Last Updated: January 30, 2020
Effective: January 01, 2020
WE RESPECT THE PRIVACY OF EVERY INDIVIDUAL WHO VISITS THIS WEBSITE
WHO IS COLLECTING YOUR INFORMATION
Your Personal Information are processed by Hard Rock Cafe International (USA), Inc., 5701 Stirling Road, Davie, Florida 33314 ("Hard Rock", “we”, “us” or “our”).
WHAT INFORMATION WE COLLECT
When you make a reservation, you provide us with reservation data such as your name, email address, phone number, reservation details and payment information as applicable. We use this data to process the reservation and your stay, for billing purposes, and to communicate with you about your reservation. If you use a social media account to make your reservation, we can retrieve part of the reservation data from your social media account. If you book via a booking agent, the agent will provide us with such data.
To simplify future bookings and take advantage of commercial benefits such as discounts or members-only perks, you can choose to create an account to save the data you provide us during your booking. We will use the personal data that you provide to autofill your account details.
Administration and Retention
Reservation data is stored in our systems for administrative purposes and to comply with data retention obligations.
In some countries, we are obligated to register specific information when you arrive at a Reverb Hotel. This may include your date of birth, nationality, visa information, place of residence, date of arrival and your profession. We may also be obligated to verify your identity at arrival based on a passport, other ID document or face verification. We will only make a copy of your identification document if we are obligated to do so by law.
We store data about your use of the systems in the hotel room to ensure that the systems and appliances in our rooms work correctly, such as data regarding the light, entertainment and air-condition systems. This information is used by our support teams for technical support purposes. We also use such information to learn about how guests use our services and how we can improve our services.
We use your personal data including data generated by your stay and interactions with us for analytical use to optimize our services and product offering.
We process personal data obtained in the context of your booking history, your purchases in our hotels, your communications with Reverb, your online behavior on our websites and app and obtained from social media platforms such as LinkedIn and Facebook or data brokers. We use these data for analytical purposes and to provide you with targeted commercial communications for our own products and services. If you have not consented to such targeted commercial communications you may still receive general commercial communication.
Surveys & Contests
From time-to-time our website or Apps may request information from you via surveys or contests. Participation in these surveys or contests is completely voluntary. Requested data may include your contact data, data of birth, marital status, number of children and their ages, and your opinion/answers. Contact information will be used to administer your participation in a contest, notify the winners and award prizes. Survey information will be used for purposes of monitoring or improving the use and satisfaction of the Website and Apps and our other products and services.
RIGHT NOT TO PROVIDE INFORMATION
In certain jurisdictions, you may have the right not to provide Personal Information. However, if you elect not to provide such information, you may not be able to utilize certain services on the Website.
COOKIES AND SIMILAR TECHNIQUES
This section explains which cookies and similar techniques (hereafter simply referred to as "cookies") we use on our websites.
With your consent Hard Rock places marketing cookies and trackers to advertise our products and services to you. The marketing cookies also allow us to provide you with relevant offers based on your online browsing, search and booking behavior.
Website Functionality and Optimization
Withdrawal of Your Consent
You can withdraw your consent at any time by setting your browser to disable cookies and/or to remove all cookies from your browser.
In certain jurisdictions, you will be asked to provide consent for your cookies when accessing our website. The request does not always reappear when you revisit the site. You may click to revise your cookie settings.
AUTOMATED DECISION MAKING AND PROFILING
Automated Decision Making refers to a decision which is taken solely on the basis of automated processing of your personal data. This means processing using, for example, software code or an algorithm, which does not require human intervention. As Profiling uses automated processing, it is sometimes connected with automated decision making. Not all profiling results in automated decision making. Hard Rock does not use any automated decision making or profiling in its business processes.
ACCESS, CORRECTION, PORTABILITY AND CHOICE
You have choices about the collection, use, and sharing of your personal information, including:
• Deletion: You can request that we erase or delete all or some of your Personal Information (e.g., it is no longer necessary to provide services to you).
• Change or Correct: You can review and edit your Personal Information by visiting your account. Please note that Personal Information supplied by you on your account can be accessed by you online at any time and at no charge.
• Object to or Restrict Use: You can request that we stop using some or all of your Personal Information or restrict our use of your Personal Information.
• Access and/or Take: You can request a copy of your Personal Information.
• Right to Portability – provides the ability to request Personal Information in machine readable format (i.e. CSV).
• Withdrawing Consent: If we have collected or processed your personal information with your consent, you may withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information based on other lawful processing grounds.
If you request access, correction, amendment or deletion of your Personal Information and you have more than one account with us, you will need to instruct us on each account separately. Reasonable access to Personal Information will generally be provided within thirty (30) calendar days at no cost to you, subject to limited exceptions prescribed by law or excessive requests. For your protection, we may need to verify your identity before fulfilling your request. Please note that we may need to retain certain information for recordkeeping purposes or to complete transactions that occurred prior your request. We will also retain your personal information if reasonably necessary to comply with our legal obligations, meet regulatory requirements, resolve disputes, maintain security, prevent fraud and abuse, and enforce the Terms and Conditions of Use.
We may also need to retain your Personal Information if required by gaming industry regulations, federal tax statutes and other legal requirements (e.g., information on our customers who self-report; tax reporting documents; player winnings, and any statistics, reports or listings that are required to protect our casino properties). We do not retain personal data longer than is necessary to fulfil the processing purposes as set out in this Privacy. To determine the exact retention period, we take into account applicable minimum data retention obligations, guidance issued by data protection authorities and statute of limitations under applicable law(s). We aim to keep our information about you as accurate as possible. If you would like to access, update, review or change the details you have supplied us with, please contact us as set out below or complete this form.
