You are here
RentalSite_Xml_Policy_PrivacyPolicy
Hilton Grand Vacations® is committed to protecting your personal information. We want all of our members, owners and non-member hotel guests to have a fantastic vacation experience with us and to return to our worldwide holiday destinations. When you do so, we want you to be confident that we take as much care of your personal information as we do of you and your family when you are visiting us. This Privacy Policy applies to our use of any personal information we collect from or about you through your use of any of our websites, including www.diamondresortsandhotels.com, or mobile applications that link to this Privacy Policy ("Site" or "Sites"), when you buy any product or service from us, when you enter a sweepstake or contest provided by us, when you complete surveys or questionnaires about our service, when you visit any of our worldwide destinations, when you interact with us by writing or e-mailing us, telephoning us or interacting with us on social media. Hilton Grand Vacations® is a global leader in the vacation ownership industry. Our group includes all subsidiaries of Hilton Grand Vacations Holdings LLC, a Nevada limited liability company in the United States of America. Hilton Grand Vacations (Europe) Limited, located at Citrus House, Caton Road, Lancaster, Lancashire, United Kingdom, is the data controller of personal data related to UK data subjects, and Hilton Grand Vacations (Europe) Limited – French Branch, located at Space Antipolis, Batiment 5,2323, Chemin de Saint Bernard, 06220, Vallauris, France, is the data controller of personal data related to EU data subjects. The Diamond group of companies includes the additional companies listed here. In this policy when we refer to "us", "we" and "our" we are referring to the Diamond group as a whole or a particular company within it, depending on the context. 3.1. Information we collect from you 3.1.1. When you make a reservation or purchase a product from us 3.1.2. At the front desk and on resort property When you check in at one of our resorts we will confirm your name, address, telephone number and e-mail address. We will affirm payment information with you and ask to see or copy your identity documents if required by local law. If you are taking part in an activity that we have arranged, we will need further information from you in order to arrange that activity. If a third party provides the activity we will pass some details on to them to fulfil your request. In addition, we will collect individual information from you in connection with on-property services, including, but not limited to, sales presentations, concierge services, and room service. If you have an accident on site we will require a formal report and we will ask you to provide personal details as well as details of the accident. We also use closed circuit television and other security measures at some of our properties. Cameras may, because of their position, capture or record images of guests and visitors in public areas (where the images may embody information regarding bodily characteristics) and record information related to your location. . Other technologies (such as keycards) may also give information about your location. Where we use any closed circuit television or any other technologies mentioned in this paragraph and the law requires it, we may have signs in place to tell you these are in operation and who to contact in case you have a question or wish to request to exercise your rights. On some occasions, for quality assurance and other internal purposes, we may record (both audio and video) sales presentations in which you participate. 3.1.3. Sweepstakes and contests Sometimes we run sweepstakes and contests to give you the opportunity to win great prizes and discounted promotional offers. Sweepstakes and contests differ but usually we ask you to provide us with your contact information, marital status, age group for entrant and spouse/cohabitant (if applicable), home ownership, and household income range to participate. Additionally, we may ask you for your consent to contact you for future promotions and marketing offers, which is optional and not required to enter the sweepstakes/contest. 3.1.4. Online surveys Hilton Grand Vacations® values opinions and comments from owners, members and guests so we frequently conduct online surveys. These surveys are optional for all owners, members and guests. We use information from surveys to make improvements to Hilton Grand Vacations® products and services and to develop appealing content, features and promotions for customers. 3.1.5. Other Sources of Personal Information We also collect information from you when: In addition, we may use information collected from or about you to generate inferences regarding your preferences so that we may present you with content better tailored to your interests. 