Privacy Policy
Last Revised: October 31, 2022
Rhue Aspen Lakes Resort, LLC and Aspen Lakes Resort (“Company,” “we” or “us”) is committed to protecting your privacy. We have prepared this Privacy Policy (the “Policy”) to describe to you our practices regarding the Personal Information (as defined below) we collect, why we collect it, and how we use and disclose it. This Policy should be read in conjunction with our Website Terms of Service and our Membership Terms of Service (collectively, the “Terms.”) into each of which this Policy is incorporated by reference.
Any reference to “you,” “your,” or “user” herein will mean any person visiting this Website (as defined below), using part or all of its services, or a (“Rhue NFT Holder” or a “Member”) which means anyone that has purchased a non-fungible token (a “Rhue NFT”) representing a membership (“Membership”) to the Aspen Lakes Resort (“Aspen Lakes”) and which provides a Rhue NFT Holder access to access to certain membership rights with respect to Aspen Lakes, and is using this Website.
Your privacy matters to us, so please do take the time to get to know and familiarize yourself with our policies and practices. Please understand that we reserve the right to change any of our policies and practices at any time, but you can always find the latest version of this Policy here on this page. Your continued use of our Platform after we make changes is deemed to be acceptance of those changes, so please check the Policy periodically for updates.
This Policy describes:
The types of information we collect from you or that you may provide when you visit our website at https://RhueResorts.com (the “Website”) or utilize any related tools, mobile applications, web applications, decentralized applications, smart contracts, or Application Programming Interfaces (“APIs”) located at any of Company’s websites, including without limitation the Website or any successor website(s) or application(s) thereto (collectively, the “Platform”).
Our practices for collecting, using, maintaining, protecting, and disclosing that information.
Please read this Policy carefully to understand our practices regarding your information and how we will treat it. If you do not agree with our policies and practices, then please do not use our Platform. By using our Platform, you agree to the terms of this Policy.
PERSONAL INFORMATION WE COLLECT
As used herein, “Personal Information” means information that identifies or is reasonably capable of identifying an individual, directly or indirectly, and information that is capable of being associated with an identified or reasonably identifiable individual.
Personal Information We Collect from You. We (or our Affiliates) may collect the following categories of Personal Information directly from you:
Identification Information, such as name, email, phone number, postal address, Wallet address, social media information, and any information that may be legally required, including information required for Know Your Customer (“KYC”) verification purposes such as your social security number;
Commercial Activity, such as public blockchain data; and
Correspondence, such as information you provide to us in correspondence, including account opening, customer support, messages, text boxes, other user content, or the like.
Payment information, such as credit or debit card numbers, bank account numbers, wire transfer information, and information connected to digital payment processing services such as Apple Pay or PayPal.
Company does not currently store or process credit or debit card information on our systems. Instead, all credit or debit card information is stored and processed by a trusted third-party PCI-DSS compliant processor.
Personal Information That May Be Collected Automatically. We (or our Affiliates) may collect the following categories of Personal Information automatically through your use of our services:
Online Identifiers, such as IP address, domain name;
Device Information, such as hardware, operating system, browser, device name, language preferences;
Usage Data, such as system activity, internal and external information related to Company pages that you visit, clickstream information; and
Geolocation Data, such as information about your device’s location.
Automatic collection of Personal Information may involve the use of Cookies, described in greater detail below. Company does not currently store Online Identifiers, Device Information, or Geolocation Data on our systems; however, please be aware that third-parties with which we might interact, such as vendors or payment processors, might store such information.
Personal Information We Collect from Third Parties. We may collect and/or verify the following categories of Personal Information about you from third parties:
Identification Information, such as name, email, phone number, postal address.
