PRIVACY POLICY

Last updated: June 2022

Hotels at Home Worldwide, Inc. (“Hotels at Home,” “we,” “us,” or “our”) operates the https://bellagioathome.com website (the “Website”). This page provides our Privacy Policy because we know that you, like us, care about how your information is collected, used, shared, retained and secured. This Privacy Policy applies to information collected when you visit our Website or access or use services (“Services”) that we make available from time to time through our Website (collectively, the Website and Services hereinafter our “Platform”).

By using our Platform, you agree to the terms of this Privacy Policy and our Terms of Use and consent to the collection, use and disclosure practices, and other activities as described in this Privacy Policy. If you do not agree and consent, discontinue use of the Platform. Unless otherwise defined in this Privacy Statement, terms used in this Privacy Statement have the same meanings as in our Terms of Use.

If you are a Nevada Resident, California Resident, or a data subject in Europe, please see respectively the “Additional Disclosures for Nevada Residents,” “Additional Disclosures for California Residents,” and “Additional Disclosures for People in Europe” sections below. If you have any questions or wish to exercise your rights and choices, please contact us as set out in the “Contact Us” section.

Definitions:

Personal Data
Personal Data means data about a living individual who can be identified from those data (or from those and other information either in our possession or likely to come into our possession).

Usage Data
Usage Data is data collected automatically either generated by the use of the Platform or from the Platform infrastructure itself (for example, the duration of a page visit).

Cookies
Cookies are small pieces of data stored on your device (computer or mobile device).

Data Controller
Data Controller means the natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal information are, or are to be, processed. For the purpose of this Privacy Policy, we are a Data Controller of your Personal Data.

Data Processors (or Service Providers)
Data Processor (or Service Provider) means any natural or legal person who processes the data on behalf of the Data Controller. We may use the services of various Service Providers in order to process your data more effectively.

Data Subject (or User)
Data Subject is any living individual who is using our Platform and is the subject of Personal Data.

Types of Data Collected

We collect information about you when you use the Platform, including information you provide when you register an account, access our content, update your profile, participate in a promotion, make a purchase or contact our customer support. This information may include personal information as outlined below.

Here is a listing of the information that we collect, how we collect the information, and how we use and share that information, including the categories of information we collect:

PERSONAL DATA WE COLLECT

While using our Platform, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you ("Personal Data"). Personally identifiable information may include, but is not limited to:

  • Email address
  • First name and last name
  • Phone number
  • Address, State, Province, ZIP/Postal code, City
  • Cookies and Usage Data

THE WAYS WE MAY COLLECT YOUR PERSONAL DATA

The Information You Provide to Us
Billing Information and Transaction Information. As an eCommerce website, we provide paid products and/or services within the Platform. In that case, we use third-party payment processors. We will not store or collect your payment card details. That information is provided directly to our third-party payment processors whose use of your personal information is governed by their Privacy Policy. These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information.

Content. When applicable, we may collect information regarding the content you send to us as part of our Platform, including content within any messages you send to us (such as feedback and questions to customer support).

Other Information You Voluntarily Provide. If you choose to voluntarily provide other information to us that we do not request, in such instances, you are solely responsible for such information.

The Information Collected Automatically From You
We automatically collect information when you use the Services, which may include personal information. The categories of information we automatically collect and have collected in the last 12 months include:

Service Use Data. This may include data about pages you visit, features you use, the time of day you use the Services, products and services you view and purchase, and your referring and exiting pages.

Geo-locational Information. Certain features and functionalities of the Platform may be based on your location. You may decline to allow us to collect such information by adjusting your browser settings, in which case we will not be able to provide certain features or functionalities to you. We use various current tracking technologies to automatically collect information when you use the Services, including the following:

Cookies. Like most websites, we use automatic data collection technology when you visit our Website to collect information that identifies your computer. This comprises information about your operating system, your IP addresses, browser type and language, referring pages and URLs, keywords, date and time, and what sections of our Platform you visit (the “usage information”). You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.

Examples of Cookies we use:

  • Session Cookies. We use Session Cookies to operate our Service.
  • Preference Cookies. We use Preference Cookies to remember your preferences and various settings.
  • Security Cookies. We use Security Cookies for security purposes.
  • Pixels. Pixels are also known as web beacons, code embedded in a website, video, email or advertisement that sends information about your use to a server. Pixels are used in combination with cookies to track activity by a particular browser on a particular device.

AGGREGATE OR DE-IDENTIFIED DATA.

To better understand users of our Platform, we might use information, including information that has been aggregated or de-identified to operate, maintain, manage, and improve our Platform. This aggregated or de-identified information does not identify you personally. We may use and share this aggregated or de-identified data for any purpose except as prohibited by applicable law.

USE OF DATA

Hotels at Home uses the collected data for various purposes:

  • To provide and maintain our Platform
  • To fulfill any other purpose for which you provide it
  • To notify you about changes to our Platform
  • To allow you to participate in interactive features of our Platform when you choose to do so
  • To provide customer support
  • To gather analysis or valuable information so that we can improve our Platform
  • To monitor the usage of our Platform
  • To detect, prevent and address technical issues
  • To provide you with news, special offers and general information about other goods, services and events which we offer that are similar to those that you have already purchased or enquired about unless you have opted not to receive such information
  • In any other way we may describe when you provide the information
  • For any other purpose with your consent

We may also use your Personal Data to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send.

RETENTION OF DATA

Hotels at Home will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.

Hotels at Home will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our Platform, or we are legally obligated to retain this data for longer time periods.

TRANSFER OF DATA

Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.

If you are located outside United States and choose to provide information to us, please note that we may transfer the data, including Personal Data, to United States and other jurisdictions. Data protection laws in the US and other jurisdictions may be different from those of your country of residence. Your use of the Platform, decision to provide data to us, or to allow us to collect data through our Platform, constitutes your acknowledgement that we are processing your data in the United States and other jurisdictions, and your consent to the transfer to and from, processing, usage, sharing, and storage of information about you in the US and other jurisdictions as set out in this Privacy Policy even though the standards of data protection and privacy available in the United States and other jurisdictions may not be the same or as high as the standards in your home country. Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

SECURITY OF DATA

The security of your data is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. Hotels at Home will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information. However, while we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.

SHARING YOUR INFORMATION

We share information, which may include personal information, that we collect in accordance with the practices described in this Privacy Policy. The types of entities to whom we disclose and may have shared information with in the last 12 months, include the following:

  • Partners. We share information with our partners in connection with offering co-branded services, selling or distributing our products, or engaging in joint marketing activities.
  • Business Transfers. We share information in the event of, or during negotiations of, any proposed or actual merger, reorganization, dissolution or similar corporate event, the sale of all or any portion of our assets, or transfer of all or a portion of our business to another business.
  • Disclosure to Public Authorities. Under certain circumstances, We may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g., a court or a government agency, etc.). We also share information to protect the rights, property, life, health, security and safety of us, the Services or anyone else.
  • Disclosure for Law Enforcement. Under certain circumstances, Hotels at Home may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g., a court or a government agency).
  • Service Providers. We may hire other companies to process information on our behalf for our business purposes. We share information with service providers but only to the extent needed to enable them to provide such services. We contractually prohibit our service providers from retaining, using, or disclosing information about you for any purpose other than performing the services for us and require they provide at least the same level of privacy protection as set forth in this Privacy Policy and implemented by us. Examples of Service Provider include, but are not limited to:
    • Analytics And Advertising. We may use one or more analytics services (such as Google Analytics) to evaluate your use of the Platform, compile reports on activity based on our partners’ collection of IP addresses, internet service provider, browser type, and other similar usage information. These partners use cookies to collect this usage information. By accessing and using the Platform, you consent to the processing of data about you by these other entities in the manner and for the purposes set forth in this Privacy Policy. We share your usage and contact information with third parties for our internal marketing or advertising purposes, such as technology services for ad distribution and ad optimization (defined as the tailoring, targeting (i.e., behavioral, contextual, and retargeting), analyzing, managing, reporting, and optimizing of ads). You may opt-out of the tailoring of advertising based on information we collect. We also use technology services (for example, Google AdWords) to advertise to users of our Platform on websites owned or operated by other entities. This means that we advertise to previous visitors to the Website who have not completed a task on the Website, such as leaving un-purchased items in your shopping cart. For Google AdWords, you can set preferences for how Google advertises to you using the Google Ad Preferences page, and if you want to you can opt out of interest-based advertising entirely by cookie settings or permanently using a browser plugin. For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy?hl=en
    • Payments. We provide paid products and/or services within the Platform. We use third-party services for payment processing (e.g., payment processors). We will not store or collect your payment card details. That information is provided directly to our third-party payment processors whose use of your personal information is governed by their Privacy Policy. These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information.

