Revinate® Solutions Privacy Policy

TRUSTe

Last updated: June 2024

Summary

This Revinate Solutions Privacy Policy describes how Revinate, LLC, its subsidiaries and affiliated entities (collectively, “Revinate,” “we,” “our” or “us”) collect, store, use and share consumer data received from its customers in connection with its various proprietary product and services offerings, including Revinate Marketing, Reservation Sales, Revinate Ivy, Guest Feedback (including Reputation and Surveys), and RezForce (collectively, the “Revinate Solutions”). This Revinate Solutions Privacy Policy (“Revinate Solutions Privacy Policy”) does not apply to information that we collect and use for our own operational purposes in connection with our corporate website, located at www.revinate.com (“Site”). Please see the Revinate Website Privacy Policy posted on the Site for information on our privacy practices as they relate to the Site.

The Revinate Solutions are utilized by our third-party hospitality industry customers (“Revinate Customers”) including, in certain instances, as embedded on Revinate Customer websites and mobile applications (collectively, the “Customer Venues”), as well as on other web venues/applications hosted by Revinate. The Revinate Solutions may enable the current and prospective guests of our Revinate Customers (collectively, “Guests”) to interact with Revinate Customers, including via Guest- satisfaction surveys, Guest feedback forms, Guest outreach and marketing efforts, and virtual concierge services via the Ivy interactive text messaging platform (collectively, “Guest-Customer Interactions”). In connection with the Guest-Customer Interactions, Revinate Customers  may submit or allow Revinate to process Guests’ personally identifiable information, such as their names, telephone numbers, email addresses and mailing addresses and other information related to their hospitality preferences, stays and events (collectively, “Submitted Data”). The Submitted Data that is accessed  by Revinate (“Revinate Collected Data”): (a) may contain personally identifiable information; or  (b) may, in certain circumstances, be maintained in a deidentified format. Certain data related to Guest-Customer Interactions that occur by and through the Revinate Solutions (such as testimonials and feedback) may be linked by Revinate Customers to personally identifiable information contained in the Submitted Data.

Your California Privacy Rights
Revinate may share your “personal information” with its Revinate Customers for financial gain and marketing purposes. Other than as set forth in the preceding sentence, Revinate will never share, sell, rent, exchange or barter your “personal information” (as defined in the Shine the Light Law, Cal. Civ. Code § 1798.83) to or with any other third-party for financial gain or marketing purposes. Nevertheless, we may, in certain limited instances, share your personal information with third parties who perform administrative functions on our behalf.

If you are a resident of the State of California and would like to learn how your personal information is shared with third parties, what categories of personal information that we have shared with third parties in the preceding year, as well as the names and addresses of those third parties, please call us at: (415) 671-4703; email us as at: support+privacy@revinate.com; or send us U.S. Mail to: Revinate, LLC, 2345 Yale St., First Floor, Palo Alto, CA 94306.

Your Nevada Privacy Rights
If you are a resident of the State of Nevada and would like to opt-out from the sale of your personal information to any third party data broker, please call us at: (415) 671-4703; email us as at: support+privacy@revinate.com; or send us U.S. Mail to: Revinate, LLC, 2345 Yale St., First Floor, Palo Alto, CA 94306.

Personal Information Collected
In connection with the Guest-Customer Interactions, Submitted Data  may include some or all of the following: (a) full name; (b) mailing address; (c) e-mail address; (d) telephone number; (e) information pertaining to a past, current or prospective stay at a Customer Venue; and (f) any other information collected  by and through the Revinate Solutions as determined by each Revinate Customer. In addition, certain data related to Guest-Customer Interactions that occur by and through the Revinate Solutions (such as testimonials and feedback) may be linked by Revinate Customers to personally identifiable information contained in the Submitted Data.

The collection, storage, use, sharing or other data processing of any Submitted Data by Revinate that is provided in connection with a Guest-Customer Interaction shall remain, at all times, subject to the respective privacy policy of the respective  Revinate Customer as posted on the subject Customer Venue. Revinate has no ability to control or impact  the privacy practices of its Revinate Customers or the content of their respective Customer Venues. We encourage you to review the privacy policies and settings of the Customer Venues with which you interact to help you understand those Revinate Customers’ respective privacy practices. If you have questions about the security and privacy practices of any Customer Venue that you use, please refer to the respective  Customer Venue‘s privacy notices.

