OUR PRIVACY COMMITMENT
Coastal Hospitality Associates (“Coastal Hospitality Associates”, “we”, “our”, or “us”) respects your privacy and strives to earn and keep your trust.
SECTION 1 – HOW WE COLLECT YOUR PERSONAL DATA
We collect information from you, and about you from third parties, in the following ways:
- Your submission of information when you communicate with us by telephone, email or via the Services or in connection with subscribing to alerts, newsletters, update notices or other communications from us;
- Your submission of information in connection with your creation of an Account, enrollment in the Services, creation of a profile on our Website, or entering into sweepstakes or contests sponsored by us, whether through an application, or otherwise;
- Information received from you, from various scripts, analytics tools, and other software on our website or in the Services, or which is generated as a result of your interaction and use of our website;
- Through cookies, web beacons, tracking technologies, and similar technologies, whether implemented by us or any third party. “Cookies” are small files that your Web browser places in your device’s memory;
- Information submitted by or obtainable from your internet service provider, software, computer, mobile device, or other method of accessing the Services (which you may be able to control through the settings of your software and devices);
- Information received from third parties, including without limitation information submitted by or available from any marketplace, store, social media network, or other service, website, or application that you use, which refers you to Coastal Hospitality Associates, or which contains or embeds any of the Services, Content, or User Content.
SECTION 2 – THE TYPES OF PERSONAL DATA WE COLLECT
The information we collect will vary based on your use of the Services and information, actions you elect to take, and based on such actions the information and data you elect to submit (for example, if you elect to create an Account certain information will be requested, some of which is required to create the Account and some of which is optional). Based on the foregoing, the information we collect may include:
- Personal identification information, including without limitation your name, email address, zip code, user name, and password;
- Device and connection information, including without limitation details regarding your IP address, browser, operating system, screen display;
- Usage information, including without limitation what parts of our Services you are using, the length of time using the Services or any portion thereof, your interactions with the Services, the frequency of your use of the Services or any portion thereof, photographs, videos, comments, or other data you may upload and any meta data contained therein;
- Location information, to the extent provided or available from your internet service provider, device, software, or User Data;
- Tracking information and related personal information, including without limitation browsing patterns, history, referral source, search terms leading you to the Services, to the extent obtainable using cookies, beacons, website analytic services, or similar technologies;
- Information we receive from any third party, affiliate, referral source, a separate user of the Services, marketplace, store, social media network, or other service, website, or application that you use, which refers you to Coastal Hospitality Associates, or which contains or embeds any of the Services;
- Information embedded in any User Content you submit, including any metadata, which may include without limitation identification information regarding the device which captured and/or edited such User Content, location information, personal information, technical information, or other information;
- Any information that you reveal in a public forum (such as a bulletin board or comments).
Coastal Hospitality Associates does not store any credit card information. Coastal Hospitality Associates uses a third party vendor which directly receives and stores personal credit card data, and manages credit card processing for subscriptions and transactions.
SECTION 3 – HOW WE USE YOUR PERSONAL DATA
Except as set forth herein, your personal data will not be knowingly provided by Coastal Hospitality Associates to third parties without your explicit permission.
Among other uses set forth in this policy, we may process your personal data we receive because it is necessary for the performance of a contract with you, including, once you accept our Terms, create an Account and authorize us to use your personal data, to:
- Provide the Services to you or send any information to you, including alerts, newsletters, or other materials you have requested;
- Enable you to access or use the Services, functionality, Content, User Content, Materials, or other portions thereof which you requested;
- Enable our interactive tools to function properly for you to be able to use the Services;
- Respond to your requests and send messages to you, notice to you, or otherwise communicate with you regarding your Account, the Services, and any customer service or technical support issue you raise;
- Disclose, use, and reproduce the comments and feedback you reveal in a public forum ion the Services in accordance with our Terms;
- Facilitate your experience through cookies which allow the Services to recognize you if you visit multiple pages during the same session, so that you don’t need to re-enter your information multiple times. Once you close your browser, session cookies expire and no longer have any effect.
