We encourage you to read the Policy carefully before you use any of our Services. This Policy applies to all our Services that link to it. Your continued use of our Services constitutes consent to the Policy. If you have any questions or concerns regarding this policy, please contact us at [email protected]
2. What information we collect
We collect two types of information regarding our Visitors and Users:
1. Un-identified and non-identifiable information pertaining to a Visitor or un-identified User, which may be made available to us, or collected automatically via his/her use of the Services (“Non-personal Information”). Such Non-personal Information does not enable us to identify the Visitor or User from whom it was collected. The Non-personal Information collected by us mainly consists of technical and aggregated usage information, such as Visitors’ and Users’ browsing and ‘click-stream’ activity on the Services, session heatmaps and scrolls, non-identifying information regarding the Visitor’s or User’s device, operating system, internet browser, screen resolution, language and keyboard settings, internet service provider, referring/exit pages, date/time stamps, etc.
2. Individually identifiable information, namely information that identifies an individual or may with reasonable efforts cause the identification of an individual or may be of private or sensitive nature (“Personal Information”). The Personal Information collected by us mainly consists of contact details (e.g., email address or phone number), billing details (name, physical billing address, payment method and transaction details), which are only collected from Users with Paid Services or Form Submissions, details regarding a browsing or usage session (IP address, Geo-location and/or device unique identifier), details regarding connected third party accounts (such as the email or username for a connected Google or Facebook account), scanned identification documents provided to us (such as an ID card, driver’s license, passport or official company registration documents), correspondences (including those made through or uploaded to our Services), and any other Personal Information provided to us by Visitors and/or Users through their access to and/or use of the Services. For the avoidance of doubt, any Non-personal Information that is connected or linked to Personal Information (for example, to improve the Services we offer) is deemed and treated by us as Personal Information, if such connection or linkage exists.
3. How do we collect this information
We collect information mainly in three ways:
1. We collect information through your use of the Services. When you visit or use our Services, including when you browse the Website or any User Website, register a User Account, make an inquiry or a booking of a property, when you download our App, we are
aware of it and will usually gather, collect and record such uses, sessions and related information, either independently or with the help of third-party services, including through the use of “cookies” and other tracking technologies.
2. We collect information which you provide us voluntarily. For example, we collect the Personal Information you provide us when you register to our Services; when you sign in to our Services via third party services such as Facebook or Google; when you make inquiries or bookings for certain apartments; when you submit or upload such Personal Information as you use any of our Services; and/or when you contact us directly by any communication channel (e.g., telephone, email).
3. We also collect information from third party sources as described in Section 11 below.
Some information you provide through the Services is collected and processed by third parties on our behalf. For example, when you make an online booking through the Services, we need to collect your credit or debit card information. This information is collected and processed by third-party payment processors. In the event that a credit report is required to use a Service, you may be asked to provide your Social Security number (“SSN”). When SSNs are required, we use technology to pass that information directly to the third-party providers who need the information to process the credit or background check report.
4. How do we use this information
We use the collected information to:
· Provide you with our Services as an unregistered or registered user of the Site, process transactions and send related information such as confirmations and invoices;
· Send you technical notices, updates, security alerts and support and administrative messages;
· Respond to your comments, questions and requests and provide customer service;
· Manage and improve the performance of our products and Services;
· Communicate with you about products, services, offers, promotions, rewards and events offered by Bill & John and others, and provide news and information we think will be of interest to you;
· For audits and reporting purposes;
· Detect, investigate and prevent fraudulent transactions and other illegal activities and protect the rights and property of Bill & John, as well as that of our employees, our agents or others, and to comply with applicable law and government requests;
· Provide and deliver the Services, process transactions and send related information such as confirmations and invoices;
· Monitor and analyze trends, usage and activities in connection with our Services;
· Revise, modify, and update existing Services and develop new Services;
· Carry out any other purpose described to you at the time the information was collected.
We only collect personal information that is required for us to collect by our legal obligations or is necessary to fulfill the Services.
5. How do we disclose this personal information
We may disclose personal information in the following circumstances and to the following parties:
· Other companies belonging to or directly affiliated to Bill & John and always in accordance with this policy. Note that sharing of Personal Information from Bill & John subsidiaries and affiliated companies in the European Union or in the United States, adheres to the EU-US Privacy Shield frameworks.
· Certain service providers perform a number of services on our behalf, such as web hosting, email service providers, payment processing, analytics, etc. To do so, we
sometimes need to share your personal information with them for the purposes described above. These service providers are located around the world. Therefore, the personal data that we collect may be transferred to and stored in countries outside of your jurisdiction. Any international transfer of your personal information is made by following the appropriate safeguards.