HOW WE SHARE YOUR INFORMATION AND WHO WE SHARE IT WITH
During the course of business, we may disclose, transfer or otherwise make available your Personal Information to our affiliates and third-party service providers who have been legally contracted to provide services on our behalf, and are prohibited from using it for any other purpose. Whenever third-parties service providers process your Personal Information on our behalf we will enter into a data processing agreement with them, or make use of Privacy Shield certified partners, to guarantee the same level of protection and confidentiality of your Personal Information. Our websites and Apps may contain links to third parties’ websites whose privacy policies may differ from those of Hard Rock, which we recommend you carefully review and consider. We cannot be responsible for the privacy policies and practices of other websites or Apps even if you access them using links from our websites.
In addition, we may share your Personal Information with local, state, federal and foreign governmental authorities to comply with legal, regulatory or administrative requirements, or to an investigative body in the case of a breach of an agreement or contravention of law, or as otherwise required by Canadian, US or other law. We may also disclose your Personal Information where necessary for the establishment, exercise or defense of legal claims, to investigate or prevent actual or suspected loss or harm to persons or property, or as otherwise permitted by law.We may transfer your Personal Information as an asset in connection with the sale or transfer of all or part of the Hard Rock business (including transfers made as part of insolvency or bankruptcy proceedings) or as part of a corporate reorganization or other change in corporate control.
HARD ROCK THIRD-PARTY DISCLOSURE POLICY
We may, under limited circumstances, send you offers for related products or services from affiliated Hard Rock companies or jointly offered by Hard Rock together with select third parties. These offers are sent only to those users who have given their consent to receiving marketing materials from Hard Rock.
TRANSFER OF PERSONAL INFORMATION
As we operate internationally, and provide you with relevant services through resources and servers around the globe, sharing your data cross-border is essential for you to receive our services. For technical and organizational reasons and in the context of our digital cloud infrastructure, data we collect may be transferred internationally throughout Hard Rock's worldwide organization and to Hard Rock’s headquarters in the United States or in a country outside of the country where it was originally collected or outside of your country of residence or nationality. Some of these jurisdictions, including the United States, may not provide the same level of privacy protection as your local jurisdiction. You therefore acknowledge and agree that Hard Rock may transfer your data globally, so that you can use our services. If you do not consent to such transfer, we may not be able to provide you certain services or respond to your inquiries.
EU/US PRIVACY SHIELD COMPLIANCE
Hard Rock complies with the EU/US Privacy Shield framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of Personal Information from European Union member and treaty countries, and the United Kingdom. We have certified that we adhere to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. If there is any conflict between the policies in this Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program and to view our certification page, please visit https://www.privacyshield.gov.
In compliance with the EU/US Privacy Shield Principles, Hard Rock commits to resolve complaints about your privacy and our collection or use of your Personal Information. European Union citizens with inquiries or complaints regarding this Policy should first contact firstname.lastname@example.org or Hard Rock Cafe International (USA), Inc. c/o Seminole Hard Rock Support Services, LLC Attn: Data Protection Office (DPO) 5701 Stirling Road Davie, FL 33314. Please include your name, address and phone number or e-mail in all communications and state clearly the nature of your request or concern. If you wish to make a request to access the personal information, we collect and store about you, complete this form.
Hard Rock Cafe International (USA), Inc. has provided a private sector independent recourse mechanism (located in the United States) to investigate and expeditiously resolve individual complaints and disputes. This dispute mechanism will cover all personal data except for human resource data. For more information, visit the website for ICDR®/AAA® EU-U.S. Privacy Shield: International Centre for Dispute Resolution®, the international division of the American Arbitration Association® (ICDR/AAA) at go.adr.org/privacyshield.html. The services of ICDR/AAA are provided at no cost to you. Under certain limited conditions and as a last resort, the individual can invoke binding arbitration. The Federal Trade Commission has jurisdiction over Hard Rock’s compliance with the Privacy Shield. If Hard Rock transfers your personal data to a third party, we will ensure the third party is contractually obligated to process your data only for limited, specific purposes consistent with this policy, to apply the same level of protection to that data as the EU-U.S. Privacy Shield Principles, and notify us if it makes a determination that it can no longer meet this obligation. Upon notice, Hard Rock will take reasonable and appropriate steps to stop and remediate unauthorized processing. In cases of onward transfer to third parties of data received pursuant to the EU-US Privacy Shield, Hard Rock is potentially liable.
Our services are not directed to minors, and we request that they do not provide personal data through our services. If we become aware that we have processed personal data of a minor without the valid and express consent of a parent or guardian, we will delete such personal data.
HOW WE ENSURE THE SECURITY OF YOUR DATA
We have implemented appropriate technical and organizational measures to protect your personal data against loss, alteration or any form of unlawful use. Where appropriate, your personal data will be encrypted and securely stored. Access to your personal data by our staff is restricted on a need-to-know basis. Whenever third-parties process your personal data on our behalf we will enter into a data processing agreement with them to guarantee the same level of protection and confidentiality of your personal data. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. Any transmission of Personal Information is at your own risk.
HOW TO CONTACT US
You may address all communications to Hard Rock Cafe International (USA), Inc., Seminole Hard Rock Support Services, LLC, Attn: Data Protection Office (DPO), 5701 Stirling Road, Davie, Florida 33314, e-mail email@example.com, or complete this form. Please include your name, address and phone number or e-mail in all communications and state clearly the nature of your request.
If we make any changes to our Policy, we will post the updated Policy, on an updated homepage link, and may post it to other places we deem appropriate.