CoWorkStays Privacy Policy and CCPA Policy
Effective Date: August 29, 2023
I. Introduction
This Privacy Notice explains how CoWorkStays, Inc., and each of its subsidiaries, (together "CoWorkStays" or "we") collects, uses, protects and shares personal information. As used in this Privacy Notice, "you" refers to an individual who is a user of CoWorkStays's products or services including a Host or Guest, actual or prospective supplier, contractor or employee and/or member of the public who engages with us. Where you use our services, or your personal data is processed in connection with such services, and we control the purpose for which such personal data is processed, CoWorkStays will be the data controller of such information. From time to time, there may be more than one data controller of your information within our group where you have engaged different parts of our broader organisation to provide different or jointly delivered services.
This Privacy Notice applies:
· to your use of any of our services where we are performing a data controller function;
· where you apply to us for a job or work placement;
· to your supply of services to us where this involves any personal data; and/or
· to any personal information collected from third parties where we are the controller of such information.
This Privacy Notice additionally applies to our website and online services and any other website, mobile app or other online service created or hosted by us from time to time on which this Privacy Notice appears (together, our "online services") through which we may collect certain details if, for example, you want to subscribe to any publications or newsletters that we may periodically issue. Please note that our online services make use of cookies and similar technologies, as described in more detail in our Cookies Policy. This Privacy Notice does not apply to, and CoWorkStays is not responsible for, any third-party websites which may be accessible through links from this website (please see Online services - Links to third party sites, services and content below for more information). Please note, our Services are not intended for children under the age of majority in your jurisdiction of residence. If you are under the age of majority in your jurisdiction of residence, do not use or provide any personal information on or through the Services or about yourself to us. If you believe that we might have personal information from or about a child under the age of majority, please contact us.
II. Collection of User Information
"Personal data, Personal Information and, if the context requires, information" is any information that can be used to identify you or that we can link to you. We collect and process your personal information in order to provide you with an optimal experience possible when you interact with us. The following table describes the type of information we collect, the source of that information, our purposes for using the information, and the third parties with whom we may share the information.
Classification of DataCategories of DataSource of CollectionUser Data: Data we collect about the individuals who use our services. We associate this data with a unique ID (Host ID or Guest ID) depending on the type of user.
Name, email address, zip code, phone number (including country code), city, government ID, title, affiliated organizations such as professional or employment-related information, uploaded photos, social media handles, website URL's affiliated with the user, communications to and from users (including email and chat feature communications), identity verification information, which may include Social Security Numbers (SSNs) , or Social Insurance Numbers (SINs).
Provided by you (Users) and third parties.
Identity verification information: Information collected that can help us verify that users are who they claim to be.
We use Stripe for identity document verification. Stripe collects identity document images, facial images, ID numbers and addresses as well as information about the devices that connect to its services. Stripe shares this information with us and also uses this information to operate and improve the services it provides, including for fraud detection. You may also choose to allow Stripe to use your data to improve Stripe’s biometric verification technology. You can learn more about Stripe and read its privacy policy at
https://stripe.com/privacy.
Provided by you (Users) and third parties.
Device and Location Data: Data we collect about the device you are using
Internet and associated network information, browser type, device type, method of sign-on, device ID information, IP address.
Devices.
Platform Activity Data: Information we collect about how you interact with the CoWorkStays Platform
Access date/time, pages viewed, searches made, messages sent, inquiries made, requests made, bookings made, reviews written, boards created, analytics data, error logs.
Users and devices.
Cookies and Similar Data: CoWorkStays's website uses cookies, pixels, and other technologies to make the website work properly and to provide the most relevant services to our site visitors.
Cookies send information back to the originating website on each subsequent visit, or to another website that recognizes that cookie, to develop a record of the user's online activity.
CoWorkStays and third parties.
Information about Spaces: Information associated with the spaces listed on our service, which may be associated with a particular individual but typically is associated with a business. We assign a Space ID to unique spaces as well as a Listing ID to unique listings.
