Groups360 – GroupSync Privacy Policy 

This Privacy Policy was last updated 4/12/23.

Groups360 LLC, dba Groups360, (“Groups360”, “we”, “our”, or “us”) values our relationship with you and takes your privacy seriously. The purpose of this GroupSync Privacy Policy (this “Privacy Policy”) is to identify how we may process, collect, store, disclose, and use (collectively, “use”) the data that we collect from you in connection with your use of our GroupSync software and related meeting planning software and services, which are made available through our website, http://groups360.com (collectively, our “Services”). This Privacy Policy also identifies your rights with respect to your Personal Information, all as described in more detail below.

Please read this Privacy Policy carefully and in its entirety. We may update or modify this Privacy Policy at any time by posting the amended version and including the effective date of the updated version. We will announce any material changes to this Privacy Policy by posting the amended version on our website and providing a notification upon login to our Services. By accessing and/or using our Services, you accept and agree to the terms of this Privacy Policy and the use of your data and Personal Information (defined below) as described in this Privacy Policy. If you do not agree to be bound by this Privacy Policy or any subsequent modifications, you should not access or use our Services or disclose any Personal Information through any of our Services.

Your privacy and the security of your Personal Information is, and will always be, important to us. We want to transparently explain how and why we gather, store, disclose, and use your Personal Information, as well as outline the controls and choices you have around when and how you choose to share Personal Information.

This Privacy Policy contains the following information, which you can access by scrolling down:

How to Contact Us.

You can update your preferences and information in the following ways: by updating your contact information in your profile or account through our Services, or by contacting us at the email address or phone number below.

Additionally, if you have any questions or concerns about our use of your Personal Information, please contact us through any of the methods listed below.

  • Calling us at: 1-888-633-4360 or at 615-900-4360

  • Emailing us at[email protected]

  • Contacting our Data Protection Officer, VeraSafe:

            100 M Street S.E., Suite 600
            Washington, D.C., 20003
            +1 (617)-398-7067
          [email protected].

Please allow up to 30 days for us to reply.

The Information We Collect About You.

We obtain information about you and your use of our Services when you provide it voluntarily and also automatically when you use the Services. For example, we collect information from you when you register a user account with us, execute an Order Form for our Services, make a booking using our Services, or sign up to receive communications from us. We collect information through any correspondence that you provide to us whether through email, mail, phone calls, or through our Services. The information we collect can include Personal Information or non-personal information, which is information that does not identify or relate to an individual.

Personal Information” is information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

Information that you provide or that we otherwise collect might include, but is not limited to, the following categories:

  • Identifiers: first and last names; mailing address; email address; telephone number; and Internet Protocol (IP) address.

  • Professional or Employment-related Information: job title and company.

  • User Data: data or other information entered voluntarily into a contact form via the Services that personally identifies you.

  • Internet or Other Electronic Network Activity Information:

    • Browse history. Data about the webpages you visit.

    • Search history. Data about the search terms you enter.
    • Device, connectivity, and configuration data. Data about your device and nearby networks, including regional and language settings.
  • Financial Information: your name; billing address; and payment information (including credit or debit card number and type, and expiration date).

  • Geolocation Data: data about your device’s location, which may be inferred from your IP address.

We do not consider Personal Information to include information that can no longer be used to identify a specific natural person, whether in combination with other information or otherwise.

When and how we collect your information

Most of the Personal Information we receive relates to your use and participation in our Services either as part of performing your job duties for your employer or employing organization, which has licensed the Services from us, or on your own behalf. Generally, you control the amount and type of information you voluntarily provide to us when using the Services. We will offer you choices when we ask for Personal Information whenever reasonably possible. In some instances, we automatically collect certain types of information when you use our Services or correspond with us. Automated technologies may include the use of web server logs to collect IP addresses, “cookies” and web beacons. You may learn more about our use of cookies through our Cookie Policy and by reviewing the “Usage Information or other Internet or other Electronic Network Activity Information row of the table describing how we may collect and use your information below.

Information Third Parties Provide About You.

We may collect or receive certain Personal Information about you from third parties in connection with our Services, including from the following sources:

  • Service providers (e.g., hosting providers, customer service providers, and payment processors);

  • Email, chat, and other communications service providers;

  • Marketing and/or promotion providers;

  • Social Media Platforms (as defined below); and

  • Data analytics service providers.

We may also receive Personal Information about you from owners, operators, and brand affiliates of hotels and other business affiliates, including in order to complete a request or reservation booking on your behalf.

How We May Collect and Use Your Information.

