groups360_logo_black
Get in Touch

Groups360 – GroupSync Privacy Policy 

This Privacy Policy was last updated 9/25/24.

Groups360 LLC, dba Groups360, (“Groups360”, “we”, “our”, or “us”) values our relationship with you and takes your privacy seriously. The purpose of this GroupSync Privacy Policy (this “Privacy Policy”) is to identify how we may process, collect, store, disclose, and use (collectively, “use”) the data that we collect from you in connection with your use of our GroupSync software and related meeting planning software and services, which are made available through our website, http://g360staging.wpengine.com (collectively, our “Services”). This Privacy Policy also identifies your rights with respect to your Personal Information, all as described in more detail below.

Please read this Privacy Policy carefully and in its entirety. We may update or modify this Privacy Policy at any time by posting the amended version and including the effective date of the updated version. We will announce any material changes to this Privacy Policy by posting the amended version on our website and providing a notification upon login to our Services. By accessing and/or using our Services, you accept and agree to the terms of this Privacy Policy and the use of your data and Personal Information (defined below) as described in this Privacy Policy. If you do not agree to be bound by this Privacy Policy or any subsequent modifications, you should not access or use our Services or disclose any Personal Information through any of our Services.

Your privacy and the security of your Personal Information is, and will always be, important to us. We want to transparently explain how and why we gather, store, disclose, and use your Personal Information, as well as outline the controls and choices you have around when and how you choose to share Personal Information.

This Privacy Policy contains the following information, which you can access by scrolling down:

Our Role With Respect to Your Personal Information.

There is Personal Information that we process for our own purposes and Personal Information that we process on behalf of our customers, i.e., companies utilizing our Services, including operators and brand affiliates of hotels and other business affiliates (“Customers”). This means that we do not always have the same degree of decision-making with respect to why and how each piece of Personal Information will be processed.

Regarding the Personal Information processed on behalf of our Customers to perform the Services, we process Personal Information as “service providers” or data processors on behalf of those Customers. Where you give your Personal Information to one of our Customers or where we collect your Personal Information on their behalf, our Customer’s privacy policy, rather than this Privacy Policy, will apply to our processing of your Personal Information.

Other Personal Information, such as information provided to create an account or explore our websites, is processed for our own purposes. We decide the purposes and means of processing, and consequently act as a data controller or “business.”

The Information We Collect About You.

We obtain information about you and your use of our Services when you provide it voluntarily and also automatically when you use the Services. For example, we collect information from you when you register a user account with us, execute an Order Form for our Services, make a booking using our Services, or sign up to receive communications from us. We collect information through any correspondence that you provide to us whether through email, mail, phone calls, or through our Services. The information we collect can include Personal Information or non-personal information, which is information that does not identify or relate to an individual.

Personal Information” is information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

Information that you provide or that we otherwise collect might include, but is not limited to, the following categories:

  • Identifiers: first and last names; mailing address; email address; telephone number; and Internet Protocol (IP) address.

  • Professional or Employment-related Information: job title and company.

  • User Data: data or other information entered voluntarily into a contact form via the Services that personally identifies you.

  • Internet or Other Electronic Network Activity Information:

    • Browse history. Data about the webpages you visit.

    • Search history. Data about the search terms you enter.
    • Device, connectivity, and configuration data. Data about your device and nearby networks, including regional and language settings.

  • Financial Information: your name; billing address; and payment information (including credit or debit card number and type, and expiration date).

  • Geolocation Data: data about your device’s location, which may be inferred from your IP address.

We do not consider Personal Information to include information that can no longer be used to identify a specific natural person, whether in combination with other information or otherwise.

When and how we collect your information

Most of the Personal Information we receive relates to your use and participation in our Services either as part of performing your job duties for your employer or employing organization, which has licensed the Services from us, or on your own behalf. Generally, you control the amount and type of information you voluntarily provide to us when using the Services. We will offer you choices when we ask for Personal Information whenever reasonably possible. In some instances, we automatically collect certain types of information when you use our Services or correspond with us. Automated technologies may include the use of web server logs to collect IP addresses, “cookies” and web beacons. You may learn more about our use of cookies through our Cookie Policy and by reviewing the “Usage Information or other Internet or other Electronic Network Activity Information row of the table describing how we may collect and use your information below.

Information Third Parties Provide About You.

We may collect or receive certain Personal Information about you from third parties in connection with our Services, including from the following sources:

  • Service providers (e.g., hosting providers, customer service providers, and payment processors);

  • Email, chat, and other communications service providers;

  • Marketing and/or promotion providers;

  • Social Media Platforms (as defined below); and

  • Data analytics service providers.

We may also receive Personal Information about you from owners, operators, and brand affiliates of hotels and other business affiliates, including in order to complete a request or reservation booking on your behalf.

How We May Collect and Use Your Information.