Address (street address, city, state, province, zip, postal code, country, metropolitan area), latitude and longitude of space, time zone, venue capacity, onsite contact information, space entry instructions, Wi-Fi access instructions.
Users and third parties.
Booking Information: Information related to a particular Booking. We assign Booking IDs to each unique Booking.
Start/End date, start/end time, Booking details (services descriptions, event description, attendee count, prices, taxes, fees), communications regarding Booking.
Users.
Vendor Information: Information we collect about vendors who provide services via our Services.
Vendor email, services description, locations, contact information, website, survey responses, vendor questionnaire responses.
Vendors.
Survey/Feedback Information: We collect information when you fill out a form, provide feedback, or otherwise communicate with us.
Survey question responses, feedback, email correspondence.
Users.
Contract Information: We collect information related to the agreements signed between users.
Contracts signed, signatures (including electronic signatures), affiliate information, contract terms and other information.
Users, vendors, and third parties.
Sensory Information: Audio data, such as a recording of your voice when you contact us via Support
Your voice, recordings of support phone calls, calls connecting you with other users
Users
Payment Data: We collect information about the means by which you submit or receive payment through our platform
Credit card information, bank account information.
Users and third parties.
Other Data: We collect additional information from individuals depending on how they use our Services.
Calendar information (if access is provided), Space Wi-Fi information, miscellaneous communication information, information related to Events, Bookings, Spaces, or Users (including guest lists, diet restrictions, physical restrictions, or other information).
Users, vendors and third parties.
User Interaction/Dispute Resolution: We collect information related to the interactions between our users and other users or third parties. Sometimes this is to facilitate communications between individuals, to resolve disputes, or for other business purposes compatible with the reason for collection.
Information provided in relation to our business purposes.
Users, vendors, and third parties.
Background Check Information: We may conduct background checks on various individuals as part of our efforts to ensure the safety and security of users on the site.
Information related to background checks.
Background check service providers.
Employment History Data: reference, background, directorship, financial probity, identity, eligibility to work, vocational suitability and criminal record checks.
Information provided in relation to a job or work placement with CoWorkStays.
Job application, background check service provides.
III. Legal Basis For Usage of Personal Data
Where we intend to use your personal data, we rely on the following legal grounds:
Performance of a contract: We may need to collect and use your personal data to enter into a contract with you or to perform a contract that you have with us. For example, this could be any form of commercial contract to which we are both a party, or if you are going to work for us, an employment contract or if you are a Host and you make Spaces available on the Platform or where you are a Guest and you make a booking on the Platform, and where we respond to your requests and provide you with services in accordance with our CoWorkStays Services Agreement (“
PSA”) or other applicable terms of business agreed with you or with your employing organisation.
Legitimate interests: Where we consider use of your information as being (a) non-detrimental to you, (b) within your reasonable expectations, and (c) necessary for our own, or a third party’s legitimate purpose, we may use your personal data, which may include:
· for our own direct marketing or continued communication, subject to your express consent if required in your country of residence;
· the prevention of fraud; our own internal administrative purposes; personalisation of the service(s) we provide to you;
· ensuring network and information security, including preventing unauthorised access to electronic communications networks and stopping damage to computer and electronic communication systems; and/or
· reporting possible criminal acts or threats to public security to a competent authority.
Compliance with a legal obligation: We may be required to process your information due to legal requirements, including employment laws, tax laws and other regulatory provisions applicable to CoWorkStays.
Consent: You may be asked to provide your consent in connection with certain services that we offer, for example in respect of any processing of your personal data for our marketing purposes where you or your employing organisation is not a client of CoWorkStays, or in respect of certain special categories of personal data such as your health or racial background for which we are legally obliged to gain your consent due to the sensitive nature of such information and the circumstances in which it is gathered or transferred. Where we are reliant upon your consent, you may withdraw this at any time by contacting us, however please note that we will no longer be able to provide you with the products or services that rely on having your consent.
IV. Our Operational and Commercial Purposes
Depending upon the circumstances in which we gather your personal data, we may use your information to provide you with services and information, or for any of the following purposes:
· to provide you with CoWorkStays’s services that you or your employing organization request;
· accepting, coordinating, managing, and processing Listings and Bookings;
· facilitating purchase transactions for goods and services;
· providing top-level customer support, accommodations, and personalized services and amenities;
· to respond to your enquiries and maintain and develop our relationship with you;
· engaging in quality control in order to improve our offerings to you;
· facilitating communications between parties;
· to engage in content based or interest-based advertising,
· to provide you on an ongoing basis with information and services, including relevant marketing communications related to CoWorkStays, and other information or materials, that you request from us or which we feel may interest you where you have indicated that you would like to receive these from us;
· to evaluate, recruit, and hire personnel;
· ensuring the safety and security of our users, our staff, and all other persons visiting our platform or the properties listed on it, including verifying your identity;
· to prevent, detect, and investigate fraud, cyber incidents, or other illegal activity; communicating with you and others in relation to your use of our services, including providing legal updates;
· administering our record-keeping for legal, tax, and operational purposes;
· exploring new and unique ways to provide products and services; and
· doing our best to fulfill your requests.
Our commercial purposes are to advance our commercial interests, including for advertising and marketing. To learn more about how your personal information is processed for marketing and advertising, please see Your Marketing and Ad Choices below.
We may not be able to do some or all of these things without your personal data.
If at any time we intend to change the purpose for which we hold your personal data, for example to offer you with a complimentary service that we may provide in the future, we will give you prior information of that new purpose, so you are aware of this.
V. Disclosures of Your Personal Information
In order to provide you our service and to fulfill our business and commercial purposes, we may disclose your personal information to the different entities and subsidiaries within CoWorkStays’s group for our internal administrative purposes such as billing, promoting our events and services, and providing you or your organization with services, provided in all instances that such processing is consistent with legal basis for usage of personal data above and applicable law. Information disclosed to facilitate bookings and other interactions between customers, and to enable your use of the CoWorkStays platform may include demographic information; financial information; government identifiers; protected classification characteristics; transaction history; internet, application, and network activity; location data; sensory (audio data); professional or employment-related information; and inferences about you.
1.
Publicly Posted Information. Some user information is posted publicly on the platform and is visible by others. This may include profile information, information related to a Space or Listing, reviews, ratings and other feedback, reviews of Guests completing Bookings, reviews of attendees that have attended an event organized by Guests, and other information that a user submits to be posted. Precise location information is not publicly posted.
2.
Sharing Between Users. Our Services are designed to connect users and to facilitate interaction between them. We also will disclose your personal information to any agents or third parties to whom you authorize us to disclose it, including the operators, managers, agents, or other parties associated with an Event or when you agree to a Booking. This sharing is necessary to ensure the performance of the contract between you and CoWorkStays, and/or you and a third party.
3.
Our Service Providers : We may share your information to our trusted third-party service providers, including but not limited to our cloud service providers, web development, analytics, and security providers, communications providers, and internal and external advisors or auditors, payment processors, insurance providers and third-party administrators, dispute resolution providers, advertising providers, governmental entities, social networks, background verification providers and other users. When appropriate or required by applicable law, we will put in place appropriate contracts containing standard data protection clauses to protect that information and the rights of individuals.
4.
Other Disclosures. In addition to the foregoing, we may disclose personal information in the following circumstances:
1. If you have consented to us sharing your personal information in this way;
2. We deem is reasonably necessary to provide you with the services that you have required at any particular time;
3. Such sharing is to law enforcement bodies or other governmental authority;
4. Such sharing is in order to comply with a civil, criminal, or regulatory inquiry, investigation, subpoena, or summons by federal, state, governmental or local authorities;
5. To exercise and defend legal or payment related claims;
6. When such disclosure is pursuant necessary to protect the rights and freedoms of other individuals, property or safety of CoWorkStays, CoWorkStays employees, our clients or others;
7. As part of a prospective or completed merger, acquisition, bankruptcy, or other transaction in which the third party assumes control of all or part of CoWorkStays; and
8. In any other manner permitted by law, including engaging in protected speech.
5.
Third Party Links : Links to web sites that are not operated by or for us ("Third Party Sites") and are provided solely as a convenience to you. If you use these links, you will leave our website. This Privacy Notice does not apply to Third Party Sites. We have not reviewed the Third-Party Sites, do not control and are not responsible for any of their content or their privacy policies, if any. We do not endorse or make any representations about them, or any information, software or other products or materials found there, or any results that may be obtained from using them. If you decide to access any of the Third-Party Sites listed on or linked to from our website, you should understand that you do so at your own risk.
6.
Building Management and Owners: We may disclose personal information of Hosts and Guests such as booking information, and information related to compliance with applicable laws and property management agreements with landlords, management companies, and/or property owners to facilitate the Host Services. For example, Guest Booking and personal information, including Guest contact information, may be shared with the owner/management, staff, reception, or caretaker of the building, complex, or community where a Host lives and/or the listing is located, to facilitate Host Services, compliance with applicable laws, security, billing, and other services.
Any third parties that we may share your data with are obliged to keep your details securely, and to use them only to fulfill the service they provide you on CoWorkStays’s behalf. When such third parties no longer need your personal data to fulfill this service, they will dispose of such details in line with CoWorkStays’s procedures unless they are themselves under a legal obligation to retain information (provided that this will be in accordance with applicable data privacy laws). If we wish to pass your sensitive personal data onto a third party we will only do so once we have obtained your consent, unless we are legally required to do otherwise.
We may share information that does not reasonably identify you or your organization as permitted by applicable law.
VI. Retention
We retain the information we collect for no longer than is reasonably necessary to fulfill the purposes that such data was originally collected in accordance with our internal data retention policies or to comply with our legal and regulatory obligations.
A maintained copy of our retention policy is available upon request. Should you wish to review our retention policy then please contact us.
VII. Security
We are committed to protecting the security of any personal information you provide. We have implemented reasonable administrative, technical and physical measures in an effort to safeguard the personal information in our custody and control against theft, loss and unauthorized access, use, modification and disclosure. We restrict access to personal information on a need-to-know basis to employees and authorized service providers who require access to fulfill their job requirements.
All financial information you provide, such as credit card data, will generally be transferred over a Secured Socket Layer (SSL) connection (provided that it is supported or enabled on your browser). In spite of these protections, any information submitted over the Internet could be intercepted or otherwise corrupted during transmission, and we cannot guarantee the complete security of any data submitted over the Internet. Sensitive personal information is stored on servers or locations protected by procedures and technology designed to block reasonably foreseeable intrusions by unauthorized third parties. The servers are under our control at all times but may be hosted, managed or otherwise maintained by third party service providers with whom we contract. These third-party service providers have no right to use or access this data other than in performing their services for us.
All employees, officers or contractors of CoWorkStays and third-party providers with access to confidential information are subject to access controls and confidentiality obligations, and we require our third-party data storage providers to comply with appropriate information security industry standards.
Whilst we continually strive to ensure that our systems and controls are updated to reflect technological changes, the transmission of information via the internet is not completely secure, and as such we cannot guarantee the security of your data transmitted to our online services which is at your own risk.
If you communicate with us using non-secure web platforms, you assume the risks that such communications between us are intercepted, not received, delayed, corrupted or are received by persons other than the intended recipient.
Once we have received your information, we will take reasonable steps to use procedures and security features to try to prevent unauthorised access, modification or disclosure.
You may access and change certain information that you submitted during registration (if you have registered at the Site) at any time by providing your username and password. Please keep your password in a safe place and do not provide this information to anyone. We strongly encourage you to check the accuracy of your data regularly as we will use your e-mail, phone number, and home address to communicate with you regarding products or services that you have requested. We will not be liable for any problems or difficulties that arise as a result of your failure to keep your information up to date.
VIII. International Data Transfers
CoWorkStays, Inc. is located in the United States and has operational subsidiaries that are located in different jurisdictions in the world, details of which can be accessed here. Information we collect from you will be processed in the United States and other jurisdictions, and the data protection laws in the United States and those other jurisdictions may differ from the data protection laws where you reside.
Where we transfer your personal information outside of the jurisdiction where you reside, we will take all steps required by law to ensure that your privacy rights continue to be protected (for example, for data transfers outside of the UK / EEA or Australia we will enter into the appropriate data transfer agreement containing the Standard Contractual Clauses (as amended from time to time).
IX. Your Marketing and Ad Choices
Like most businesses, CoWorkStays advertises and markets its Services in various ways. We may use cookies and related technologies to recognize you and receive information about your activity on our websites. For all of the details about how we use cookies and your options please refer to our Cookie Policy by clicking here.
X. Information for UK / EEA Users about Your Rights
Under the EU and UK GDPR, we have a duty of care to ensure that your personal data is accurate and up to date. Therefore, please contact us to update or correct your information if this changes or if you believe that any information that we have collected about you is inaccurate.
The data protection officer can be reached at the following address: help@CoWorkStays.com
Where you have consented to our processing of certain personal data, you can at any time withdraw such consent and/or tell us not to contact you with updates and information regarding our products and services (or part of them) either at the point such information is collected (by leaving the relevant box unticked) or, where you do not wish us to continue to use your information in this way, by following the unsubscribe instructions on any communications sent to you. Please note that where you withdraw your consent, we will no longer be able to provide you with the products or services that rely on having your consent. You can also exercise this right at any time by contacting us using the contact details at the end of this Privacy Notice. You can request:
· access to the personal data we hold about you
· corrections or updates to your details;
· the erasure of your personal data;
· the portability of personal data that you have provided to us in a structured, commonly used and machine-readable format.
You also have the right to object to, or request the restriction of, our use of your personal data.
If you would like to exercise any of the rights set out in this section, please contact us. We may refuse to provide access where we have legitimate reasons for doing so under applicable data privacy laws, and in exceptional circumstances may charge a fee for access if the relevant legislation allows us to do so, in which case we will provide reasons for our decision.
In the UK, you may submit a complaint to the Information Commissioner's Office, details of which can be found at
https://ico.org.uk/global/contact-us.
In the EAA, you may submit a complaint to the supervisory authority.
If you make a privacy complaint, we will respond to let you know how your complaint will be handled. We may ask you for further details, consult with other parties and keep records regarding your complaint.
XI. Information for Australian Users
The meaning of personal data in this policy for individuals located in Australia is “Information or an opinion about an identified individual, or an individual who is reasonably identifiable: whether the information or opinion is true or not; and whether the information or opinion is recorded in a material form or not.”
In accordance with the Australian
Privacy Act, the following is a list of information we may only collect from a user who has provided express consent: information or an opinion about an individual’s racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual orientation or practices, criminal record that is also personal data; or health information about an individual, genetic information about an individual that is not otherwise health information, biometric information that is to be used for the purpose of automated biometric verification or biometric identification or biometric templates.
We do not collect personal data unless it is necessary to carry out our activities or functions or required by law. If you do not provide us with personal data we request or would otherwise collect, we may not be able to provide our services or otherwise communicate with or engage you.
We may use or disclose personal data in circumstances expressly permitted by the Australia
Privacy Act, including where:
· It is not reasonable or practical to obtain consent and we reasonably believe use or disclosure is necessary to lessen or prevent a serious threat to life, health, or safety of any individual or public health and safety;
· We have reason to suspect that unlawful activity or misconduct of a serious nature that relates to our activities or functions is being or has been engaged in and we believe the collection, use or disclosure is necessary to take appropriate action in relation to the matter, or
· We reasonably believe that the collection, use or disclosure is reasonably necessary to assist with the location of a person reported missing.
We maintain your personal data physically and electronically in the USA. Some electronic services we use may process data in other countries, but those services are not entitled to access or use the personal data held by us except as required for delivery of the contracted service. The information that is published on our website is accessible globally.
We will respond to you regarding whether we hold any personal data relating to you and will allow access and correction barring certain limitations set out in the Australian
Privacy Act including:
· If we reasonably believe that giving access would pose a serious threat to the life, health or safety of any individual, or to public health or public safety;
· Giving access would have an unreasonable impact on the privacy of other individuals;
· The request for access is frivolous or vexatious;
· The information relates to existing or anticipated legal proceedings between the organisation and the individual, and would not be accessible by the process of discovery in those proceedings;
· Giving access would reveal the intentions of the organisation in relation to negotiations with the individual in such a way as to prejudice those negotiations;
· Giving access would be unlawful;
· Denying access is required or authorised by or under an Australian law or a court/tribunal order;
· The organisation has reason to suspect that unlawful activity, or misconduct of a serious nature, that relates to the organisation’s functions or activities has been, is being or may be engaged in and giving access would be likely to prejudice the taking of appropriate action in relation to the matter;
· Giving access would be likely to prejudice one or more enforcement related activities conducted by, or on behalf of, an enforcement body; or
· Giving access would reveal evaluative information generated within the organisation in connection with a commercially sensitive decision-making process
The CoWorkStays Privacy Officer will respond to complaints and inquiries related to your personal data within 30 days and will respond to any request you might make at that time or as soon as reasonably practicable after that date. If you are not satisfied by any response you receive from us, you are entitled to contact the
Office of the Australian Information Commissioner.
XII. Information for Canadian Users
Subject to limited exceptions under applicable law, you have the right to access, update and correct inaccuracies in your personal information in our custody and control. You may request access, updating and corrections of inaccuracies in your personal information in our custody or control by emailing or writing to us at the contact information set out below. We may request certain personal information for the purpose of verifying the identity of the individual seeking access to his or her personal information records.
XIII. California Privacy Rights
If you reside in California, you have specific rights regarding your personal information. Please see our
California Consumer Privacy Notice.
XIV. Information for Spanish Users
In accordance with the provisions of Constitutional Law 3/2018, of the 5th of December, CoWorkStays, Inc. wishes to inform you about the following related to the Protection of Personal Data and Guarantee of Digital Rights:
The information we require from you in order to provide our services will be processed and stored by the Data Protection Agency in a confidential and secure manner. Moreover, said information is used exclusively by CoWorkStays, Inc for purposes related to providing services and maintaining commercial relationships with Users, and will not be sold to third parties for advertising or other purposes without your consent. The only exception will be if we are required to share this information by a public authority, or if information provided by you is considered to be public information.
Interested parties may exercise the following rights:
· right of access to your personal data to know which data are being processed and the processing operations that are being performed with that data;
· right to rectification of any inaccurate data;
· right to erase personal data, where possible;
· right to request the restriction of the processing of your personal data where the accuracy, legality or need to process the data is doubtful, in which case we may store your data for the exercise or defense of claims;
· right to data portability, when the legal basis that enables us to process them, is the contractual relationship or your consent;
· right to object to the processing of your personal data, when the legal basis that enables us to process them, is legitimate interest. For such purposes, we will cease to process your data unless we have a compelling legitimate interest or it is for the establishment, exercise or defense of legal claims;
· right to withdraw your consent at any time.
You can exercise your rights at any moment by contacting us, as the entity responsible for the data, to this effect, at the addresses listed here.
Or by email at legal@CoWorkStays.com, including a signed written document and providing a photocopy of your ID (DNI)or passport.
CoWorkStays, Inc will keep the personal information which it possesses and will adopt the necessary measures in order to avoid its alteration, loss, processing or unauthorized access. CoWorkStays, Inc will fulfill this obligation in accordance with that which is established in applicable regulations (General Data Protection Regulation 2016/679 UE-GDPR, and additional regulations).
XV. Children's Policy
We are committed to complying with the Children's Online Privacy Protection Act (COPPA). Our website and services are not directed to children under the age of 18. We do not knowingly collect personal information from children under the age of 18. If we receive personal information that we discover was provided by a child under the age of 18, we will promptly destroy such information. Parents are encouraged to supervise their children's online activities and consider the use of other means to provide a child-friendly online environment. Additional information is available on the Direct Marketing Association's home page at
http://www.the-dma.org. If you would like to learn more about COPPA, visit the Federal Trade Commission home page at
http://www.ftc.gov.
XVI. Agreement and Changes
By submitting your personal information through our website, you agree to the collection and use of your personal information on the basis described above. If you do not agree, please do not provide any personal information via our website.
As technologies and information governance practices develop, and data privacy laws (and surrounding guidance) evolve, we may need to revise this Privacy Notice. You should therefore review this page regularly to ensure that you are aware of any changes to its terms.
If we decide to update our Privacy Notice, we will indicate this next to the Privacy Notice link on the front page of our Site. If there are material changes to the Privacy Notice, we will prominently post and/or communicate such changes prior to implementing them. Information collected under previous versions of our Privacy Notice will then become subject to the terms of our new Privacy Notice.
XVII. Contact Information
If you would like to update your information, modify your communication preferences, or if you do not want to receive marketing communications from us in the future, you can contact us here. Please note, we do not accept consumer rights requests via email.
If you have any questions or comments regarding our privacy practices, or about the manner in which we or our service providers treat your personal information, please contact Rony Chammas (Chief Product Officer) at
legal@CoWorkStays.com.
CALIFORNIA CONSUMER PRIVACY POLICY
Last Updated: November 8, 2022
The purpose of this California Consumer Privacy Notice (as updated from time-to-time, this "
CA Privacy Notice") is to explain our data collection and privacy practices when you use our Services. This CA Privacy Notice is incorporated in, and in turn incorporates the terms of CoWorkStays's general privacy policy. Please read this entire CA Privacy Notice carefully to understand our practices regarding your personal information. If you are an employee, agent, contractor, officer, director, or other personnel of CoWorkStays, or if we process your information as part of a business-to-business transaction, your rights under the CCPA are limited.
If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with certain additional privacy rights related to the personal information we collect about you. Generally, the CCPA provides you with rights to know about the personal information we collect about you and rights to have personal information we collected from you deleted in certain circumstances. Please see below to learn more about your rights under the CCPA and to learn more about our practices. Not all of your personal information is subject to the CCPA. The CCPA does not apply to personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRA). Your personal information may be subject to these other privacy laws and your personal information that we maintain may be exempt from the CCPA.
1.
What Is Personal Information? The CCPA provides personal information rights to California residents. The CCPA defines personal information as information that "identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular" California consumer or household. Personal information does not include publicly available information or consumer information that is de-identified or aggregate consumer information.
2.
What Personal Information Do We Collect About You? We collect or generate personal information about you in a number of ways depending on the relationship we have with you. Our general privacy policy describes our collection and use in more detail, but, for CCPA purposes, we may collect the following categories of information:
o
Personal Identifiers : This includes first and last name, previous name, address, telephone number, unique personal identifier, and signature;
o
Device and Online Identifiers and Related Information : This includes online identifiers, Internet Protocol (IP) address, email address, account user name, mobile/ wireless number, social media profile, unique device identifier and serial number, and other device information;
o
Demographic Information : This includes date of birth and household income data; Financial Information: This includes transaction information, financial account information used to validate your identity, account information about externally linked accounts, account login credentials, and other financial information;
o
Government Identifiers : This includes social security number, national identification number, other government-issued identification number, driver's or operator's license number, passport number, and copies of government IDs;
o
Protected Classification Characteristics : This includes age, national origin, citizenship, nationality, marital status, sex, and veteran or military status; please note that we do not collect information regarding gender identity, gender expression, or sexual orientation unless you provide it to us in connection with our products or services;
o
Purchase History : This includes customer transaction history or tendencies;
o
Internet, Application, and Network Activity : This includes text messages or emails sent to us, clickstream/online website tracking information, and data related to user activity (e.g., browser visits and cookies or other similar technologies);
o
Location Data : We may receive information about your location and your mobile device, including a unique identifier for your device; in addition, in some instances, location information can be derived from your IP address or through your wi-fi connection;
o
Sensory Data : This includes audio data, such as a recording of your voice when you call us;
o
Professional or Employment-Related Information : This includes occupation, title, employer, and employment history; and
o
Inferences About You : This includes a profile reflecting a person's preferences, characteristics, predispositions, behavior, attitudes and creditworthiness profile.
3.
How Do We Use Your Personal Information? We use your personal information for the purposes described in Section IV of our general Privacy Policy. We disclose the following categories of personal information to facilitate bookings and other interactions between customers, and to enable your use of the CoWorkStays platform: personal identifiers; device and online identifiers and related information; demographic information; financial information; government identifiers; protected classification characteristics; transaction history; internet, application, and network activity; location data; sensory (audio data); professional or employment-related information; and inferences about you. We may also use your personal information for any other purpose that we disclose at the time you provide, or when we collect, your information and other purposes permitted by applicable law. We may also use data that we collect on an aggregate or anonymous basis for various business purposes, where permissible under applicable laws and regulations.
4.
What Is The Source Of The Personal Information We Collect About You? In addition to the sources described in the general Privacy Policy, we collect personal information from various sources, including consumers, advertising providers, internet service providers, analytics providers, other users, data analytics providers, government entities, credit reporting services, social networks, and vendors.
5.
Who Do We Share Your Personal Information With? We share personal information with other users, third party vendors or service providers you engage with on our site, and our trusted third-party service providers, including but not limited to our cloud service providers, web development, analytics, and security providers, communications providers, and internal and external advisors or auditors, payment processors, dispute resolution providers, advertising providers, governmental entities, social networks, and other users.
6.
Do We Sell Personal Information? California law requires that we describe certain disclosures of personal information where we receive valuable consideration. California law treats such disclosures as "sales" even if no money is exchanged. We do not sell information to third parties as defined under California law, and we have not done so for the 12-month period preceding the last revision date of this CA Privacy Policy.
7.
Rights to Know About My Personal Information? You have the right to know certain information about our collection, use, and disclosure of your personal information for the 12 months preceding the date of your request. You also have the right to request that we provide you with specific pieces of your personal information. These rights are subject to certain exceptions. Upon receipt of your request, and after we verify your identity, we may provide you with information about the following:
o The categories of personal information we collected about you.
o The categories of sources of the personal information we collected about you.
o Our business or commercial purpose for collecting the personal information.
o The categories of personal information we disclosed about you to a service provider.
o The specific pieces of personal information we collected about you (data portability). If responding to all or part of your request would conflict with federal or state law, or your personal information is subject to an exemption under the CCPA, we will inform you of that fact. We will respond to the portion of your request that is not in conflict with applicable laws or exempt under the CCPA.
8.
Rights to Have my Personal Information Deleted? You have the right to request that we delete personal information we have collected from you, subject to certain exceptions and exemptions. Absent an exception or exemption, upon receipt of your request, and after we verify your identity, we will delete and will request that our service providers delete your personal information.
9.
How Do I Exercise My CCPA Rights? If you are a California resident and would like to submit a CCPA request, you may submit your request by contacting our support team. Only you, or a person you authorize to act on your behalf may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child. To authorize another person to make a verifiable request on your behalf, you must provide that person with written permission clearly describing their authority to make a request on your behalf. That individual must also be able to verify their identity with us and provide us with their authority to act on your behalf. An individual to whom you have provided Power of Attorney pursuant to Sections 4000 – 4465 of the California Probate Code may also make a request on your behalf.
10.
How Will You Verify My Identity If I Make a CCPA Request? In order to verify your identity, we will obtain certain information from you and use it to verify your identity using reasonable methods. These methods may include matching information you provided to us with information already maintained by us or through the use of a third party identity verification service. We will use the information you provide to verify your identity and to respond to your rights request and for no other purpose. We cannot respond to your request or provide you with personal information if we are not able to verify your identity or authority to make the request or confirm the personal information relates to you. You are not required to have an account with us to make a verifiable request.
11.
CCPA Non-Discrimination Rights? We will not discriminate against you for exercising any of your CCPA rights, which means we will not:
o Deny you goods or services.
o Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
o Provide you a different level or quality of goods or services.
o Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
12.
Contact Us. If you have any questions or concerns about this CA Policy, please contact us.