3.2. Information you give us about other people If you’re making a booking on someone else’s behalf or asking us to make do so through one of our travel fulfilment partners (see section 14.4 for more information), you may provide us with personal information about someone else. If you are doing this, you should make sure that the person whose personal information you are providing knows that you have done so and that they have this Privacy Policy available to them. 3.3. Information we collect about you automatically Like many other websites, on our Sites, we, our service providers, or third-party services may automatically receive or collect from you certain information when you use the Sites. For example, we use servers that automatically record information about your IP address, which ads you click on, the page that directed you to our Site and the browser type used while accessing our Sites. A server log stores the information collected so it can be analyzed to determine possible security threats and debug errors, to help us assess browser usage so we know when to deprecate older browsers, to allow us to detect broken site links, monitor the effectiveness of changes and assess what features on our Sites are relied on most heavily. Other information that we may collect about you automatically may include: We may combine some non-personal information with your personal information to further enhance your experience while on the Site. Your web browser may have settings that allow you to transmit a “Do Not Track” signal when you visit various websites or use online services. Like many websites, the Site is not designed to respond to “Do Not Track” signals received from browsers. To learn more about “Do Not Track” signals, visit www.allaboutdnt.com. 3.4. Information third parties give us about you In some instances, you provide your information to a third party, either in connection with the Sites, our properties, or otherwise in connection with our relationship with you or your use of our services, or independent of our relationship to you, or as otherwise described in this policy. These third parties provide us the information that you provided to them. The information you provide to such third parties is subject to the privacy statement of the applicable third party. Such third parties may include marketing, affiliates, vendors, financing partners and social media services that you utilize. 3.4.1. Exchange guests and guests booking through a third party travel agent If you visit one of our resorts as an exchange guest or make your booking at our resorts through a third party travel agent, we receive information from them to administer your booking. We integrate some third parties into our reservations system to make the booking process run more smoothly. The personal information we receive from these sources depends on the nature of your booking and the third party with whom you made it. You should be able to find further information about what information they collect and is provided to us by reading the privacy statement of the appropriate third party. 3.4.2. Credit history If you purchase a vacation ownership product from us that you financed (whether by one of our group companies or through a third party brokered by us), we may require information about your credit history. Where required, we will ask you to consent to us obtaining this information from a credit referencing agency so we can complete your application. You should note that if you do not provide personal information we require we may not be able to provide you with the service or product you request. In general, we may use your information in the following ways (see below for more specific uses): Members and Owners If you are a member or owner in one of our vacation ownership clubs, we use your personal information to carry out our obligations to you. This means we will use your personal information to: allow you to complete reservations, save points, honor exchanges, make payments, service your requests and administer our relationship with you. We also use your personal information to contact you for customer service purposes and to process payment transactions. When you contact us or use our Sites to log on we will use your personal information to verify your identity or user credentials so that we can protect your information. We use what we know about you to provide customer service to you and (unless you object) keep your payment card details tokenized on our systems to process your transactions more quickly. If we helped you finance your purchase with one of our own lending companies, we use your personal information to enable us to perform our legal and regulatory obligations as a responsible lender. If we brokered credit to you on behalf of a third party lender we used your personal information during that process. We use your personal information to send you information about promotions, our products and services and your membership that may be of interest to you. For more information on our use of your personal information for marketing see section 11 headed How will you contact me for marketing purposes? Hotel guests If you have rented accommodation from us as a hotel guest, we use the information you (or a third party travel agent) provide during the booking process to fulfil bookings you make with us. We store your details on our systems so that we are ready for you at check in and when you provide us with your payment card details we keep them tokenized on our systems (unless you object) which enables us to process your transactions more quickly. If you contact us with a query or complaint, we will use your details to provide effective customer service to you and to follow up with you afterwards, if we need to. After you stay with us, we will send you surveys to ask you for ratings and reviews of your experience with us and give you the opportunity to share your experiences on social media. We use information based on your reservation history to send you information about promotions and our products and services that may be of interest to you. For more information on our use of your personal information for marketing see section 11 headed How will you contact me for marketing purposes? Website users We automatically capture information about users of our Sites in server logs (see section 3.3 headed Information we collect about you automatically for more information) and through the use of cookies (see our cookie policy for more information). This is so that we can provide you with technical assistance in the event of technical issues with our Sites, to allow us to personalize your experience of our Sites and generally to improve user experience on our Sites. Entrants to sweepstakes or contests If you enter one of our sweepstakes, we will use your personal information to administer the contest and tell you whether or not you have been successful. We may use information provided when you entered a contest to send you information about our products and services you might be interested in. For more information on our use of your personal information for marketing see section 11 headed Will you contact me for marketing purposes? Interest-Based Advertising
We may engage and work with third parties to serve advertisements on the Service and/or on third-party services. Some of these ads may be tailored to your interest based on your browsing of the Sites and elsewhere on the internet, which may include use of precise location and/or Cross-device Data, sometimes referred to as "interest-based advertising" and "online behavioral advertising" ("Interest-based Advertising"), which may include sending you an ad on a third-party service after you have left the Sites (i.e., "retargeting"). General We use feedback from all of our customers to develop promotions and product improvements. We will treat information that does not personally identify you as non-personal information, and we may de-identify, anonymize or otherwise convert your personal information to non-personal information. As permitted by applicable law, we reserve the right to use, process, share and otherwise exploit your non-personal information without limitation. If you are in the UK or a country in the European Union, you are entitled to an explanation of the legal bases we rely on to process your personal information, which is set out below. 6.1. To perform a contract We need to process your personal information to complete a sale to you of a product or service you have requested, service your requirements to book accommodation or services with us or on your behalf with third parties, and to administer and fulfill our contractual obligations to you. 6.2. To enable us to comply with a legal obligation We will need to use your personal information so we can comply with legal obligations to which we are subject. This includes any requirement to produce audited accounts, any legal obligation to share information with law enforcement agencies, public or governmental authorities and to comply with legal process. 6.3. Necessary for the exercise or defense of legal claims If you have an accident at one of our resorts, we will collect information about the incident and the circumstances surrounding it (which may include information you provide us with about injuries and medical treatment). We process that information to inform discussions with insurers and to conduct any resulting legal claims. 6.4. Consent During the booking or sales process we may ask you for your consent to send you specified kinds of marketing communications. If you have given your consent to receive marketing communications you may withdraw it at any time either by clicking through an unsubscribe link in an e-mail or by contacting us by one of the methods set out in section 21 headed Contacting us (see section 11 6.5. Our legitimate interests We will use your personal information if doing so is necessary for our legitimate interests and your rights as an individual do not override those legitimate interests. For example, when we contact you to offer assistance with your product or when you contact us with queries. Also, if we contact you about our other products and services you might be interested in (see section 11 headed Will you contact me for marketing purposes? for more information). Other examples include when we process your personal information to enforce contracts we are subject to (including our contract with you), carry out fraud prevention activities and activities to increase network and information security, to protect our operations, our (or your) rights, safety or property or other people’s, to identify usage trends, determine the effectiveness of promotional campaigns, to expand our business activities and improve our products and services and the content and functionality of our Sites. 7.1. Asking us to restrict our use of your personal information You have the right to ask us to place a restriction on our use of your personal information if one of the following applies to you: 7.2. Objecting to our use of your personal information You have the right to object to our use of your personal information where our reason for using it is based on our legitimate interests or your consent (rather than when the reason for using it is to perform an obligation due to you under a contract with us). 7.3. Asking us to delete your personal information You can ask us to delete your personal information if: However, this right is not absolute. Even if you make a request for deletion, we may need to retain certain information for legal or administrative purposes, such as record keeping, maintenance of opt-out requirements, defending or making legal claims or detecting fraudulent activities. We will retain information in accordance with section 12 headed How long will you keep my personal information below. If you do exercise a valid right to have your personal information deleted, please keep in mind that deletion by third parties to whom the information has been provided might not be immediate and that the deleted information may persist in backup copies for a reasonable period (but will not be available to others). 7.4. The right to transfer your personal information to another service provider You may request that we transfer some of the personal information you have provided to you or another service provider in electronic copy. This applies to personal information we are processing to service a contract with you and to personal information we are processing based on your consent. 7.5. The right of access to your personal information You have the right to ask us for confirmation on whether we are processing your personal information, and access to the personal information and related information. 7.6. The right to correction. You have the right to have your personal data corrected, as permitted by law. 7.7. The right to withdraw consent You have the right to withdraw consent that you have provided. 7.8. Making a complaint If you have any concerns or complaints regarding our processing of your personal information, please contact us as described in section 21 headed Contacting us below and we will do our very best to answer any question and resolve any complaint to your satisfaction. If, for whatever reason, you feel we do not meet the high standards you expect of us, you are also entitled to make a complaint to our lead supervisory authority: EU data subjects: UK data subjects: 8.1. Accessing your personal information You always have the right to access the personal information we keep about you, subject to certain legal restrictions. 8.2. Updating and correcting your personal information We are keen to ensure that any personal information we hold about you is kept up to date and is accurate. We will promptly correct or complete any personal information we hold about you that becomes out of date, is inaccurate or incomplete if you ask us to do so. Alternatively, if you have an online account you can update your details there. 9.1 California Consumer Privacy Act Notice The California Consumer Privacy Act (“CCPA”) provides California Consumers certain rights regarding their Personal Information (“PI”), as those terms are defined in the CCPA. Pursuant to the CCPA, we are providing you with notice of the PI we collect, our purposes for collection, and our disclosure practices for data that may be subject to the CCPA (“CCPA Notice”). As required by the CCPA, this Notice describes our data practices during the 12 months preceding the effective date. This CCPA Notice does not cover information that is outside of the scope of the CCPA, including data we collect and process as regulated by the Gramm-Leach-Bliley Act of 1999. This notice also does not apply to data collected from employees, applicants or contractors or to data collected from individuals acting as representatives of another business in connection with business communications or transactions. We collect PI directly from Consumers, from our corporate affiliates, from our service providers and other suppliers which we may use for the following categories of business purposes, as identified in the CCPA: We may also collect, use and share PI for our operational purposes as set forth in this Privacy Policy. We collect the following categories of PI, as identified in the CCPA, that we may share with our affiliates, service providers, financing partners, and third parties providing products or services similar or related to our offerings: We collect the following additional information which we may only share with our affiliates and service providers: If you are a California Consumer, you may exercise certain individual privacy rights. If you would like to register a request, you can contact us at CaliforniaPrivacy@diamondresorts.com or 844-396-8457. You have the right to not receive discriminatory treatment in a manner prohibited by the CCPA as a result of exercising your CCPA rights. We are committed to the privacy and security of your PI, and we will not fulfill your CCPA request unless we receive sufficient information to verify that you are the Consumer about whom we have collected the PI that is the subject of your request. This verification process includes providing us at least two (2) unique data points, depending on the type of request, to enable us to search for a match against data points maintained in our systems. Alternatively, Consumers may exercise their privacy rights via an authorized agent who meets the agency requirements of the CCPA. Agent requests on behalf of a Consumer must include a copy of the agency agreement between the authorized agent and the Consumer. We may also contact the Consumer directly to verify their identity and to independently confirm the agency relationship. The Right to Know The Right to Deletion You have the right, subject to statutory exceptions, to request that we delete your PI that we have collected directly from you and are maintaining. Note also that we are not required to delete your PI that we did not collect directly from you. You may alternatively exercise more limited control of your PI by instead by canceling or modifying our email marketing communications you receive from us. You can do so by following the instructions contained within our promotional emails. The Right to Opt Out of Sale of Personal Information We do not “sell” Personal Information that we collect from you, including Personal Information of minors under the age of 16, in accordance with the definition of “sell” in the CCPA. We treat all Personal Information that we collect from you as subject to a “do not sell” request. We work with service providers and partner with advertising companies that use cookies and other tracking technologies to collect information about your visits to our website and third-party sites, and then use that information to deliver advertisements relevant to your interests. There is not yet a consensus as to whether third party cookies and tracking technologies associated with our websites and mobile apps constitute a “sale” of your PI as defined by the CCPA. To opt out of the collection of information regarding your visit to our site for advertising purposes, you can modify your cookie settings on our website as set out here. To effectively manage cookies via this cookie settings tool, you must set cookie preferences on all browsers and all devices that you use. If you clear the cookies on your device, you may need to set your cookie preferences again. Wherever you live, if you wish to exercise any of your rights regarding your personal information, please contact us as set out in section 21 headed Contacting Us and we will be pleased to help you with your request. Please note, that to protect your privacy we will contact you to verify your identity before we disclose any personal information to you or make any changes to the personal information we hold about you. As an owner, member or guest we would like to provide you with updates about promotions, special offers, new services and products which may be of interest to you based on what we know about you. If you have booked accommodation with us, we may send you information about offers for related travel services such as flights and rental cars. Depending on your location (and reflecting applicable law), you may have been asked to indicate your preferences, provide us with your consent regarding the receipt of such information from us, and indicate how you would like to receive it. Wherever you are located, we will send you marketing communication based on any preferences you may have expressed. We only want to send you information you are interested in. If you do not want to receive these communications or would like to understand more about other unsubscribe options, see below under "Communications" in this section or please contact us as set out in section 21 headed "Contacting Us". We do not sell your personal information to third parties for marketing purposes and do not intend to do so in the future, except as expressly described in this policy. Communications. You can opt out of receiving certain promotional communications (e-mails, text messaging, phone calls, or push notifications) from us at any time by (i) for promotional e-mails, following the instructions provided in e-mails to click on the unsubscribe link, or if available by changing your communication preferences by logging onto your account; (ii) for text messages, following the instructions provided in text messages from us to text the word, "STOP"; (iii) for calls, you can advise us of this during the telephone call, and (iv) for app push notifications, turn off push notifications on the settings of your device and/or the app, as applicable. Please note that your opt-out is limited to the e-mail address or phone number used and will not affect subsequent subscriptions. If you opt-out of only certain communications, other subscription communications may continue. Even if you opt out of receiving promotional communications, we may, subject to applicable law, continue to send you non-promotional communications, such as those about your account, transactions, servicing, or our ongoing business relations. Mobile Apps. With respect to our mobile apps ("apps"), you can stop all collection of data generated by use of the app by uninstalling the app. Also, you may be able to exercise specific privacy choices, such as enabling or disabling certain features (e.g., location-based services, push notifications, accessing calendar/contacts/photos, etc.), by adjusting the permissions in your mobile device and/or the app’s settings. Beware that if GPS precise location services are disabled, other means of establishing or estimating location (e.g., connecting to or proximity to wi-fi, Bluetooth, beacons, or our networks) may persist. To learn more about how you can control location permissions using your mobile device’s operating system settings, please visit the following links depending on which device you use: Android: iOS: - https://support.apple.com/en-us/HT207056 Certain Tracking Technologies and Interest-based Advertising. For information on how to opt out of processing by certain Tracking Technologies and processing related thereto, including Interest-based Advertising, Matched List Ads, and analytics, please visit our cookie policy. We will retain your personal information for as long as necessary in order to fulfill the purposes for which we collected it and as set out in this Privacy Policy and for the purpose of satisfying any legal, accounting, or reporting requirements that apply to us. For example, we retain contractual documents for long enough to ensure they are available to us if we need them to resolve disputes. When determining how