We may collect the following categories of Personal Information from you, depending on your interactions with our Services and the choices you make, and we will only use your Personal Information for the purposes identified below, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose as further described in the chart below:

Information collected through use of our Services
Categories of Information Description of Category Categories of Sources Business or Commercial Purpose for Collection Disclosed for a Business Purpose? Categories of Third Parties with Whom we Disclose for a Business Purpose (discussed further in “How We Use Personal Information That We Collect for Business or Commercial Purposes” below)
Account Registration Information (Identifiers, Professional or Employment- related Information, User Data, Internet, or Electronic Network Activity Information)

This is the Personal Information that is provided by you or collected by us to enable you to log in and access your account and our Services. This may include your name, email address, phone number, location, job title, department, and company, as well as your username and password.

Some of the Personal Information we will ask you to provide is required in order to create your account. You also have the option to provide us with some additional Personal Information in order to make your account more personalized.
  • Direct contact with users through the Services, phone, email, and web forms.
  • To provide, maintain, and improve our Services in accordance with our contract with you (the Groups360 End User License Agreement).
  • To respond to your questions and requests.
  • To create, maintain, and personalize your account with us, e.g. providing customized content, recommendations, support, and features through our Services.
  • To notify you about changes to our Services.
  • To allow you to participate in interactive features of our Services.
  • To contact you with newsletters, marketing or promotional materials and other information that may be of interest to you.
  • Yes
  • Service providers
  • Data analytics providers
  • Buyers, successor of our business, or our affiliates
Booking Information (Identifiers, Financial Information, User Data)

If you make a booking through our Services, we may request certain information from you, including name, email address, phone number, mailing address, location, Payment Information (as described below), and hotel loyalty program or membership information. You may also choose to provide information about other people, such as those traveling with you or others you are making a booking on behalf of.

  • Direct contact with users through the Services, phone, email, web form, and social media.
  • From subsidiaries and affiliates and third parties.
  • To provide our Services and complete the requested transaction.
  • To contact you with questions or issues related to your purchase.
  • To contact you with newsletters, marketing or promotional materials and other information that may be of interest to you.

 
  • Yes
  • Service providers
  • Hotel employers, hotel owners, and other business affiliates
  • Data analytics providers
  • Buyer, successor of our business, or our affiliates
Payment Information (Identifiers, Financial Information)

If you conduct a financial transaction through our Services, we will request certain information from you, including Booking Information (as described above) and financial information. Financial transactions through our Services may be handled by a third party. The exact Personal Information will vary depending on the payment method and the country in which you are located but may include information such as:

  • Name;

  • Credit or debit card type, expiration date, and your card number;

  • Billing address;

  • Postal code; and

  • Phone number.
  • Direct contact with users through the Services, phone, email, and web form.
  • From subsidiaries and affiliates and third parties.
  • To provide our Services and complete the requested transaction.
  • To contact you with questions or issues related to your purchase.

 

 

 

 

 

 
  • Yes
  • Service providers (including payment processors)
  • Hotel employers, hotel owners, and other business affiliates
  • Buyer, successor of our business, or our affiliates
Location Information (Identifiers, User Data, Geolocation Data)

We may collect general location information if you use features on our Services that provide location-based services.
  • From the Services.
  • From subsidiaries, and affiliates and third parties.
  • To provide you with location-based services.
  • To monitor the usage of our Services.
  • To gather analysis and assess trends and interests.
  • Yes
  • Service providers
  • Data analytics providers
  • Buyer, successor of our business, or our affiliates
Usage Information or other Internet or other Electronic Network Activity Information

This can be Personal Information and non-personal information that is collected about you when you are using our Services, and this may include:

  • Information about your interactions with our Services, which includes the date and time of any information you enter into our Services, and your interactions with other users of our Services.
  • User content you post to our Services including messages you send and/or receive through our Services and your interactions with our customer service team.
  • Technical data, which may include URL information, cookie data, web beacons and other tracking technology information, your IP address, the types of devices you are using to access or connect to our Services, unique device IDs, device attributes, network connection type (e.g., Wi-Fi, 3G, LTE, Bluetooth) and provider, network and device performance, browser type, language, and operating system. Further details about the technical data that is processed by us can be found below.

Our Services, and our third-party service providers, may use Cookies (as defined below), unique identifiers and similar technologies to collect information about the pages you view, our Services’ functions that you access, the buttons and icons you click, and to remember your login session and Services settings to make it easier and more efficient for you to use our Services.
  • From the Services.
  • From subsidiaries, affiliates, and third parties.
  • To create, maintain, and personalize your account with us.
  • To assist in registration, login, and your ability to provide feedback.
  • To provide information to you that may be helpful and useful to you based upon your use of our Services.
  • To provide, maintain, and improve our Services.
  • To monitor the usage of our Services.
  • To allow you to participate in interactive features of our Services.
  • To gather analysis and assess trends and interests.
  • To detect, prevent, and address technical issues and provide customer support.
  • To provide you with advertising content in which we think you will be interested. As part of this customization, we may observe your behaviors on the Services or on other websites.
  • To help maintain and monitor the safety, security, and integrity of our Services.
  • Yes
  • Service providers
  • Data analytics providers
  • Buyer, successor of our business, or our affiliates
Anonymized Information

We use information that may be created or derived from your Personal Information or usage of our Services that has been anonymized and aggregated, and we may use such non-personally identifiable usage information for purposes that may include data analysis, improving our Services, advertising, and developing new features and functionality within our Services.
  • From the Services.
  • From subsidiaries, affiliates, and third parties.
  • To provide, maintain, and improve our Services.
  • To monitor the usage of our Services.
  • To gather analysis and assess trends and interests.
  • To provide relevant and interesting advertising content.
  • To detect, prevent, and address technical issues.
  • To help maintain the safety, security, and integrity of our Services and technology assets.
  • Yes
  • Data analytics service providers
  • Buyer, successor of our business, or our affiliates

Legal Basis for Processing.

