1. SevenRooms Service Overview.
Each of the restaurants and other locations available through the Service (a “Venue”) has adopted SevenRooms' proprietary reservation and inventory management system (the “Platform"). The Platform interacts with the Venue to find available reservations, to secure, change or cancel online reservations, and to confirm that reservations were honored. Where reservations are placed directly with a Venue that uses the Platform, or through other third party reservation services that the Venue may use, information about patrons of a Venue (each, a “Guest”) is recorded in (or transferred to) the Platform to assist the Venue in managing the reservation and provide services to such Guest. While an individual Venue’s reservation inventory is accessible to the Platform to perform these functions, other information that may be stored by a Venue (for example, credit card numbers) is not accessible to the Platform. Where a Guest may pay or enter payment information via the Platform (either to hold a reservation, or for services received at a Venue), payment is processed by a third party payment processor such as Stripe and information about that payment is subject to such processor’s policies. Note that in no case does SevenRooms store credit card or payment information on the System; all such information is held by our third party payment processor(s) or the Venue itself.
2. Types of Data We Collect.
“Personal Data” means data that allows someone to identify or contact you, including, for example, your name, address, telephone number, e-mail address, as well as any other non-public information about you that is associated with or linked to any of the foregoing data or that may independently, or in connection with other information, be used to identify you. “Anonymous Data” means data that is not associated with or linked to your Personal Data; Anonymous Data does not, by itself, permit the identification of individual persons. We collect Personal Data and Anonymous Data, as described below.
A Note on Users. SevenRooms’ customers are the Venues (or agents that Venues have contracted to handle their reservations), and only Venue employees or agents have Accounts (as defined below) with SevenRooms. Guests do not have Accounts on the Platform. Except where provisions are specific to Registered Users, Accounts, or Guests, all the terms of this Policy apply equally to both Guest and Registered User information.
Information You Provide to Us.
- We may collect Personal Data from you, such as your first and last name, gender, e-mail and mailing addresses, and password when you create an account to use the Services (“Account”). Only representatives of a Venue may create an Account (each such individual, a “Registered User”).
- If you access the Services on your mobile device, we may collect your phone number and the unique device id number (Registered Users only).
- When connecting to our Services via a service provider that uniquely identifies your mobile device, we may receive this identification and use it to offer extended services and/or functionality (Registered Users only).
- If you provide us feedback or contact us via e-mail, we will collect your name and e-mail address, as well as any other content included in the e-mail, in order to send you a reply.
- If you participate in a survey conducted via the Services, we may collect additional profile information.
- We may also collect Personal Data at other points in our Site or Services that state that Personal Data is being collected.
Information Collected from Third Parties.
- When a Venue takes a reservation directly from a Guest, or receives such information from a third party service or platform (i.e., Google, Yelp), Personal Data about the Guest is recorded in the Platform. In addition, Guest notes (such as dining preferences) may be recorded in the Platform by Venue staff.
- When a Guest makes a financial transaction with a Venue via the Platform, we will collect all information necessary to complete the transaction, including credit card information. We do not store payment information directly on our servers, but this information may be shared with Venues and third parties as set forth herein.
- Purchase histories of Guests may be linked to the Platform by the Venue point of sale systems.
Information Collected via Technology.
Information Collected by Our Servers. To make our Site and Services more useful to you, our servers (which may be hosted by a third party service provider) collect information from you, including your browser type, operating system, Internet Protocol (“IP”) address (a number that is automatically assigned to your computer when you use the Internet, which may vary from session to session), domain name, and/or a date/time stamp for your visit.
You can erase or block Cookies from your computer if you wish to do so (your internet browser help screen or manual will thoroughly explain this process), but certain parts of the Services, as well as parts of the Site, may not work correctly or will not work at all if your browser is set not to accept Cookies.
The Site may contain electronic images (called a "single-pixel GIF" or "web beacon") that are used to count users who have visited that page, or to access certain cookies.
How We Respond to Do Not Track Signals. We do not currently respond to “do not track” signals or other mechanisms that might enable Users to opt out of tracking on our Site.
Mobile Services. (Registered Users only). We may also collect non-personal information from your mobile device if you have downloaded our mobile application (the “Application”). This information is generally used to help us deliver the most relevant information to you. Examples of information that may be collected and used include your geographic location, how you use the Application, and information about the type of device you use. In addition, in the event our Application crashes on your mobile device, we will receive information about your mobile device model software version and device carrier, which allows us to identify and fix bugs and otherwise improve the performance of our Application. This information is sent to us as aggregated information and is not traceable to any individual and cannot be used to identify an individual.