Transaction Information, such as public blockchain data (Bitcoin, Ether, and other digital assets are not truly anonymous. We, and any others who can match your public digital asset address to other Personal Information about you, may be able to identify you from a blockchain transaction because, in some circumstances, Personal Information published on a blockchain (such as your digital asset address and IP address) can be correlated with Personal Information that we and others may have. Furthermore, by using data analysis techniques on a given blockchain, it may be possible to identify other Personal Information about you); and
Additional Information, at our discretion to comply with legal obligations.
ACCURACY AND RETENTION OF PERSONAL INFORMATION
We take reasonable and practicable steps to ensure that your Personal Information held by us is (i) accurate with regard to the purposes for which it is to be used, and (ii) not kept longer than is necessary for the fulfillment of the purpose for which it is to be used. The Company stores data in global hosting provider with servers across regions and we shall take all reasonable steps to ensure that all Personal Data is destroyed or permanently deleted when no longer required for the Purpose and prepare a disposal schedule for inactive data after 24-month period.
PERSONAL INFORMATION OF MINORS
We do not knowingly collect data from or market to children under 18 years of age. We do not knowingly solicit data from or market to children under 18 years of age. By using the Platform, you represent that you are at least 18 or that you are the parent or guardian of such a minor and consent to such minor dependent’s use of the Platform. If we learn that personal information from users less than 18 years of age has been collected, we will deactivate the account, to the extent that is possible, and take reasonable measures to promptly delete such data from our records. If you become aware of any data we may have collected from children under age 18, please contact us at [email protected].
HOW WE USE YOUR PERSONAL INFORMATION
We collect Personal Information about you in an attempt to provide you with the best experience possible, protect you from risks related to improper use and fraud, and help us maintain and improve our Services. We may use your Personal Information to:
Provide you with our Services. We use your Personal Information to provide you with our Services pursuant to the terms of our Terms.
Comply with legal and regulatory requirements. We process your Personal Information as required by applicable laws and regulations.
Detect and prevent fraud. We process your Personal Information to detect and prevent fraud, which is especially important given the irreversible nature of cryptocurrency transactions.
Protect the security and integrity of our Services. We use your Personal Information, including information about your device and your activity on the Platform to maintain the security of your account and the Platform itself.
Provide you with customer support. We process your Personal Information when you contact our support team with questions or issues with your account.
Market our products. We may contact you with information about our Services. We will only do so with your permission, which can be revoked at any time.
Other business purposes. We may use your Personal Information for additional purposes if disclosed to you before we collect your Personal Information or if we obtain your consent.
HOW WE SHARE YOUR PERSONAL INFORMATION
We will never sell, share, rent, or trade your Personal Information with third parties for their commercial purposes. Further, we will not share your Personal Information with third-parties, except as described below:
Service Providers. We may share your Personal Information with third-party service providers for business or commercial purposes, including fraud detection and prevention, security threat detection, payment processing, customer support, data analytics, Information Technology, advertising and marketing, network infrastructure, storage, transaction monitoring. We share your Personal Information with these service providers only so that they can provide us with the services, and we prohibit our service providers from using or disclosing your Personal Information for any other purpose.
Law Enforcement. We may be compelled to share your Personal Information with law enforcement, government officials, and regulators.
Corporate Transactions. We may disclose Personal Information in the event of a proposed or consummated merger, acquisition, reorganization, asset sale, or similar corporate transaction, or in the event of a bankruptcy or dissolution.
Professional Advisors. We may share your Personal Information with our professional advisors, including legal, accounting, or other consulting services for purposes of audits or to comply with our legal obligations.
Consent. We may share your Personal Information with your consent.
If we decide to modify the purpose for which your Personal Information is collected and used, we will amend this Policy.
COOKIES
When you access the Platform, we may make use of the standard practice of placing tiny data files called cookies, flash cookies, pixel tags, or other tracking tools (herein, “Cookies”) on your computer or other devices used to visit the Platform. We use Cookies to help us recognize you as a customer, collect information about your use of the Platform to better customize our services and content for you, and collect information about your computer or other access devices to: (i) ensure that your account security has not been compromised by detecting irregular, suspicious, or potentially fraudulent account activities; (ii) assess and improve our services and advertising campaigns.
You also can learn more about cookies by visiting http://www.allaboutcookies.org, which includes additional useful information on cookies and how to block cookies on different types of browsers and mobile devices. Please note that if you reject cookies, you will not be able to use some or all of the Platform. If you do not consent to the placing of Cookies on your device, please do not visit, access, or use the Platform.
DIRECT MARKETING
Subject to applicable laws and regulations, we may from time to time send direct marketing materials promoting services, products, facilities, or activities to you using information collected from or about you. You may also opt-out of such communications by following the directions provided in any marketing communication. It is our policy to not provide your Personal Information for those third parties’ direct marketing purposes without your consent.
INFORMATION SECURITY
No security is foolproof, and the Internet is an insecure medium. We cannot guarantee absolute security, but we work hard to protect the Platform and you from unauthorized access to or unauthorized alteration, disclosure, or destruction of Personal Information we collect and store. Measures we take include encryption of website communications with SSL; optional two-factor authentication; periodic review of our Personal Information collection, storage, and processing practices; and restricted access to your Personal Information on a need-to-know basis for our employees, contractors and agents who are subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet these obligations.
INFORMATION FOR PERSONS SUBJECT TO EU DATA PROTECTION LAW
While users who are located in the European Union (“EU”), European Economic Area (“EEA”) or the Channel Islands, or other locations subject to EU data protection law (collectively, “Europe”) are users of our BVI entity, we recognize and, to the extent applicable to us, adhere to relevant EU data protection laws. For purposes of this section, “personal data” has the meaning provided in the General Data Protection Regulation (EU) 2016/679 (“GDPR”).
1. Lawful Bases for Processing: We process personal data subject to GDPR on one or more of the following legal bases:
Legal Obligation: to conduct anti-fraud and to fulfill our retention and other legal obligations;
Contractual Obligation: to satisfy our obligations to you under our Terms, including to provide you with our Services and customer support services, and to optimize and enhance the Platform;
Legitimate Interest: to monitor the usage of the Platform, conduct automated and manual security checks of our Services, to protect our rights; and
Consent: to market the Platform and our Services. You may withdraw your consent at any time without affecting the lawfulness of processing based on consent before consent is withdrawn.
2. European Privacy Rights. European residents have the following rights under GDPR, subject to certain exceptions provided under the law, with respect to their personal data:
Rights to Access and Rectification. You may submit a request that Company disclose the personal data that we process about you and correct any inaccurate personal data.
Right to Erasure. You may submit a request that Company delete the personal data that we have about you.
Right to Restriction of Processing. You have the right to restrict or object to our processing of your personal data under certain circumstances.
Right to Data Portability. You have the right to receive the personal data you have provided to us in an electronic format and to transmit that personal data to another data controller.
To submit a request. To exercise these rights, please contact us using the methods described at the end of this Policy. When handling requests to exercise European privacy rights, we check the identity of the requesting party to ensure that he or she is the person legally entitled to make such request. While we maintain a policy to respond to these requests free of charge, should your request be repetitive or unduly onerous, we reserve the right to charge you a reasonable fee for compliance with your request.
COLLECTION AND TRANSFER OF DATA OUTSIDE THE EEA
Company and/or Company Affiliates operate systems based in the United States. Company and/or Company Affiliates may operate with systems based outside of the United States. As a result, we may transfer personal data from Europe to third countries outside of the United States under the following conditions:
Contractual Obligation. Where transfers are necessary to satisfy our obligation to you under our Terms, including to provide you with our Services and customer support services, and to optimize and enhance the Platform; and
Consent: where you have consented to the transfer of your personal data to a third country.
Where transfers to a third country are based on your consent, you may withdraw your consent at any time. Please understand, however, that our services may not be available if we are unable to transfer personal data to third countries.
When we transfer personal data to third countries, we endeavor to ensure adequate safeguards are implemented, for example through the use of standard contractual clauses or Privacy Shield certification.
CALIFORNIA PRIVACY RIGHTS
Your Rights
If you are a California resident, you may take advantage of the following rights:
Right to Know: You may request, up to twice each year, that we disclose to you the categories and/or the specific pieces of personal information that we collect, use, disclose, and may sell. We will respond to your request within forty-five (45) days, unless we need more time, in which case we will let you know.
Right to Delete: Subject to certain exceptions, you may request that we delete personal information we have collected from you, but we may not be able to delete all personal information, such as if we need to complete a transaction for you, to detect and protect against fraudulent and illegal activity, to exercise our rights, or to comply with a legal obligation.
Shine the Light: You may request and obtain from us once a year, free of charge, information about our disclosure of personal information to affiliates or to third parties for their direct marketing purposes. Not all information sharing is covered by the “Shine the Light” requirements and only information on covered sharing will be included in our response.
Right to Opt Out: We may share personal information with certain third parties in ways that are defined as “sales” under California law. You may request to opt out of these “sales” of personal information at any time, including by using the “Do Not Sell My Personal Information” link at the bottom or https://RhueResorts.com or at the bottom of this page.
Right to Non-Discrimination: If you exercise any of the foregoing rights, Company will not discriminate against you, including by denying access to our products or services or restricting your access to products or services of a certain quality or price level.
To make a Right to Know, Right to Delete, Shine the Light, or Right to Opt Out request, please contact us by email at [email protected], or by mail at the address below in “Contact Us.” If you send a written request, you must put the statement “California Privacy Rights” in the subject field. We may be unable to fulfill your request if it is not labeled properly or does not have complete information. We may take steps to verify your identity before responding to your requests to know or delete your personal information by asking questions about your interactions with us.
You have the right to use an authorized agent to submit your requests. Authorized agents must submit proof of the consumer’s signed authorization to make a request. We may require you to verify your identity directly with us prior to fulfilling your authorized agent’s request.
California Consumer Privacy Act Disclosures
Pursuant to the California Consumer Privacy Act, and in addition to the disclosures elsewhere in this Privacy Policy, this section describes the types of personal information that we may have collected, disclosed for business purposes, or sold to third parties in the last 12 months.
Personal Information Collected: Biographical information or identifiers, characteristics of protected classifications under California or federal law (i.e., gender, age), commercial information, financial and payment card information, internet or other electronic network activity information, geolocation information, audio or visual information, and inferences drawn from the foregoing. To learn more about the information Company collects, please see “Personal Information We Collect,” above. The sources of the information are users of the Services, our affiliates, and our Contractors.
Disclosure of Personal Information: In the last 12 months, Company may have disclosed the following categories of personal information to its affiliates or to third-party vendors and service providers for business purposes: Biographical information or identifiers, characteristics of protected classifications under California or federal law (i.e., gender, age), commercial information, financial and payment card information, internet or other electronic network activity information, geolocation information, audio or visual information, and inferences drawn from the foregoing. To learn more, please see “How We Share Your Personal Information” above.
“Sale” of Personal Information: In the last 12 months, Company may have “sold” (as defined in the CCPA) the following categories of personal information: Biographical information or identifiers, commercial information, internet or other electronic network activity information, and inferences drawn from the foregoing. We do not have actual knowledge that we sell personal information of consumers under 21 years of age. To learn more, please see “How We Share Your Personal Information” above.
Explanation of “Sales” under CCPA: Company is not in the business of collecting and selling data, but, in some cases, we may share information with affiliates or third-party vendors and service providers in a transaction that constitutes a “sale” of personal information” under California law.
CONTACT US
If you have questions or concerns regarding this policy or our processing of your Personal Information, please feel free to email us at [email protected]; or write to us at:
Rhue Aspen Lakes Resort, LLC
Attn: Data Protection Officer
25 First Ave SW – STE A
Watertown, SD 57201