PRIVACY POLICY


HARD ROCK REWARDS PRIVACY POLICY

EFFECTIVE DATE: September 16, 2016

WE RESPECT THE PRIVACY OF EVERY INDIVIDUAL WHO VISITS THE WEBSITE

This Privacy Policy (“Policy”) explains how Hard Rock Cafe International (USA), Inc. ("Hard Rock", “we”, “us” or “our”) collects, uses, and discloses personally identifiable information ("Personal Information") and other information that we obtain from visitors or users (“users”, “you” or “your”) of the website at https://www.hardrock.com/rewards/ (the “Website”), the services available through that Website, and the Hard Rock Rewards Program mobile application (the “App”). Capitalized terms not specifically defined herein will have the same meaning as given them in the Hard Rock Rewards Program Terms and Conditions, which Terms and Conditions are incorporated by reference into this Policy.

You may choose to submit Personal Information (such as your name, address, e-mail address and telephone number) to us at several different points on our Website or through the App. We collect, use and disclose Personal Information for business purposes only unless otherwise set out herein. We will not share this information in ways different from what is disclosed in this Policy. If you have any questions about this Policy, the Website or the App, please contact us at customer_care@HardRock.com.

The Website and App are owned and operated by Hard Rock. This Policy applies only to the Website and the App. Hard Rock is the sole owner of the information collected on the Website and through the App.

LINKS

The Website and the App may contain links to other sites whose privacy policies may differ from those of Hard Rock which we recommend you carefully review and consider. We cannot be responsible for the privacy policies and practices of other websites even if you access them using links from our Website or App.

WHAT INFORMATION WE COLLECT

Personal Information gathered through the Website and the App is gathered in two ways: (1) indirectly, i.e., certain Website information about you, such as domain name, IP address, browser type and page views, the length of time you visit our Website, the referring URL, mobile device ID and type, and geolocation which is collected through our Website's technology to provide certain functionality to you, to remember you when you return, to customize our Website to your preferences and manage content, and compile statistics about Website usage; and (2) directly, when (a) you voluntarily submit Personal Information such as, first and last names, addresses, email address(es), phone numbers, birthdate, marital status, number of children and their ages, social network and ‘handle’ data, preference information, or survey answers/opinions, in connection with various marketing and promotional activities, surveys or contests conducted on the Website, through the Apps, or in association with the Rewards program; (b) in connection with registration for the Hard Rock Rewards Program (“Rewards Program”) via the Website, App, or at one of our locations, we may additionally collect a password and security question/answer. When we collect this type of information, we will notify you as to why we are asking for information and how this information will be used.

In the case of the Rewards Program, we also collect information regarding the transactions that you make to earn Points, when using your Rewards Program identification number or card, or when utilizing Program Benefits, such as Hotel Free Night Certificates and other Offers, including the type of items purchased, where and when they were purchased and the amount spent (collectively “Transaction Information”).

Geo Location: If you have provided permission through your mobile device to allow us to collect location information through the App, Hard Rock may obtain your physical location information from technologies like GPS, Wi-Fi, or cell tower proximity. The App may use the geo-location features of the App (GPS or network-based) and geo-location information that is collected through the App to provide you information regarding Hard Rock cafes and hotels, events and promotional offers in or near your area or current location. You are able to withdraw your permission for Hard Rock to acquire physical location information from your mobile device through your mobile device settings, although Hard Rock does not control this process. If you have questions about how to disable your mobile device's location services, we recommend you contact your mobile device service provider or the mobile device manufacturer.

HOW WE USE THE INFORMATION WE COLLECT

We use the Personal Information and Transaction Information that we gather about you for the following purposes:

· To provide our Offers, Program Benefits and other services to you, to communicate with you about your use of our Offers, Program Benefits and other goods and services, to respond to your inquiries, to fulfill your orders, and for other customer service purposes.

· To tailor the content and information that we may send or display to you, to tailor Offers and Program Benefits provided to you based on your preferences and Transaction Information, to offer location customization, and personalized help and instructions, and to otherwise personalize your experiences while using the Website or our Offers, Program Benefits and other goods and services.

· For marketing and promotional purposes. For example, from time to time we may use your information, such as your e-mail address, to send you news and newsletters, special offers, and promotions, or to otherwise contact you about products or information we think may interest you, provided you have opted-in to receiving such communications. We also may use the information that we learn about you to assist us in advertising our Offers, Program Benefits, and other goods and services on third party websites.

· To administer contests, sweepstakes and competitions that may be offered through the Website.

· To better understand how users access and use our Website, Offers, Program Benefits and other services, both on an aggregated and individualized basis, in order to improve our Website, Offers, Program Benefits and other services and respond to user desires and preferences, and for other research and analytical purposes.

· To administer the Rewards Program.