We may collect the following categories of Personal Information from you, depending on your interactions with our Services and the choices you make, and we will only use your Personal Information for the purposes identified below, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose as further described in the chart below:

Information collected through use of our Services

Categories of Information Description of Category Categories of Sources Business or Commercial Purpose for Collection Disclosed for a Business Purpose? Categories of Third Parties with Whom we Disclose for a Business Purpose (discussed further in “How We Use Personal Information That We Collect for Business or Commercial Purposes” below)
Account Registration Information (Identifiers, Professional or Employment- related Information, User Data, Internet, or Electronic Network Activity Information)

This is the Personal Information that is provided by you or collected by us to enable you to log in and access your account and our Services. This may include your name, email address, phone number, location, job title, department, and company, as well as your username and password.

Some of the Personal Information we will ask you to provide is required in order to create your account. You also have the option to provide us with some additional Personal Information in order to make your account more personalized.

  • Direct contact with users through the Services, phone, email, and web forms.
  • To provide, maintain, and improve our Services in accordance with our contract with you (the Groups360 End User License Agreement).
  • To respond to your questions and requests.
  • To create, maintain, and personalize your account with us, e.g. providing customized content, recommendations, support, and features through our Services.
  • To notify you about changes to our Services.
  • To allow you to participate in interactive features of our Services.
  • To contact you with newsletters, marketing or promotional materials and other information that may be of interest to you.
  • Yes
  • Service providers
  • Data analytics providers
  • Buyers, successor of our business, or our affiliates
Booking Information (Identifiers, Financial Information, User Data)

If you make a booking through our Services, we may request certain information from you, including name, email address, phone number, mailing address, location, Payment Information (as described below), and hotel loyalty program or membership information. You may also choose to provide information about other people, such as those traveling with you or others you are making a booking on behalf of.

  • Direct contact with users through the Services, phone, email, web form, and social media.
  • From subsidiaries and affiliates and third parties.
  • To provide our Services and complete the requested transaction.
  • To contact you with questions or issues related to your purchase.
  • To contact you with newsletters, marketing or promotional materials and other information that may be of interest to you.

 

  • Yes
  • Service providers
  • Hotel employers, hotel owners, and other business affiliates
  • Data analytics providers
  • Buyer, successor of our business, or our affiliates
Payment Information (Identifiers, Financial Information)

If you conduct a financial transaction through our Services, we will request certain information from you, including Booking Information (as described above) and financial information. Financial transactions through our Services may be handled by a third party. The exact Personal Information will vary depending on the payment method and the country in which you are located but may include information such as:

  • Name;

  • Credit or debit card type, expiration date, and your card number;

  • Billing address;

  • Postal code; and

  • Phone number.

  • Direct contact with users through the Services, phone, email, and web form.
  • From subsidiaries and affiliates and third parties.
  • To provide our Services and complete the requested transaction.
  • To contact you with questions or issues related to your purchase.

 

 

 

 

 

 

  • Yes
  • Service providers (including payment processors)
  • Hotel employers, hotel owners, and other business affiliates
  • Buyer, successor of our business, or our affiliates
Location Information (Identifiers, User Data, Geolocation Data)

We may collect general location information if you use features on our Services that provide location-based services.

  • From the Services.
  • From subsidiaries, and affiliates and third parties.
  • To provide you with location-based services.
  • To monitor the usage of our Services.
  • To gather analysis and assess trends and interests.
  • Yes
  • Service providers
  • Data analytics providers
  • Buyer, successor of our business, or our affiliates
Usage Information or other Internet or other Electronic Network Activity Information

This can be Personal Information and non-personal information that is collected about you when you are using our Services, and this may include:

  • Information about your interactions with our Services, which includes the date and time of any information you enter into our Services, and your interactions with other users of our Services.
  • User content you post to our Services including messages you send and/or receive through our Services and your interactions with our customer service team.
  • Technical data, which may include URL information, cookie data, web beacons and other tracking technology information, your IP address, the types of devices you are using to access or connect to our Services, unique device IDs, device attributes, network connection type (e.g., Wi-Fi, 3G, LTE, Bluetooth) and provider, network and device performance, browser type, language, and operating system. Further details about the technical data that is processed by us can be found below.

Our Services, and our third-party service providers, may use Cookies (as defined below), unique identifiers and similar technologies to collect information about the pages you view, our Services’ functions that you access, the buttons and icons you click, and to remember your login session and Services settings to make it easier and more efficient for you to use our Services.

Cookies. “Cookies” are small data files that are downloaded onto your computer or mobile device when you use our Services, which are unique to your device or account. Cookies make it easier for you to use our Services by saving your preferences so that we can use these to improve your next and subsequent visits to our Services – for example, remembering your login session. Cookies help us learn which areas of our Services are useful and which areas need improvement. You may learn more about our use of cookies through our Cookie Policy.