· Certain third-parties when required by law, and when necessary to provide, and to protect Our Services.
· Certain third-party partners, after we receive your explicit consent. We will request your consent to share personal information about you with third parties so that they may provide you with special offers, promotional materials, and other materials that may be of interest to you.
· Aggregated information that does not identify specific individuals.
To clarify, Bill & John may share your Personal Information in manners other than as described above, pursuant to your explicit approval, or if we are legally obligated to do so.
6. What are your rights in relation to your personal information
It is important that you have control over your Personal Information. That’s why we are taking steps to enable you to access, receive a copy of, update, amend, delete, or limit the use of your Personal Information. Individuals located in certain countries, including the European Economic Area, have certain statutory rights in relation to their personal data. Specifically they have the following rights:
· Right of access: you have the right to obtain confirmation that your personal data is processed, and in the case of processing, information regarding the purposes of your data processing, the retention period (and the criteria used to determine this period) of the data, the recipients to whom your personal data has been or will be disclosed, and a copy of your personal data that we maintain.
· Right to data portability: you have the right to receive your personal data that you have provided to us, in a structured, commonly used and machine-readable format.
· Right to rectification: you have the right to obtain rectification of any inaccurate or incomplete personal data that we maintain about you.
· Right to erasure (right to be forgotten): you have the right, in some circumstances, to obtain the erasure of the personal data that we maintain about you. The right to be forgotten is not unreservedly guaranteed. It is limited especially when colliding with the right of freedom of expression and information. Other exceptions are if the processing of data which is subject to an erasure request is necessary to comply with legal obligations, for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes or for the defence of legal claims.
· Right to restriction of processing: you have the right, in some circumstances, to obtain restriction of processing to the personal data that we maintain about you.
· Right to object: you have the right to object to any processing of your personal data that we maintain, but there may be compelling reasons for continuing this processing from our side. In any case we will assess your request and respond to you accordingly. Marketing activities are not included in the aforementioned compelling reasons.
Before disclosing the requested records of Personal Information we keep of you, we may ask you for additional information in order to confirm your identity and for security purposes. We reserve the right to charge a fee where permitted by law (e.g., if your request is unfounded or excessive).
You have the right to file a complaint with your local supervisory authority for data protection (but we still recommend that you contact us first).
In case you wish to exercise one of these rights, please contact us at [email protected]. We will make all reasonable efforts to honour your request promptly (unless we require further information from you in order to fulfil your request), subject to legal and other permissible considerations.
7. Information security and privacy incident reporting
We are taking all reasonable organizational and technical measures in order to safeguard your personal data against accidental or unlawful destruction, loss, change or damage. Having said that, no security program is 100% foolproof and thus we cannot guarantee the absolute security of your personal or other information.
In order to handle any potential data privacy incident and minimize its consequences, we have implemented a relevant procedure. Upon the occurrence of a data privacy incident (breach) you will be informed as soon as the incident is taken into consideration. Additionally, the relevant Data Protection Authority will be informed within 72 hours after the incident has been noticed.
8. Interest-based advertising
In addition, if you have provided your email address to us, we may use a scrambled, unreadable form (a hash) of your email address to deliver tailored advertisements to you on the Services or on other websites. We do not access or collect any of the contents of your email messages in providing interest-based advertising. Our use of information received from Gmail APIs will adhere to Google’s Limited Use Requirements.
9. Communication from Bill & John
We may use your Personal Information to send you promotional content and messages by email, text messages, direct text messages, marketing calls and similar forms of communication. If you do not wish to receive such promotional messages or calls, you may notify us at any time or follow the “unsubscribe” link. We take steps to limit the promotional content we send you to a reasonable and proportionate level, and to send you information which we believe may be of interest or relevance to you, based on your information.
Also, we may contact you with important information regarding our Services, or your use thereof. For example, we may send you billing information; replies to your support ticket or email; send you reminders or warnings regarding upcoming or late payments for your current or upcoming subscriptions; or notify you of material changes in our Services. It is important that you are always able to receive such messages. For this reason, you are not able to opt-out of receiving such Service and Billing Messages unless you are no longer a Bill & John Visitor or User.
systems, please contact us at [email protected]
10. Opting out of collection of information by third parties
11. Third-party links and websites
12. Children’s privacy
Our Services are addressed to individuals, who are at least 18 years old, unless we specify otherwise. For individuals under 18, we do not knowingly collect personal data, without prior parental consent. If you find out that your child has provided us with any personal data, without your prior consent, please inform us, in order to delete this information and terminate any account that your child may have created with us.
13. Updates to this policy
14. How to contact us