The Information We Collect
1. Personal Information
When you log in to use the Services through one of your Social Networking Accounts, such account will automatically provide us with, or authorize us to access, some personal information about you (collectively, the “Personal Information”). Such Personal Information may include your first and last name, username, profile pictures, unique identifiers and access tokens, e-mail address, and phone numbers. We do not collect any Personal Information from you when you use the Services or the Website unless you provide us with the Personal Information voluntarily or authorize us to access it.
2. Geolocational Information
Certain features and functionalities of the Services are based on your location. In order to provide these features and functionalities after you sign in to the Services at a Venue, we may automatically collect geolocational information from your Device or wireless carrier and/or certain third-party service providers. Such information is collectively called the “Geolocational Information.” Collection of such Geolocational Information occurs only when the Services are running on your Device.
3. Other Information
In addition to the Personal Information and the Geolocational Information, we may collect additional information (collectively, the “Other Information”). Such Other Information may include:
- From You. Additional information about yourself that you voluntarily provide to us, such as hobbies, personal interests, household income range, number of children, gender, product and service preferences, and other information that does not identify you personally.
- From Your Activity. Information that we automatically collect when you use the Services or the Website, including, without limitation:
- When you visit the Website, we may collect your IP address, browser type and language, referring and exit pages and URLs, date and time, amount of time spent on particular pages, sections of the Website visited, etc.
- When you use the Services, we may manage networks that collect your browsing activity occurring via the Services (collectively, the “Browsing Data”). In those circumstances we may have access to Browsing Data but we do not collect, share, or store Browsing data and we will use our good-faith, reasonable efforts to contractually prohibit the Venues from doing the same.
- When you use the Services, we may collect the Venue in which you have authenticated, offers from us and our promotional partners that you have accepted or rejected, and similar information.
- When you use the Services, we may collect information regarding the total data transferred or consumed, time logged in, and similar information.
- About Your Device. We may collect information about your Device, including universally unique ID (“UUID”), MAC address, operating system and version (e.g., iOS, Android or Windows), carrier and country location, hardware and processor information (storage, chip speed, camera resolution, NFC enabled, and network type (Wi-Fi, 3G, 4G, 5G).
- From Cookies. Information that we collect using “cookie” technology. Cookies are small packets of data that a website stores on your computer’s or Mobile Device’s hard drive so that your computer will “remember” information about your visit. We may use both session cookies (which expire once you close your web browser) and persistent cookies (which stay on your computer until you delete them) to help us collect Other Information and to enhance your experience using the Website and/or the Services. If you do not want us to place a cookie on your hard drive, you may be able to turn that feature off on your computer or Mobile Device. Please consult your Internet browser’s documentation for information on how to do this and how to delete persistent cookies. However, if you decide not to accept cookies from us, the Website or the Services may not function properly.
The Information Collected by or Through Third-Party Advertising Companies
How We Use and Share the Information
We use the Personal Information, the Geolocational Information, and the Other Information to provide and improve the Website and the Services; solicit your feedback; inform you about our products and services and those of our third-party marketing partners (without using Browsing Data, as described above); and administer our rewards, contests, sweepstakes, competitions, and promotional programs. Also, we may share Personal Information, Geolocational Information, and/or Other Information as described below.
- In order to provide the Services, we may share your Personal Information, Geolocational Information, and Other Information with the applicable Venue. We do not, and will not, knowingly provide Browsing Data to the Venue or any such Venue’s internet service provider if we have access to it, although Venues and such Venue’s internet service provider may independently gain access to such Browsing Data. As mentioned above, we will use our good-faith, reasonable efforts to contractually prohibit the Venues from accessing, using, or sharing your Browsing Data, but in no instances shall we be responsible for any Venue’s or any Venue’s internet service provider’s use of Browsing Data.
- In order to administer our rewards, contests, sweepstakes, competitions, and promotional programs, we may share your Personal Information, Geolocational Information, and Other Information (excluding the Browsing Data as described above) with our third-party promotional and marketing partners, including, without limitation, businesses participating in our various programs.
- We may from time to time share Personal Information, Geolocational Information, and/or Other Information (excluding the Browsing Data as described above) with other companies who may provide you information about the products and services they offer. However, to the extent required by law, you will be given the opportunity to opt-out of such sharing.
- In an ongoing effort to better understand our users and our Website and Services, we might analyze the Other Information and the Geolocational Information in aggregate form in order to operate, maintain, manage, and improve the Services and/or the Website. This aggregate information does not identify you personally. We may share this aggregate data with our affiliates, agents, Venues and business partners. We may also disclose aggregated user statistics in order to describe our products, the Website, and Services to current and prospective business partners and to other third parties for other lawful purposes.
- We may employ other companies and individuals to perform functions on our behalf. Examples may include providing network services, information technology support and customer service. These other companies will have access to the Personal Information, the Geolocational Information, and the Other Information only as necessary to perform their functions and to the extent permitted by law.
