Last Updated: January 1, 2020
1.1 CellarPass Services
Welcome to CellarPass. We are a travel, reservation and ticketing platform designed specifically for promoting and managing food & beverage events and luxury experiences. Through our website, mobile apps and services, we allow people all over the world to create, book, sip, and share events and activities.
CellarPass products, features and offerings are available without limitation online including CellarPass, Guest Link Pro, Table Pro; and off platform through various mobile applications, webpages, application programming interfaces, subdomains, marketing and distribution services referred to as “CellarPass Network” or our “Services”.
1.2 Who Are We Talking About
CellarPass, Inc is a California corporation with its principal place of business at 50 California Street, #1500, San Francisco, CA 94111 referred to as “CellarPass”, “us”, “we” or “our”.
2. Privacy Statement
More simply put:
3. Collection of your Personal Information
When you use or interact with us through the Services, we may collect Personal Data. Sometimes this will be on our own behalf and other times this will be on behalf of a Business using our Services. This affects certain data protection laws and is explained in more detail below.
3.1 Information Collected from All Users
Information you provide: We collect Personal Data when you voluntarily provide such information to the Services, such as when you register to access the Services, browse or use certain parts of the Services, make a purchase or make reservations for events and activities, contact us with inquiries, or respond to one of our surveys. The Personal Data we may collect includes without limitation your e-mail address, your first name, your last name, address, telephone number, billing information, or other information that you provide and/or enables Users to be personally identified.
Information we automatically Collect: Information about your computer hardware and software such as your IP address, referring website addresses, Internet Service Provider, browser type, domain names, access times, operating system, cookie information, pixel tags, local shared objects, web storage and other similar technologies. This information is used by CellarPass for the operation of the service, to maintain quality of the service, and to provide general statistics regarding use of the Services. In order to better understand how Users utilize the site and to improve its services, CellarPass may also collect information on your use of our Site, such as pages visited, links clicked, text entered, and mouse movements.
We may also collect and associate anonymous Non-Personal Data (including Non-Personal Data from third parties) with your Personal Data. This many include demographic information, which is not unique to you, such as your Postal Code, age, gender, interests, and preferences.
More simply put:
When you sign up for a User account, make a purchase, book a reservation or register for an activity or event using our Services, we store your contact and billing information for our records. For all Users, we collect anonymized information like your browser type, the length of time you spend on the site, and some demographic data to help us learn more about our users. Certain personal information will be shared with Businesses supplying the activity or event you reserve or register for.
3.2 Information Collected from Businesses
CellarPass collects and uses your personal information to operate our websites and deliver the Services you have requested. In some cases, CellarPass may collect your credit card information (your credit card number, expiration date and billing address, etc.), some of which may be considered Personal Data, to secure certain payments for purchases. If you use our payment processing services, we will collect your mailing address or financial information (your bank account information) and information required for tax purposes (taxpayer identification number) as necessary to facilitate payments to you.
We may also collect Personal Data from third party sources, such as integrated partners that you have elected to access through the Services, third party websites and marketing partners, your bank, payment processing partners and credit reporting agencies, etc.
3.3 Information Collected from Guests
We collect Personal Data from Guests (you), sometimes for our own purposes and other times on behalf of Businesses (see below for more information). Information you provide to CellarPass when you place a reservation, purchase activities or register for an event may include your financial information (credit card number, expiration date, billing address, etc.) which may be considered Personal Data. In addition, Businesses can create event/activity pages to collect virtually any data from Guests in relation to reserving or registering for a Business’ activity or event. CellarPass does not control Businesses registration process nor the Personal Data they collect. When you register for, or otherwise provide information to CellarPass in relation to a Business’ activity or event, whether yours or a third party’s, in connection with a reservation, purchase, or registration, that Business will receive and may use the information you provide.
Information shared from other sources: We may also receive or collect Personal Data from third party sources, such as Businesses, third party integration, other Guests, social media, your credit card issuing bank, payment processing partners or other third parties.
4. How We Use Personal Data
4.1 Access and Use
We use Personal Data you provide in order to grant you access to or use the Services or any functionality thereof. For example, we may use your Personal Data to validate your identity to access all or certain portions of the Services. We will use your Personal Data to determine your ongoing qualification to use such Services. In addition, CellarPass may share your Personal Data with trusted partners to send you email or postal mail, perform tasks required to complete a purchase, ticket registration or reservation transaction, provide customer support and confirm your identity.
Please keep in mind provided Personal Data through use of the Services may be collected and used by Businesses to facilitate your request(s). CellarPass encourages you to review the privacy statements of Businesses that you choose to make reservations with or purchase events/activities from via our Services so that you can understand how those Businesses collect, use and share your information. CellarPass is not responsible for the privacy statements of Businesses or other content on websites outside of the Services we operate.
4.2 Internal Business Purposes
We may use your Personal Data including without limitation to manage your account, provide you with customer service, and to manage the Services and our business. CellarPass may also share information on your use of our Site, for statistical analysis, such as pages visited, links clicked, non-sensitive text entered, and mouse movements, with third party providers of web analytic software in order to enable CellarPass to improve its services. We may also use your Personal Data to identify and protect against wrongdoing and to enforce our Terms of Service.
More simply put:
We will never sell or trade your contact information to another company, but we may sometimes contact you on behalf of another company with a special offer. We may share your personal information as part of a business sale, merger, etc.
Our website may use "cookies" to help you personalize your online experience. A cookie is a text file that is placed on your hard disk by a web page server. Cookies cannot be used to run programs or deliver viruses to your computer. Cookies are uniquely assigned to you and can only be read by a web server in the domain that issued the cookie to you.
One of the primary purposes of cookies is to provide a convenience feature to save you time. The purpose of a cookie is to tell the Web server that you have returned to a specific page. For example, if you register an account with CellarPass, a cookie helps us recall your specific information on subsequent visits. This simplifies the process of recording your personal information, such as billing addresses, shipping addresses, and so on. When you return to our website, the information you previously provided can be retrieved, so you can easily use the features that you customized.
You have the ability to accept or decline cookies. Most Web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. If you choose to decline cookies, you may not be able to fully experience the interactive features of the Services.
More simply put:
We may use your Personal Data for advertising and marketing purposes to inform you about services, activities and events we believe might be of interest to you on or off the Services including without limitation by phone, SMS messaging, email, display media and targeting other devices (mobile devices, television, tablets). We may also do this on behalf of Businesses, when for example your prior interactions with a Business or the Services indicate you may be interested in certain events or type of activity. You may Opt-out from CellarPass marketing activity by clicking the Unsubscribe link or other provided instruction in emails or SMS messaging. We may also use your personally identifiable information to inform you of other products or services available from CellarPass and its affiliates. CellarPass may also contact you to participate in surveys to conduct research about your opinion of current services or of potential new services that may be offered.
CellarPass keeps track of the pages Guests visit within our websites in order to determine what Services are the most popular. This data is used to deliver customized content and advertising within the websites we operate to users whose behavior indicates that they are interested in a particular subject area. CellarPass uses tracking pixels to collect information that helps us provide our Service to you. Please note that any "do not track" signals sent by your web browser or other mechanism have no effect on the collection of personally identifiable information by CellarPass. In addition, other parties who perform data analytics for CellarPass, such as Google Analytics, AdRoll, Double Click and Hotjar, may collect personally identifiable information about your online activities when you use our Services. Third party affiliates of CellarPass may have different policies with respect to "do not track" signals and CellarPass makes no representations with respect to such policies.
CellarPass uses tracking to create remarketing audiences of users based on user behavior/their visits to our website. CellarPass may also target these users with custom ads based on affinities/interests, geographic and demographic signals. CellarPass only shares browser-level data through third party vendor tracking such as Google Analytics. Users can opt out of these advertising features by visiting Google or resources like the NAI Guest opt-out page. CellarPass may use email addresses to target users with custom ads through 3rd party advertising platforms, websites and social media. CellarPass may from time to time share certain customer information with third parties to perform services (advertising) on our behalf.
CellarPass may, from time to time, contact you on behalf of external business partners about a particular offering that may be of interest to you. In those cases, your unique personally identifiable information (e-mail, name, address, telephone number) is not transferred to the third party without your express consent.
4.5 Third Party Access
CellarPass may provide you with access to contract directly with or integrate with third party services through our Services. When you elect to engage with such third party, we will disclose your Personal Data to other entities in order to fulfill the services you have requested.
We allow Businesses to use our Services to contact Guests for their current and past events, so you may receive emails or other forms of communication (SMS messaging, phone, postal mail) from our system that originate with such Businesses that we are sending on their behalf. If you made a reservation or registered for event on the Services, your Personal Data is available to that Business. However, a Business may also import Personal Data they have from external sources and send communications through the Services on the Business’ behalf. The Business and not CellarPass is responsible for sending such communications.
For fundraising events and pages, we may provide your Personal Data to both the Business and the benefitting Charity to which the fundraising event is linked. In some instances, a Business may appoint a third party to create an event or activity on its behalf (“Third Party Businesses”). For instance, a winery (the Business, in this case) may allow production company (Third Party Business) to create events that will be hosted at the Business’ venue using its CellarPass account. In that case, your Personal Data may be provided to Third Party Businesses on behalf of the hosting Business. This also applies to sweepstakes and contests: we may provide your Personal Data to both the Business and any official sponsor of the contest or sweepstakes.
CellarPass is not responsible for the Businesses, affiliated Charities or Third-Party Businesses in regard to your Personal Data. You should review the policies of Businesses, Charities or Third Party Businesses associated with an activity, event, or contest/sweepstakes you are interested in before providing your Personal Data or other information in relation to that activity, event, fundraising page or contest/sweepstakes.
4.7 Specific Purpose
If you provide Personal Data for a certain purpose, we may use the information in connection with that purpose. For example, if you contact us by email, we will respond to you using the email address provided to answer your question or resolve your problem.
4.8 Legal Requirements
4.9 Aggregated Data
To better understand and provide our Users with the best experience, we often conduct research on our customer demographics, behaviors, preferences, and interests based on Personal Data. This research is usually completed on an aggregate basis that does not identify you. Once Personal Data is in an aggregated form, it becomes Non-Personal Data.
More Simply Put:
CellarPass does not sell, rent or lease Personal Data. We value our relationship with you and therefore will not sell your Personal Data to third parties. However, there are certain circumstances in which we may disclose, transfer or share your Personal data with others.
5. Security of your Personal Information
You are responsible for safeguarding and preventing unauthorized access to the user information and password that you use to access our Services. You agree not to disclose your password to any third-party and you are responsible for any activity using your account, whether or not you authorized that activity. Please immediately notify CellarPass of any unauthorized use of your account.
More simply put:
CellarPass' secure website keeps your personal information safe. You can do your part by keeping your password private.
6. Age Specific Content
More simply put:
No one under 21 years old should use CellarPass services.
7. How to Access, Update or Delete Your Personal Data
You can request access to some of your Personal Data stored by CellarPass. You can also correct, update or delete Personal Data. You may exercise these rights by logging in and visiting the My Account page. Both registered and unregistered users may also exercise these rights by contacting us directly by email or at the address specified below.
If a Guest requests their data to be deleted, CellarPass is authorized to delete or anonymize Personal Data of the requesting Guest from the Services even if that means removing its availability to the Business through the Services. However, if you are a Guest, you understand that even if CellarPass deletes or anonymizes your Persona Data upon your request, your Personal Data may still be available in the Business’ own databases if transmitted to the Business prior to CellarPass receiving or taking action to your request. It is your responsibility to ensure you have no pending reservations or registrations for activities or events on the Services before making your request. You acknowledge that Personal Data deletion or anonymization cannot be undone and may negatively affect any existing reservations and registrations for activities and events that you have registered for and are scheduled to take place after the date of your Personal Data deletion request has been submitted. You agree with these terms and hold CellarPass harmless for any issues or inconveniences related to complying with your Personal Data deletion request.
8.1 Third Party Links
8.2 Providing Personal Data to Others
More simply put:
10. International Transfers
The Website is hosted in, and our Services are provided from, the United States. Accordingly, by providing your Personal Information through the Website, you consent to the transfer of your Personal Information from your country of residence to the United States. With regard to data transfers from the European Economic Area to the U.S., we have self-certified to the EU-U.S. Privacy Shield Framework. For more information about our self-certification to the Privacy Shield Framework, please visit here.
More simply put:
CellarPass protects your data by following the Privacy Shield Framework.
11. Contact Information
50 California Street, #1500, San Francisco, CA 94111 or by email firstname.lastname@example.org.
More simply put:
Feel free to get in touch with us, we're nice people and love to hear feedback!
12. The EU General Data Protection Regulation (GDPR)
The GDPR requires us to inform you about the legal ground we’re relying on to process any Personal Data about you. The legal grounds for us processing your Personal Data outlined in section 4 above will typically be because:
13. Transfer of Personal Data
As CellarPass provides services internationally, we may need to transfer your Personal Data outside the country from which it was originally provided. This may be to Businesses using the Services, or to Third Parties that we work with who may be located jurisdictions outside the EEA, Switzerland and the IK which have no data protection laws or laws that are not as rigid compared with those in Europe.
Whenever we transfer Personal Data outside of the EEA, Switzerland or the UK, we take legally required steps to make sure that appropriate safeguards are in place to protect your Personal Data. For Personal Data we receive, CellarPass has certified its compliance to the EU-U.S. and Swiss – U.S. Privacy Shield as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data transferred from those countries. We have certified that we adhere to the Privacy Shield principals of Notice, Choice, Accountability for Onward Transfers, Security, Data Integrity & Purpose Limitation, Access and Resource, Enforcement & Liability when processing Personal Data from EEA, Switzerland or the UK in the United States.
14. Personal Data Retention
We retain your Personal Data for as long as necessary to provide you with our Services, or other purposes such as complying with legal obligations, resolving disputes, and enforcing our agreements.
If you have an account with us, we will retain your Personal Data for ninety (90) days after you have requested your account closed or if your account has been inactive for three (3) years.
Data protection law provides you with rights in respect of Personal Data that we hold about you, including the right to request a copy of the Personal Data, request that we rectify, restrict or delete your Personal Data, object to profiling and unsubscribe from marketing communications.
You can exercise most of these rights by logging in and visiting the My Account page or changing the “cookie settings” in your browser (see our Cookie statement above). If you cannot find what you are looking for in My Account page, please contact us by using the information provided in section 10 above. Please note that requests to exercise data protection rights will be reviewed by us on a case-by-case basis. We may require proof of identity in order to comply with your request. There may be circumstances where we are not legally required to comply with your request because of the laws in your jurisdiction or because exemptions provided for in data protection legislation.
If you have questions or complaints on how we handle your Personal Data, please contact us as set forth in section 10 above. If you are not happy with how we have attempted to resolve your complaint, you may contact the relevant data protection authority.
CellarPass as a data controller and data processor
EU data protection law makes a distinction between organizations that process Personal Data for their own purposes (known at “data controllers”) and organizations that process Personal Data on behalf of other organizations (known as “data processors”). If you have a question or complaint about how your Personal Data is handled, these should always be directed to the relevant organization since they are the ones with primary responsibility for your Personal Data.
CellarPass may act as either a data controller or a data processor in respect of your Personal Data, depending on the circumstances.
For example, if you generate a subscription account with us to manage your activities or events, CellarPass will be a data controller in respect to the Personal Data that you provide as part of your account. We will also be a data controller of the Personal Data that we have obtained about the use of the CellarPass Services, which could relate to Businesses or Guests. We use this to conduct research and analysis to help better understand and serve Users of the Services as well as to improve our platform and provide you with targeted recommendations about activities or events we think may be of interest to you.
However, if you register as a Guest, we will process your Personal Data to help administer that activity or event on behalf of the Business (for example: sending confirmation, promotional and feedback emails, processing payments, etc..) and to help the Business manage their event, understand the success of their event and event planning such as through event reports, guest lists, using analytics to determine effectiveness of various sales channels. In these scenarios, CellarPass just provides tools for Businesses; CellarPass does not decide what Personal Data to request on registration forms, nor is it responsible for the continued accuracy of any Personal Data provided. Questions you may have about your Personal Data and your rights under data protection law should therefore be directed to the Business as the data controller, not to CellarPass.
15. California Residents Only
The California Supplemental Privacy Notice discusses California Consumer Privacy Act (CCPA) and applies solely to California residents. It applies to personal data we collect as a business; it does not apply to personal data we collect or otherwise process as a service provider. For or a detailed copy, please view our CCPA Policy.