To use your Personal Information, we must have a valid reason, which under some laws is called the “lawful basis for processing” or “legal grounds for processing.” When we act as a data controller, we may process your Personal Information based on these reasons:

 

  • Your Consent: We will use your Personal Information if you explicitly indicate that it is okay for us to do so. This includes, for example, where you consent to us placing non-essential cookies on your device.

    • Where we need to disclose sensitive Personal Information to a third party, or use it for a purpose other than those for which it was originally collected or subsequently authorized by you through your opt-in choice, we will obtain your affirmative, express consent. Additionally, any Personal Information received from a third party that is identified and treated as sensitive by that third party will also be treated as sensitive by us. Sensitive Personal Information may include Personal Information specifying medical or health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, or information specifying an individual’s sex life.

  • Keeping our Agreement Obligations: This includes using your Personal Information to fulfill our agreement with you by, for example, responding to your support requests.

  • Legitimate Business Interests: We may use your Personal Information because we believe it is in our best interest or the interest of someone else. Legitimate business interests work when we use your Personal Information in ways that are justifiable and do not significantly intrude on your privacy, or when we have a specific reason for using your Personal Information. What that normally means for us:

    • Service Improvement: We may use data to enhance our content and Services to make them more useful and user-friendly.
    • Research and Development: Using aggregated and anonymized data to conduct research on trends and user behavior to improve our content and Services.
    • Marketing and Promotion: Promoting our content and Services to a wider audience; providing tailored recommendations based on user data; and keeping users, persons of interest, and others informed about updates, new features, and content that may interest them.
    • Security and Fraud Prevention: Protecting our users, partners, Services, and operations from security threats, fraud, and abuse.
    • Legal Compliance: Ensuring compliance with relevant laws and regulations.
    • Business Operations: Managing day-to-day operations and ensuring our sustainability and growth.

  • Internet or Other Electronic Network Activity Information:

    • Browse history. Data about the webpages you visit.

    • Search history. Data about the search terms you enter.
    • Device, connectivity, and configuration data. Data about your device and nearby networks, including regional and language settings.

  • Following the Law: This includes processing your Personal Information to follow the law, such as keeping records of your consent or when you exercise your privacy rights.

  • Other Reasons: This includes using your Personal Information for any other reason that the law allows.

If we use legitimate business interests as the reason for using your Personal Information, you can ask us for more details about why we do so by contacting us as provided in the “How to Contact Us” section below.

Where we process your Personal Information based on your consent, you may withdraw it at any time; however, this will not affect the lawfulness of our processing before you withdrew your consent. It will also not affect processing performed on other lawful grounds.

Where we receive your Personal Information as part of performing a contract, we require such Personal Information to be able to carry out the contract. Without that necessary Personal Information, we will not be able to fulfill our contractual duties.

Within the scope of this Privacy Policy, we may also process Personal Information based on the instructions of our Customers. To learn about their legal bases for processing your Personal Information, please read the privacy policies of our Customers.

In the table below, we have set out the reasons why we process your information, the associated legal basis we rely upon to legally permit us to process your information, and the categories of information (identified in the above table) used for these purposes. If we wish to process your existing information for a new purpose other than as stated below, we may inform you of that further processing and provide information surrounding your information’s use.

Why we process your information

Legal basis for the processing purpose (e.g., the business or commercial purpose for collection)

Categories of information used by Groups360 for the processing purpose

To provide our Services to you in accordance with our website Terms of Service, and/or in accordance with our contract with you (the Groups360 End User License Agreement) or our contract with our hotel business partners, as applicable.
  • Keeping our Agreement Obligations

 

 
  • Account Registration Information
  • Booking Information
  • Payment Information
  • Location Information
  • Usage Information

To personalize, and improve your experience with our Services, for example by providing customized or localized content, recommendations, support, and features through our Services.
  • Legitimate Business Interests (service improvement, research and development, and business operations)

 
  • Account Registration Information
  • Booking Information
  • Location Information
  • Usage Information
  • Anonymized Information

To understand how you access and use our Services to ensure technical functionality of our Services, to prevent or investigate security breaches or other potentially prohibited activities, develop new products and services, and analyze your use of our Services, including your interactions with applications or services made available, linked to, or offered through our Services.
  • Legitimate Business Interests (service improvement, security and fraud prevention, research and development, and business operations)
  • Account Registration Information
  • Booking Information
  • Location Information
  • Usage Information

  • Anonymized Information

To communicate with you for Services-related purposes such as regarding support issues, password retrieval, payment, and guides and information about your Services account.
  • Keeping our Agreement Obligations
  • Legitimate Business Interests (service improvement, security and fraud prevention, and business operations)

 
  • Account Registration Information
  • Booking Information
  • Payment Information
  • Usage Information

  • Anonymized Information

To communicate with you, either directly or through one of our service providers, for: marketing, research, to provide email updates, or other promotional purposes, via email, notifications, or other messages, consistent with any permissions you may have communicated to us.
  • Consent, if you are located in the European Union or the United KingdomKeeping our Agreement Obligations
  • Legitimate Business Interests (service improvement, marketing and promotion, research and development, and business operations)
  • Your Consent
  • Account Registration Information
  • Booking Information
  • Location Information
  • Usage Information
  • Anonymized Information

We may use your general location information to provide you with features or other content based on your location.
  • Legitimate interestBusiness Interests (service improvement and business operations)

 
  • Usage Information (Internet or Other Electronic Network Activity Information)

 

We may use information about your use of our Services, including pages viewed, length of user session, and content accessed, in order to compile overall statistics about how users interact with our Services and content they find useful in order to enable us to analyze how our Services are being used and how we can improve them.
  • Legitimate Business Interests (service improvement, and research and development)

 
  • Usage Information (Internet or Other Electronic Network Activity Information)

 

For us to comply with our legal obligations, including assessing compliance with our regulatory requirements, e.g., using user data in the aggregate to assess our obligations under applicable data security and privacy requirements.
  • Following the Law
  • Legitimate Business Interests (legal compliance)
  • Business Operations

 
  • Account Registration Information
  • Booking Information
  • Payment Information
  • Location Information
  • Usage Information
  • Anonymized Information

 

Legitimate interests. Where we rely on legitimate interests as the reason for processing your information, and we carry out a balancing exercise to make sure your rights as an individual are not impacted unnecessarily.

We consider that it is reasonable for us to process your Personal Information for the purposes of our legitimate interests when, on balance, (a) we process your Personal Information only so far as is necessary for such purpose, and your rights and freedoms do not outweigh such purposes, and (b) it can be reasonably expected for us to process your Personal Information in this way. In most cases, the information is being processed for your benefit as well as ours. For example, we have a legitimate interest in processing your Personal Information where:

  • We need the information to respond to your inquiries or to send you information; and

  • We would be unable to provide our Services without processing your information.

How We Use Personal Information That We Collect for Business or Commercial Purposes.

In connection with our Services, we may disclose your Personal Information to the following types of recipients and for the following reasons:

  • Service providers. We use service providers to operate our software and infrastructure, in particular providers which host, store, manage, secure, and maintain our Services, its content, and the data we process. This includes our payment processing providers, hosting providers, communications service providers, human resources and benefits providers, and marketing service providers.

  • Hotel employers, hotel owners and other business affiliates. We may disclose your Personal Information to your employer (or any organization on whose behalf you are accessing and using our Services) to aid such organizations in their business operations and decision making, as well as organizational use of the Services, which may include monitoring and analyzing your use of our Services. We may also disclose your Personal Information to owners, operators, and brand affiliates of hotels you make a reservation with through our Services.

  • Marketing and promotional partners. We may disclose your Personal Information to marketing service providers that we use to communicate with your or to support the promotion and advertising of our Services, including targeted ads on third-party sites.

  • Data analytics providers. We will disclose your Personal Information to create general data analytics regarding usage of our Services on an aggregate basis and without personal identifiers.

    • For example, we use Google Analytics, a service provided by Google Inc., to gather information about how you and other users engage with our Services. For more information about Google Analytics, please visit www.google.com/policies/privacy/partners.

  • Buyer, successor of our business, or our affiliates. We will disclose your Personal Information to any buyer or successor in the event of a merger, reorganization, dissolution, or other sale or transfer of title. We may also disclose your Personal Information to our affiliates and other Groups360 entities.

We will disclose your Personal Information to third parties to the extent required by law or if we have a good-faith belief that such disclosure is necessary in order to comply with official investigations or legal proceedings initiated by governmental and/or law enforcement officials, or private parties, including but not limited to: in response to subpoenas, search warrants, or court orders, where it is necessary in connection with our Services or where we have another legitimate interest in doing so. We will also disclose your Personal Information in order to comply with our legal obligations, including assessing compliance with our regulatory requirements, e.g., using user purchases in the aggregate, including revenues generated in connection with our regulatory tax requirements. If we must disclose your Personal Information in order to comply with official investigations or legal proceedings initiated by governmental and/or law enforcement officials, we may not be able to ensure that such recipients of your Personal Information will maintain the privacy or security of your Personal Information.

We reserve the right to use, transfer, sell, and share aggregated, anonymous data, which does not include any Personal Information, about our users as a group for any legal business purpose, such as analyzing usage trends and seeking compatible advertisers, sponsors, clients, and customers.

Personal Information We Sell or Disclose for Targeted Advertising.

