allow our hospitality business customers (hotels and restaurants) to provide Personal Data to us from their guest management systems. This information may include your first and last name, title, company name, e-mail address, telephone number, postal address, the hotels where you stayed, the dates of your stay, transactional data such as the amount you paid for a hotel room, and guest preferences you provided to our customer, such as preferred floor.
1.3 Data Collected Through Technology. We collect information about you based on or through your use of the Services.
We collect information related to your use of the Services automatically when you visit our website, such as browser type and version, operating system, platform, Internet Protocol (IP) address domain name, and a date/time stamp for your visit. This information is collected and analyzed in the aggregate in order to improve the function and content of the Site.
We and our service providers use technologies such as cookies, beacons, local storage such as HTML5, tags and scripts to analyze trends, administer the site, track users’ movements around the site and gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual as well as aggregated basis. We link this automatically collected data to Personal Data.
We use mobile analytics software to allow us to better understand the functionality of our mobile software on your phone. This software may record information such as how often you use the application, the events that occur within the application, aggregated usage, performance data, and where the application was downloaded from. We do not link the information we store within the analytics software to any personally identifiable information you submit within the mobile application.
2. Use of Your Personal Data
In general, we use Personal Data that we collect from you to provide you with a customized experience, aid us in serving you better, and respond to your requests. In addition, we use your Personal Data to:
- Facilitate the creation of and secure your account on our network;
- Identify you as a User in our system;
- Provide you the Services;
- Analyze request and usage patterns, diagnose problems with our server and administer our Services;
- Improve the quality of experience and provide you a personalized experience when you use the Services;
- Develop and improve the Services;
- Send you administrative notifications, such as security or support and maintenance advisories (the messages we send may contain code that enables us to track your usage of the message, such as whether an e-mail was opened and/or what links (if any) you clicked);
- Respond to any inquiries you make of us; and
- Send you messages or postal mail informing you of our products and services we believe may be of interest to you, such as new features and services, special offers, and updated information, and for other marketing purposes for us.
Revinate also acts as a Processor of Personal Data that you control and provide to us (i.e. Guest Data). For more information about how we process Personal Data related to customers or guests, please review our GDPR Addendum or Data Processor Agreement (DPA) at https://www.revinate.com/data-processing-addendum/
3. Disclosure of Your Personal Data
Except as described below, we do not share your Personal Data with third parties.
3.1 Sharing with Our Customers. We provide copies of all information you provide through the Services, including Personal Data, to your hotel, restaurant, or hotel group. Your hotel may have separate agreements with you regarding sharing of your survey response information and Personal Data. If you have any questions about how your hotel handles your information you should contact them directly.
We are not responsible for content in the Services that has been provided by your hotel, such as [language or content in marketing emails, survey questions, or information about your stay at their property. If you have any questions about hotel-provided content, or if you are a guest of one of our hotel partners and would no longer like to be contacted by that hotel, please contact your hotel directly.
3.2 Sharing by Your Choice. We may publish public content such as trip reviews and survey responses on the Services and/or through third party sites such as Tripadvisor or Google. We will not provide your full name or other identifying information in any reviews or survey responses. We may provide limited identifying information, such as your first name, last initial and hometown. We will not sell or share your survey responses with third party advertisers or marketers without your consent.
We ask that you not send us or disclose any sensitive Personal Information (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background, or trade union membership) on or through our Services, website, or via other means.
3.3 Sharing with Our Service Providers. We may share your Personal Data with third party service providers under contract to perform functions on our behalf. Examples include sending postal mail or electronic messages, storing data, analyzing data, performing quality assurance, providing technical support, providing marketing assistance, verifying identity, processing employment applications, and providing customer service. These third parties may have access to your Personal Data only as needed to perform their functions. You may find a list of our service providers on our website: www.revinate.com/subprocessors. We make efforts to enter into Data Processor Agreements with any third party that we provide access to Personal Data.
3.6 Sharing as Legally Permitted. In certain situations, Revinate may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
3.7 Sharing with Your Consent. We may share your Personal Data if you provide us prior consent to do so.
3.8 International Transfer of Data
Your Personal Information may be stored and processed in any country where we have facilities or in which we engage service providers, and by using the Sites or disclosing information to us you consent to the transfer of information to countries outside of your country of residence, which may have different data protection rules than those of your country or the country in which you were located when you initially provided the information. Please refer to our list of Subprocessors: http://www.revinate.com/subprocessors for a list of countries with which we may share your Personal Information. Revinate complies with the Privacy Shield Principles for all onward transfers of Personal Information from the European Union, including the onward transfer liability provisions.
4. Your Choices Regarding Your Personal Data
4.2 Access by Individuals to their Personal Data. You may change any of your Personal Data in your account by editing your profile through the Services or by sending us e-mail or postal mail at the address below. You may request us to delete your Personal Data by sending us an e-mail to firstname.lastname@example.org or postal mail at the address below, but please note that we may be required (by law or otherwise) to keep this information and not delete it (or to keep this information for a certain time, in which case we will comply with your deletion request only after we have fulfilled such requirements). When we delete any information, it will be deleted from the active database, but may remain in our archives. We will respond to requests for access within 30 days.
4.3 Removal of Guest Personal Data. If you used our guest-facing Services and you notify us that you wish to remove Personal Data that you provided or that we obtained from our Customers or third parties, we will endeavor to do so. Please note that we may be required (by law or otherwise) to keep this information and not delete it or to keep this information for a certain time, in which case we will comply with your deletion request only after we have fulfilled such requirements. You must contact Customers directly regarding removal of Personal Data held by them.
4.4 Removal of Content on Customer Request. Customers or third parties may also request us to edit or remove certain content in the Services from time to time. While we do not monitor or screen content as a rule, we reserve the right to edit or remove content for any reason in our sole discretion. If a Customer requests that we remove content, we will respond to its request within 30 business days.
4.5 Purpose Limitation on Personal Data. We will retain your Personal Data (including the Personal Data we process on behalf of our Customers) for as long as your account is active or as needed to provide you services. We will retain and use your Personal Data as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
We have commercially reasonable security measures in place to help protect against loss, misuse and alteration of your Personal Data in our possession. When you enter sensitive information (such as a login credentials) we encrypt the transmission of that information using secure socket layer technology (SSL). No method of transmission over the Internet, or method of electronic storage, is 100% secure, however. Therefore, while Revinate uses reasonable efforts to protect your Personal Data, Revinate cannot guarantee its absolute security. If you have any questions regarding security you can contact us at email@example.com.
6. Social Media Features
If you enable features allowing you to connect your Revinate account to social media platforms such as Facebook and Twitter, Revinate may receive copies of your public posts, friend lists and other data, depending on how the privacy settings in your account.
7. Links to other sites
The Services contain links to other sites that are not owned or controlled by Revinate. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage you to be aware when you leave our site and to read the privacy statements of web sites that collect Personal Data. This privacy statement applies only to information collected by the Services.
We may post Customer testimonials on the Services, which may contain personally identifiable information. We obtain the Customer’s consent via email prior to posting the testimonial to post its name along with its testimonial. If you want your testimonial removed please contact us at firstname.lastname@example.org.
9. Public Forums
The Services may offer publicly accessible blogs or community forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. To request removal of your personal information from our blog or community forum, contact us at email@example.com. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.
11. Contacting Revinate
One Letterman Drive, Bldg. C, Suite CM100
San Francisco, CA 94129