Effective Date: October 24, 2018
WHO WE ARE
The Public Hotel’s website (the “WEBSITE”) and Public All Access and MobileKeys mobile applications (the “APPS”) are operated by the Ian Schrager Company LLC DBA Ian Schrager Company (“COMPANY“, “WE” or “US“). The Public Hotel and our headquarters are located at 215 Chrystie St., New York, New York, USA 10002.
“PERSONAL DATA” as used in this Policy means any information that relates to you and from which you can be identified.
PERSONAL DATA WE COLLECT
Depending on how you interact with us, we may collect the following categories of Personal Data about you:
Reservation Information: We collect Personal Data when you book through our online reservation system, stay at the Public Hotel in New York, book a restaurant or entertainment reservation through third parties such as OpenTable or TicketFly. Information collected during the course of the reservation and during your stay may include your name, email address, billing and payment information, and information related to your participation in our Friends & Family program.
Account Information: If you decide to register for an account with us, we will collect Personal Data to set up and manage your account. This information may include your name and email address.
Friends & Family Information: We collect Personal Data through the course of your membership in our Friends & Family program. This information may include your name, email address, and membership number.
Technical Information: We collect Personal Data when you browse the Website, use our Apps, or participate in certain services at the Public Hotel. In these instances, we may collect your internet protocol (“IP”) address, media access control (“MAC”) address, geo-location, and other characteristics about your system or device.
Social Media Information: We may collect information from social media and information sharing platforms, as well as social media features (such as the Facebook “Like” button) that we’ve installed on our Website and Apps.
Other Information: There are other times when we collect Personal Data, such as if you contact us by phone or email, participate in one of our competitions or surveys, sign up to receive our newsletters and promotions, or participate in one of our other services. In these instances, the Personal Data we collect will depend on your interaction with us. It may include your details such as your name and address, as well as certain demographic information.
We collect Personal Data from:
Direct interactions, such as when you make a reservation, create an account, use our Website or Apps, participate in surveys or questionnaires, subscribe to a newsletter, or in any way engage with us or our personnel;
Cookies and automated technologies, such as when you interact with our Website, Apps, or click on links on our emails;
Private third party sources, such as when you make a reservation at our one of our restaurants or purchase a ticket for Public Arts;
Through social media, such as if you link to social media platforms or use social media plug-ins, we may (depending on your user privacy settings on that social media platform) automatically receive information about you from that social media platform; and
Security systems, such as the closed circuit television (“CCTV”) and security/swipe card records from the Public Hotel.
In addition to Personal Data, we may collect information that does not relate to an identified or identifiable person. For example, we may collect the browser types, device types, and operating system information of our users. If any of this information can be used to identify you because, for example, we link it to your Personal Data, we will treat such information as Personal Data.
HOW WE USE YOUR PERSONAL DATA
We, or our service providers, use your Personal Data for the following purposes depending on the types of Personal Data we have collected from and about you:
To complete and fulfill your reservation, such as verifying your identity, processing your payment, ensuring your room is available, and providing you with customer service (for example, sending you confirmations or pre-arrival messages, and assist you with meetings, events, or celebrations. These uses are necessary for the performance of the contract you have with us.
To operate and provide services in connection to our accounts and Friends & Family program, such as enrolling you in the program, sending you updates, account statements, and other information relating to your participation, and offering you discounts and promotions. Certain of these uses of your Personal Data are necessary for the performance of the contract you have with us, while other uses may be pursuant to your consent or our own legitimate interests (such as improving the program).
To contact you in connection with surveys, sweepstakes, promotions, marketing communications, and other social outreach. We will obtain your consent prior to sending you these communications where required by law.
For our internal business purposes, such as for data analysis, audits, security and fraud monitoring and prevention (including with closed-circuit television, card keys, and other security systems), developing new products and services, and improving your experience in our hotel and on the Website and Apps. We use your Personal Data for these purposes to manage our contractual relationship with you, to comply with our legal obligations, or to pursue our legitimate interests.
We reserve the right to use information that is not Personal Data (such as anonymous information) for any legal purpose.
HOW WE SHARE YOUR PERSONAL DATA
We will share your Personal Data within the Company, at your direction, as disclosed to you at the time of collection, or in the following circumstances:
Service Providers: Like many businesses, we hire selected third parties to support our operations, such as card processing or payment services, IT suppliers and contractors, web analytics and advertising providers, and providers of CRM, marketing and sales software solutions. Pursuant to our instructions, these parties may access, process or store your Personal Data solely to perform the services we have hired them to provide.
Affiliated Businesses: We operate on a global scale. In order to provide the services you request from us, our affiliated businesses may access and process your Personal Data for the purposes described in Section 4, including offering products and services to you. Our affiliated businesses will only use your Personal Data for the purposes for which we originally collected it.