We do not sell Personal Information in the conventional sense (for money). Like many companies, however, we use services that help deliver interest-based ads to you or analyze our website traffic and may transfer Personal Information to business partners for their use. Making Personal Information (such as online identifiers or browsing activity) available to these companies may be considered a “sale” under certain data protection laws. We may disclose the following categories of Personal Information to the categories of third parties listed below for the purpose of targeted or cross-context advertising:

Type of Information Disclosed for Targeted Advertising? Third parties to whom Sold or Disclosed for Targeted Advertising Business or commercial purposes for Selling or Disclosing for Targeted Advertising
Identifiers such as unique personal identifiers, online identifier, Internet Protocol address, or other similar identifiers. Yes Service providers, marketing, and promotional partners, third parties for operational purposes. As described above, e.g., to provide you with products and services and for internal purposes.
Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an Internet Web site, application, or advertisement. Yes Service providers, marketing, and promotional partners. As described above regarding cookies, e.g., for internal purposes and for marketing purposes.

Special Notice to Non-U.S. Users Regarding Data Transfers.

Your information, including Personal Information, may be transferred to – and maintained on – computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction.

If you are located outside the United States and choose to provide information to us, please note that we are a U.S. company, and we transfer information to the United States for processing. Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer. If you are located in the European Union or the United Kingdom, and to the extent the data protection laws in such country are deemed by your country to have inadequate data protection, we have put in place certain measures designed to ensure that your Personal Information is subject to suitable safeguards in such transfer outside the European Union or United Kingdom (e.g., the Data Privacy Framework, the standard contractual clauses, or other data transfer mechanism permitted by applicable law).

Our service providers may be located outside of the United States; however, we will either obtain your explicit consent to transfer your Personal Information to such third parties, or we will require those third parties to maintain at least the same level of confidentiality that we maintain for such Personal Information ourselves. Groups360 remains liable for the protection of your Personal Information that we transfer to our service providers, except to the extent that we are not responsible for the event giving rise to any unauthorized or improper processing.

For more information about the safeguards we have implemented, please contact us by one of the methods listed under “How to Contact Us” below.

Data Privacy Framework.

With respect to Personal Information processed in the scope of this Notice, Groups360 complies with the EU-U.S. Data Privacy Framework (and its UK Extension) and Swiss-U.S. Data Privacy Framework (the “Data Privacy Framework”) as adopted and put forward by the U.S. Department of Commerce regarding the processing of Personal Information. Groups360 commits to upholding the Data Privacy Framework Principles. If there is any conflict between the terms in this Notice and the EU-U.S. Data Privacy Framework Principles and/or the Swiss-U.S. Data Privacy Framework Principles, the Principles shall govern.

To learn more about the Data Privacy Framework, and to view Groups360’s certification, please visit https://www.dataprivacyframework.gov/s/ and https://www.dataprivacyframework.gov/s/participant-search, respectively.

Dispute Resolution
Where a privacy complaint or dispute relating to Personal Information received by Groups360 in reliance on the Data Privacy Framework (or any of its predecessors) cannot be resolved through Groups360’s internal processes, Groups360 has agreed to participate in the VeraSafe Data Privacy Framework Procedure. Subject to the terms of the VeraSafe Data Privacy Framework Dispute Resolution Procedure, VeraSafe will provide appropriate recourse free of charge to you. To file a complaint with VeraSafe and participate in the VeraSafe Data Privacy Framework Dispute Resolution Procedure, please submit the required information here: https://www.verasafe.com/privacy-services/dispute-resolution/submit-dispute/

Binding Arbitration
If your dispute or complaint related to your Personal Information that we received in reliance on the Data Privacy Framework cannot be resolved by us, nor through the dispute resolution program established by VeraSafe, you may have the right to require that we enter into binding arbitration with you pursuant to the Data Privacy Framework’s “Recourse, Enforcement and Liability” Principle and Annex I of the Data Privacy Framework.

Regulatory Oversight
Groups360 is subject to the investigatory and enforcement powers of the United States Federal Trade Commission.

Your Rights Regarding Your Personal Information.

This section summarizes your potential rights as a data subject under data protection laws and suggests how you may best act if you have concerns or questions.

Scope. Data protection laws may afford you, as a data subject, several rights in relation to your Personal Information. Please note that you can only exercise these rights with respect to Personal Information that we process about you when we act as a data controller or as a “business” under data protection laws. This is when Groups360 decides why and how your Personal Information will be processed. To exercise your rights with respect to information processed by us on behalf of one of our Customers, please read the privacy policy of that Customer. If you have a direct relationship with one of our Customers, please contact them to exercise your privacy rights.

Exercise Rights. To exercise these rights, contact us as indicated in the “How to Contact Ussection below.

Communications Opt-Out. You may opt out of our email newsletters by clicking “unsubscribe,” located at the bottom of each newsletter and following the subsequent instructions. You may also opt out of all communications from Groups360 by contacting us as indicated in the How to Contact Ussection below.