Opt-Out/Unsubscribe
We do not use Revinate Collected Data to send e-mail or other forms of communications to Guests other than as instructed by Revinate Customers. We process Revinate Collected Data on behalf of our Revinate Customers, who may use the same to contact you directly. If you wish to opt-out of the processing of your Submitted Data by a Revinate Customer, please refer to the opt-out mechanisms set forth in the applicable privacy policy of that Revinate Customer with whom you established a business relationship.

Individual Rights: Deleting, Modifying and Updating Your Personal Information
We will support our Revinate Customers as instructed in order to carry out your data protections rights, as applicable by law, in order to: (a) identify what personal information we have on file for an individual in a machine- readable format; (b) amend the personal information that we have on file when instructed to do so; and/or (c) promptly coordinate with our Revinate Customers to implement the deletion of the personal information we maintain in our servers/databases.   When deleting personal information, such deletion will  permanently remove the information within  Revinate Solutions accessed by or on behalf of Revinate Customers and will further delete your preferences, if any, such as loyalty programs or stay history.

Data Retention
With respect to our retention of  Revinate Collected Data, as set forth above, we retain Revinate Collected Data only for as long as we continue to have a business purpose to do so unless a longer period is required by applicable law. Such business purposes may include handling the contractual relationship that we have with our Revinate Customer, optimizing the performance and functionality of the Revinate Solutions, as well as legal, taxation, accounting, risk management and other operational purposes.

Use and Sharing of Personal Data
Our Revinate Customers will have direct access to, and we will share with our Revinate Customers, the Submitted Data provided in connection with the Guest-Customer Interactions.  Revinate may further use your Submitted Data to evaluate and analyze your transactions, past commercial interactions, prospective commercial activity and hospitality related needs (“Profile Data”)  in order to predict and personalize the services offered to you by Revinate Customers.  Revinate may use your Profile Data to optimize marketing efforts undertaken on behalf of its Revinate Customers and share the same with its Revinate Customers in order to better serve you.

In addition to the foregoing, Revinate may transfer, share and/or sell anonymous, aggregate or group data that is compiled from  Guests’ data, including Revinate Collected Data, for its legitimate business  purposes. We use Submitted Data, Revinate Collected Data and Profile Data to personalize your experience with the Revinate Solutions and to facilitate the provision of the applicable Revinate Solutions to you, including in connection with customer service and to otherwise respond to your inquiries. We may also employ other companies and individuals to perform certain functions on our behalf. The agents performing these limited functions on our behalf may have access to such data only as needed to perform these functions for us, and we do not permit them to use Revinate Collected Data for other purposes.

We may also use Revinate Collected Data for internal business purposes, such as product development, product improvement, analysis and of our service offerings including, without limitation, the Revinate Solutions.

By submitting your personal information by and through the Revinate Solutions, you agree that such act constitutes an inquiry and/or application for purposes of the Amended Telemarketing Sales Rule (16 CFR §310 et seq.), as amended from time to time (the “Rule”) and applicable state do-not-call regulations. As such, notwithstanding that your telephone number may be listed on the Federal Trade Commission’s Do-Not-Call List, and/or on applicable state do-not-call lists, we retain the right to contact you via telemarketing in accordance with the Rule and applicable state do-not-call regulations.