3. Use of Your Data.
3.1 By SevenRooms.
Personal Data. In general, Personal Data you submit to us is used either to deliver the Services or respond to requests that you make. We use your Personal Data in the following ways:
- facilitate the creation of and secure your Account (Registered Users only);
- identify you as a user of the Services;
- provide improved administration of our Site and Services;
- provide the Services you request, including by communication this information to the applicable Venue;
- improve the quality of experience when you interact with our Site and Services;
- send Guests email and SMS text confirmations and other communications, like reminders, for each of your reservations. Venues may also use the Platform to send such messages directly to Guests;
- send you administrative e-mail notifications, such as security or support and maintenance advisories (Registered Users only);
- respond to your inquiries related to employment opportunities or other requests;
- send newsletters, surveys, offers, and other promotional materials related to our Services and for other marketing purposes of SevenRooms. (Registered Users only).
Anonymous Data. We may create Anonymous Data records from Personal Data of both Guests and Registered Users by excluding information (such as your name) that makes the data personally identifiable to you. We use this Anonymous Data to analyze request and usage patterns so that we may enhance the content of our Services and improve Site navigation. We reserve the right to use Anonymous Data and aggregated and other de-identified information for any purpose and disclose Anonymous Data to third parties in our sole discretion.
3.2 By Venues.
When you make a reservation using the Services, your name is provided to the applicable Venue, just as would occur if you were making a reservation over the phone. Your email address and phone number is also provided to the Venue in case the Venue needs to contact you regarding your reservation. You may also provide special preferences or comments regarding your reservation, which the Services will pass on to that Venue. And if you are interested in receiving promotional or other communications from the Venue you may “opt-in” to receive such communications from the Venue, either via the Platform or directly, as applicable, and subject to such Venue’s marketing policies, as set forth below.
SevenRooms will only share the information specified above with the Venue at which a Guest has made reservations using the Service. Venues cannot use the Services to access information pertaining to Guests, reservations or related information from other Venues, except that Venues with the same corporate ownership may elect to share such information.
Venues primarily use reservation information provided through the Services to secure and manage reservations. Additionally, as noted above, if you have given permission to a Venue to communicate with you, the Venue may do so, subject to the Venue’s policies and procedures, including those relating to the storage and management of Personal Data.
Venues want to provide you with the best possible service so that you will visit them again. As noted above, Venues may use the Platform to record purchases via integration with POS systems and to take note of your special requests, allergies, special occasions or other pertinent information that will help the Venue serve you better during your next visit. If a Venue chooses to note your preferences, that information may be typed into the Platform manually, just as a Venue might write a note on an index card. This data belongs to the Venue, since it is a product of that Venue’s relationship with you. As mentioned in Section 3.1 above, we may aggregate such preference information and Guest notes into Anonymous Data. SevenRooms also creates backup copies of all information stored on the Platform for each Venue, to assist in the restoration process in the event of data loss.
Each Venue is a separate business from SevenRooms. While SevenRooms encourages Venues to comply with data protection requirements, SevenRooms will not be responsible for a Venue’s failure to comply with laws applicable to the use of Personal Data. Any complaints or inquiries regarding use of your information by a Venue, or marketing communications from a Venue, should be addressed directly to the Venue in question.
In no event will SevenRooms be responsible for information, management, and use of data collected by Venues from their own websites and not stored on the Services.
3.3 Third Parties. We disclose your Personal Data as described below and as described elsewhere in this Policy.
Service Providers. We may share your Personal Data with third party service providers to: provide you with the Services; to conduct quality assurance testing; to facilitate creation of Accounts; to provide technical support; and/or to provide other services to the SevenRooms. We use third party payment processors, such as Stripe, to process payments made through the Platform to Venues. In connection with the processing of such payments, we do not retain any personally identifiable information or any financial information such as credit card numbers. Rather, all such information is provided directly to these third party payment processors, whose use of your personal information is governed by their privacy policies.