Identification Verification. When you exercise your rights, Groups360 may need to confirm your identity to ensure that your Personal Information is not disclosed to an unauthorized person. Consequently, we may require additional information to confirm your identity or authority to exercise a right on behalf of another individual. We may verify your identity by a) verifying your knowledge about Personal Information already maintained by Groups360 that is unlikely to be known by unauthorized individuals; or b) sending a confirmation link, security questions or confirmation code to your contact information already on file. If necessary, we may request additional information from you to verify your identity.

If you are submitting a request on behalf of somebody else, we will need to verify your authority to act on behalf of that individual. When contacting us, please provide us with proof that the individual gave you signed permission to submit this request or a valid power of attorney on behalf of the individual. Alternatively, you may ask the individual to directly contact us to verify their identity with Groups360 and confirm with us that they gave you permission to submit this request.

We will only use the Personal Information you provide us within a request to verify your identity or authority to make the request, or otherwise respond to your request.

Summary of Rights.

  • Right to Know: You can request information from us regarding our data processing activities that concern you, such as how we collect and use your Personal Information, how long we will keep it and who it will be shared with, among other things. We provide this information to you generally in this Privacy Policy. However, if we do not collect the Personal Information directly from you, certain data protection laws exempt us from the obligation to inform you: (i) when providing the information is either impossible or unreasonably expensive; (ii) the gathering and/or transmission is required by law; or (iii) if the Personal Information must remain confidential due to professional secrecy or other statutory secrecy obligations.
  • Right to Access: You can request access to your Personal Information stored or processed by Groups360. Upon that request, Groups360 will provide a copy of the data and information about the processing, to an extent that does not infringe upon the rights of other data subjects or reveal confidential or proprietary information. To the extent Groups360 holds this Personal Information, we will not disclose Social Security numbers, driver’s license numbers or other government-issued identification numbers, financial account numbers, any health insurance or medical identification numbers, account passwords, or security questions and answers. If we have any of the foregoing, we can inform you generally that we possess it, but we may not provide the specific numbers, passwords etc. to you for security and legal reasons.
  • Right to Data Portability: If you request access to Personal Information about you that you yourself have provided, and the Personal Information is being processed automatically based on your consent or in accordance with a contract between you and Groups360, you can request that the data is provided in a structured, commonly used and machine readable format and you can also request that the Personal Information is transmitted to another data controller, if this is technically feasible.
  • Right to Rectification: You have the right to correct inaccurate or incomplete Personal Information. You may also update or change your Personal Information under your account settings. If data has been shared with third parties, Groups360 will inform them of the rectification.
  • Right to Erasure (Right to Be Forgotten): You can request that Groups360 delete your Personal Information under certain circumstances, such as when the data is no longer necessary for the purposes it was collected or if you have withdrawn your consent. In cases where we cannot delete your Personal Information, we will consider whether it is possible to limit how we use it. For example, in certain circumstances, applicable laws bar us from deleting your information.
  • Right to Restrict Processing: You can request the temporary suspension of processing of your data and only use or store your Personal Information for certain purposes, for instance while you contest the accuracy of the data or in connection to a request of deletion or objection to its processing.
  • Right to Object: You can object to the processing of your Personal Information where we rely on a legitimate interest of ours (or of a third party) to process your Personal Information. Also, you have the right to object at any time to the processing of your Personal Information for direct marketing purposes. Groups360 will then either stop processing the data or demonstrate compelling legitimate grounds for the processing. We may need to continue processing your Personal Information to establish, exercise, or defend a legal claim. We also keep a record of any request you make asking us not to send you direct marketing solicitations or not to process your Personal Information for marketing purposes. We keep this record so that we can honor your request into the future.
  • Right to Withdraw Consent: If processing is based on your consent, you have the right to withdraw your consent at any time without affecting the lawfulness of processing based on that consent before you withdrew it. For example, where you have provided us with your consent to communicate with you for promotional purposes, you can withdraw your consent, although depending on the nature of the promotional purpose, it may not be possible to ensure the complete removal of your information related to our previous promotional efforts to which you had consented. If you have given consent for your details to be shared with a third party, and wish to withdraw this consent, please also contact the relevant third party to change your preferences.
  • Right to Opt Out: To exercise the right to opt-out, you (or your authorized representative) may submit a request to us by visiting the following Internet web page link: Your Privacy Choices.
    • Pixels, web beacons: We or our third-party partners may use invisible pixels or beacons on our Services to count how many users access or use certain pages, features, or content. This information is collected and reported in the aggregate. We may use this information to improve our current Services offerings, develop new products or services, and target information to you that may be helpful and useful to you based upon your use of our Services.
    • Cookies: “Cookies” are small data files that are downloaded onto your computer or mobile device when you use our Services, which are unique to your device or account. Cookies make it easier for you to use our Services by saving your preferences so that we can use these to improve your next and subsequent visits to our Services – for example, remembering your login session. Cookies help us learn which areas of our Services are useful and which areas need improvement. You may learn more about our use of cookies through our Cookie Policy.
    • When we use Cookies or other similar technologies, we may set the Cookies ourselves or ask third parties to do so on our behalf.
  • You can choose whether to accept Cookies by:
  • 1) changing your cookie preferences through our cookie consent management platform by clicking the “Cookie Settings” button located in the footer of our website https://groups360.com/ and also in the selection bar of our legal resources webpage; or
  • 2) changing the settings on your browser or device.

