Our Privacy Promise
We never sell or broker protected or personally-identifiable information.
If you browse our website, we use Google Analytics to understand to improve the quality and relevance of the content on our website. This information does not reveal your specific identity (like your name or contact information).
Adoption Date: October 20, 2020
- Individual employees and agents of our clients who administer the Services on behalf of our clients.
- Individual employees and agents of our clients who use the Services for their own paid-time-off and travel purposes.
- Individuals who access our website for purpose of browsing and information.
B. Services We Render
Donde allows our customers access to an online platform that helps them offer travel as a benefit, which allows their employees to conveniently save for, plan, and book PTO travel. The platform also includes next-generation tools, applications, API’s, and data integrations that help our clients’ employees conveniently plan and use their PTO benefits and that give our clients access to valuable insights into how their employees use their PTO. As a result, our clients require certain personal information from and about you, and that personal information is processed using our Services. The personal information about you that we process may include contact information, information about your PTO, travel plans, and other interactions with your employer related to your use of the Services, as well as usage or analytics information.
OUR COLLECTION AND USE OF PERSONAL INFORMATION
1. Personal Information that You Provide and that We Collect Automatically
We collect personal information when you voluntarily submit information to us or visit our websites.
We collect the following categories of personal information that provide in connection with our Services:
- Contact Information. If you register for our Services or otherwise provide information to us through any paper or electronic applications or other forms, we will collect your name, phone number, and email address and possibly other demographic information.
- Paid Time Off Information. When you use the Services, you and your employer may use the Services to process personal information regarding the benefits to which you are entitled under your agreement with your employer. This information is made available to our clients to enable them to understand and improve how their employees are using the travel benefits to which they are entitled.
- Travel Information. When you use the Services, you will input information about your travel plans, such as searches you make using the Services related to travel (for example, your desired destinations and dates) and other related information such as date of birth, passport information, Trust Traveler, dates and locations of travel, itineraries, travel accommodations, and similar information. This information is made available to our clients to enable them to understand and improve how their employees are using the travel benefits to which they are entitled. Some of that information may also be shared with our travel vendors, but only as strictly necessary to provide the travel services made available to you. Travel vendors are never allowed to use your personal information for purposes of marketing to you or to further transfer your information to any third party.
- Savings Information. The Services allow you and your employer to set goals and to put aside funds to be used for travel purposes. We necessarily track those goals and funds, including information related to deposits, withdrawals, and balances, for purposes of administration.
- Usage Data. Usage Data consists of the following and similar information:
- Information about your interactions with the Services, which includes the date and time of any requests you make. This also may include details of your use of third-party applications connected with the Services.
- The timing of the information you post to the Services including messages you send and/or receive via the Services and your interactions with our customer service team.
- Technical data which may include URL information, cookie data, your IP address, the types of devices you are using to access or connect to the Services, unique device IDs, device attributes, network connection type (e.g. WiFi, 4G, LTE, Bluetooth) and provider, network and device performance, browser type, language, information enabling digital rights management, operating system, and application version.
2. Our Use of Personal Information
We use the personal information we collect:
- Communications. To contact you, such as in response to your inquiries, comments or orders, to provide technical or administrative support or to let you know about new products, Services or offers.
- Personalization. To remember you and provide personalized content, information and user experiences.
- Analyze and Improve Services. To monitor, enhance, and improve our Services, track our website usage, and monitor the effectiveness of our Service.
- Make Information Available to Clients. In most cases, the information we collect about you is made available to our clients for processing pursuant to their agreements with you. Our lawful basis for providing this personal information to clients is your consent, which you give when you enter into agreements with those clients and when you use the Services.
3. Our Disclosure of Personal Information
We disclose personal information in the following ways:
- Service Providers. We disclose personal information with our third-party vendors, consultants and other service providers that perform services on our behalf, which may include hosting services, administrative or business management services, analytics services, banking services, technology services (including web and mobile platforms, and email communications providers and data storage providers).
- Travel Providers. We disclose personal information with the providers of the travel services with which you engage using the Services. We never provide personal information about you to travel providers, except as required for us to perform the Services.
- Business Transaction or Reorganization. If Company or some or all of our assets are acquired or otherwise transferred, or in the unlikely event that we go out of business or enter bankruptcy, the personal information of our users may be transferred to or acquired by a third party.