Corporate Transactions: In the event we are involved in a merger, reorganization, acquisition, sale of all or a portion of our assets, or other corporate transaction, we may disclose your Personal Data as part of that transaction.
When you use the Website or Apps, we may receive information about your location. For example, if you are using our Apps and have consented to sharing your location information with us, this information might be collected through GPS or Bluetooth technologies to enable us to provide certain services to you such as customized offers and promotions. In addition, we may also receive location information from wireless networks or cellular towers in proximity to your mobile device, through your IP address or through your use of other services we provide at our hotels. We may also have access to location information that you provide to us through your use of social media, such as when you “tweet” your location. Your location preferences can be set or modified at the device level or through modifying your settings with the relevant social media platform.
You may request to access or modify the Personal Data we maintain about you, and we will respond to your inquiry within a reasonable timeframe. If you wish to exercise these rights (including those described below for individuals in the EEA, as applicable), please contact us using the information in Section 17. We may charge you a reasonable fee if you request additional copies of your Personal Data or make other requests that are manifestly unfounded or excessive. Further, we may not be able to honor your requests in certain circumstances. If we are unable to honor your request, or before we charge a fee, we will let you know why.
Please note that if you decide to exercise some of your rights, we may be unable to provide you certain services, or you may not be able to use or take full advantage of the services we offer.
Additional Rights for Individuals in the EEA: If you are located in the EEA and we maintain your Personal Data, you have the following additional rights (under the EU General Data Protection Regulation) with regard to your Personal Data:
Right of Access: If you ask us, we will confirm whether we are processing your Personal Data and, if so, provide you with a copy of that Personal Data along with certain other details such as the purpose of the data processing.
Right to Rectification: If your Personal Data is inaccurate or incomplete, you are entitled to ask that we correct or complete it. If we shared Personal Data with others, we will tell them about the correction where possible.
Right to Erasure: You may ask us to delete or remove your Personal Data, such as where our legal basis for the processing is your consent and you withdraw consent. If we shared your Personal Data with others, we will tell them about the erasure where possible. We may continue processing Personal Data in certain limited circumstances.
Right to Restrict Processing: You may ask us to restrict or “block” the processing of your Personal Data in certain circumstances, such as where you contest the accuracy of the Personal Data or object to us processing it. We will tell you before we lift any restriction on processing. If we shared your Personal Data with others, we will tell them about the restriction where possible.
Right to Data Portability: You have the right to obtain your Personal Data from us that you consented to give us or that was provided to us as necessary in connection with our contract with you. We will provide you with your Personal Data in a structured, commonly used and machine-readable format. You may reuse it elsewhere.
Right to Object: You may ask us at any time to stop processing your Personal Data, and we will do so (i) if we are relying on a legitimate interest to process your Personal Data — unless we demonstrate compelling legitimate grounds for the processing; or (ii) if we are processing your personal data for direct marketing.
Right to Withdraw Consent: If we rely on your consent to process your pe Personal Data, you have the right to withdraw that consent at any time. This will not affect the lawfulness of processing of your Personal Data before we received notice that you wished to withdraw your consent.
Right to Lodge a Complaint with the Data Protection Authority: If you have a concern about our privacy practices, including the way we handled your Personal Data, you can report it to any competent data protection authority of an EU member state that is authorized to hear those concerns. You may find EU Data Protection Authorities’ contact information here.
MARKETING AND PUSH NOTIFICATIONS
If you do not wish to receive marketing-related emails from us, please click the unsubscribe link at the bottom of any marketing email, or email us using the information in Section 17. Please note that even if we stop all marketing communications, you may still receive administrative, legal, and other important communications from us.
If you use our Apps, we may send you push notifications to update you about our events or promotions. If you no longer wish to receive these types of communications, you may turn them off at the device level.
COOKIES AND OTHER DATA COLLECTION TECHNOLOGY
We use three primary types of Cookies, which include:
Functional Cookies: These Cookies support the use of the Website and Apps and enable certain features to enhance your experience. For example, we use functional Cookies to facilitate your reservation and to remember your selections as you move from page to page. We also use functional Cookies for remembering things like your sign-in information and hotel preferences to avoid you having to re-enter it.
Performance Cookies: These Cookies collect information needed to support the Website and our Apps and allow us to improve our Website and identify any problems that you faced while visiting us. For example, performance Cookies may provide us with information about how you came to our Website and how you navigated around our Website during your visit. We also use these Cookies to provide us with certain statistical and analytics information, such as how many visitors came to our Website or how effective our advertising is. Examples of the performance Cookies we use, which may change from time to time, include: Google Analytics and Bing Analytics.
Targeting Cookies: These Cookies collect information from you to help us to improve our products and services as well as serve you with targeted advertisements that we believe will be relevant for you. We use targeting Cookies across our websites and applications for various marketing initiatives and campaigns. For more information, please see the “Targeted Advertising” section below. Examples of the targeting Cookies we use, which may change from time to time, include: DoubleClick, Google AdWords and Dynamic Remarketing, and Facebook Custom Audience.