- With your permission, third-party applications or services may access your Personal Information. We use standard OAuth (open authorization) to enable you to give permission to share your Personal Information with other websites and services, such as Facebook and Twitter (e.g., when you agree to a pop-up requesting you to allow another application to access your account information). We also use OAuth to allow us to share information about you that is stored by us without sharing your security credentials.
- We may share some or all of your Personal Information, Geolocational Information, and Other Information with any of our parent companies, subsidiaries, joint ventures, or other companies under common control with us.
- As we develop our businesses, we might sell or buy businesses or assets. In the event of a corporate sale, merger, reorganization, sale of assets, dissolution, or similar event, the Personal Information, Geolocational Information, and Other Information may be part of the transferred assets.
- To the extent permitted by law, we may also disclose Personal Information, Geolocational Information, and Other Information when required by law, court order, or other government or law enforcement authority or regulatory agency, or whenever we believe that disclosing such information is necessary or advisable, for example, to protect the rights, property, or safety of CorePlus or others.
How We Protect Your Information
We take commercially reasonable steps to protect the Personal Information, the Geolocational Information, and the Other Information from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. Please understand, however, that no security system is impenetrable. We cannot guarantee the security of our databases or the databases of the third parties with which we may share such information, nor can we guarantee that the information you supply will not be intercepted while being transmitted over the Internet. In particular, e-mail sent to us may not be secure, and you should therefore take special care in deciding what information you send to us via e-mail.
Important Notice to Non-U.S. Residents
The Website and the Services are operated in the United States. If you are located outside of the United States, please be aware that any information you provide to us will be transferred to the United States, other than information collected in the EU. EU residents, please see EU GDPR compliance below. By using the Website or the Services and/or providing us with any information, you consent to this transfer.
Under California Civil Code Section 1798.83, California residents who have an established business relationship with CorePlus may choose to opt out of our sharing your Personal Information with third parties for direct marketing purposes. If you are a California resident and (1) you wish to opt out; or (2) you wish to request certain information regarding our disclosure of your Personal Information to third parties for the direct marketing purposes, please send write to us at:
500 N. Akard Street, Suite 1500
Dallas, TX 75201
EU GDPR Compliance- For EU Citizens
What is GDPR?
The GDPR is the new European privacy law that replaces the EU Data Protection Directive. The law requires that business protect the privacy and personal data of EU citizens and transactions that occur within EU member states.
What is Personal Data?
Personal data is any data that relates to an identified or identifiable natural person. Examples of personal data include identifiers such as name, location data, and unique online identifiers
Who can we transfer your data to?
Your data can be transferred to only three subjects:
- authorized subjects – our employees and coworkers that are required to have access to the data in order to perform their duties,
- processing entities – other subjects we entrust with data processing,
- subjects allowed to process the data on the basis of applicable law, such as judicial bodies or investigative authorities.
Is your data being sent outside of Europe?
We do not send your personal data outside of the European Economic Area (“EEA”) / third countries when you use the Services. When you use the Website, personal data will be transferred out of the EEA.
What are your (End user) rights in relation to GDPR?
Every person to which the data pertains to has the right to control its processing by the person’s administrator, CorePlus, and in particular:
The right to access the data
The person whom the data pertains to has the right to receive a confirmation from us regarding whether its data is being processed, receive access to the data and receive information about the reasons for processing, personal data categories, receivers or categories of the receivers to whom the data has been or will be revealed, in particular to receivers in other countries or international organizations. The person also has the right to receive information regarding the planned duration of storing the data whenever possible, the criteria for setting the duration if not possible, the right to request modification, removal or limiting of the data’s processing and to object to its processing, and the right to be informed about the possibility of filing a complaint with the supervisory authority, and in case the personal data has not been acquired from the person who the data pertains to – to receive all available information regarding their source.
The right to modify data
The person whom the data pertains to has the right to request immediate modification of personal data that is incorrect or to fill out incomplete personal data.
The right to remove the data (“the right to be forgotten”)
The person whom the data pertains to has the right to request immediate removal of its personal data in any case where the data is no longer necessary for the purposes it was gathered for, as well as in cases where the person retracted consent to personal data processing, filed an objection to processing its data or the data is being processed illegally.
The right to limit processing
The person whom the data pertains to has the right to order us to limit data processing if the person questions the correctness of the data, the processing is performed illegally, the data is no longer necessary for processing purposes or the person has filed an objection to processing.
The right to transfer data
If data processing occurs on the basis of an agreement or a contract and is automated in nature, the person who the data pertains to has the right to order us to convey the data it provided in a machine-readable format to the person in question.
The right to file an objection
The person whom the data pertains to has the right to file an objection regarding the processing of its personal data at any moment, based on our legally justified affairs. In case of filing such an objection we will not be able to further process your personal data, unless we prove the existence of an important and legally justified basis for processing which would override your affairs, rights and liberties.
The right to withdraw consent
The person who the data pertains to can at any moment withdraw its consent. Withdrawal will not affect law compliance of the processing prior to the withdrawal.
In order to exercise the rights mentioned above you can send a written message to our company: CorePlus 500 N. Akard Street, Suite 1500, Dallas, TX 75201.