4. Communications and Disclosures.
From SevenRooms. SevenRooms sends automated service messages to Guests via email and / or text pertaining to upcoming or recent Venue reservations or other core functions of the Services, such as confirmations, reminders, and/or invitations to provide customer feedback (“Service Communications”). In addition, Guests and Registered Users may also opt in to receive promotional notices, special offers, and other related information from SevenRooms (“Marketing Communications”). You may always unsubscribe from Marketing Communications. However, so long as you use the Service, we may send essential Service Communications to the contact information associated with your Account.
From Venues. Venues may independently use the Platform to send Guests Service Communications and, if opted in by a Guest, Marketing Communications. Communications sent directly from a Venue via the Platform are subject to this Policy, but communications sent by a Venue outside of the Platform are subject to the the Venue’s policies and practices.
Third Parties. SevenRooms will never sell, rent, loan or otherwise distribute any of your personal information (including but not limited to your name, email address, phone number or any other identifiable information about you) to any third party except as set forth in this Policy without your prior, express written consent.
Legally Mandated Disclosure. Notwithstanding anything to the contrary in this Policy, SevenRooms may be required to disclose Personal Information in response to inquiries by formal law enforcement, or in cases permitted by the United States’ CAN-SPAM Act of 2003 (CAN-SPAM), the European General Data Protection Regulation and its implementing laws, Japan's Personal Information Protection Act, or other laws governing the use and disclosure of Personal Information.
Registered Users can view and manage their Account information, including any associated Personal Data, by clicking on the "Account" link at the top of the login page. Guests and Registered Users may at any time contact SevenRooms at firstname.lastname@example.org or as set forth in Section 10 to request that all Personal Data be deactivated.
6. How SevenRooms Protects Data
SevenRooms uses a state-of-the-art, multi-layer encryption algorithm and makes its best efforts to ensure that all of your Personal Data and Account information is secure. SevenRooms stores all Personal Data on secure servers. SevenRooms continually monitors and implements changes and improvements that become available in the electronic data security industry to maintain the security of Personal Data in our possession.
7. A Note About Children.
We do not intentionally gather Personal Data from visitors who are under the age of 13. If we learn that a child under the age of 13 has submitted Personal Data to SevenRooms, we will attempt to delete such data as soon as possible. If you believe that we might have any Personal Data from a child under 13, please contact us at email@example.com or as set forth in Section 10.
8. Changes to this Policy.
Any changes to this Policy will always be posted to this page of the Site, along with the effective date of the updated Policy. You should check this page periodically to stay abreast of any such changes. SevenRooms will never make changes to the Policy that violate any applicable privacy laws. For any material changes to the Policy, we will notify you via email or by placing a prominent notice on the homepage of our Site.
9. Disclosure, Correction, Control of Personal Data.
If you wish to have SevenRooms disclose what Personal Data of yours it holds, and / or how SevenRooms obtained such information, or if you desire the correction, suspension of use, or to be informed of the purpose of use of Personal Data by SevenRooms, please contact SevenRooms as set forth below. SevenRooms will process such request in compliance with all applicable privacy laws, but may first confirm that such request has been made by you personally.
10. Privacy Shield
SevenRooms processes the personal information it receives according to Privacy Shield Framework best practices and subsequently transfers any and all liabilities to third parties acting as an agent or on its behalf. SevenRooms complies with the Privacy Shield Principles for all onward transfers of personal data from the EEA region, including the onward transfer liability provisions.
In compliance with the Privacy Shield Principles, SevenRooms commits to resolve complaints about our collection or use of your personal information. EU or Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact SevenRooms at firstname.lastname@example.org. You may have the option to select binding arbitration under the Privacy Shield Panel for the resolution of complaints under certain circumstances. For further information, please see the Privacy Shield website.
SevenRooms commits to cooperate with EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) and comply with the advice given by such authorities with regard to data transferred from the EU and Switzerland.
SevenRooms has further committed to refer unresolved Privacy Shield complaints to UK ICO, a Data Protection Authority in the United Kingdom. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact or visit https://ico.org.uk/make-a-complaint/eu-us-privacy-shield/ for more information or to file a complaint. The services of UK ICO are provided at no cost to you.
As a result of its commitment to Privacy Shield, SevenRooms is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC) and/or the Department of Transportation.
11. Contacting SevenRooms. If you have any questions or concerns or complaints about our Policy or our data collection or processing practices, or if you want to report any security violations to us, please contact us at the following address or phone number:
127 W 24th Street, 5th Floor
New York, NY 10011