Version 2.0, June 2018
OnceThere complies with the US Department of Commerce’s Safe Harbor scheme to cover the transfer of data to the US from the European Union and Switzerland. OnceThere has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about this scheme and see the information we have filed with the Department of Commerce here: http://export.gov/safeharbor/
Who Processes Your Personal Data, and Where?
Your personal data (also referred to as personal information) – that is, data that identifies you, or from which you are identifiable – will be collected, processed, stored and used by us, and passed to and processed by companies in the OnceThere group and other data processors acting under our instructions. OnceThere is a global business. As a result personal data contributed by or collected from users may be stored and processed in the United States or any other country in which we, members of the OnceThere group or our agents maintain facilities.
The Information We Gather
At various times you may give your personal data to us. For example, in order to process a request or inquiry from you, we may need to know all or some of the following: your full name, address, telephone number, e-mail address, your current location, and, in the case of a member’s listing, a method of payment. You may also give personal data to us at other times, such as when registering on the Site or when submitting an advert for a property. We may also gather information from cookies or web beacons. You can find out more about how they operate in the relevant section of this policy below. We also collect IP addresses, mobile device identifier details, your location, navigation and click-stream data, the time of accessing the website, activities you viewed, what you searched for, the duration of your visit, and other details of your activity on the Site. If you ask us to connect with other sites (for example if you ask us to connect with your Facebook account) we may get information that way too. For further details on how we collect personal data, see Surveys and Newsletters below. We obtain data from you either by you inputting your personal details, by the automatic collection of information about you as you use the Site when we speak to you or from third parties. Third party information may include credit information which we use to prevent and detect fraud, information from your mobile provider if you are accessing the Site over a mobile device or information from a third party such as a social media or travel opinions site where you have asked us to share your data with them.
How We Use Your Personal Data
Our primary purpose in collecting your personal data is to provide you with the services you request and those which we believe will optimize your use of the Site. You agree that we may use your personal data for the following purposes:
For the services or to support your request;
To contact you from time to time with user or service updates;
To send other messages that help us provide our services on the Site;
To assist people you have done business with. For example:
If you are an activity provider and a traveler who has booked or inquired with you needs your details we may pass them on;
If you are a traveler and an activity provider you have booked with needs to contact you we may give them your details;
To customize, measure, report on and improve our services, content, and advertising;
To promote services related to the Site or those of the OnceThere group and/or our affiliates;
To compare information for accuracy, and verify it with third parties;
To prevent, investigate or prosecute activity we think may be potentially illegal, unlawful or harmful and
We collate statistics about site traffic, sales and other commercial information which we pass onto third parties to assist us in improving the services we provide to you. We also use demographic information to tailor the Site and we share that information with third parties so that they can build up a better picture of our customer base and general consumer trends.
If you are a member, we will also be able to contact you about your account and your use of our services.
How We May Disclose Your Personal Data
We may disclose your personal data to enforce our policies, or where we are permitted to do so by applicable law, such as in response to a request by a law enforcement or governmental authority, or in connection with actual or proposed litigation, or to protect our property, people and other rights or interests.
We may also share your personal data with:
One of our partners if you’ve requested their services or if you’ve requested to be provided with information by them;
Another member if you have done business with them;
A third party performing services on our behalf;
Companies in the OnceThere group and/or affiliates; or
Other companies or business entities, for example, if we are thinking of a merger with or sale to that company or business entity; or
Other companies we work with to feature all or part of our member’s property listings or otherwise provide promotional or other services related to our or OnceThere group’s business. This might include featuring your listings and photographs on other websites; or
Any third party you have asked us to share your personal data with – such as Facebook if you have asked us to connect with your Facebook account.
You may have accessed our website through a hyperlink from the website of one of our trading partners. If so, you consent to your personal details and purchase information, including behavioral patterns, being shared with that trading partner in accordance with our contractual relationship with them.
If you sign up as a member on the Site, you will receive our activity provider newsletter, which is an integral part of the services we provide. Traveler users of the Site will be given the option to receive our Traveler newsletter when they register with us. We and OnceThere group may offer different newsletters from time to time intended to enhance the services we or they offer. Users may cancel their subscription to these newsletters at any time, although it may take a short while for the changes in your preferences to become effective.
We also use surveys to collect information about our users. From time to time, we request users’ input in order to evaluate potential features and services. The decision to answer a survey is completely yours. We use information gathered from surveys to improve our services.
Travelers may send inquiries to members via clickable links on the listings on the Site. If you choose to send an inquiry through these links, your personal information, including your email address and any other information you supply, will be visible to the member in question so that they might reply directly to you. Your details may also be sent to us and we may have access to those communications even if you contact the member directly. Additionally, those messages may be hosted on, be processed by or transmitted through our servers. If you call the member, you may be asked to leave a return telephone number. Do not share information in the e-mail or phone call that you are not prepared to allow them and OnceThere group to have, including, but not limited to, credit card and bank account information. Inquiries can be sent to the individual member you selected and to our system. The resulting inquiry is available for review by the member to whom it was initially addressed and to our customer service people, who may share past inquiry information, or information related to past stays including your contact details with members. We may also from time to time, use third party e-mail servers to send and track receipt of inquiry emails, and analyze the pattern of inquiry usage reported by these third party tracking systems.
How Do We Protect Your Personal Information Once We Have It?
We take reasonable technical and organizational measures to guard against unauthorized or unlawful processing of your personal data and against accidental loss or destruction of, or damage to, your personal data. While no system is completely secure, we believe the measures implemented by the Site reduce our vulnerability to security problems to a level appropriate to the type of data involved. We have security measures in place to protect our user database and access to this database is restricted internally. However, it remains your responsibility:
To protect against unauthorized access to your use of the Site;
To ensure no-one else uses the Site while your machine is logged on to the Site (including by logging on to your machine through a mobile, Wi-Fi or shared access connection you are using);
To log off or exit from the Site when not using it;
Where relevant, to keep your password or other access information secret. Your password and log in details are personal to you and should not be given to anyone else or used to provide shared access for example over a network; and
To maintain good internet security. For example, if your email account or Facebook account is compromised this could allow access to your account with us if you have given us those details and/or permitted access through those accounts. If your email account is compromised it could be used to ask us to reset a password and gain access to your account with us. You should keep all of your account details secure. If you think that any of your accounts has been compromised you should change your account credentials with us, and in particular, make sure any compromised account does not allow access to your account with us. You should also tell us as soon as you can so that we can try to help you keep your account secure and if necessary warn anyone else who could be affected. If you have asked us to share data with third party sites, however (such as Facebook) their servers may not be secure. Credit card information is generally stored by our credit card processing partners and we ask them to keep that data secure. We also use third parties to help us optimize our website flow, content and advertising (see below).
Note that, despite the measures taken by us and the third parties we engage, the internet is not secure. As a result, others may nevertheless unlawfully intercept or access private transmissions or data.
What are Cookies, Web Beacons and Clear GIFs and Why Do We Use Them?
We gather and share information concerning the use of the Site by members and travelers with one or more third-party tracking companies for the purpose of reporting statistics. To do this, some of the pages you visit on our Site use electronic images placed in the web page code, called pixel tags (also called “clear GIFs” or “web beacons”) that can serve many of the same purposes as cookies.
Web beacons may be used to track the traffic patterns of users from one page to another in order to maximize web traffic flow. Our third-party advertising service providers may also use web beacons to recognize you when you visit the Site and to help determine how you found the Site. If you would like more information about this and to know your choices about not having this information used by these companies, click here: http://networkadvertising.org/consumer/opt_out.asp.
Phishing or False Emails
If you receive an unsolicited email that appears to be from us or one of our members that requests personal information (such as your credit card, login, or password), or that asks you to verify or confirm your account or other personal information by clicking on a link, that email was likely to have been sent by someone trying to unlawfully obtain your information, sometimes referred to as a “phisher” or “spoofer.” We do not ask for this type of information in an email. Do not provide the information or click on the link. Please contact our Customer Service at support@OnceThere.com if you get an email like this.
Job applicants, current and former employees
If you use the Site to apply to work with us, we will use the information you supply to process your application and to monitor recruitment statistics. Where we want to disclose information to a third party, for example where we want to take up a reference, will not do so without informing you beforehand unless the disclosure is required by law. Personal information about unsuccessful candidates will be held for 12 months after the recruitment exercise has been completed, it will then be destroyed or deleted. We retain de-personalized statistical information about applicants to help inform our recruitment activities, but individuals should not be identifiable from that data. OnceThere is based in the US and employee and recruitment data is held there.
Once a person has taken up employment with us, we will compile a file relating to their employment. At that stage, we will give you more details about how we hold employee details.
How Do I Correct or Update My Information?
You can see any personal information processed by us. The best way of seeing this if you are an activity provider is to log on to your account. You can see your basic details and correct or update them there at any time to suit you. We also want to give you the opportunity to identify any inaccuracies in any other information we hold about you. Where possible, if we’re told about the inaccuracy of any personal information, we will make appropriate corrections. You can ask to see, update or amend any information we hold on you by contacting us.
How Do I Opt-Out of Receiving Marketing Communications from You?
We will contact you from time to time for marketing purposes. Unless you have opted out, this could include contacting you by phone or email.
You may opt-out of receiving marketing communications from us by the following means:
1. Contact our Customer Service at support@OnceThere.com;
2. Follow the instructions included in each communication or newsletter;
3. Use the Unsubscribe function; or
4. Mail the request to us at OnceThere, Inc. 1214 W 5th Street, Suite A Austin, TX 78703
Please remember that if you change your preferences it may take a short time for those preferences to become effective.
How Long Will We Keep Your Personal Data?
How Do I Contact You?