- Legal Obligations and Rights. We may disclose personal information to third-parties, such as legal advisors and law enforcement to:
- satisfy any applicable law, regulation, subpoena/court order, legal process or other government request;
- enforce our Terms of Service, including the investigation of potential violations thereof;
- investigate and defend ourselves against any third-party claims or allegations;
- protect against harm to the rights, property or safety of Company, our users or the public as required or permitted by law; and
- detect, prevent or otherwise address criminal (including fraud), security or technical issues.
- Consent. We may disclose personal information about you to certain other third-parties, but only when you specifically give us your consent.
4. Children's Personal Information
We do not knowingly solicit data from or market to children under 18 years of age. If you become aware of any data we may have collected from children under age 18, please contact us at email@example.com.
5. Control Over Your Personal Information
You have some choices regarding how we use your personal information, including the following:
- Communications Preferences. You can stop receiving promotional email communications from us by clicking on the "unsubscribe link" provided in such communications. You may not opt out of Service-related communications (e.g., account verification, transactional communications, changes/updates to features of the Service, technical and security notices).
6. Party Websites and Services
The Services may contain links to and from third-party websites of our business partners, such as travel providers, as well as to advertisers and social media sites, and our users may sometimes post links to third-party websites. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for their policies. We strongly recommend that you read their privacy policies and terms and conditions of use to understand how they collect, use, and share information. We are not responsible for the privacy practices or the content on the websites of third-party sites.
The security of your Data is important to us. We use commercially reasonable efforts to store and maintain your Data in a secure environment. We take technical, contractual, administrative, and physical security steps designed to protect Data that you provide to us. We have implemented procedures designed to limit the dissemination of your Data to only such designated staff as are reasonably necessary to carry out the stated purposes we have communicated to you.
9. Updates to this Policy
We may update this Policy from time to time. If we make any changes to this Policy, we will change the "Last Updated" date at the top of the Policy and will post the updated Policy on this page. If we make material changes to this Policy, we will notify you by email to your registered email address, by prominent posting on this website or our online services, or through other appropriate communication channels. All changes shall be effective from the date of publication unless otherwise provided.
10. Contact Us
If you have any questions about this Policy, please contact us at firstname.lastname@example.org or by writing to us at:
Attn: Privacy Officer
177 E 900 S Suite #200
Salt Lake City, UT 84111
REGION SPECIFIC DISCLOSURES
We may choose or be required by law to provide different or additional disclosures relating to the processing of personal information about residents of certain countries, regions or states. Please refer below for disclosures that may be applicable to you:
California has also adopted the California Consumer Privacy Act (“CCPA”), which took effect at the beginning of 2020. We comply with the requirements of the CCPA to the extent they apply to us.
If you are a California resident and we qualify as a “business” under the terms of that law, you will have the following rights:
- You have the right to request that we disclose the categories and the specific items of Data about you that we collect, use, disclose, and/or sell and that Data about you that we have collected, used, disclosed, and/or sold during the 12 months prior to your request.
- You also have the right to have the Data we collect about you deleted. We use a two-step process to verify your identity and to have the information deleted. Your rights to have Data deleted are subject to several exceptions, specifically the Data that is necessary for us to:
- provide you a good or service;
- protect your security and prosecute those responsible for breaching it;
- fix our system in the case of a bug;
- protect the free speech rights of you or other users;
- comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et seq.);
- comply with a legal obligation; or
- make other internal and lawful uses of the information that are compatible with the context in which you provided it.
- We have listed the specific and general categories of personal information we have collected, disclosed, or sold in the last 12 months in the sections above.
- We do not sell your personal information.
- To make any request under the CCPA, you must complete the Data Request Form found at the Data Request Form. You have the right not to receive discriminatory treatment by us for the exercise of any privacy rights conferred by the CCPA, which means that we will not take any action to hurt or punish you for exercising your rights under the CCPA.
Individuals Located in the EEA
For employees and other authorized users operating in their role as administrators or users of our services, our lawful basis is the legitimate interest we have in providing the services to their employer.
The GDPR also requires us to take appropriate technical and organizational measures to protect the security of Data relating to residents of Europe. We make commercially reasonable efforts to ensure the privacy and security of the Data of our European visitors and customers, and we are happy to give you a complete description of our most current efforts, if you will write us at email@example.com. You may also write us at that address to communicate with our data protection officer.