  • If you choose to disable Cookies, your experience with our Services may be impaired and some features may not work as they were intended.
  • Additionally, you may select a “do not track” setting on your web browser. However, these features are not yet uniform, so we do not currently respond to such features or signals. Therefore, if you select or turn on a “do not track” feature in your web browser, we and our third-party providers may continue collecting information about your online activities as described in this Privacy Policy.
  • The Sale of Your Personal Information: You have the “right to opt out”, which means you have the right to ask us to not sell your Personal Information at any time. As our use of some of the cookies that we use for statistical purposes and marketing purposes is the only sale of your Personal Information that Groups360 may be engaging in, the only way to opt out of sales of Personal Information is to change your cookie preferences through our cookie consent management platform by clicking the “Cookie Settings” button located in the footer of our website https://groups360.com/ and also in the selection bar of our legal resources webpage. In particular, you need to choose not to allow the following categories of cookies: Advertisement and Analytics.
    • Please consider that the preferences you submit through the cookie consent management platform, including your requests to opt out from the sale of personal information, may be stored in cookies or similar technologies that are specific to your browser. If this browser is configured to block cookies or similar technologies, our tool may not be able to store your preferences. In addition, deleting cookies on this browser may result in your preferences being removed. If your preferences are removed after you delete cookies from this browser, you will have to update these preferences again. Also, remember that private browsing technologies (such as incognito mode) automatically delete all local storage and cookies when the browsing session ends, preventing us from recording your choice made during the session; and prevent us from accessing any local storage created outside of the current session, which does not enable us to access the choice you made during a normal or previous private browsing session. We will only store your preferences in this browser. Because some companies may not connect information about this browser with other web browsers or devices you may use (such as a web browser on another computer you may use, or one on a mobile device), you need update your preferences through the cookie consent management platform to set your preferences separately for other browsers or devices you may use.
    • Groups360 does not sell or share the Personal Information of minors under 16 years of age and has no actual knowledge of any such sales or disclosures.
  • Personalized/Interest-Based Advertising: If you do not wish to participate in our advertising personalization programs, you can opt-out by following the directions provided within the applicable advertisement, or through disabling ad cookies through your browser settings. You also may opt out of receiving interest-based ads from Amazon, Facebook, and Google.
  • Please note that we and other companies may still collect information when you are online, and opting out through these mechanisms does not opt you out of being served advertising. You will continue to see ads on each platform, but they will not be personalized as a result of your actions on our website.
  • Generally, you can opt-out of the collection of data across unaffiliated sites over time for interest-based advertising and other purposes from companies participating in the Digital Advertising Alliance (DAA) Consumer Choice Page at www.aboutads.info/choices and from members of the Network Advertising Initiative (NAI) at www.networkadvertising.org/choices.

 

  • Session-replay technologies: We may use products and services provided by FullStory, Mouseflow, or other similar software and service providers that employ software code to record users’ interactions with the Services in a manner that allows us to watch DVR-like replays of those user sessions. The replays include users’ clicks, mobile app touches, mouse movements, scrolls, and keystrokes/key touches during those sessions. These replays help us diagnose usability problems and identify areas for improvement for the Services. You can learn more about FullStory at https://www.fullstory.com/legal/privacy-policyand you can opt-out of session recording by FullStory at https://www.fullstory.com/optout/, and you can learn more about Mouseflow at https://mouseflow.com/legal/company/privacy-policy/ and you can opt-out of session recording at https://mouseflow.com/opt-out/.
  • Social Media: You can choose to limit the data that third-party services (e.g., Social Media Platforms) disclose to us using the options provided to you by the applicable third-party service (for example, the options provided by a Social Media Platform when you connect your social media account with our Services). You can also disconnect your use of our Services from the third-party service at any time using the options provided to you by the applicable third-party service.  Please note, however, that if you disconnect from the third-party service, that will not delete the data we may have previously collected while you were connected.
  • European Opt-Out: For those in Europe, you can opt-out via the IAB Europe’s industry opt-out at youronlinechoices.eu.
  • Right to Non-Discrimination: We will not discriminate against you for exercising any of these rights.
  • Rights Related to Automated Decision-Making: We sometimes use automated technologies to analyze your Personal Information. For decisions that may seriously affect you, you have the right not to be subject to automatic decision-making, including profiling. There are limited exceptions to this right; for example, when we are required to use automated decision-making to perform a contract or when you explicitly consent to the use of automated decision-making. In those instances, however, you retain the right to seek human intervention in the decision and to contest the decision.

    Right to Lodge a Complaint. You have the right to lodge a complaint with a supervisory authority if you believe your data rights have been violated. In particular, you can lodge a complaint in the jurisdiction of your habitual residence, place of work, or of an alleged violation of data protection laws.

    Response Timing and Format. We will confirm the receipt of your request within ten (10) business days, and in that communication, we will also describe our identity verification process (if needed) and when you should expect a response, except when we have already granted or denied the request.