When we use Cookies or other similar technologies, we may set the Cookies ourselves or ask third parties to do so on our behalf. Most web browsers can be set to disable the use of Cookies, and you can choose whether to accept Cookies by changing the settings on your browser or device, as discussed further below in “Your Rights and Options Regarding Your Personal Information.

Pixels, web beacons. We or our third-party partners may use invisible pixels or beacons on our Services to count how many users access or use certain pages, features, or content. This information is collected and reported in the aggregate. We may use this information to improve our current Services offerings, develop new products or services, and target information to you that may be helpful and useful to you based upon your use of our Services.

  • From the Services.
  • From subsidiaries, affiliates, and third parties.
  • To create, maintain, and personalize your account with us.
  • To assist in registration, login, and your ability to provide feedback.
  • To provide information to you that may be helpful and useful to you based upon your use of our Services.
  • To provide, maintain, and improve our Services.
  • To monitor the usage of our Services.
  • To allow you to participate in interactive features of our Services.
  • To gather analysis and assess trends and interests.
  • To detect, prevent, and address technical issues and provide customer support.
  • To provide you with advertising content in which we think you will be interested. As part of this customization, we may observe your behaviors on the Services or on other websites.
  • To help maintain and monitor the safety, security, and integrity of our Services.
  • Yes
  • Service providers
  • Data analytics providers
  • Buyer, successor of our business, or our affiliates
Anonymized Information

We use information that may be created or derived from your Personal Information or usage of our Services that has been anonymized and aggregated, and we may use such non-personally identifiable usage information for purposes that may include data analysis, improving our Services, advertising, and developing new features and functionality within our Services.

  • From the Services.
  • From subsidiaries, affiliates, and third parties.
  • To provide, maintain, and improve our Services.
  • To monitor the usage of our Services.
  • To gather analysis and assess trends and interests.
  • To provide relevant and interesting advertising content.
  • To detect, prevent, and address technical issues.
  • To help maintain the safety, security, and integrity of our Services and technology assets.
  • Yes
  • Data analytics service providers
  • Buyer, successor of our business, or our affiliates

In the table below, we have set out the reasons why we process your information, the associated legal basis we rely upon to legally permit us to process your information, and the categories of information (identified in the above table) used for these purposes. If we wish to process your existing information for a new purpose other than as stated below, we may inform you of that further processing and provide information surrounding your information’s use.

Why we process your information

Legal basis for the processing purpose (e.g., the business or commercial purpose for collection)

Categories of information used by Groups360 for the processing purpose

To provide our Services to you in accordance with our website Terms of Service, and/or in accordance with our contract with you (the Groups360 End User License Agreement), as applicable.

  • Performance of a contract

 

 

  • Account Registration Information
  • Booking Information
  • Payment Information
  • Location Information
  • Usage Information

To personalize, and improve your experience with our Services, for example by providing customized or localized content, recommendations, support, and features through our Services.

  • Legitimate interest

 

  • Account Registration Information
  • Booking Information
  • Location Information
  • Usage Information
  • Anonymized Information

To understand how you access and use our Services to ensure technical functionality of our Services, to prevent or investigate security breaches or other potentially prohibited activities, develop new products and services, and analyze your use of our Services, including your interactions with applications or services made available, linked to, or offered through our Services.

  • Legitimate interest
  • Account Registration Information
  • Booking Information
  • Location Information
  • Usage Information
  • Anonymized Information

To communicate with you for Services-related purposes such as regarding support issues, password retrieval, payment, and guides and information about your Services account.

  • Performance of a contract
  • Legitimate interest

 

  • Account Registration Information
  • Booking Information
  • Payment Information
  • Usage Information
  • Anonymized Information

To communicate with you, either directly or through one of our service providers, for: marketing, research, to provide email updates, or other promotional purposes, via email, notifications, or other messages, consistent with any permissions you may have communicated to us.

  • Performance of a contract
  • Legitimate interest
  • Consent, if you are located in the European Union or the United Kingdom
  • Account Registration Information
  • Booking Information
  • Location Information
  • Usage Information
  • Anonymized Information

We may use your general location information to provide you with features or other content based on your location.

  • Legitimate interest

 

  • Usage Information (Internet or Other Electronic Network Activity Information)

 

We may use information about your use of our Services, including pages viewed, length of user session, and content accessed, in order to compile overall statistics about how users interact with our Services and content they find useful in order to enable us to analyze how our Services are being used and how we can improve them.

  • Legitimate interest

 

  • Usage Information (Internet or Other Electronic Network Activity Information)

 

For us to comply with our legal obligations, including assessing compliance with our regulatory requirements, e.g., using user data in the aggregate to assess our obligations under applicable data security and privacy requirements.