Where you provide “prior express consent” within the meaning of the Telephone Consumer Protection Act (47 USC § 227), and its implementing regulations adopted by the Federal Communications Commission (47 CFR § 64.1200), as amended from time-to-time (“TCPA”), you consent to receive telephone calls from Revinate, including artificial voice calls, pre-recorded messages and/or calls (including SMS text messages) delivered via automated technology, to the telephone number(s) that you provided. Please note that you are not required to provide consent under the TCPA in order to obtain access to the Revinate Solutions, and your consent simply allows Revinate to contact you via these means. Please be advised that by agreeing to this Privacy Policy, you are obligated to immediately inform us if and when the telephone number that you have previously provided to us changes. Without limiting the foregoing, if you: (i) have your telephone number reassigned to another person or entity; (ii) give up your telephone number so that it is no longer used by you; (iii) port your telephone number to a landline or vice versa; or (iv) otherwise stop using that telephone number for any reason (collectively “Phone Number Change”), you agree that you shall promptly notify Revinate of the Phone Number Change via e-mail at: support+privacy@revinate.com, or by using one of the methods set forth in the “Contact Us” section below.

Revinate may release current or past Revinate Collected Data: (a) if we reasonably determine that such information is required to be released by subpoena or court order; (b) if we are sold, merge with a third-party or are acquired by a third-party (collectively, “M&A Transactions”) (including where we share such information in connection with the due diligence process associated with a potential M&A Transaction); (c) if we are the subject of bankruptcy proceedings; (d) as otherwise required or permitted by law; or (e) when we deem it necessary or appropriate. For circumstances involving Revinate in a bankruptcy proceeding, merger, acquisition or sale of all or a portion of its assets, you will be notified via e-mail and/or a prominent notice on the Site of any change in ownership or uses of your personal information, as well as any choices that you may have regarding your personal information.

You hereby consent to the disclosure of any record or communication to any third-party when we, in our sole discretion, determine the disclosure to be required by applicable law, including sharing your e-mail address with third-parties for suppression purposes in compliance with the CAN-SPAM Act of 2003, as amended from time to time, and other e-mail marketing laws. Users should also be aware that courts of equity, such as U.S. Bankruptcy Courts, might have the authority under certain circumstances to permit personal information to be shared or transferred to third-parties without permission.

Automatically Collected Personal Data; Non-Personal Data Collection and Use
IP Addresses/Browser Type
We may collect certain non-personally identifiable information about you and your desktop computer and/or mobile device when you access a Revinate Solution. For example, this  information includes, without limitation, the type of browser that you use (e.g., Safari, Chrome, Internet Explorer), the type of operating system that you use (e.g., Windows or iOS) and the domain name of your Internet service provider (e.g., Verizon, AT&T). We use the non-personally identifiable information that we collect to improve the design and content of the Revinate Solutions and to enable us to  improve your Internet experience. We also may use this information in the aggregate to analyze usage and functionality of the Revinate Solutions.

Cookies/IP Addresses/Browser Type
When a Guest accesses a Revinate Solution, we may process IP addresses, user agent strings, cookies and other website tracking technologies to identify users and improve Revinate Solutions. We may send one (1) or more cookies and/or gif files (collectively, “Cookies”) to assign a unique identifier to the applicable Guest’s computer which we retain and use to store Guest preferences, identify usage trends, help improve Revinate Solutions and otherwise  enhance your experience with the Revinate Solutions. To find out more about Cookies, please visit www.cookiecentral.com.

Most Internet browsers are initially set up to accept Cookies, but you can reset your browser to refuse all Cookies or to indicate when a Cookie is being sent. To disable and reject certain Cookies, follow the instructions associated with your Internet browser. Even in the case where a Guest rejects a Cookie, she or he may still use the Revinate Solutions; provided, however, that certain Revinate Solutions-related functions may be impaired or rendered inoperable if the use of Cookies is disabled. In general, Guests may also be able to disable some, or all, Internet tracking activity by utilizing the “Do Not Track” setting or similar options within most major Internet browsers.

Behavioral Tracking
The Revinate Solutions do not track Guest activity on, or after Guests leave, the subject Customer Venues.

Cross Device Tracking
The Revinate Solutions do not track Guests across various devices, including personal computers and mobile devices.

Aggregate Data
Revinate may process and transfer and/or sell data that is not personally identifiable information, such as de-identified, aggregate or group data about Guests, including Revinate Collected Data for lawful purposes, such as business needs or product development. Aggregate or group data is data that describes the demographics, usage and other characteristics of Guests as a group, without disclosing personally identifiable information.

Ivy Interactive Text Messaging Platform
Where you opt-in to the Ivy interactive text messaging platform (“Ivy Platform”) in order to facilitate Guest- Customer Interactions via SMS text message, you may receive an SMS message to confirm your signup.

You can cancel your use of the Ivy Platform at any time by texting “STOP” to the number that contacted you. For assistance, you may send the reply text “HELP” to the number that contacted you.

We are able to deliver messages to customers of the following mobile phone carriers: AT&T, Verizon Wireless, Sprint, T-Mobile, MetroPCS and U.S. Cellular.

Message and Data Rates May Apply for messages sent and/or received by and through the Ivy Platform. If you have any questions about your text or data plan, please contact your wireless provider. For questions about the Ivy Platform, please feel free to email us  at: support+privacy@revinate.com.

Security
We endeavor to safeguard and protect Guest Data, and we have appropriate security measures in place to protect against the unauthorized access, loss, misuse or alteration of such data. To the extent our registration/application process prompts Guests to enter sensitive information (such as credit card information), if any, and if we store and transmit such sensitive information, that personal information will be encrypted with advanced TLS (Transport Layer Security).

Systems access is strictly limited, and we take commercially reasonable measures to prevent unauthorized access to Guest data. Only personnel who have a specific job function that requires it, shall have access to Guest data. Our employees are dedicated to maintaining  the security and privacy of such data, and employees not adhering to our firm policies are subject to disciplinary action.

While we take these and many other precautions to protect Guest data, no technology, software or security protocol can be guaranteed to be 100% secure. For these reasons, we cannot warrant that any personal information will be absolutely secure.

Third-Party Websites
The Revinate Solutions may contain links to third-party owned and/or operated websites including, without limitation, websites associated with Revinate Clients and Client Venues. Revinate® is not responsible for the privacy practices or the content of such websites. These third-party websites have separate privacy and data collection practices and Revinate has no responsibility or liability relating to them.

Transfer of Data Internationally
If you are accessing a Revinate Solution and/or visiting a Customer Venue from a country other than the United States, your communications with us may result in the transfer of information across international boundaries. Additionally, for data security, redundancy, integrity and business continuity purposes,  Revinate Collected Data may be stored, accessed and otherwise processed in a country other than the country in which it was collected.

Revinate complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Revinate has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) under the UK Extension to the EU-U.S. DPF. Revinate has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

Revinate is responsible for the processing of personal data it receives, under the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and Swiss-U.S. DPF and subsequently transfers to a third party acting as an agent on its behalf. Revinate complies with the EU-U.S. DPF Principles and the Swiss-U.S. DPF Principles for all onward transfers of personal data from the EU, UK, and Switzerland, including the onward transfer liability provisions.

The Federal Trade Commission has jurisdiction over Revinate’s compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF. In certain situations, Revinate may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, Revinate commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF to TRUSTe, an alternative dispute resolution provider based in the United States. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit https://feedback-form.truste.com/watchdog/request for more information or to file a complaint. These dispute resolution services are provided at no cost to you.

For complaints regarding EU-U.S. DPF, the UK Extension to the EU-U.S DPF, and Swiss-U.S. DPF compliance not resolved by any of the other DPF mechanisms, you have the possibility, under certain conditions, to invoke binding arbitration. Further information can be found on the official DPF website: https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf?tabset-35584=2.

Changes to this Revinate Solutions Privacy Policy
Revinate reserves the right to change or update this Revinate Solutions Privacy Policy at any time by posting a notice on our Site that we are changing our Revinate Solutions Privacy Policy. We encourage you to visit our privacy page from time to time and to read this notice to learn of our current privacy practices and protections.

Contact Us
If you have any questions about this Revinate Solutions Privacy Policy or our privacy practices in general, you may call us at: +1 (415) 671-4703; email us as at: support+privacy@revinate.com.

To submit a request to exercise your privacy rights, please send your request to the Revinate Customer with whom you have a relationship. If you are a resident of the European Union, United Kingdom or Switzerland and would like to contact the Revinate Data Protection Officer (DPO) please direct your message to dpo@revinate.com.