To learn more about Cookies, please visit: http://www.allaboutcookies.org/.
Third Party Cookies: As described above, we use third party service providers to help us manage, carry out and improve our advertising. These parties set Cookies at our direction to help us collect information and provide you with advertisements that we believe would be relevant for you. In some instances, these third parties may also assist us by providing certain statistical and analytics information in relation to our marketing practices. For example, we use Google Analytics, a web-based analytics tool that tracks and reports on the manner in which the website is used to help us to improve it. Google Analytics does this by placing Cookies on your device. We also may share information collected through Cookies (and other tracking technologies) with third parties to use for their own analytics and marketing purposes.
Managing Cookies and Opting Out: You can choose to visit our Website without Cookies, but in some cases certain services, features and functionality may not be available. To visit without Cookies, you can configure your browser to reject all Cookies or notify you when a Cookie is set. Each browser is different, so check the “Help” menu of your browser to learn how to change your Cookie preferences. To manage Flash cookies, please click here.
Other Technologies: Other technologies such as pixels and web beacons may also be used on our Website, Apps, in email messages and in other areas of our business. These technologies are used to improve our products and services as well as our marketing efforts.
Targeted Advertising: We (and our third party service providers) may serve targeted advertisements through the use of first-party or third party Cookies, pixels and web beacons when you visit our Website, use our Apps, or visit third party websites. In some instances, these Cookies may be persistent Cookies. We and our third party service providers may also use cookie and other information to try to identify other devices and web browsers that you may use so we and our third party service providers may serve targeted advertisements to those devices. We do this to provide you with advertising that we believe may be relevant for you as well as improve our own products and services, including the functionality and performance of our websites and mobile applications. For more information regarding targeted advertisements and/or to opt out of automatic collection for these purposes, please visit http://www.aboutads.info/choices/. If you opt out of these targeted advertising Cookies, your opt-out will be specific to the web browser or mobile device from which you accessed the opt-out. If you use multiple devices or browsers, you will need to opt out each browser or device that you use.
Do-Not-Track: Currently, our systems do not recognize browser “do-not-track” signals. You may, however, disable certain tracking as discussed in this section (e.g., by disabling Cookies) and opt out of targeted advertising as described above.
We will take appropriate technical and organizational measures designed to protect your Personal Data from unauthorized access, use, disclosure, alteration or destruction, in accordance with applicable laws and regulations. For example, we limit our collection and use of your Personal Data to the extent reasonably necessary to provide you with our services. However, no Internet or email transmission is ever 100% secure, and we encourage you to take reasonable precautions to safeguard your Personal Data by, for example, maintaining the confidentiality of your account username and password. If you would like to know more about how we protect your Personal Data, you can contact us using the information in Section 17.
We will keep your Personal Data for as long as necessary to fulfill the purposes for which we collected it, including any legal, accounting or reporting requirements. To determine the appropriate retention period, we consider the amount, nature, and sensitivity of Personal Data, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we process your Personal Data, whether we can achieve those purposes through other means, and all applicable legal requirements.
NOTE TO INTERNATIONAL USERS
We are committed to complying with this Policy and the data protection laws (including those outside of the United States) that apply to our collection and use of your Personal Data. The Company and the Public Hotel are located in the United States, where the laws may be different and, in some cases, less protective than the laws of other countries, including the EEA. By providing us with your Personal Data and using the Website and Apps, you acknowledge that your Personal Data will be transferred to and processed in the United States.
YOUR CALIFORNIA PRIVACY RIGHTS
California Civil Code Section 1798.83 permits individual California residents to request certain information regarding our disclosure of certain categories of Personal Data to third parties for those third parties’ direct marketing purposes. To make such a request, please contact us using the information in the “Contact Us” section below. This request may be made no more than once per calendar year, and we reserve our right not to respond to requests submitted other than to the email or mailing addresses specified below. Note that we do not currently share Personal Data with third parties for those third parties’ direct marketing purposes.
Our Website and Apps are not directed to or intended for use by children. Consistent with applicable laws, if we learn that we have received Personal Data directly from a child without his or her parent or legal guardian’s verified consent, we will use that Personal Data only to respond directly to that child (or his or her parent or legal guardian) to inform the child that he or she cannot use our services. Subsequently, we will delete such Personal Data.
THIRD PARTY WEBSITES AND SERVICES
CHANGES TO THIS POLICY
Any changes we make to this Policy will be posted on this page. If required by applicable law, we will notify you by email, posting notice on the Website or Apps, or by any other reasonable means in advance of such changes becoming effective.
Please send questions, comments, and requests regarding this Policy or our information practices to:
Ian Schrager Company
215 Chrystie Street
New York, NY 10002