  • Legal obligations

 

  • Account Registration Information
  • Booking Information
  • Payment Information
  • Location Information
  • Usage Information
  • Anonymized Information

 

Legitimate interests. Where we rely on legitimate interests as the reason for processing your information, we carry out a balancing exercise to make sure your rights as an individual are not impacted unnecessarily.

We consider that it is reasonable for us to process your Personal Information for the purposes of our legitimate interests when, on balance, (a) we process your Personal Information only so far as is necessary for such purpose, and your rights and freedoms do not outweigh such purposes, and (b) it can be reasonably expected for us to process your Personal Information in this way. In most cases, the information is being processed for your benefit as well as ours. For example, we have a legitimate interest in processing your Personal Information where:

  • We need the information to respond to your inquiries or to send you information; and

  • We would be unable to provide our Services without processing your information.

How We Use Personal Information That We Collect for Business or Commercial Purposes.

We may disclose non-personal information with third parties at our discretion. In connection with our Services, we may disclose your Personal Information to the following types of recipients and for the following reasons:

  • Service providers. We use service providers to operate our software and infrastructure, in particular providers which host, store, manage, secure, and maintain our Services, its content, and the data we process. This includes our payment processing providers, hosting providers, communications service providers, human resources and benefits providers, and marketing service providers.

  • Hotel employers, hotel owners and other business affiliates. We may disclose your Personal Information to your employer (or any organization on whose behalf you are accessing and using our Services) to aid such organizations in their business operations and decision making, as well as organizational use of the Services, which may include monitoring and analyzing your use of our Services. We may also disclose your Personal Information to owners, operators, and brand affiliates of hotels you make a reservation with through our Services.

  • Marketing and promotional partners. We may disclose your Personal Information to marketing service providers that we use to communicate with your or to support the promotion and advertising of our Services, including targeted ads on third-party sites.

  • Data analytics providers. We will disclose your Personal Information to create general data analytics regarding usage of our Services on an aggregate basis and without personal identifiers.

    • For example, we use Google Analytics, a service provided by Google Inc., to gather information about how you and other users engage with our Services. For more information about Google Analytics, please visit www.google.com/policies/privacy/partners.

  • Buyer, successor of our business, or our affiliates. We will disclose your Personal Information to any buyer or successor in the event of a merger, reorganization, dissolution, or other sale or transfer of title. We may also disclose your Personal Information to our affiliates and other Groups360 entities.

We will disclose your Personal Information to third parties where required by law (including to respond to valid legal process such as a subpoena, search warrant, or a court order), where it is necessary in connection with our Services or where we have another legitimate interest in doing so. We will also disclose your Personal Information in order to comply with our legal obligations, including assessing compliance with our regulatory requirements, e.g., using user purchases in the aggregate, including revenues generated in connection with our regulatory tax requirements.

Personal Information We Sell or Disclose for Targeted Advertising.

We do not sell Personal Information. We do not knowingly sell or rent any Personal Information of consumers under sixteen (16) years of age with third parties and have not done so in the past twelve (12) months. We may disclose the following categories of Personal Information to the categories of third parties listed below for the purpose of targeted or cross-context advertising (under California law, this is called “sharing”):

Type of Information Disclosed for Targeted Advertising? Third parties to whom Sold or Disclosed for Targeted Advertising Business or commercial purposes for Selling or Disclosing for Targeted Advertising
Identifiers such as unique personal identifiers, online identifier, Internet Protocol address, or other similar identifiers. Yes Service providers, marketing, and promotional partners, third parties for operational purposes. As described above, e.g., to provide you with products and services and for internal purposes.
Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an Internet Web site, application, or advertisement. Yes Service providers, marketing, and promotional partners. As described above regarding cookies, e.g., for internal purposes and for marketing purposes.

Your Rights and Options Regarding Your Personal Information.

If you need assistance with updating your Personal Information, please contact us using any of the methods provided under the Services or listed under “How to Contact Us” above.

Marketing Preferences. You have choices about how we use your Personal Information to communicate with you, send you marketing information, and whether you want to stay signed into your account. By providing your email address to us, or otherwise communicating with us via the Services, you consent to receive phone calls and/or emails from us or on behalf of us and/or our affiliates may contact you about your inquiry. You can opt out from receiving future marketing communications from us at any time by:

  • Using the unsubscribe function in the email you receive from us; or

  • Contacting us as set forth under “How to Contact Us” above.

Personalized Advertising; Opting Out of Interest-Based Advertising. If you do not wish to participate in our advertising personalization programs, you can opt-out by following the directions provided within the applicable advertisement, or through disabling ad cookies through your browser settings. You also may opt out of receiving interest-based ads from Amazon, Facebook, and Google.

Please note that we and other companies may still collect information when you are online, and opting out through these mechanisms does not opt you out of being served advertising. You will continue to see ads on each platform, but they will not be personalized as a result of your actions on our website.

Generally, you can opt-out of the collection of data across unaffiliated sites over time for interest-based advertising and other purposes from companies participating in the Digital Advertising Alliance (DAA) Consumer Choice Page at www.aboutads.info/choices and from members of the Network Advertising Initiative (NAI) at www.networkadvertising.org/choices.

Cookies. In addition, as noted above in “How We May Collect and Use Your Information” you can choose whether to accept Cookies by changing the settings on your browser or device. However, if you choose to disable Cookies, your experience with our Services may be impaired and some features may not work as they were intended.

Additionally, you may select a “do not track” setting on your web browser. However, these features are not yet uniform, so we do not currently respond to such features or signals. Therefore, if you select or turn on a “do not track” feature in your web browser, we and our third-party providers may continue collecting information about your online activities as described in this Privacy Policy.

Session-replay technologies. We may use products and services provided by FullStory, Mouseflow, or other similar software and service providers that employ software code to record users’ interactions with the Services in a manner that allows us to watch DVR-like replays of those user sessions. The replays include users’ clicks, mobile app touches, mouse movements, scrolls, and keystrokes/key touches during those sessions. These replays help us diagnose usability problems and identify areas for improvement for the Services. You can learn more about FullStory at https://www.fullstory.com/legal/privacy-policy and you can opt-out of session recording by FullStory at https://www.fullstory.com/optout/, and you can learn more about Mouseflow at https://mouseflow.com/legal/company/privacy-policy/ and you can opt-out of session recording at https://mouseflow.com/opt-out/.

Social Media. You can choose to limit the data that third-party services (e.g., Social Media Platforms) disclose to us using the options provided to you by the applicable third-party service (for example, the options provided by a Social Media Platform when you connect your social media account with our Services). You can also disconnect your use of our Services from the third-party service at any time using the options provided to you by the applicable third-party service. Please note, however, that if you disconnect from the third-party service, that will not delete the data we may have previously collected while you were connected.

European Opt-Out. For those in Europe, you can opt-out via the IAB Europe’s industry opt-out at www.youronlinechoices.eu.

Additional Rights of Individuals in Certain Jurisdictions.

Depending on where you live, you may have certain rights with respect to your Personal Information that we have collected and used. Additional information regarding the rights you may have and how to exercise this set forth in the “State-Specific Rights” or “Country-Specific Rights” sections below.

If you want to exercise any of the rights listed in the applicable sections below and you are a resident of a jurisdiction providing you such rights, please contact us through one of the following methods:

Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your Personal Information. Please understand that we are required to verify your request and may require you to provide some information to enable us to carry out such verification. We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you. To verify that an authorized agent has authority to act for you, we may require a copy of a power of attorney or require that you provide the authorized agent with written permission and verify your own identity with us. We will deny requests from agents that do not submit proof of authorization from you.

Making a verifiable consumer request does not require you to create an account with us. We will only use Personal Information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

State-Specific Rights

If you are a resident of a state that confers certain rights with respect to your Personal Information, those rights may include the following:

  • The right to know particular information regarding our use of your Personal Information in the past 12 months.

  • The right to request access to your Personal Information.

  • The right to receive a copy of your Personal Information.

  • The right to request that we erase your Personal Information when we no longer need such data in connection with our Services.

  • The right to request the correction of your inaccurate Personal Information. You may also update or change your information under your account settings.

  • The right to opt out of sales or sharing of your Personal Information. To exercise the right to opt-out, you (or your authorized representative) may submit a request to us by visiting the following Internet web page link: Your Privacy Choices.

  • The right to limit the use or disclosure of Sensitive Personal Information.

  • The right to non-discrimination for exercising your rights.

  1. The right to know about Personal Information collected, disclosed, and/or sold.

Residents of certain U.S. states have the right to request that we disclose what Personal Information we collect, use, disclose, and sell. This is called the “Right to Know”. Under the Right to Know, you can request a listing of:

    • The categories of your Personal Information that we have collected,

    • The purpose of our use of the Personal Information,

    • The categories of sources for that Personal Information,

    • The categories of third parties to whom we have disclosed your Personal Information,

    • The expected retention period for the categories of your Personal Information,

    • If we have collected Personal Information from another source, available information about that source,

    • If we have disclosed your Personal Information for a business purpose, a list identifying the Personal Information categories that each category of recipient obtained,

    • If we have sold or shared your Personal Information, a list identifying the Personal Information categories that each category of recipient purchased or received.

For further details about this information, please visit “The Information We Collect About You” section above.

If you would like additional information under your Right to Know, you may contact us as set forth in the “How to Contact Us” section above. Details on how to make a Request to Know for each state are listed below.