LINKS TO OTHER SITES

Our Platform may contain links to other sites that are not operated by us. If you click on a third-party link, you will be directed to that third party's site. We strongly advise you to review the Privacy Policy of every site you visit.

We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.

CHILDREN'S PRIVACY

Our Platform is not intended for children under 18 years of age. No one under age 18 may provide any information to the Platform. We do not knowingly collect personal information from children under 18. If you are under 18, do not use or provide any information on this Platform or through any of its features, register on the Platform, make any purchases through the Platform, use any of the interactive or public comment features of this Platform, or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or username you may use. If we learn we have collected or received personal information from a child under 18 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 18, please contact us using the form available at https://bellagioathome.com/contact-us.aspx.

CHANGES TO THIS PRIVACY POLICY

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

ADDITIONAL DISCLOSURES FOR NEVADA RESIDENTS.

Nevada law (NRS 603A.340) requires each business to establish a designated request address where Nevada consumers may submit requests directing the business not to sell certain kinds of personal information that the business has collected or will collect about the consumer. A sale under Nevada law is the exchange of personal information for monetary consideration by the business to a third party for the third party to license or sell the personal information to other third parties. If you are a Nevada consumer and wish to submit a request relating to our compliance with Nevada law, please contact us using the form available at https://bellagioathome.com/contact-us.aspx.

ADDITIONAL DISCLOSURES FOR CALIFORNIA RESIDENTS.

These additional disclosures for California residents apply only to individuals who reside in California. The California Consumer Privacy Act of 2018 (“CCPA”) provides additional rights to know, delete and opt out, and requires businesses collecting or disclosing personal information to provide notices and means to exercise rights.

  • 1. Notice of Collection.

    As described in this Policy, and as set forth below, we collect the following categories of personal information, as enumerated in the CCPA:

    • a. Identifiers, including name, email address, phone number account name, IP address, and an ID or number assigned to your account.
    • b. Customer records and billing and shipping addresses
    • c. Demographics, such as your age or gender. This category includes data that may qualify as protected classifications under other California or federal laws.
    • d. Commercial information, including purchases and engagement with the Services.
    • e. Internet activity, including your interactions with our Services.
    • f. Geolocation data, including location enabled services such as WiFi and GPS.
    • g. Inferences, including information about your interests, preferences and favorites.

    Please review the Information Collection and Use section above for more information on, in the preceding 12 months, (1) how we have used and may use your personal information; (2) who we shared your personal information with; and (3) what sources we obtained your personal information from. We collect and use these categories of personal information for the business purposes described in the Purpose of Collection and Use section, including to provide and manage our Services. Some of our sharing may be a “sale” under the CCPA, of which you have a right to opt out, as explained below. Specifically, such “sale” may include advertising technology activities such as those disclosed in the Analytics and Advertising section. We disclose the following categories of personal information for commercial purposes: identifiers, demographic information, commercial information, internet activity, geolocation data and inferences. We use and partner with different types of entities to assist with our daily operations and manage our Service. Please review the Sharing Your Information section for more detail about the parties we have shared information with.

  • 2. Right to Know and Delete.

    If you are a California resident, you have the right to delete the personal information we have collected from you and the right to know certain information about our data practices in the preceding 12 months. In particular, you have the right to request the following from us:

    • a. The categories of personal information we have collected about you.
    • b. The categories of sources from which the personal information was collected.
    • c. The categories of personal information about you we disclosed for a business purpose or sold.
    • d. The categories of third parties to whom the personal information was disclosed for a business purpose or sold.
    • e. The business or commercial purpose for collecting or selling the personal information; and
    • f. The specific pieces of personal information we have collected about you.

    To facilitate your exercise of these rights, you may email us using the form available at https://bellagioathome.com/contact-us.aspx for more information. We will not use the information you provide as part of your request for any other purpose other than to fulfill your request.

    In any emailed request, please specify which right you are seeking to exercise and the scope of the request. We will confirm receipt of your request within 10 days. We may require specific information from you to help us verify your identity and process your request. If we are unable to verify your identity, we may deny your requests to know or delete.

  • 3. Right to Opt-Out.

    Under the California Consumer Privacy Act, you have the right to opt-out of the “sale” of your personal information by us to third parties at any time (and non-California residents may exercise the opt-out rights described above in this Policy). You may submit a request to opt-out by emailing us using the contact form available at https://bellagioathome.com/contact-us.aspx. You may also submit a request to opt-out by calling us toll-free at 1-877-650-1690.

    We participate in the Interactive Advertising Bureau’s CCPA Compliance Framework for Publishers & Technology Companies (“IAB Framework”). This means that where you exercise your right to opt-out of the sale your personal information by emailing us using the form available at https://bellagioathome.com/contact-us.aspx, to the extent we sell your personal information in order to deliver ads tailored to your interests, we will notify downstream participants of the IAB Framework that receive personal information about you to only use your personal information for the limited purposes that are permitted under the IAB Framework.

    We are not, however, responsible for any downstream participants’ compliance with the IAB Framework or the accuracy of their privacy policies or statements regarding their opt-out options or programs.

  • 4. Authorized Agent.

    You can designate an authorized agent to submit requests on your behalf. However, we will require written proof of the agent’s permission to do so and verify your identity directly.

  • 5. Right to Non-Discrimination.

    You have the right not to receive discriminatory treatment by us for the exercise of any your rights.

  • 6. Shine the Light.

    Pursuant to Section 1798.83 of the California Civil Code, residents of California have the right to obtain certain information about the types of personal information that companies with whom they have an established business relationship (and that are not otherwise exempt) have shared with third parties for their direct marketing purposes during the preceding calendar year. If you wish to submit a request pursuant to Section 1798.83 of the California Civil Code, please contact us via email at https://bellagioathome.com/contact-us.aspx and specify that you are making a “California Shine the Light Request.” We may require additional information from you to allow us to verify your identity and are only required to respond to requests once during any calendar year.

California Online Privacy Protection Act
We do not support Do Not Track (“DNT”). Do Not Track is a preference you can set in your web browser to inform websites that you do not want to be tracked. You can enable or disable Do Not Track by visiting the Preferences or Settings page of your web browser. In addition to the rights as explained in this Policy, California residents who provide Personal Information (as defined in the statute) to obtain products or services for personal, family, or household use are entitled to request and obtain from us, once a calendar year, information about the Personal Information we shared, if any, with other businesses for marketing uses. If applicable, this information would include the categories of Personal Information and the names and addresses of those businesses with which we shared such personal information for the immediately prior calendar year (e.g., requests made in the current year will receive information about the prior year). To obtain this information please contact us here.

ADDITIONAL DISCLOSURES FOR DATA SUBJECTS IN EUROPE (GDPR)

If you are from the European Economic Area (EEA), Hotels at Home’s legal basis for collecting and using the personal information described in this Privacy Policy depends on the Personal Data we collect and the specific context in which we collect it.

Hotels at Home may process your Personal Data because:

  • We need to perform a contract with you
  • You have given us permission to do so
  • The processing is in our legitimate interests and it's not overridden by your rights
  • For payment processing purposes
  • To comply with the law

If you are a resident of the European Economic Area (EEA), you have certain data protection rights. Hotels at Home aims to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data.

If you wish to be informed what Personal Data we hold about you and if you want it to be removed from our systems, please contact us here.

In certain circumstances, you have the following data protection rights:

  • The right to access, update or to delete the information we have on you. Whenever made possible, you can access, update or request deletion of your Personal Data by contacting us at https://bellagioathome.com/contact-us.aspx
  • The right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete.
  • The right to object. You have the right to object to our processing of your Personal Data.
  • The right of restriction. You have the right to request that we restrict the processing of your personal information.
  • The right to data portability. You have the right to be provided with a copy of the information we have on you in a structured, machine-readable and commonly used format.
  • The right to withdraw consent. You also have the right to withdraw your consent at any time where Hotels at Home relied on your consent to process your personal information.

Please note that we may ask you to verify your identity before responding to such requests.

You have the right to complain to a Data Protection Authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority in the European Economic Area (EEA).

CONTACT US

If you have any questions about this Privacy Policy, please contact us: