Last Updated: November 22, 2023
WHO IS COLLECTING YOUR INFORMATION
Your Personal Information are processed by Hard Rock International (USA), Inc., 5701 Stirling Road, Davie, Florida 33314 ("Hard Rock", “we”, “us” or “our”).
WHAT INFORMATION WE COLLECT
When you make a reservation, you provide us with reservation data such as your name, email address, phone number, reservation details and payment information as applicable. We use this data to process the reservation and your stay, for billing purposes, and to communicate with you about your reservation. If you use a social media account to make your reservation, we can retrieve part of the reservation data from your social media account. If you book via a booking agent, the agent will provide us with such data.
To simplify future bookings and take advantage of commercial benefits such as discounts or members-only perks, you can choose to create an account to save the data you provide us during your booking. We will use the Personal Information that you provide to autofill your account details.
Administration and Retention
Reservation data is stored in our systems for administrative purposes and to comply with data retention obligations.
In some countries, we are obligated to register specific information when you arrive at a Reverb Hotel. This may include your date of birth, nationality, visa information, place of residence, date of arrival and your profession. We may also be obligated to verify your identity at arrival based on a passport, other ID document or face verification. We will only make a copy of your identification document if we are obligated to do so by law.
We store data about your use of the systems in the hotel room to ensure that the systems and appliances in our rooms work correctly, such as data regarding the light, entertainment and air-condition systems. This information is used by our support teams for technical support purposes. We also use such information to learn about how guests use our services and how we can improve our services.
We use your Personal Information including data generated by your stay and interactions with us for analytical use to optimize our services and product offering.
We process Personal Information obtained in the context of your booking history, your purchases in our hotels, your communications with Reverb, your online behavior on our websites and app and obtained from social media platforms such as LinkedIn and Facebook or data brokers. We use these data for analytical purposes and to provide you with targeted commercial communications for our own products and services. If you have not consented to such targeted commercial communications you may still receive general commercial communication.
You can easily opt-out for such communications when you make a reservation via our websites or, if you no longer wish to receive our newsletter or promotional materials, via the unsubscribe link included in such communications.
Surveys & Contests
From time-to-time our website or Apps may request information from you via surveys or contests. Participation in these surveys or contests is completely voluntary. Requested data may include your contact data, data of birth, marital status, number of children and their ages, and your opinion/answers. Contact information will be used to administer your participation in a contest, notify the winners and award prizes. Survey information will be used for purposes of monitoring or improving the use and satisfaction of the Website and Apps and our other products and services.
RIGHT NOT TO PROVIDE INFORMATION
In certain jurisdictions, you may have the right not to provide Personal Information. However, if you elect not to provide such information, you may not be able to utilize certain services on the Website.
COOKIES AND SIMILAR TECHNIQUES
This section explains which cookies and similar techniques (hereafter simply referred to as "cookies") we use on our websites.
With your consent Hard Rock places marketing cookies and trackers to advertise our products and services to you. The marketing cookies also allow us to provide you with relevant offers based on your online browsing, search and booking behavior.
Website Functionality and Optimization
Withdrawal of Your Consent
You can withdraw your consent at any time by setting your browser to disable cookies and/or to remove all cookies from your browser.
In certain jurisdictions, you will be asked to provide consent for your cookies when accessing our website. The request does not always reappear when you revisit the site. You may click to revise your Cookies Settings.
AUTOMATED DECISION MAKING AND PROFILING
Automated Decision Making refers to a decision which is taken solely on the basis of automated processing of your Personal Information. This means processing using, for example, software code or an algorithm, which does not require human intervention. As Profiling uses automated processing, it is sometimes connected with automated decision making. Not all profiling results in automated decision making. Hard Rock does not use any automated decision making or profiling in its business processes.
ACCESS, CORRECTION, PORTABILITY AND CHOICE
You have choices about the collection, use, and sharing of your Personal Information, including:
• Deletion: You can request that we erase or delete all or some of your Personal Information (e.g., it is no longer necessary to provide services to you).
• Change or Correct: You can review and edit your Personal Information by visiting your account. Please note that Personal Information supplied by you on your account can be accessed by you online at any time and at no charge.
• Object to or Restrict Use: You can request that we stop using some or all of your Personal Information or restrict our use of your Personal Information.
• Access and/or Take: You can request a copy of your Personal Information.
• Right to Portability – provides the ability to request Personal Information in machine readable format (i.e. CSV).
• Withdrawing Consent: If we have collected or processed your personal information with your consent, you may withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information based on other lawful processing grounds.
If you request access, correction, amendment or deletion of your Personal Information and you have more than one account with us, you will need to instruct us on each account separately. Reasonable access to Personal Information will generally be provided within thirty (30) calendar days at no cost to you, subject to limited exceptions prescribed by law or excessive requests. For your protection, we may need to verify your identity before fulfilling your request. Please note that we may need to retain certain information for recordkeeping purposes or to complete transactions that occurred prior your request. We will also retain your personal information if reasonably necessary to comply with our legal obligations, meet regulatory requirements, resolve disputes, maintain security, prevent fraud and abuse, and enforce the Terms and Conditions of Use.
We may also need to retain your Personal Information if required by gaming industry regulations, federal tax statutes and other legal requirements (e.g., information on our customers who self-report; tax reporting documents; player winnings, and any statistics, reports or listings that are required to protect our casino properties). We do not retain Personal Information longer than is necessary to fulfil the processing purposes as set out in this Privacy. To determine the exact retention period, we take into account applicable minimum data retention obligations, guidance issued by data protection authorities and statute of limitations under applicable law(s). We aim to keep our information about you as accurate as possible. If you would like to access, update, review or change the details you have supplied us with, please contact us as set out below or complete this form.
HOW WE SHARE YOUR INFORMATION AND WHO WE SHARE IT WITH
During the course of business, we may disclose, transfer or otherwise make available your Personal Information to our affiliates and third-party service providers who have been legally contracted to provide services on our behalf, and are prohibited from using it for any other purpose. Whenever third-parties service providers process your Personal Information on our behalf we will enter into a data processing agreement with them, or make use of EU-U.S. Data Privacy Framework certified partners, to guarantee the same level of protection and confidentiality of your Personal Information. Our websites and Apps may contain links to third parties’ websites whose privacy policies may differ from those of Hard Rock, which we recommend you carefully review and consider. We cannot be responsible for the privacy policies and practices of other websites or Apps even if you access them using links from our websites.
In addition, we may share your Personal Information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements, or to comply with legal, regulatory or administrative requirements. We may also share your Personal Information with an investigative body in case of a breach of an agreement or contravention of law, or as otherwise required by Canadian, the U.S. or other applicable law. We may also disclose your Personal Information where necessary for the establishment, exercise or defense of legal claims, to investigate or prevent actual or suspected loss or harm to persons or property, or as otherwise permitted by law.
We may transfer your Personal Information as an asset in connection with the sale or transfer of all or part of the business (including transfers made as part of insolvency or bankruptcy proceedings) or as part of a corporate reorganization or other change in corporate control.
HARD ROCK THIRD-PARTY DISCLOSURE POLICY
We may, under limited circumstances, send you offers for related products or services from affiliated Hard Rock companies or jointly offered by Hard Rock together with select third parties. These offers are sent only to those users who have given their consent to receiving marketing materials from Hard Rock.
INTERNATIONAL DATA TRANSFERS
As we operate internationally, and provide you with relevant services through resources and servers around the globe, sharing your data cross-border is essential for you to receive our services. For technical and organizational reasons and in the context of our digital cloud infrastructure, data we collect may be transferred internationally throughout Hard Rock's worldwide organization and to Hard Rock’s headquarters in the United States or in a country outside of the country where it was originally collected or outside of your country of residence or nationality. Some of these jurisdictions, including the United States, may not provide the same level of privacy protection as your local jurisdiction. You therefore acknowledge and agree that Hard Rock may transfer your data globally, so that you can use our services. If you do not consent to such transfer, we may not be able to provide you certain services or respond to your inquiries.
EU-U.S. DATA PRIVACY FRAMEWORK COMPLIANCE
Hard Rock participates in and complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension of the EU-US DPF as approved by the European Commission in its adequacy decision issued on July 10, 2023. Hard Rock complies with the EU-U.S. DPF Principles, that were developed by the U.S. Department of Commerce in consultation with the European Commission in order to provide organizations in the United States with a reliable mechanism for personal information transfers to the United States from the EU while ensuring that EU data subjects continue to benefit from effective safeguards and protection as required by European legislation with respect to the processing of their personal information when they have been transferred to non-EU countries.
If there is any conflict between the policies in this Policy and the EU-U.S. DPF Principles, the EU-U.S. DPF Principles shall govern.
To learn more about the EU-U.S DPF and view our certification, please visit the EU-US DPF website at https://www.dataprivacyframework.gov/s/participant-search
Hard Rock commits to cooperate with the EU data protection authorities (DPAs) and comply with the advice given by such authorities with regard to human resources data transferred from the EU in the context of the employment relationship.
Hard Rock and the following U.S. subsidiaries comply with the EU-U.S. DPF Principles:
- Boardwalk 1000, LLC
- Hard Rock Café International (STP), Inc.
- Hard Rock Café International (Hollywood), Inc.
- Hard Rock Café International (Orlando), Inc.
- Hard Rock Café Merchandise, Inc.
- Hard Rock Casino Cincinnati, LLC
- Hard Rock Hotel Licensing, Inc.
- Seminole Hard Rock Support Services, LLC
- Hard Rock Sacramento FM, LLC
- Seminole Hard Rock Digital, LLC
- Seminole Hard Rock Entertainment, Inc.
- Spectacle Gary Holding, LLC
In compliance with the EU-U.S. DPF, Hard Rock commits to resolve complaints about your privacy and our collection or use of your Personal Information.
DISPUTE RESOLUTION AND ARBITRATION
When other dispute resolution avenues are exhausted, you may invoke the binding arbitration. Hard Rock International (USA), Inc. has provided a private sector independent recourse mechanism (located in the United States) to investigate and expeditiously resolve individual complaints and disputes. This dispute mechanism will cover all Personal Information except for human resource data. For more information, visit the website for ICDR®/AAA®EU-U.S. DPF: International Centre for Dispute Resolution®, the international division of the American Arbitration Association® (ICDR/AAA) at https://www.icdr.org/dpf. The services of ICDR/AAA are provided at no cost to you.
Under certain limited conditions and as a last resort, the individual can invoke binding arbitration. The Federal Trade Commission has jurisdiction over Hard Rock’s compliance with the EU-U.S. DPF.
If Hard Rock transfers your Personal Information to a third party, we will ensure the third party is contractually obligated to process your data only for limited, specific purposes consistent with this policy, to apply the same level of protection to that data as the EU-U.S. DPF Principles and notify us if it makes a determination that it can no longer meet this obligation. Upon notice, Hard Rock will take reasonable and appropriate steps to stop and remediate unauthorized processing. In cases of onward transfer to third parties of Personal Information received pursuant to the EU-U.S. DPF, Hard Rock is potentially liable.
Our services are not directed to minors, and we request that they do not provide Personal Information through our services. If we become aware that we have processed Personal Information of a minor without the valid and express consent of a parent or guardian, we will delete such Personal Information.
HOW WE ENSURE THE SECURITY OF YOUR DATA
We have implemented appropriate technical and organizational measures to protect your Personal Information against loss, alteration or any form of unlawful use. Where appropriate, your Personal Information will be encrypted and securely stored. Access to your Personal Information by our staff is restricted on a need-to-know basis. Whenever third-parties process your Personal Information on our behalf we will enter into a data processing agreement with them to guarantee the same level of protection and confidentiality of your Personal Information. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. Any transmission of Personal Information is at your own risk.
HOW TO CONTACT US
You may address all communications to:
Hard Rock International (USA), Inc., Seminole Hard Rock Support Services, LLC,
Attn: Global Data Protection and Risk Office (GDPRO), 5701 Stirling Road,
Davie, Florida 33314, or e-mail to firstname.lastname@example.org
If you are in the United Kingdom (UK) you may address all communications to:
Hard Rock International
If you are in the European Union (EU), you may address all communications to our Data Privacy Representative in EU by using the following contact details:
Hard Rock EU Data Privacy Representative
Studio Legale PANETTA
Via Arenula, 83
00186 Roma RM, Italy
Please include your name, address and phone number or e-mail in all communications and state clearly the nature of your request.
If you wish to make a request to access the Personal Information we collect and store about you, complete this form.
If we make any changes to our Policy, we will post the updated Policy, on an updated homepage link, and may post it to other places we deem appropriate.