We may also process your personal data because it is necessary for our or a third party’s legitimate interest. Our “legitimate interests” include our interests in offering and operating the Services in an efficient and sustainable manner, in accordance with all applicable legal and regulatory requirements (including our legal obligations laid down in United States federal or state law and any regulatory duties we are subject to in the USA). In this respect, we may use your personal data to:
- Send periodic emails or other communications to you;
- Generate anonymized information aggregated with other users’ information, which does not allow you to be identified or contacted (“Aggregate Information”), to improve the Service and our offerings. For example, we might generate Aggregate Information regarding the number of users of our site and the activities they conduct while on our site. We might also generate Aggregate Information that “30 percent of our users live east of the Mississippi” or that “25 percent of our users have looked into surfing charts in Orange County.” Depending on the circumstances, we may or may not charge for this information;
- Present User Content or comments you upload on our website or otherwise incorporate such User Content into the Services for other users to access and view as you expressly permitted;
- Administer any surveys, promotions, rewards, or other programs run by Coastal Hospitality Associates or its vendors from time-to-time;
- Perform statistical analysis, customer evaluation, and other administrative or business analysis for our own internal purposes;
- Outsourcing selected back office functions to third party controllers for the purposes of efficient, fast and secure access to data, and the efficient management of our Services, but only if they meet the requirements of Section 6 below.
We may also process your personal data for our compliance with our legal obligations. In this respect, we may use your personal data for the following:
- To meet our compliance and regulatory obligations, both in the US and the EU, including with respect to any EU Member State where we are providing our Services;
- To assist with investigations (including criminal investigations) carried out by the police and other competent authorities, where those authorities are acting in compliance with US and EU laws, including laws of any EU Member State where we are providing Services.
In addition, we may also process your personal data:
- When we have your specific or, where necessary, explicit consent to do so.
SECTION 4 – WITH WHOM YOUR PERSONAL DATA MAY BE SHARED
We share your personal data with:
- You or any person with your Credentials;
- Coastal Hospitality Associates employees, in order to operate, optimize, improve, and/or further develop the Services;
- Third party processors who meet the requirements in Section 6, as necessary to submit and process payments, collect any amounts owed, or otherwise address any payment obligations or issues;
- Our third party processors who meet the requirements in Section 6, for the purposes of improving the Services or our business;
- Governmental authorities, regulatory bodies, law enforcement, or other authorized persons to the extent required by law or deemed by us to be necessary, appropriate, or in the best interests of Coastal Hospitality Associates or the public in connection with a request from the foregoing;
- To the extent you expressly authorize to do so, affiliated or unaffiliated third parties for marketing purposes;
- A third party, subject to a reasonable obligation of confidentiality, in connection with any merger, acquisition, asset sale, financing, or other capital transaction involving the sale of all, or substantially all, of our assets.
SECTION 5 – WHEN DO WE TRANSFER YOUR PERSONAL DATA OUTSIDE OF THE EU
If your personal data is subject to GDPR, in the course of providing the Services to you, we may transfer your personal data outside of the European Economic Area (“EEA”), principally to Coastal Hospitality Associates’s servers in the United States; this means that your personal data will not have the automatic protection of European data protection laws (including the GDPR) which apply in the EEA. In these circumstances, in order to ensure that your personal data continues to have adequate protection when it is transferred outside the EEA, your personal data will only be transferred on one of the following bases:
- Where the transfer is subject to one or more of the appropriate safeguards for international transfers prescribed by applicable law (for example, standard data protection clauses adopted by the European Commission);
- a European Commission decision provides that the country or territory to which the transfer is made ensures an adequate level of protection; or
- there exists another situation where the transfer is permitted under applicable law (for example, where we have your explicit consent).
You can obtain more details of the protection given to your personal data when it is transferred outside the EEA by contacting us using the details set out below.
SECTION 6 – OUR LIABILITY FOR ONWARD TRANSFERS
SECTION 7 – SECURITY
We use encryption and authentication tools to protect the security of personal information that you share with us. However, no data transmission over the internet (or, with respect to our mobile services, over cellular phone networks) can be guaranteed to be 100% secure. As a result, while we strive to protect personal data, we cannot and do not guarantee or warrant the security of any information you transmit to or from the Service, and you do so at your own risk.
Except as set forth herein, we restrict access to your personal information such that those Coastal Hospitality Associates employees, contractors, and agents who need to know such personal information in order to operate, develop or improve our Services or otherwise fulfill their obligations to us are bound by confidentiality obligations and may be subject to discipline, including termination and criminal prosecution, if they fail to meet these obligations.
SECTION 8 – HOW LONG IS YOUR PERSONAL DATA KEPT
We will retain your personal data for as long as your Account on the Services remains in good standing, and for as long as permitted or required for legal and regulatory purposes after your Account is terminated. Please note that Aggregate Information, which is not personal data, shall be retained indefinitely to improve the functionality of the Service.
SECTION 9 – YOUR PRIVACY CHOICES
You have the following rights in relation to our processing of your personal data. Please note that these rights are not absolute, and we may be entitled to refuse requests where exceptions apply.
- To obtain access to, and copies of, the personal data that we hold about you;
- To require us to correct the personal data we hold about you if it is incorrect. You are able to update certain personal data that you have provided to us when you opened your Account, by updating the “My Account” section on the web site;
- To require us to erase your personal data in certain circumstances;
- To require us to restrict our data processing activities in certain circumstances;
- To object, on grounds relating to your particular situation, to any of our particular processing activities where you feel this has a disproportionate impact on you;
- To receive from us the personal data we hold about you which you have provided to us, in a reasonable format specified by you, including for the purpose of you transmitting that personal data to another data controller;
- Where our processing is based on your consent, you may withdraw that consent, without affecting the lawfulness of our processing based on consent before its withdrawal. You are able to change certain privacy choices by updating the “My Account” section on the web site.
If you are not satisfied with how we are processing your personal data, you can make a complaint to a data protection supervisory authority in the US or EU, as applicable, including the data protection regulator in the EU country where you are located.
California Residents — Your California Privacy Rights
California’s “Shine the Light” law, Civil Code section 1798.83, requires certain businesses to respond to requests from California customers asking about the business’ practices related to disclosing personal information to third parties for the third parties’ direct marketing purposes. Alternately, businesses may have in place a policy not to disclose personal information of customers to third parties for the third parties’ direct marketing purposes if the customer has exercised an option to opt-out of such information-sharing. We require you to expressly opt-in to any disclosure of your personal data to third parties for the third parties’ direct marketing purposes which is stricter than required under California law.
SECTION 10 – COLLECTION OF INFORMATION BY THIRD-PARTY SITES, AD SERVERS, SPONSORS
Some of our Services contain links to other sites whose information practices may be different than ours. Visitors should consult the other sites’ privacy notices as we have no control over information that is submitted to, or collected by, these third parties.
We also use the services of reputable third party processors to provide us with data collection, reporting and web analytics, as well as to assist with delivery of relevant content, marketing messages and advertisements. All of our disclosure to such third parties shall be subject to the requirements under Section 6 if any of your personal data is transferred to such third parties. We, our third party service providers, advertisers and/or partners may also place web beacons for these third parties. For more information on how our sites may use third-party ad servers and your ability to opt-out of targeted advertising from such third party ad servers, please see the section below on “Third Party Ad Servers”.
SECTION 11 – THIRD PARTY AD SERVERS
SECTION 12 – CHILDREN’S PRIVACY AND INTERNATIONAL CONSIDERATIONS
Protecting the privacy of young children is especially important. For that reason, Coastal Hospitality Associates does not knowingly collect or maintain personal information from persons under 13 years. If Coastal Hospitality Associates learns that personal information of persons under 13 years has been collected on or through the Services, Coastal Hospitality Associates will take the appropriate steps to delete this information. If you are the parent or legal guardian of a child under 13 who has become a registered user or subscriber of Coastal Hospitality Associates or any of the Services or otherwise set up an Account, then please contact Coastal Hospitality Associates to have that child’s account terminated and personal information deleted.
We are headquartered in the United States and any information that you submit or we otherwise obtain will be transferred to, collected, and held in the United States. We may subsequently transfer such information to any other country or jurisdiction in connection with the authorized uses and disclosures of information set forth herein.
SECTION 13 – CONTACTING Coastal Hospitality Associates
Questions regarding this policy and our practice should be directed to Coastal Hospitality Associates Support, by e-mail to https://coastalhospitalityhotels.com/contact/, or by postal mail to Coastal Hospitality Associates, 3612 Atlantic Avenue
Virginia Beach, VA 23451.