When you make a request under your Right to Know, you can expect the following:

  1. We will verify your identity. You will need to provide us with certain information, as relevant, so that we can verify that you are who you say you are. Which information may depend on the type and sensitivity of information requested.

  2. We will confirm our receipt of your request within 10 days. If you have not received a response within a few days after that, please let us know by contacting us as set forth in the “How to Contact Us” section above.

  3. We will respond to your request within the legally required amount of time. If necessary, we may need additional time to respond where allowed by law, but we will reply either way within the legally required period and, if we need an extension, we will explain why.

  4. In certain cases, a Request to Know may be denied. For example, if we cannot verify your identity or if providing you with the information could create an unreasonable risk to someone’s security. If we deny your request, we will explain why we denied it. If we deny a request, we will still try to provide you as much of the information as we can, but we will withhold the information subject to denial.

Groups360 does not sell or share the Personal Information of minors under 16 years of age and has no actual knowledge of any such sales or disclosures.

  1. The right to access and receive a copy of your specific Personal Information.

Residents of certain U.S. states have the right to request that we provide a portable copy of the Personal Information that we collect, use, disclose, and sell. This is called the “Right to Access”. Under the Right to Access, you can request a listing of the types of Personal Information that we have collected about you, the sources of that information, how we use the information (e.g., our business or commercial purposes for collecting or selling personal information), other individuals and businesses with whom we disclose Personal Information, and the specific pieces of Personal Information that we have collected about you. For further details about this information, please visit “The Information We Collect About You” section above.

If you are a resident of a state that confers this right and would like to request a portable copy of your Personal Information, you may visit your state’s section below.

When you make a request under your Right to Access, you can expect the following:

  1. We will verify your identity. You will need to provide us with certain information, as relevant, so that we can verify that you are who you say you are. Which information may depend on the type and sensitivity of information requested.

  2. We will confirm our receipt of your request within 10 days. If you have not received a response within a few days after that, please let us know by contacting us as set forth in the “How to Contact Us” section above.

  3. We will respond to your request within the legally required amount of time. If necessary, we may need additional time to respond where allowed by law, but we will reply either way within the legally required period and, if we need an extension, we will explain why.

  4. In certain cases, a Request to Access may be denied. For example, if we cannot verify your identity or if providing you with the information could create an unreasonable risk to someone’s security. If we deny your request, we will explain why we denied it. If we deny a request, we will still try to provide you as much of the information as we can, but we will withhold the information subject to denial.

  1. The right to request that we erase your Personal Information when we no longer need such data in connection with our Services.

Residents of certain U.S. states have a right to request the deletion of their Personal Information collected or maintained by us. If you would like information about your right to be deleted, you may contact us as set forth in the “How to Contact Us” section above. Details on how to make a request in each state are listed in each state’s section below.

When you make a request for deletion, you can expect the following:

  1. After you request deletion, you will need to confirm that you want your information deleted.

  2. We will verify your identity. You will need to provide us with certain information, as relevant, so that we can verify that you are who you say you are. Which information may depend on the type and sensitivity of information that you would like to have deleted.

  3. We will confirm our receipt of your request within 10 days. If you have not received a response within a few days after that, please let us know by contacting us as set forth in the “How to Contact Us” section above.

  4. We will respond to your request within the legally required amount of time. If necessary, we may need additional time to respond where allowed by law, but we will reply either way within the legally required period and, if we need an extension, we will explain why.

  5. In certain cases, a request for deletion may be denied. For example, if we cannot verify your identity, or if we need the information for internal purposes such as to continue to provide you services. If we deny a request, we will explain why we denied it, and delete any other information that is not protected from deletion.

  1. The right to request the correction of your inaccurate Personal Information. You may also update or change your Personal Information under your account settings.

Residents of certain U.S. states have the right to request that we correct Personal Information that we collect, use, disclose, and sell. This is called the “Right to Correct”. Under the Right to Correct, you can request a correction of any inaccurate Personal Information, and we will use commercially reasonable efforts to correct this information.

If you would like additional information under your Right to Correct, you may contact us as set forth in the “How to Contact Us” section above. Details on how to make a request in each state are listed below.

When you make a request under your Right to Correct, you can expect the following:

  1. We will verify your identity. You will need to provide us with certain information, as relevant, so that we can verify that you are who you say you are. Which information may depend on the type and sensitivity of information requested to be corrected.

  2. We will confirm our receipt of your request within 10 days. If you have not received a response within a few days after that, please let us know by contacting us as set forth in the “How to Contact Us” section above.

  3. We will respond to your request within the legally required amount of time. If necessary, we may need additional time to respond where allowed by law, but we will reply either way within the legally required period and, if we need an extension, we will explain why.

