1. Information We Collect and Receive
We collect several different types of information to provide Services to you, including:
Customer Account and Registration Data: This includes information you provide to create your account with us and may include, first and last name, third party loyalty reward program information (which includes account access information), travel reservation information, a password and a valid email address.
Service Data (including Session and Usage data):
When you use our Services, we receive information generated through the use of the Service, or from the Service infrastructure itself, (for example, duration of session, connection information, etc.) We may also collect usage and log data about how the services are accessed and used, including information about the device you are using the Services on, IP addresses, location information, language settings, what operating system you are using, unique device identifiers and other diagnostic data to help us support the Services. Please see Section 3 "Analytics, Cookies and other Website Technologies," for more information on Service Data.
Third Party Data: We may receive information about you from other sources, including third party reward or loyalty programs (of which you have given us permission to access) publicly available databases or third parties from whom we have purchased data, and combine this data with information we already have about you. We may also receive information from other affiliated companies that are a part of our corporate group. This helps us to update, expand and analyze our records, identify new prospects for marketing, and provide products and services that may be of interest to you.
Location Information: We collect your location-based information and IP address for the purpose of providing and supporting the service and for fraud prevention and security monitoring.
Device Information: When you use our Services, we automatically collect information on the type of device you use, operating system version, and the unique device identifier (or "UDID").
Legal Basis for Processing (EEA Individuals Only): If you are from the EEA, our legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it. If you are from the EEA, “personal information” is defined as any personally identifiable information or other data collected that could directly or indirectly identify you.
However, we will normally collect personal information from you where we have your consent to do so, where we need the personal information to perform Services, or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect the personal information in question.
If we ask you to provide personal information to comply with a legal requirement or to provide you with Services, we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not (as well as of the possible consequences if you do not provide your personal information).
Similarly, if we collect and use your personal information in reliance on our or a third party's legitimate interests and those interests are not already listed above, we will make clear to you at the relevant time what those legitimate interests are.
If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us.
2. How We Use the Information We Collect and Receive
AwardWallet may access (which may include, with your consent, limited viewing or listening) and use the data we collect as necessary (a) to provide and maintain the Services; (b) to address and respond to service, security, and customer support issues; (c) to detect, prevent, or otherwise address fraud, security, unlawful, or technical issues; (d) as required by law; (e) to fulfill our contracts; (f) to improve and enhance the Services; (g) to provide analysis or valuable information back to our customers and users.
Some specific examples of how we use the information:
- Create and administer your account
- Send you an order confirmation
- Facilitate and improve the usage of the services you have ordered
- Send you product updates, marketing communication, and service information
- Respond to customer inquiries and support requests
- Conduct research and analysis
- Display content based upon your interests
- Analyze data, including through automated systems and machine learning to improve our services and/or your experience
- Provide you information about your use of the services and benchmarks, insights and suggestions for improvements
- Market services of our third-party business partners
AwardWallet will retain your information as long as your account with us is active, to comply with our legal obligations, to resolve disputes, and enforce our agreements.
If you wish to cancel your account or for us to stop providing you services, or if we hold personal information about you and you want it to be removed from our database or inactivated, you may do so here.
4. Information Sharing
Third party service providers and vendors. We use third party services which help us run our day-to-day business operations, here are some examples of such operations:
- Hosting and delivering AwardWallet services
- Providing customer support
- Delivering email communications
- Performing data storage, data analytics and maintenance
- Providing cloud computing infrastructure
Marketing and Analytics Partners. We use certain marketing and analytics partners such as Google Analytics, Facebook Analytics, Sparkpost, etc. to help us market our products and to help us understand how our users use our services to make our services better. Such third-party partners may receive information about your use of our services and potentially information about your visits to other online services. These third-party providers are only authorized to use your information to provide their services to us.
Advertising Partners. We work with advertising partners to enable us to customize the advertising content you may receive on our Services. Please see Section 3 “Tracking Technologies,” for more information on this topic.
Legal Compliance. In certain cases, AwardWallet may be required by law to disclose personal information. For example, we may disclose your information to comply with a valid subpoena or other legal process; when we believe in good faith that disclosure is necessary to protect our rights, or to protect your safety (or the safety of others); to investigate fraud; to respond to a government request; or to meet national security or law enforcement requests. We may also disclose your information to a third-party as part of a merger, sale of company assets, financing or acquisition of all or a portion of our business by another company where customer information will be one of the transferred assets.
AwardWallet may need to communicate with you for a variety of different reasons, including:
- Responding to your questions and requests. If you contact us with a problem or question, we will use your information to respond.
- Sending you Service and administrative emails and messages. We may contact you to inform you about changes in our Services, our Service offerings, and important Service related notices, such as security and fraud notices. These emails and messages are considered a necessary part of the Services and you may not opt-out of them.
- Sending emails about new products or other news about AwardWallet that we think you’d like to hear about either from us or from our business partners. You can always opt out of these types of messages at any time by clicking the unsubscribe link at the bottom of each communication.
- Offering referral programs and incentives, which allow you to utilize email, text, or URL links that you can share with friends or colleagues.
6. Accessing Your Data
Our customers can always review, update or change personal information from within their account. AwardWallet will also, when you request, provide you with information about whether we hold, or process on behalf of a third party, any of your personal information. Please contact us here if you need assistance in reviewing your information. AwardWallet will respond to your access request to review the information we have on file for you within a reasonable time.
If you are from the EEA, “personal information” is defined as any personally identifiable information or other data collected that could directly or indirectly identify you. You may have additional rights under their data protection laws, such as the following:
- Access: Right to request access to and a copy of your personal information;
- Restriction: You can ask us to restrict processing of your personal information in certain circumstances;
- Rectification: You can have any inaccuracies in your personal information corrected;
- Deletion: You can ask us to delete your personal information in certain circumstances (e.g. if the information is no longer necessary for the purposes for which it was collected);
- Objection: You can object to further processing your personal information in certain circumstances;
- Withdrawal of consent: Where we rely on your consent to process your personal information, you have the right to decline consent and/or if provided, to withdraw it at any time. This will not affect the lawfulness of processing prior to the withdrawal of your consent.
- Portability: You can ask us to provide your personal information in a structured, commonly used and machine-readable format in certain circumstances.
You can exercise the above rights by contacting us and we will consider such requests in accordance with applicable data protection laws. We may ask you to verify your identity before we respond to your request.
You may also have the right to raise questions or complaints with your data protection authority at any time.
We may transfer personal information to companies that help us provide our service, and when we do, these transfers to subsequent third parties are covered by appropriate transfer agreements. We will retain personal data we process on behalf of our customer as needed to provide services to our customer. Also, we will retain this personal information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
7. California Consumer Privacy Act
8. Privacy Shield Compliance
AwardWallet follows generally accepted standards to protect the personal information submitted to us, both during transmission and once it is received, however, no security measure is perfect. We recommend safeguarding your password and implementing two-factor authentication on your account, as it is one of the easiest ways you can manage the security of your own account – remember that if you lose control over your password, you may lose control over your personal information.
10. Changes to this Statement
11. Questions or Complaints
In compliance with the Privacy Shield Principles, AwardWallet commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact AwardWallet here.
AwardWallet has further committed to refer unresolved Privacy Shield complaints to the American Arbitration Association, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact or visit https://www.adr.org/Support for more information or to file a complaint. The services of the American Arbitration Association are provided at no cost to you.
You may, under limited circumstances, invoke binding arbitration for complaints not resolved by the above mechanisms. Additional information can be found at https://www.privacyshield.gov/article?id=ANNEX-I-introduction.
AwardWallet is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission with regards to our compliance with the EU–U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework.