Effective Date: August 1st, 2022

INTRODUCTION.

This Privacy Policy is administered by Seminole Hard Rock Support Services, LLC, with headquarter at 5701 Stirling Road, Davie, Florida 33314, United States of America (the ”Data Controller”, ”we”, ” us” or ”our”) who has control over the reason and purposes behind the collection of your Personal Information and the means and method of any processing of your Personal Information.

This Privacy Policy applies and governs when you:

a. access or use the DAER website (the "Site") which is located at hardrocknightlife.com

b. use our products or services that are offered on the Site.

This Privacy Policy explains how we may collect, use and share (collectively, ”Process”) your Personal Information in relation to, and in connection with, the Site and our products and services offered on the Site.

This Privacy Policy also provides information about your rights with respect to your Personal Information and how you can contact us if you have any concern or questions about your Personal Information.

When you visit the Site, use any product, service, or benefit offered on the Site or interact with us, and provide your Personal Information to us, you consent to how we Process your Personal Information as set out in this Privacy Policy. If you do not consent, then you may not continue to access or use the Site or any products or services to which this Privacy Policy applies.

We may collect certain Personal Information about you to provide you with the services, features and benefits of the Site and also to facilitate our relationship with you in connection with the use of the Site. Providing Personal Information is optional. You may choose not to provide the requested Personal Information; however, you may not be able to access and use some or all of the features or benefits of the Site for which your Personal Information is required.

We may update this Privacy Policy at any time, and any updates to this Privacy Policy will be effective on the date specified in the updated Privacy Policy.

Where additional detailed information is needed to explain our privacy practices, we will provide such information in supplementary privacy notices.

This Privacy Policy does not apply to information collected by any third party, including, but not limited to, a third-party website, third-party applications, or third-party advertising that may link to or be accessible from or on the Site. Please review the privacy policies of any third-party website or application for more information about how they process your Personal Information.

This Privacy Policy is provided in a layered format so you can click through to the specific sections of this Privacy Policy. Alternatively, you may view and/or download a Portable Document Format (.pdf) version of this Privacy Policy here: [LINK].

DEFINITIONS.

In this Privacy Policy, the following words shall have the following meanings:

”Additional Terms”

means the additional terms and conditions, rules, and policies, which apply to the purchase of goods or services and to specific features of the Site including VIP reservations, that may be posted on the Site to supplement the Terms of Use of the Site.

”Applicable Laws”

”DAER Locations”

”DAER products and services”

”Personal Information”

”Privacy Policy”

means any and all laws, ordinances, constitutions, regulations, statutes, treaties, rules, codes, permits, principles of common law, requirements, and orders adopted, enacted, implemented, promulgated, issued, entered, or deemed applicable by or under the authority of any governmental body having jurisdiction over you, the Data Controller or the Site in any way.

means the locations where DAER services and products are offered in any of the DAER venues (DAER Nightclub, DAER Dayclub, The Rooftop at DAER.

means the product and/or services offered on the Site

means any information relating to an identified or identifiable individual; an identifiable individual is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

means this privacy policy and any Changes.

”We ”, ”we”, ”Our” ”our”, ”Us”, or ”us”

means the Data Controller

”You”, ”you”, ”Your”, or ”your”

means you as a user of the Site

WHEN AND HOW DO WE COLLECT YOUR PERSONAL INFORMATION.

1. We may collect your Personal Information directly from you when you:

a. access or use the Site;

b. means any information relating to an identified or identifiable individual; an identifiable individual is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

c. show up an any DAER Location and we verify your identity in order to provide the services required;

d. enter a contest, promotional program, or survey launched or sponsored by any DAER Locations or on the Site;

e. participate in an event hosted at any DAER Locations;

f. contact DAER Customer Care;

g. contact us by letter, email, telephone, text, chat, or through any other written and verbal communications (digital or otherwise);

h. request information about our products or services, or a DAER Location;

i. you request marketing information or other promotional material to be sent to you;

j. allow someone to act on your behalf to provide us your Personal Information, including for a reservation at one of the DAER Locations;

k. connect with us via social media or you post content on DAER social page or a third-party social media website in connection with DAER Site; or

l. interact with us or our staff during your visit to a DAER Location, or during the use of digital or online services that we may provide.

2. We may also collect your Personal Information indirectly from publicly available sources and third parties, including, but not limited to, the following:

a. public databases, joint marketing partners, or other third parties;

b. organizations which provide credit information and credit references;

c. organizations involved in fraud prevention and detection;

d. companies with whom we partner to provide you with goods, services, or offers based on your activities or experiences at a DAER Location;

e. Internet-connected devices and our networks available at DAER Locations. For example, if you connect a device to the DAER Location’s Internet, we may tailor information or services offered to you for a better experience; and

f. organizations or services that share information with us that is permissible under their own privacy policy (such as our marketing partners or social media platforms).

COOKIES AND OTHER AUTOMATED TECHNOLOGIES.

As you interact with the Site, we will automatically collect technical data about your equipment, browsing actions, and patterns. We collect this information by using cookies and other automated technologies as described in in section. We may also receive technical data about you if you visit other websites employing our cookies. We may use such information to analyze the use of the Site and improve its features and performance to provide you with a better browsing experience.

(a) Cookies.

The Site uses ”cookies” to help us understand which parts of the Site are the most popular and the preferences of Site users. We may also use cookies to study traffic patterns on the Site, to improve its functionality and usability, to improve the effectiveness of our communications with users, to customize your experience, and to provide greater convenience to you during your interactions with the Site.

A cookie is a unique alphanumeric identifier that websites use to help identify the number of unique visitors to a website, whether or not those visitors are repeat visitors, and the source of the visits. If you prefer to disable cookies, you may do so through your web browser’s security settings. Please note that certain features of the Site may not be available once cookies have been disabled.

We may use two types of cookies: (i) Session cookies; and (ii) Persistent Cookies. Session Cookies and Persistent Cookies are categorized as: (a) Strictly Necessary Cookies; (b) Performance Cookies; (c) Functional Cookies; and (d) Targeting Cookies.

Session Cookies . Session cookies exist only during an online session. They disappear from your device when you close your browser or turn off your device. We use session cookies to allow our systems to uniquely identify you during a session or while you are visiting the Site. If you have disabled your Session Cookies, your choice will only be effective for that single session, and you will need to opt-out again.

Persistent Cookies . Persistent cookies remain on your computer after you have closed your browser or turned off your device.

Strictly Necessary Cookies . Strictly Necessary Cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the Site will not then work. Strictly Necessary Cookies do not store any Personal Information.

Performance Cookies . Performance Cookies allow us to count visits and traffic sources so we can measure and improve the performance of the Site. They help us to know which pages are the most and least popular and see how visitors move around the Site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow Performance Cookies we will not know when you have visited our site, and we will not be able to monitor its performance.

Functional Cookies . Functional Cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third-party providers whose services we have added to our pages. If you do not allow Functional Cookies, then some or all of these services may not function properly.

Targeting Cookies . Targeting Cookies may be set through our Site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. Targeting Cookies do not store directly Personal Information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

(b) Clear GIFs or Web Beacons.

Clear GIFs (also known as web beacons, web bugs, or pixel tags) are tiny graphics with a unique identifier, similar in function to cookies. In contrast to cookies, which are stored on your device’s internal storage, clear GIFs are embedded invisibly on web pages. We may use clear GIFs on the Site to, among other things, track the activities of Site visitors, help us manage content, and compile statistics about Site usage.

We and our service providers also use clear GIFs in HTML emails to our guests, to help us track email response rates, identify when our emails are viewed, and track whether our emails are forwarded.

Some of our email communications to you may contain links to content on the Site. When you click one of these links, it passes information through the Site web server before you arrive at the destination web page. We track this click-through data to help determine interest in particular topics and measure the effectiveness of our communications.

If you prefer not to be tracked, simply avoid clicking text or graphic links in emails you receive from us. In addition, you may view and change your preferences at any time by using the ‘Privacy Settings’ in your web browser.

(c) Server Log Files.

The Site gathers certain information automatically and stores it in log files. This information includes internet protocol (”IP”) addresses, browser type, operating system, internet service provider (” ISP”), referring/exit pages, date/time stamp of access, and clickstream data, and information about the content you view on the Site. When you visit the Site, the servers automatically log your IP address, the time and duration of your visit, and the time and duration spent on the pages of the Site which you view. If you arrive at the Site by clicking a paid advertisement or a link in a communication, then the server will capture information that tracks your visit from that link. If you arrive at the Site by clicking on a non-paid source, such as a search engine result or link on another website, the server captures information that tracks your visit from that source, to the extent available. The server also captures information from direct traffic. The server log files are not analysed with respect to individuals.

(d) Do Not Track Signals.

Currently, our systems do not recognize browser ”do-not-track” requests. You may, however, disable certain tracking as explained in the Cookies Section of this Privacy Policy (e.g., by disabling cookies). Please note that we do not collect, and are not aware of third parties that collect, Personal Information from users of the Site, or about their online activities on third‑party websites.

(e) Third-Party Analytics.

We use automated devices and applications, such as Google Analytics, to evaluate usage of the Site, and our online services. You can learn about Google’s practices by clicking onhttps://policies.google.com/privacy , and you may opt out by downloading the Google Analytics opt-out browser. The server also captures information from direct traffic. We use these tools to help us improve the Site, our online services, and your user experiences. These devices and applications may use cookies, tracking pixels, and other tracking technologies to perform their functions. We do not share your Personal Information with these third parties.

(f) Google Ajax API - Google Fonts

The Google Ajax API is an internet code library which can enable an on-demand web font service when required by Google ("Google Fonts") via website design platforms if required. The remote use of fonts.google.com via the Google Ajax API can allow the collection of limited browser data which enables Google Fonts to not re-use fonts if they are already installed in a web browser, and by doing so can decrease the load time of a web page for a faster user experience. However, when fonts are installed to a local server, user data cannot be tracked and fonts will be loaded from the web server instead without tracking web browser cookies.

Although the Site uses fonts that are stored locally and are not sent from Google servers, the Google Ajax API can still be visible in some browsers source code due to the functionality of the third-party development platform called Webflow that was used for creating the Site. For security reasons and cloud redundancy, the Site is also hosted by Webflow and not on internal servers owned by us. Because the Google Ajax API is an integrated part of the Webflow design interface it can leave a footprint in the source each time a site is published which results in Google Ajax API source code visibility even when fonts are installed on the local server.

Since the Site is hosted and managed on a third-party cloud server by Webflow we cannot use the Google Ajax API code. Therefore, we will not be able to collect, track or store any of your data via the Google Ajax API code. We have no responsibility or control over the use of Google Ajax API by the third-party platform Webflow hosting our Site. Please review Webflow's privacy policy to learn about Webflow's practices regarding Google Ajax API code by clicking here

PURPOSE OF PROCESSING PERSONAL INFORMATION & THE TYPES OF PERSONAL INFORMATION PROCESSED.

The table below sets out: (i) the purpose of processing activity; and (ii) the types of Personal Information that we may collect and Process.

Purpose of Processing Activity

Types of Personal Information Processed

To inform you of changes. To inform you of changes to the Terms of Use of the Site,Privacy Policy, to the services or products purchased

  • Name, address, and other contact details.

To offer you additional products or services offered on the Site. To offer you additional products and/or services as offered on the Site from time to time such as contest, promotions as better described in the Terms of Use of the Site.

  • Name, address, and other contact details.

To render products and/or services. To provide, deliver, charge, and evaluate products and/or services utilized by you at a DAER Locations

  • Name, address, and other contact details.

Responding to your requests. Responding to your requests in respect of services, information and data.

  • Name, address, and other contact details.
  • Details of transactions executed in connection with DAER products and services.
  • Details of the request.

For communication purposes. To send you printed or digital communications regarding: events, to inform you of any changes to the Site, or the events for which you have purchased a ticket, to make promotional offers to you, to offer you additional products or services, to render products or services to you, and to respond to your requests.

  • Name, address, and other contact details.

For market research. To send you periodic satisfaction, quality of service or market research surveys.

  • Name, address, and other contact details.
  • Date of birth.
  • Marital status.
  • Number of children and their ages.
  • Your opinions/answers.

To enable you to participate in competitions, contests and win prizes. To enable you to take part in a prize draw, sweepstakes, contests or competitions, including administering your participation in the same, and to notify winners and award prizes, or facilitate an event.

  • Name, address, and other contact details.
  • Details relevant to your participation in the activity.

For identification purposes. To use certain pieces of Personal Information to verify your identity which may be required in respect of providing certain information

  • Name, address, and other contact details.

Business governance. To administer and protect our business, the Site (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data).

  • Your transactions executed on the Site.

Web content and advertising. To deliver relevant website content and advertisements to you and to measure or understand the effectiveness of the advertising we serve to you.

  • Information relating to the browsing or use of the Site
  • Responses to marketing emails and advertisements.

For safety reasons. Provide for the safety and security of staff, guests, and other visitors.

  • Name, address, and other contact details.
  • Approved Identification.

For security and compliance. To prevent, detect, and investigate misrepresentations or fraud, cyber incidents, or other illegal activity.

  • Name, address, and other contact details.

.

For business analytics. To use data analytics to improve the Site, our products or services, our marketing activities, guest relationships and experiences.

  • Your contact details and transactions

The legal bases for our processing activities include processing: (i) pursuant to your consent; (ii) as necessary to comply with our contractual obligations to you; (iii) as necessary to comply with our legal obligations; (iv) as necessary in order to protect your safety or other vital interest, or the safety or other vital interest of other persons; and (v) as necessary for the purposes of our legitimate business interests, or the legitimate business interests of a third party.


MARKETING COMMUNICATIONS AND YOUR COMMUNICATION PREFERENCES.

We may send you marketing communications relating to, or in connection with DAER products and services, including, but not limited to, about promotions, offers, contests, products or services (those that we offer now or plan to offer), and generally, anything that we believe may be of interest to you relating to, or in connection with, DAER services.

Communication Preferences.

In order to receive such marketing communication you must select the link ”I wish to subscribe to the mailing list” located at the bottom of the Site’s homepage.

You may unsubscribe from the mailing list any time either (i) by clicking on the link ”I wish to unsubscribe from the mailing list” located at the bottom of the Site; or (ii) when you receive any marketing communication, by clicking on the ”unsubscribe” box located in the body of the email received by us. You can also contact us via email or by calling our toll-free number as indicated in the section below ”Our contact details” in order to communicate your preferences about marketing communications.

If you have given us your consent to provide your Personal Information to third parties for marketing purposes, you may withdraw your consent at any time by communicating us your choice via email or by calling our toll-free number as indicated in the section below ”Our contact details”.

Promotional Offers.

We may use your Personal Information to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services or offers may be relevant for you, and based on that, we may send you promotional offers (we call this marketing).

You may receive certain marketing communications from us if you have requested information from us, or purchased goods or services from us, and you have not opted out of receiving marketing communications or if you have expressly agreed to receive marketing communications.

Third-Party Marketing.

In order to provide you with the highest level of products and services, we may share your Personal Information with carefully selected third parties, who may communicate directly with you. In some jurisdictions, data privacy laws may require us to obtain a separate consent before we do so. You can always choose whether to receive any or all of these communications by contacting us as described in this Privacy Policy. Alternatively, you can express your preference by clicking on the ”unsubscribe” link contained within any applicable marketing email sent to you.

WHO WE SHARE YOUR PERSONAL INFORMATION WITH AND WHY.

We may share your Personal Information with certain third parties and for specific purposes. The table below describes the recipients to whom we may disclose your Personal Information and for which purpose .

Recipients

Purpose for sharing Personal Information

DAER Locations

• For any of the purposes described in the Section headed ” Purpose of Processing and Types of Personal Information Processed ” in this Privacy Policy,

Service providers (e.g., providers of customer relationship management services, marketing services, customer financial services, including, but not limited to, rewards, payments, deposits, credit, and funding, cloud services and information technology services).

• To support the Site, offers, promotions, and event management.

• To support data analysis, Site development, and digital and physical marketing services.

• To support the storage of Site information, and the storage of users personal and transactional information.

Professional service providers (e.g., accountants and lawyers)

• Where necessary to provide their professional services in the support of our business functions, any reviews, advice, or to protect our interests.

We may disclose your Personal Information to third parties if necessary or appropriate: (a) to comply with Applicable Laws, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public and government authorities, including authorities outside your country of residence and to meet national security or law enforcement requirements; (d) to protect our operations, such as in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock; (e) to protect you or others; (e) to allow us to pursue available remedies to protect our interests; and (f) to prevent or limit any damages that we may otherwise sustain.

We may also share your Personal Information with third parties to whom we may choose to sell, transfer or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your Personal Information in the same way as set out in this Privacy Policy.

We may sell your Personal Information to third parties with whom we may partner in order: (a) to provide you with a better guest experience; or (b) for you to receive offers from those third parties that we believe may be of value to you. As of the effective date of this Privacy Policy, we have not sold any of your Personal Information.

HOW LONG DO WE KEEP YOUR PERSONAL INFORMATION FOR?

We will only retain your Personal Information for as long as reasonably necessary for the purposes for which we collected the Personal Information, including for the purposes of satisfying any legal, regulatory, tax, accounting, or reporting requirements. We may retain your Personal Information for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

To determine the appropriate retention period for Personal Information, we consider the amount, nature and sensitivity of the Personal Information, the potential risk of harm from unauthorized use or disclosure of your Personal Information, the purposes for which we Process your Personal Information and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting, or other requirements. Notwithstanding, as a general policy, we do not retain Personal Information for longer than seven (7) years.

In some circumstances we will anonymise your Personal Information (so that it can no longer be associated with you) for historical research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

When we no longer need to Process or retain your Personal Information, records, both physical and electronic, will be destroyed.

INTERNATIONAL TRANSFERS OF YOUR PERSONAL INFORMATION.

As a global organization, we may internationally transfer your Personal Information that we collect to service providers and third-party partners.

We may store and/or Process your Personal Information in the United States, or in Canada, or in other jurisdictions.

Some of the jurisdictions to which Personal Information is transferred may not provide the same level of privacy protection as your local jurisdiction. However, whenever we transfer your Personal Information outside of the European Economic Area (the ”EEA”) or the United Kingdom, we implement adequate safeguards in accordance with Applicable Laws in order to ensure a similar degree of protection as the country of origin.

The recipient country may have been deemed to provide an adequate level of protection for personal data and have obtained an adequacy decision from the European Commission or the UK Government as may be the case (for further details, see Adequacy Decisions ). Absent an Adequacy Decision, we will operate the international transfer in compliance with the mechanisms approved by the European Commission and the UK Government.

For transfers from the EEA, we implement the standard contractual clauses as approved by the European Commission, and for transfers from the UK, we implement the international data transfer agreement as approved by the UK Government.

In some occasional circumstances, we may rely on a derogation to the data protection laws that apply to transfers of Personal Information outside of the EEA or the UK. For example, it such transfers are based on your consent or necessary for the performance of a contract between us.

Please contact us if you want further information on the specific mechanism used by us when transferring your Personal Information outside of the EEA or outside of the UK.

YOUR RIGHTS.

Overview.

Under applicable data protection laws, you have a number of rights in relation to the Personal Information that we hold about you. These rights might not apply in every circumstance. You can exercise your rights by filling out and submit the Privacy form or contacting us at any time using the details set out in this Privacy Policy (see the section headed, ” Our Contact Details”).

The table in this section sets out the rights that you have over your Personal Information. Please note that although we take your rights seriously, there may be some circumstances where we cannot comply with your request. For example, if complying with your request would put us in a position of non-compliance with our own legal or regulatory requirements. In these instances, we will let you know why we cannot satisfy your request.

YOUR RIGHTS

DESCRIPTION

Right of Access

This is commonly known as a ”data subject access request”. It entitles you to inquire whether we are processing your Personal Information, what type of Personal Information, how we process it, and also to receive a copy of the Personal Information we hold about you.

Right to Rectification

This right entitles you to request us to correct any incomplete or inaccurate Personal Information we may hold about you.

We always take care to ensure that the information we hold about you is accurate and where necessary, up to date.

Right to Erasure or Right to be Forgotten

This right entitles you, in certain circumstances, to ask us to delete or remove your Personal Information. These circumstances include, for example:

• where we no longer need your Personal Information for the original purpose we collected it for;

• where you have exercised your right to withdraw consent;

• where you have successfully exercised your Right to Object to processing; or

• where we may have processed your information unlawfully or where we are required to erase your Personal Information to comply with local law.

Note, however, that we may not always be able to comply with your request of erasure. While we will assess every request, there are other factors that we will need to take into consideration. For example, we may be unable to erase your information if retention of your Personal Information is reasonably necessary to:

  • meet our legal obligations;
  • resolve disputes;
  • maintain security;
  • prevent fraud and abuse

Right to Restriction

This right entitles you to ask us to suspend the processing of your Personal Information in certain scenarios including the following:

• if you want us to establish the accuracy of your Personal Information;

• where our use of your Personal Information is unlawful, but you do not want us to erase it;

• where you need us to hold the Personal Information even if we no longer require it as you need it to establish, exercise or defend legal claims; or

• where you have objected to our use of your Personal Information, but we need to verify whether we have overriding legitimate grounds to use it.

Right to Data Portability

This right entitles you to request the transfer of your Personal Information to you or to a third party in certain circumstances.

We will provide to you, or a third party you have chosen, your Personal Information in a structured, commonly used, machine-readable format. Note that this right only applies to processing carried out by automated means which you initially provided consent for us to use, or where we used the information to perform a contract with you.

Right to Object

This right entitles you to object to our processing of your Personal Information in certain circumstances.

In some cases, we may refuse your request to object to our processing of your Personal Information, for instance, when we have compelling legitimate grounds to process your Personal Information which outweighs any prejudice to your rights and freedoms.

With respect to direct marketing, you have certain controls over the extent to which we market to you, and you have the right to request that we stop sending you certain marketing messages at any time. For information about how to let us know you do not want to receive certain marketing messages, see the section entitled, ” Marketing Communications And Your Communication Preferences ”.

Right not to be subject to a decision based solely on Automated Decision-Making, including Profiling

We may use your Personal Information and share it with advertisers and advertising networks, analytics and search engine providers, social networking companies (i.e., Facebook), and rewards companies for the purpose of ”profiling”, which includes evaluating your personal aspects to analyze or predict aspects concerning your economic situation, health, personal preferences, interests, reliability, behaviour, location, or movements and segmenting you into a group with other Members or other persons who have similar personal characteristics. We may use this profiling to make automated decisions, meaning without human interference, to improve the efficiency of our marketing and to offer certain benefits to you or other persons based on this profiling. You have the right to opt-out at any time of our sharing of your Personal Information in this way.

In addition, we may also use your Personal Information to generate a ”lookalike audience” or similar audience of prospective customers through the platforms of advertisers and advertising networks, analytics and search engine providers, social networking companies (e.g., Facebook) and rewards companies. This allows us to target advertisements to potential customers who appear to have shared interests or similar demographics to you (based on the platform’s own data). By way of example, we do this by uploading a data list to Facebook that is encrypted and anonymized (i.e., you cannot be individually identified on the data list). Facebook then matches the encrypted and anonymized data list against Facebook’s own customer base to generate the lookalike audience. Facebook then deletes the data list we provided to them, and uses it for no other purpose. We do not have access to the identity of anybody in the lookalike audience generated from Facebook’s own customer base, unless they choose to click on the ads for our products and services.

You can exercise your rights described in this Privacy Policy by contacting us using the contact details set out in the section entitled, ” Our Contact Details”. As a security measure, we may need to verify your identity when we receive your request, and we may need you to provide valid proof of identification. In addition, we may also contact you to ask for more information about your request to help us with our response.

No Fee Usually Required.

You will not have to pay a fee to access your Personal Information (or to exercise any of your rights described in this section). However, we may charge a reasonable fee if we, in our sole discretion, consider your request is unfounded, repetitive, or excessive. Alternatively, we may refuse to comply with your request.

Response Time.

We try to respond to all legitimate requests based on your rights described in this Privacy Policy within one (1) month. Occasionally it could take us longer than one (1) month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

THIRD-PARTY LINKS.

The Site may contain links to third-party websites, plug-ins, and applications (”Third-Party Platforms”) whose privacy policies may differ from ours.

Clicking on those links may allow third parties to collect or share Personal Information about you. If you leave the Site, we encourage you to carefully read and understand the privacy policies issued by these Third-Party Platforms.

Please note that we do not control these Third-Party Platforms and are not responsible for their privacy policies, statements, and practices (even if you access such platforms using links from the Site). We do not accept any responsibility or liability in respect of these Third-Party Platforms.

HOW WE KEEP YOUR PERSONAL INFORMATION SECURE.

We use industry standard security safeguards to help protect Personal Information from unauthorized access, alteration, or disclosure. In addition, we limit access to your Personal Information to those employees, agents, contractors, service providers, and other third parties who have a business need to know. They will only Process your Personal Information on our instructions, and they are subject to a duty of confidentiality. Despite these efforts, please understand that as no system is perfect, we cannot guarantee that unauthorized access or theft of data will not occur, so you should exercise caution when transferring personal and other sensitive information over the Internet.

Please advise us immediately at dataprotection@shrss.com of any incident involving the loss of or unauthorized access to or disclosure of Personal Information that is in our custody or control. We maintain Incident Response and Business Continuity Plans to address data incident situations.

PROTECTING CHILDREN.

We are mindful of the privacy of children as they may be less aware of the risks, consequences and safeguards concerned, and their rights in relation to the processing of Personal Information. For these reasons, promotions, and activities by us addressed to children always receive specific attention and protection. We always rely on consent as a lawful basis for processing of Personal Information relating to children, and we always get consent from whoever holds custodial responsibility for the child.

UPDATES TO THIS PRIVACY POLICY.

We reserve the right to update, change, revise, modify, amend, supplement, or replace this Privacy Policy (collectively, the ”Changes ”) at any time in our sole discretion by providing notice of the Changes by posting the revised Privacy Policy (incorporating the Changes) to the Site. If you continue to access or use the Site, after the revised Privacy Policy, incorporating the Changes, has been posted, you will be deemed to have accepted such Changes and the revised Privacy Policy shall become binding upon you as of the date that the revised Privacy Policy became effective. We therefore encourage you to review our Privacy Policy periodically for the most up-to-date information.

U.S. STATE-SPECIFIC PRIVACY LAWS.

If you reside in California, Nevada or Virginia, then, in addition to the rights you have under this Privacy Policy, you are entitled to the additional disclosures and rights set out in the U.S State-Specific Privacy Laws depending on the particular state in which you reside. Please click this link the U.S. State-Specific Privacy Laws Appendix to see the additional disclosures and rights that apply to you. If you reside in a state other than California, Nevada or Virginia, please check the above link regularly for any updates that may apply to you or your place of residence.

OUR CONTACT DETAILS.

Global Data Protection & Risk Office. Our Global Data Protection & Risk Office is responsible for overseeing this Privacy Policy. If you have any questions about this Privacy Policy, or you wish to exercise any of your rights set out in the section entitled ”Your Rights” of this Privacy Policy, please: (1) contact our Global Data Protection & Risk Office by using the contact details below, or
(2) complete and submit the online form which can be accessed at the link below.

To:

Global Data Protection & Risk Office

Seminole Hard Rock Support Services, LLC

Postal address:

5701 Stirling Road,

Davie, Florida 33314

United States of America

Email address:

dataprotection@shrss.com

Telephone number:

+1-833-970-1536 (U.S. toll-free); or

+1-954-498-9834

Website:

hardrocknightlife.com

PRIVACY ONLINE FORM LINK:

You can exercise any of your rights by submitting the online Privacy Form Exercising My Rights

Please include your first name, last name, address, phone number, email address, and any relevant account or reference number in all communications and state clearly the nature of your request or concern. If you wish to exercise your privacy rights mentioned in the section entitled ” Your Rights” of this Privacy Policy, please mention the name of the right you would like to exercise in the subject of your request. As a security measure, we may need to verify your identity when we receive your request, and we may need you to provide valid proof of identification. If we decline to take action regarding your request, we shall inform you of the justification for declining to take action and shall provide you with instructions on how to appeal our decision (you can appeal our decision by following those instructions).

Independent Mediation Contact. We have engaged a private sector organization called the International Centre for Dispute Resolution (located in the United States) that provides an independent recourse mechanism to investigate and expeditiously resolve individual complaints and disputes. To file a complaint or dispute with the International Centre for Dispute Resolution, please visit the International Centre for Dispute Resolution website for information on completing a Notice of Arbitration Form (which should be submitted in accordance with the instructions that appear on that form).

In all cases, we will do our best to answer any question and resolve any complaint to your satisfaction.