long to keep your personal information we consider the amount, nature, and sensitivity of that personal information, the potential risk of harm from its unauthorized use or disclosure, the purposes for which we process it and whether we can achieve those purposes through other means. We use versions of our regular Sites that are optimized for mobile, which process the personal information you give us in much the same way as our Site does. We offer a Diamond App which allows you to use location services to find accommodations and facilities nearby. We share your personal information within the companies of the diamond group in accordance with this Privacy Policy. We share your personal information with third parties to fulfil any request to us for bookings or services with them. Vacation ownership sales are protected by the use of a trustee who makes sure ownership is allocated correctly, so if you purchase a vacation ownership product from us we will pass your personal information onto the trustee. As you may expect, if you signed up for finance from a third party finance company we will pass documentation on to them after you have signed it. Like other vacation companies, we are sometimes obliged by law to disclose your personal information to governmental or customs/ immigration authorities in countries on your itinerary. Like many companies, we pass on customer personal information to external companies we use to carry out services on our behalf such as mailing campaigns, sales and conducting surveys. Sometimes these companies (and their sub-processors) conduct processing of your personal information in countries other than your home country. To learn more about how we protect your personal information when it is subject to a cross-border transfer see section 15 headed Cross-border data transfers from the European Economic Area and Section 16 headed Cross-border data transfers (non EEA or Switzerland). 14.1. Affiliate resorts Affiliate resorts are resorts which we do not own or manage, but with whom we have agreements to allow members of our vacation ownership clubs to use their points to stay at those resorts. We have agreements with affiliate resorts all over the world to give our members an even greater choice for their perfect vacation, including through promotional communications sent directly to you from the affiliate resorts. If you tell us you want to book an affiliate resort, we will make the booking on your behalf, providing information required by the affiliate to administer your booking and contact you if they need to. We will share your name and contact details, your status as a Hilton Grand Vacations® member and any access requirements or special requests you tell us about. When you check in and during your stay at an affiliate resort you may be asked for further information. Any personal information provided to the affiliate will be subject to their privacy policy, which you should read before making a booking. 14.2. Exchange companies If you are a member or owner you may have signed up for a membership with a third party organization such as Interval International or RCI that allows you to "exchange" your week or points for vacations at non-Diamond resorts. If you signed up with an exchange company when you bought your product from us, we will send your signed contract on to the company along with your name, address, telephone number and e-mail address to allow it to administer your membership. Any time you request an exchange we will confirm with the exchange company whether or not you are entitled to make the exchange and if you are not the reason why. 14.3. Providers of member benefits If you are a member or owner you will have access to a wide range of member benefits. You can see which member benefits are currently available by logging onto the member’s area of www.diamondresorts.com. Depending on the provider, you may make a booking or request goods or services yourself by contacting the provider directly, or, we may make them on your behalf. If we make them on your behalf, we will share some personal information with the provider to allow your booking or request to be fulfilled. The information we share about you depends on what member benefit is being provided and may include your name, your status as a Hilton Grand Vacations® member, any access, medical or dietary requirements you tell us about and your contact information in case the provider needs to contact you. When providing any third party member benefit provider with your personal information directly, you should make sure you read the provider’s privacy policy. 14.4. Travel fulfilment partners In order to offer a full and seamless service to our members and owners, we have partnered with several companies to allow us to offer, through them, all of the services you need for your vacation (for example, flights and rental cars). Some of these companies also help us to fulfil gifts and incentives provided during the sales process. As you would expect, if you contact us to make a booking with them we will send them the personal information they need to fulfil your request and to send you any tickets and/ or confirmations. During this process, we might have to share personal information about you, which is sensitive. For example, if you request an airline booking we may pass on information about a medical condition you have told us about or about your dietary requirements to inform meal choices on the flight. If you are making a booking that is fulfilled by a third party and require further details about how they treat your personal information you should ask us or the fulfilment partner during the booking process so you can be directed to their privacy policy. 14.5. Third party finance providers and providers of banking services If you purchased third party financing brokered by us when you bought your vacation ownership product we will pass on to them any personal information you provided to us as part of the application process. Similarly, if we need to set up a direct debit to take an agreed regular payment from you, we will pass information about you to our bank to enable us to do this. 14.6. First National Trustee Company Limited Information for Diamond European Members is shared with First National Trustee Company Limited, an Isle of Man based company (whose details are set out in the Deed of Trust members received when they purchased their product or which you can request from us at any time) in order to enable it to perform its supervisory and regulatory functions. 14.7. Third parties carrying out services on our behalf We engage third parties to carry out services on our behalf that involve the processing of your personal information. For example, to process reservations, to conduct market research activities, to process the results of contests, to collect monies owed to us, to process payments, to send out mailings for billing or information about our services, to perform quality assurance services, to securely store archived or back up data for us and to carry out marketing campaigns on our behalf. In addition, we sometimes use third party providers of software on our websites to collect personal information from you, such as e-mail sign ups and to allow you to share your comments on our resorts and services via social media. The personal information we provide to such third parties is protected by an appropriate legal agreement ensuring that your personal information is used solely for the purposes for which it was provided. 14.8. Authorities permitted by law We will only disclose your information to law enforcement and other governmental authorities if required by law or if doing so is strictly necessary for the prevention, detection or prosecution of criminal acts and fraud. Hilton Grand Vacations® may also disclose owner, member, non-member and non-owner information, if, in good faith, we believe that disclosure is necessary or advisable including, without limitation, to protect the rights or properties of Hilton Grand Vacations® or in order to identify, contact or bring legal action against someone who may be causing interference with our rights or properties, whether Laws introduced in the United States and other countries to give cross border control agencies access to customer data. Accordingly, we may disclose any personal information held about you and your travel arrangements to the customs and immigration authorities of any country in your itinerary if required by law. 14.9. Corporate transactions We may disclose your information to a third party who acquires any part of Hilton Grand Vacations® or any of its affiliates, whether such acquisition is by way of merger, consolidation or purchase of all or a substantial portion of Hilton Grand Vacations® assets. 15.1. Hilton Grand Vacations® is a global organization headquartered in the United States. We process your personal information on servers located in a number of countries, including the United States. If you are located in the European Economic Area (EEA), the UK, or Switzerland, transfers of your personal information out of the EEA are protected by standard contractual clauses approved by the European Commission for the transfer of personal information. 15.2. In certain situations, the U.S. Diamond Entities may be required to disclose your personal information in response to lawful requests by public authorities, including in order to meet national security or law enforcement requirements. For more information, please see section 14 headed Authorities Permitted by Law. To the extent that personal information is transferred to the United States from countries other than those countries within the European Economic Area, the UK, and Switzerland, including personal information that is transferred from Canada, we employ similar safeguards such as selecting third party vendors carefully, ensuring personal information will be used and disclosed only as set out in this privacy policy and ensuring that it is protected by appropriate security safeguards. However, in connection with these transfers of personal information, your personal information may be subject to privacy laws that may not provide the same protection as your country of residence. For example, government entities in the United States and other countries may have certain rights to access your personal information. By using a Site or using our products or services that this privacy policy relates to you are consenting to this transfer of your personal information. The security of your personal information is important to us. We take various reasonable organizational and technical measures to protect your personal information from unauthorized access, disclosure, alteration or destruction. We have policies and procedures in place to ensure team members know what is expected of them in relation to personal information. We have in place appropriate procedures for accessing our systems and access is limited by role. Laptops are encrypted and we use secure verification systems for devices accessing our systems. We have also put processes in place to address suspected breaches of your personal information. If required by law to do so we will notify you and/ or the relevant supervisory authority in the event of a data breach. For online transactions, we use reasonable technological measures to protect personal information that you transmit to us via our Sites. However, no security system or system of transmitting data over the internet is entirely secure. The transmission of personal information via the internet is never completely secure. While we endeavor to protect and maintain the confidentiality of the personal information you submit to us we cannot accept, and hereby expressly disclaim any liability from losses relating to the unauthorized disclosure or interception via the Internet of any information that you submit. For your own privacy protection, we encourage you to limit the personal information you send to us by e-mail. In particular, please do not send payment card numbers to us by e-mail. We love to provide perfect family vacations and experiences, but our products are not aimed at children. You have to be at least 18 years old to transact with us. If you are under 16 years of age please do not send us any information about yourself. If we discover that we have collected any personal information online from a child under the age of 16 and have not received verifiable parental consent for such collection, we will remove that information from our databases as soon as possible. Hilton Grand Vacations® may update or revise this Privacy Policy at any time. If we update this Privacy Policy, we will notify you by posting the revised Privacy Policy on our Sites and by providing the effective date of the updates or revisions at the bottom of this Policy. For revisions that materially expand the ways in which we use or share the personal information previously collected from you, we display an alert on our Sites or directly communicate with you in advance of and/or concurrently with the changes taking effect. Please do make sure you read any such notice carefully. If you have any questions or complaints about this Privacy Policy or our use of your personal information please contact us: In Europe by writing to our Customer Services Department at Citrus House, Caton Road, Lancaster, LA1 3UA, by telephoning our Customer Services Department at 0345 3590010, or by e-mailing our Customer Services Department at assistanceeurope@diamondresorts.com. In the United States or Canada by writing to our Customer Service Department at 10600 W. Charleston Blvd, Las Vegas, Nevada 89135, by telephoning 877.374.2582, or by e-mailing our Customer Services Department at THEClub@diamondresorts.com. Under Nevada law, Nevada residents may opt out of the sale of certain “covered information” collected by operators of websites or online services. We currently do not sell covered information, as “sale” is defined by such law, and we don’t have plans to sell this information. However, if you would like to be notified if we decide in the future to sell personal information covered by the Act, please go to NevadaPrivacy@DiamondResorts.com. You are responsible for updating any change in your email address by the same method and we are not obligated to cross-reference other emails you may have otherwise provided us for other purposes. We will maintain this information and contact you if our plans change. At that time we will create a process for verifying your identity and providing an opportunity to verified consumers to complete their opt-out. Please become familiar with our data practices as set forth in this privacy policy. We may share your data as explained in this privacy policy, such as to enhance your experiences and our services, and those activities will be unaffected by a Nevada do not sell request. You may also have other choices regarding our data practices as set forth elsewhere in this privacy policy. Updated: August 2, 2021 ]]>
Privacy Policy
1. Introduction
2. Who is Hilton Grand Vacations®?
3. Collecting your personal information
4. If you do not provide personal information
5. How will we use your personal information?
6. Legal bases for processing your personal information – UK and EU Only
headed Will you contact me for marketing purposes? for more information).7. Your personal information and your rights – UK and EU only
CNIL
https://www.cnil.fr
Information Commissioner’s Office
https://ico.org.uk8. Your personal information and your rights - excluding UK and EU
9. Your personal information and your rights – California Residents
10. How to exercise your rights regarding your personal information
11. Will you contact me for marketing purposes? How do I opt-out of marketing and other processing activities?
For Android 6.0 and above:
- https://support.google.com/googleplay/answer/6270602?hl=en
For earlier versions of Android:
- https://support.google.com/googleplay/answer/601497212. How long will you keep my personal information?
13. Devices
14. Who will the information be shared with, if anyone?
intentionally or otherwise, or when anyone else could be harmed by such activities.15. Cross-border data transfers from the European Economic Area, the UK, or Switzerland
16. Cross-border transfers (not EEA or Switzerland)
17. Security measures
18. Disclaimer
19. Children
20. Changes to this Privacy Policy
21. Contacting us
22. Do Not Sell Opt-Out Rights - Nevada Residents
| Attachment | Size |
|---|---|
 Section_Privacy_Shield_Recertification_Other_Covered_Entities.pdf | 67.87 KB |