Privacy Center

Guest Experience Solutions Product Privacy Policy

Last Updated December 19, 2023

This Guest Experience Solutions Product Privacy Policy describes the privacy practices of Sojern, Inc., and its subsidiaries ("Sojern," "we", "us" or "our") with regards to our Guest Experience Solutions product ("GES", or the "Service.") For information regarding our privacy practices in the context of our advertising services, business representatives with whom we interact, our website, or our recruitment activities, please see the Sojern Privacy Policy.

In the context of providing the Service, we operate as a “processor”, “service provider”, or equivalent role under relevant privacy law. This means that we provide the Service to business hospitality customers (“Customers”), who may use it to interact with consumers (“Guests”). These Customers determine how personal information is stored and used within the Service. As such, the collection, storage, use and sharing of Guest personal information by Customers is subject to their respective privacy policies and practices. We cannot control, and are not responsible for, the privacy practices of these Customers. If you have questions about the privacy or security practices of any Customer, please refer to the applicable Customer’s privacy or security notices.

Personal Information We Collect

When interacting with the Service, Guests may provide personal information to Customers which is processed via the Service, which may include:

  • Contact information, such as your first and last name, email address, billing and mailing addresses, and phone number.
  • Booking and stay information, such as your booking details and dates, room number, stay preferences, and user ratings and reviews.
  • User-generated information, such as content or information that you generate, transmit, or otherwise make available to Customers via the Service.
  • Payment and transactional data, such as information relating to or needed to complete your orders and/or payments on or through the Service (including partial payment card information and billing information), and your purchase history.
  • Marketing data, such as your preferences for receiving messages and marketing communications transmitted via the Service and details about your engagement with them.
  • Other data not specifically listed here, which we will use as described in this Privacy Policy or as otherwise disclosed at the time of collection.

Third-party sources. We may combine personal information we receive from you with personal information we obtain from other sources, such as third-party travel booking and review websites.

Automatic data collection.  We and our service providers may automatically log information about your interaction over time with the Service and our communications, such as your computer’s or mobile device’s operating system type and version, manufacturer and model, browser type, screen resolution, RAM and disk size, CPU usage, device type (e.g., phone, tablet), IP address, unique identifiers (including identifiers used for advertising purposes), language settings, mobile device carrier, radio/network information (e.g., Wi-Fi, LTE, 3G), and general location information such as city, state or geographic area.

How We Use Your Personal Information

We may use your personal information for the following purposes or as otherwise described at the time of collection:

Service delivery.  We may use your personal information to:

  • provide, operate, and improve the Service, our products, and business;
  • enable security features of the Service;
  • communicate with you about the Service, including by sending announcements, updates, security alerts, and support and administrative messages;
  • understand your needs and interests, and personalize your experience with the Service and our communications; and
  • provide support for the Service, and respond to your requests, questions and feedback.

Research and development.  We may use your personal information for research and development purposes, including to analyze and improve the Service and our business. As part of these activities, we may create aggregated, de-identified or other anonymous data from personal information we collect.  We make personal information into anonymous data by removing information that makes the data personally identifiable to you.

Compliance and protection.  We may use your personal information to:

  • comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities;
  • protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims); 
  • audit our internal processes for compliance with legal and contractual requirements or our internal policies; 
  • enforce the terms and conditions that govern the Service; and 
  • prevent, identify, investigate and deter fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft.  

Retention. We generally retain personal information to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements, to establish or defend legal claims, or for fraud prevention purposes.  To determine the appropriate retention period for personal information, we may consider factors such as the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.   

When we no longer require the personal information we have collected about you, we may either delete it, anonymize it, or isolate it from further processing.

How We Share Your Personal Information

We may share your personal information with the following parties and as otherwise described in this Privacy Policy or at the time of collection.  

Customers. The Customers to whom we provide the Service.

Affiliates.  Our corporate parent and affiliates, for purposes consistent with this Privacy Policy.

Service providers.  Third parties that provide services on our behalf or help us operate the Service or our business (such as hosting, information technology, customer support, email and SMS delivery, marketing, and website analytics). 

Professional advisors.  Professional advisors, such as lawyers, auditors, bankers and insurers, where necessary in the course of the professional services that they render to us.

Authorities and others. Law enforcement, government authorities, and private parties, as we believe in good faith to be necessary or appropriate for the compliance and protection purposes described above. 

Business transferees.  Acquirers and other relevant participants in business transactions (or negotiations and diligence for such transactions) involving a corporate divestiture, merger, consolidation, acquisition, reorganization, sale or other disposition of all or any portion of the business or assets of, or equity interests in, Sojern or our affiliates (including, in connection with a bankruptcy or similar proceedings).

Your Choices

Our Customers are the data controllers of end users’ personal information. As the data controllers, Customers are responsible for receiving and responding to requests to exercise any rights available to you under applicable data protection law. As such, if you wish to exercise a privacy right available to you, please contact the relevant Customer, and we will assist Customers in responding to such requests as required under relevant privacy law and in our contractual agreements.

Depending on your location and the nature of your interactions with our Customers, you may have the right to submit the following requests to Customers regarding your personal information: 

  • Access. Request that Customers provide you with information about the processing of your personal information and give you access to your personal information.
  • Correct. Request that Customers update or correct inaccuracies in your personal information.
  • Delete. Request that Customers delete your personal information.
  • Transfer. Request that Customers transfer a machine-readable copy of your personal information to you or a third party of your choice.
  • Restrict. Request that Customers restrict the processing of your personal information.
  • Object. If applicable, object to Customers’ reliance on “legitimate interests” as the basis for processing your personal information.
  • Opt-out: Opt-out of certain targeted marketing or “sales” of your personal information by Customers.
  • Limit: Limit the use of certain types of sensitive personal information. 

Opting-out of marketing communications.  You may directly opt-out of marketing-related emails sent via the Service by following the opt-out or unsubscribe instructions at the bottom of the email or by contacting us. Please note that if you choose to opt-out of marketing-related emails, you may continue to receive service-related and other non-marketing emails. If you receive text messages via the Service, you may opt out of receiving further marketing text messages by replying STOP to the text message.

Other Sites and Services

The Service may contain links to or integrations with websites, mobile applications, and other online services operated by third parties. These links and integrations are not an endorsement of, or representation that we are affiliated with, any third party. We do not control websites, mobile applications, or online services operated by third parties, and we are not responsible for their actions. We encourage you to read the privacy policies of the other websites, mobile applications, and online services you use.

Security

We employ a number of technical, organizational and physical safeguards designed to protect the personal information we collect.  However, security risk is inherent in all internet and information technologies and we cannot guarantee the security of your personal information.

International Data Transfer

We are headquartered in the United States and may use service providers that operate in other countries. Your personal information may be transferred to the United States or other locations where privacy laws may not be as protective as those in your state, province, or country.  

For information regarding the EU-US Data Privacy Framework, please see the Sojern Privacy Policy.

Children

The Service is not intended for use by children under 16. If we learn that we have received personal information through the Service from a child under 16 without the consent of the child’s parent or guardian as required by law, we will delete it. We encourage parents or guardians with concerns to contact us.

Updates

We may update this Privacy Policy from time to time in response to legal, technical or business developments, in which case we will revise the “last updated” date at the top of this Privacy Policy. When we update our Privacy Policy, we will inform you by posting a notice on the Website prior to such changes becoming effective, which will be consistent with the significance of the changes we make.

How to Contact Us

Email: sojernprivacy@sojern.com 

Mail
Sojern, Inc.
Attention: Privacy
545 Market Street, Floor 4 
San Francisco, CA 94105