    Please allow us up to one (1) month for us to reply to your requests from the day we receive your request. If we need more time (up to three (3) months in total), we will inform you of the reason and extension period in writing. 

    If we cannot satisfy a request, we will also explain why in our response, such as whether fulfilling the request is not reasonably possible or would involve a disproportionate effort; we cannot verify your identity; or we have a good-faith, reasonable, and documented belief that the request is fraudulent or abusive.

    We typically will not charge a fee for processing or responding to your requests. In certain exceptional situations, we may charge a fee if we determine that your request is excessive, repetitive, or manifestly unfounded. In those cases, we will tell you why we made that determination and provide you with a cost estimate before completing your request.

    How We Safeguard Your Personal Information.

    We strive to use commercially acceptable security measures designed to protect your data; however, no method of transmission over the Internet is 100% secure, and we cannot guarantee or warrant that such techniques will prevent unauthorized access to your data. Any transmission of Personal Information is at your own risk.

     

    How Long We Store Your Personal Information.

    We will retain your Personal Information only for as long as is necessary for the legitimate business purposes set out in this Privacy Policy. We will retain and use your Personal Information to the extent necessary to comply with our legal, accounting, or reporting obligations (for example, if we are required to retain your data to comply with applicable laws, resolve disputes, and enforce our legal agreements and policies). In cases where we act as a data processor, we will retain your Personal Information for as long as instructed by the respective Customer (who typically acts as a data controller). Additionally, we may continue to store your Personal Information contained in our standard back-ups. This applies to all categories of Personal Information in use by us.

    We also will retain Usage Information for internal analysis purposes. Usage Information is generally retained for a shorter period of time, except when Usage Information is used to strengthen the security or to improve the functionality of the Services, or we are legally obligated to retain Usage Information for longer periods.

     

    Links.

    This Privacy Policy does not apply to the practices of third parties that we do not own or control, including but not limited to any third-party websites, services, and applications that are linked or made available through our Services (“Third Party Services”). While we attempt to facilitate access only to those Third Party Services that share our respect for your privacy, we do not take responsibility for the content, actions, or privacy policies of those Third Party Services. You understand that these Third Party Services are not under our control and not subject to our Privacy Policy, and you should exercise caution when deciding to disclose any Personal Information through those Third Party Services. You also agree and acknowledge that we will not be responsible or liable, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with use of or reliance on any content, services, resources, or goods on or through any such Third Party Service. We encourage you to carefully review the privacy policies of any Third Party Services you access.

     

    Children.

    Our Services are not directed to nor intended for use by anyone under the age of eighteen (18), particularly children under the age of thirteen (13) years (a “Child” or “Children”). By using our Services, you represent that you are at least thirteen (13) years old. If you do not meet this age requirement, then you must not access or use our Services.

    We do not knowingly collect information from Children, and we do not target the Services to Children. If you are a Child, please do not use our Services and do not provide any information to us. You acknowledge that we do not verify the age of our visitors, nor have any liability to do so.

    If you are a parent or guardian and you are aware that your Child has provided us with Personal Information, please contact us through one of the methods listed under “How to Contact Usbelow. If we learn that we have collected the information of a Child, we will take reasonable steps to delete such information.

     

    Governing Law and Jurisdiction.

    This Privacy Policy shall be construed and governed under the laws of the United States and State of Tennessee (without regard to rules governing conflicts of laws provisions). You agree that venue for all actions, arising out of or relating in any way to your use of our Services, shall be in federal or state court of competent jurisdiction located in Davidson County, Tennessee. Any action arising out of or relating to your use of our Services must be filed within one (1) year after such claim arises. Each party waives any objections based on forum non conveniens and waives any objection to venue of any action instituted hereunder to the extent that an action is brought in the courts identified above.

    How to Contact Us.

    You can update your preferences and information in the following ways: by updating your information in your profile or account through our Services, or by contacting us at the email address or phone number below.

    Additionally, if you have any questions or concerns about our use of your Personal Information, please contact us through any of the methods listed below.

    • Calling us at: 1-888-633-4360 or at 615-900-4360
    • Emailing us at:
    • Contacting our Privacy Representative:

      • Name: Bryan Mitchell
        Title: Chief Information Security Officer
        Email Address: [email protected]
        Phone Number: 1-888-633-4360 or 615-900-4360

    Please allow up to 30 days for us to reply.

    Data Protection Representatives. We have appointed VeraSafe Ireland Ltd and VeraSafe United Kingdom Ltd. (“VeraSafe”) as our representative in the EU and UK, respectively, for data protection matters. While you may also contact us using any of the methods provided under the Services or listed above, VeraSafe can be contacted on matters related to the processing of Personal Information. To contact VeraSafe, please use this contact form: https://www.verasafe.com/privacy-services/contact-article-27-representative.

    Alternatively, VeraSafe can be contacted at:

    VeraSafe Ireland Ltd.
    Unit 3D North Point House
    North Point Business Park
    New Mallow Road
    Cork T23AT2P
    Ireland

     

    VeraSafe United Kingdom Ltd.
    37 Albert Embankment
    London SE1 7TL
    United Kingdom