  4. In certain cases, a Request to Correct may be denied. For example, if we cannot verify your identity, if we determine that it is more likely than not that the information maintained by Groups360 is accurate, or if we have a good-faith, reasonable, and documented belief that the request is fraudulent or abusive. If we deny your request, we will explain why we denied it.

  1. The right to opt out of sales or sharing of your Personal Information.

Residents of certain U.S. states have a right to opt-out of the sale and/or cross-context behavioral advertising uses of their Personal Information by us. We do not sell your Personal Information. However, when you visit the Services, we may share information about your use of our website with our advertising and analytics partners. You can opt out of sharing or using your Personal Information for the purposes of targeted advertising by interacting with the cookie banner (the cookie banner may appear at the bottom of our websites the first time you come to visit the website and may appear in the footer of our websites) or by visiting the following Internet web page link: Your Privacy Choices. You can also opt back into these cookies through the same links.

 

For more information about your right to opt-out, please see your state’s section below.

  1. The right to limit the use or disclosure of Sensitive Personal Information.

Residents of certain U.S. states have a right to limit the use or disclosure of Sensitive Personal Information by us. We do not collect or use your Sensitive Personal Information.

For more information about your right to limit, please see your state’s section below.

  1. The right to non-discrimination for the exercise of your privacy rights.

You have a right not to receive discriminatory treatment by us for exercising any of your privacy rights conferred by your state’s consumer privacy laws. We will not discriminate against any consumer because such person exercised any of the consumer’s rights under these privacy laws, including, but not limited to:

  • denying goods or services,

  • charging different prices or rates for goods and services, including through the use of discounts or other benefits or imposing penalties,

  • providing a different level or quality of goods or services, or

  • suggesting that the consumer will receive a different price or rate for goods or services or a different level or quality of goods or services.

We may, however, charge a different price or rate, or provide a different level or quality of goods or services, if that difference is related to the value provided to you by your Personal Information.

California Residents’ Privacy Rights

The California Consumer Privacy Act, which has been amended by the California Privacy Rights Act (collectively, the “CCPA”), is a law intended to enhance privacy rights and consumer protection for residents of the state of California. The CCPA applies to certain business entities that do business in California. For further details on the types of Personal Information we have collected about you, the sources of that information, how we use the information (e.g., our business or commercial purposes for collecting or selling Personal Information), other individuals and businesses with whom we disclose Personal Information, and the specific pieces of Personal Information that we have collected about you, please visit the “The Information We Collect About You” section above.

The following rights, as described in detail in “State-Specific Privacy Rights” section above, apply to all California residents (but not including legal entities, such as companies):

      • The Right to Know

      • The Right to receive (“access”) a copy of your Personal Information

      • The right to request erasure of your Personal Information

      • The Right to Correct

      • The right to opt out of sales or certain disclosures (“sharing”) of your Personal Information. To exercise the right to opt-out, you (or your authorized representative) can opt out of sharing or using your Personal Information for such purposes by submitting a request to us by visiting the following Internet web page link: Your Privacy Choices. For clarity, we do not sell your Personal Information.

      • The right to limit the use or disclosure of your Sensitive Personal Information. We do not collect or use your Sensitive Personal Information.

To make a request under the CCPA, you may call 1-888-633-4360 or you may email [email protected].

Country-Specific Rights

If you are a resident of a country that confers certain rights with respect to your Personal Information, those rights may include the following:

  • The right to request access to your Personal Information.

  • The right to receive a copy of your Personal Information.

  • The right to request that we erase your Personal Information when we no longer need such data in connection with our Services or, with respect to “special categories” of Personal Information, if you withdraw consent to our use of such information.

  • The right to request the correction of your inaccurate Personal Information. You may also update or change your information under your account settings.

  • The right to object to the processing of your Personal Information where Groups360 is not using it to perform a task carried out in the public interest, in the exercise of official authority vested in Groups360, or as necessary for our legitimate interests.

  • The right to request the restriction of processing under certain circumstances (e.g., suspend our use of your Personal Information).

  • The right to withdraw your consent to the processing, where processing of your Personal Information was conducted pursuant to your prior consent to such processing.

  • The right to lodge a complaint with a supervisory authority if you are located in the European Union or the United Kingdom.

If you want to exercise any of the rights listed in the applicable sections below and you are a resident of a jurisdiction providing you such rights, please contact us through one of the following methods:

Data Protection Representatives

We have appointed VeraSafe Ireland Ltd and VeraSafe United Kingdom Ltd. (“VeraSafe”) as our representative in the EU and UK, respectively, for data protection matters. While you may also contact us using any of the methods provided under the Services or listed under “How to Contact Us” above, VeraSafe can be contacted on matters related to the processing of Personal Information. To contact VeraSafe, please use this contact form: https://www.verasafe.com/privacy-services/contact-article-27-representative.

Alternatively, VeraSafe can be contacted at:

VeraSafe Ireland Ltd.
Unit 3D North Point House
North Point Business Park
New Mallow Road
Cork T23AT2P
Ireland

 

VeraSafe United Kingdom Ltd. 

37 Albert Embankment
London SE1 7TL
United Kingdom

How We Safeguard Your Personal Information.

We strive to use commercially acceptable security measures designed to protect your data; however, no method of transmission over the Internet is 100% secure, and we cannot guarantee or warrant that such techniques will prevent unauthorized access to your data. Any transmission of Personal Information is at your own risk.

How Long We Store Your Personal Information.

We will retain your Personal Information only for as long as is necessary for the legitimate business purposes set out in this Privacy Policy. We will retain and use your Personal Information to the extent necessary to comply with our legal, accounting, or reporting obligations (for example, if we are required to retain your data to comply with applicable laws, resolve disputes, and enforce our legal agreements and policies). Additionally, we may continue to store your Personal Information contained in our standard back-ups. This applies to all categories of Personal Information in use by us.

We also will retain Usage Information for internal analysis purposes. Usage Information is generally retained for a shorter period of time, except when Usage Information is used to strengthen the security or to improve the functionality of the Services, or we are legally obligated to retain Usage Information for longer periods.

Links.

This Privacy Policy does not apply to the practices of third parties that we do not own or control, including but not limited to any third-party websites, services, and applications that are linked or made available through our Services (“Third Party Services”). While we attempt to facilitate access only to those Third Party Services that share our respect for your privacy, we do not take responsibility for the content, actions, or privacy policies of those Third Party Services. You understand that these Third Party Services are not under our control and not subject to our Privacy Policy, and you should exercise caution when deciding to disclose any Personal Information through those Third Party Services. You also agree and acknowledge that we will not be responsible or liable, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with use of or reliance on any content, services, resources, or goods on or through any such Third Party Service. We encourage you to carefully review the privacy policies of any Third Party Services you access.

No Sensitive Personal Information.

We ask that you not send us, and you not disclose, any Sensitive Personal Information as this term is defined under applicable data protection and privacy laws (for example, social security number, driver’s license, state ID, passport number, account log-in, financial account, debit or credit card number in combination with any required security or access code, precise geolocation, information related to racial or ethnic origin, political opinions, religion or other beliefs, union membership, health information, sexual orientation, or biometric or genetic data) on or through the Services or otherwise to us.

If you send or disclose any Sensitive Personal Information to us, we will delete any and all Sensitive Personal Information. You must not submit such content to the Services.

Children.

Our Services are not directed to nor intended for use by anyone under the age of eighteen (18), particularly children under the age of thirteen (13) years (a “Child” or “Children”). By using our Services, you represent that you are at least thirteen (13) years old. If you do not meet this age requirement, then you must not access or use our Services.

We do not knowingly collect information from Children, and we do not target the Services to Children. If you are a Child, please do not use our Services and do not provide any information to us. For more information about the Children’s Online Privacy Protection Act (COPPA), which applies to websites that direct their services to Children, please visit the Federal Trade Commission’s website https://www.ftc.gov/tips-advice/business-center/guidance/complying-coppa-frequently-asked-questions. You acknowledge that we do not verify the age of our visitors, nor have any liability to do so.

If you are a parent or guardian and you are aware that your Child has provided us with Personal Information, please contact us through one of the methods listed under “How to Contact Us” above. If we learn that we have collected the information of a Child, we will take reasonable steps to delete such information.

Special Notice to Non-U.S. Users Regarding Data Transfers.

Your information, including Personal Information, may be transferred to – and maintained on – computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction.

If you are located outside the United States and choose to provide information to us, please note that we are a U.S. company, and we transfer information to the United States for processing. Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer. If you are located in the European Union or the United Kingdom, and to the extent the data protection laws in such country are deemed by your country to have inadequate data protection, we have put in place certain measures designed to ensure that your Personal Information is subject to suitable safeguards in such transfer outside the European Union or United Kingdom (e.g., the standard contractual clauses for transfers outside of the EU or other data transfer mechanism permitted in accordance with applicable law). For more information about the safeguards we have implemented, please contact us by one of the methods listed under “How to Contact Us” above.

Governing Law and Jurisdiction.

This Privacy Policy shall be construed and governed under the laws of the United States and State of Tennessee (without regard to rules governing conflicts of laws provisions). You agree that venue for all actions, arising out of or relating in any way to your use of our Services, shall be in federal or state court of competent jurisdiction located in Davidson County, Tennessee. Any action arising out of or relating to your use of our Services must be filed within one (1) year after such claim arises. Each party waives any objections based on forum non conveniens and waives any objection to venue of any action instituted hereunder to the extent that an action is brought in the courts identified above.