Your privacy is very important to us. In this policy we outline how we collect, use, disclose, manage and safeguard your personal data when you use our services, browse our website or interact with us in other ways.
What personal data we collect and why:
1. Information provided in our Guest Portal.
When we collect and use your personal data, we do so on behalf of our clients and under contractual agreements with and written instructions from our clients. Our platform is available to you through our client’s website accessible on a guest portal. The personal data that you are providing to our clients is shared with us to enable us to deliver our services to our clients. To that end and with your consent where necessary, we may collect the following types of personal data about you:
- Your full name, used to verify your identity;
- Your email address and phone number, so we can communicate with you and verify your information;
- Payment and banking information, including limited credit card data or other forms of payment, for payment verification purposes;
- Residential address history, so we can validate your request on our client’s website;
- Approximate location information, used to tailor the information in our reports to the client;
- Names and email addresses of individuals on your party, so we can validate their identity;
- Your affiliation with social media sites, used to further verify your identity; and
- Photo of the guest’s identification or travel document that you upload, used to validate your identity.
2. When you use our services as a client.
When you use our platform as a client, we may collect your personal data, with your consent where required, when you provide your data directly into the platform, for example, when you access and use the platform, contact us or register for an account with us. Examples of personal data we may collect from our clients include contact information, such as your name, email address and phone number that we use to communicate with you. We may also collect your username and password, to allow you access to your account and client dashboard.
3. When you visit our website.
With your consent, we may also collect the personal data you provide us with when you choose to interact with our platform and website. This includes your name and email address. This information is used to contact you to provide the services you requested.
How we use the personal data we collect:
We only collect personal data that is necessary to provide services to our clients. In serving our clients we may use your personal data to:
- Verify the identity of our client’s guests and the information potential guests provide on the guest portal;
- Perform a credit and background check verification for potential client’s guests;
- Create a screening report for our clients about potential guests on their property;
- Facilitate the decision making process between our clients and their potential guests;
- Create a profile of clients’ guests to allow our clients to prevent or mitigate the risk of fraud;
- Provide personalized recommendations and strategic advice to our clients;
- Manage clients’ accounts;
- Administer, troubleshoot, enhance and manage the client dashboard and guest portal;
- Send communications and notifications, including updates about client accounts;
- Protect, investigate and deter against fraudulent, unauthorized or illegal activity;
- With consent, send promotional communications such as special offers or other promotions;
- Analyze the accuracy and effectiveness of the platform;
- Analyze and understand our users and their needs;
- Tailor your experience while visiting the website, as well as the client dashboard and guest portal;
- Meet obligations as required by applicable laws; and
- Respond to inquiries, complaints and other communications from you;
How we may share your personal data:
We do not sell, rent or disclose the personal data that we collect with third parties except in the following circumstances:
External credit and background verification services: with your consent and under our client’s instruction, we may share your information, with external credit and background verification service providers as selected by our clients in accordance with your permission and only with your express consent.
Required by Law: We will disclose personal data in our custody when we believe that the disclosure is required by law, including to comply with a judicial proceeding, court order, or legal process served on us and when we receive a request from regulatory or law enforcement authorities. When possible and allowed by law, we will inform you about the request for disclosure and we will only disclose personal data to law enforcement authorities upon demonstration of lawful authority.
Investigations: We will disclose personal data without your knowledge or consent where it is reasonable for the purposes of investigating a breach of an agreement or a contravention of the law that has been, is being or is about to be committed and it is reasonable to expect that disclosure with the knowledge or consent of the individual would compromise the investigation.
Fraud: We will disclose personal data where it is reasonable for the purposes of preventing, detecting or suppressing fraud and it is reasonable to expect that the disclosure with the knowledge or consent of the individual would compromise the ability to prevent, detect or suppress the fraud.
Business Transaction: We may disclose and share personal data to explore and/or undertake a corporate transaction, including a merger, acquisition, amalgamation, IPO, reorganization or sale of the Company and/or the Platform. We will enter into an agreement that ensures that your personal data will be used and disclosed solely for the purposes related to the transaction, will be protected by security safeguards appropriate to the sensitivity of the information and will be retained only for as long as necessary. with your consent and under our client’s instruction, we may share your information, with external credit and background verification service providers as selected by our clients in accordance with your permission and only with your express consent.
How we secure your personal data:
We are committed to data security and to protecting the personal data we collect by security safeguards that meet industry standards and that are appropriate to the level of sensitivity of the data through (i) physical measures, such as secure areas; (ii) technical measures, such as encryption and secure servers; and (iii) organizational measures, such as access policies based on need-to-know and employee security through vetting and supervision. In particular:
- All data stored or transmitted to our servers is secured through 256-bit SSL/TLS encryption;
- All our employees receive training with respect to handling personal data and access to personal data is provided on a need-to-know basis and least-privilege access policy;
- Our clients adhere to terms and conditions requiring them to protect the personal data they share with us and receive from us following our verification.
Where we store your personal data:
We store personal data on servers provided by Amazon Web Services, located in the United States.
Therefore, your personal data may be collected, processed, stored, and transferred to a foreign country, with different privacy laws that may or may not be as comprehensive as the laws in the jurisdiction in which you reside. In these circumstances, the governments, courts, law enforcement, or regulatory agencies of that country may be able to obtain access to your personal information through the laws of the foreign country. Whenever we engage a service provider, we require that its privacy and security standards adhere to this policy and to the level of privacy protection afforded by the privacy legislation in the jurisdiction in which you reside.
How long we retain your personal data:
Except as otherwise permitted or required by applicable law or regulation, we will only retain your personal data for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.
What are your privacy rights?
Depending on your jurisdiction, you may have the following rights with respect to the personal data we collect and use:
- Access the personal data that we collected about you; we will respond to such request within 30 days; if we cannot provide you access, for example, because it would disclose information about another individual, we will provide reasons;
- Have your personal data corrected if it is inaccurate;
- Challenge our privacy practices if you have concerns; and
- Lodge a complaint with your local data protection authorities if you are not satisfied with our response.
- Object when we will seek your consent, if required under applicable legislation, to allow us to process your personal data for reasons other than those you have already consented for when we collected your information from you.
To exercise these rights, please send a formal written request to firstname.lastname@example.org with your name, email address and which right(s) you wish to invoke. We will respond to such request within 30 days; if we cannot provide you access, for example, because it would disclose information about another individual, we will provide reasons.
Our guest portal is not directed to children under the age of 13. No one under age 13 may provide any personal data to or on the guest portal and we do not knowingly collect personal data from children under the age of 13, nor do we knowingly distribute such information to third-parties. If you are under 13, do not use or provide any information to or on the guest portal. If we become aware that we received personal data from someone under the age of 13, we will take steps to delete such information from our records. If you believe we have personal information from someone under 13, please contact us at email@example.com.