RIGHT NOT TO PROVIDE INFORMATION

In certain jurisdictions, you may have the right not to provide Personal Information. However, if you elect not to provide such information, you may not be able to utilize certain services on the Website or participate in our Rewards Program.

DO-NOT-TRACK SIGNALS

Currently, our systems do not recognize browser “do-not-track” requests. You may, however, disable certain tracking as discussed in this section (e.g., by disabling cookies).

COOKIES

Some information that we collect about you is collected passively through the use of "cookies." Cookies are small files of information, which save and retrieve information about your visit to the Website - for example, how you entered and navigated our Website, and what information was of interest to you. There are two types of cookies: session and persistent cookies.

· Session Cookies. Session cookies exist only during an online session. They disappear from your computer when you close your browser or turn off your computer. We use session cookies to allow our systems to uniquely identify you during a session or while you are logged into the Site. This allows us to process your online transactions and requests and verify your identity, after you have logged in, as you move through our Site.

· Persistent Cookies. Persistent cookies remain on your computer after you have closed your browser or turned off your computer.

We use this information to remember you when you return and to customize our Website to your preferences. You may, however, disable certain tracking as discussed in this section. You may set your Web browser to notify you when you receive a cookie or to not accept certain cookies. However, you may find that some parts of the Website will not function properly if cookies are refused. Please note that Hard Rock does not collect, and is not aware of third parties that collect, from users of the Website personal information about users’ online activities across third party websites.

CLEAR GIFS, PIXEL TAGS AND OTHER TECHNOLOGIES

Clear GIFs are tiny graphics with a unique identifier, similar in function to cookies. In contrast to cookies, which are stored on your computer’s hard drive, clear GIFs are embedded invisibly on web pages. We may use clear GIFs (a.k.a. web beacons, web bugs or pixel tags), in connection with our Website to, among other things, track the activities of Website visitors, help us manage content, and compile statistics about Website usage. We and our third party service providers also use clear GIFs in HTML e-mails to our customers, to help us track e-mail response rates, identify when our e-mails are viewed, and track whether our e-mails are forwarded.

THIRD PARTY ANALYTICS/TRACKING

We use automated devices and applications, such as Google Analytics, to evaluate usage of our Website. We also may use other analytic means to evaluate our Services. We use these tools to help us improve our Services, performance and user experiences. These entities may use cookies and other tracking technologies to perform their services. We do not share your personal information with these third parties.

THIRD-PARTY AD NETWORKS

We may use third parties such as network advertisers to display advertisements on our Website, to assist us in displaying advertisements on third party websites, and to evaluate the success of our advertising campaigns. These companies may use information about your visits to our Website combined with information about your visits on other third party Sites to gain information about goods and services that may be of interest to you, to choose what ads to display to you, and to track the effectiveness of ads. Third party ad network providers, advertisers, and/or traffic measurement services may use cookies, JavaScript, web beacons (including clear GIFs), Flash LSOs and other technologies to measure the effectiveness of their ads and to personalize advertising content to you. These third party cookies and other technologies are governed by each third party’s specific privacy policy, not this one. We may provide these third-party advertisers with information about your usage of our Website and our services, as well as aggregate or non-personally identifiable information about visitors to our Website and users of our service. However, we do not share your personal information (such as name and email) with these advertisers.

You may opt-out of many third-party ad networks, including those operated by members of the Network Advertising Initiative (“NAI”). For more information regarding this practice by NAI members, and your choices regarding having this information used by these companies, including how to opt-out of third-party ad networks operated by NAI members, please visit the NAI opt-out page.

Opting out of one or more NAI member networks only means that those NAI members no longer will deliver targeted content or ads to you. It does not mean you will no longer receive any ads on our Website or other websites. For example, you may continue to receive advertisements on our Website based on the particular page that you are viewing on our Website. Also, if your browsers are configured to reject cookies when you visit this opt-out page, or you subsequently erase your cookies, use a different computer or change web browsers, your NAI opt-out will no longer be effective.

ACCESS AND CORRECTION

When required in your jurisdiction, Hard Rock will permit individuals to access, correct, amend or delete Personal Information that is demonstrated to be inaccurate or incomplete. If you request access, correction, amendment or deletion of your Personal Information and you have more than one account with us, you will need to instruct us on each account separately. Reasonable access to Personal Information will generally be provided within thirty (30) calendar days at no cost to you, subject to limited exceptions prescribed by law. Please note that personal profile information supplied by you on-line for your membership account in the Rewards Program can be accessed by you on-line at any time and at no charge.

Users who no longer wish to receive our newsletter or promotional materials may opt-out of receiving these communications by clicking the unsubscribe link at the bottom of the email or contacting customer_care@hardrock.com.

REGISTRATION

In order to use the Website, you must first complete a registration form. In order to receive a membership in the Rewards Program, we will need to collect certain Personal Information about you, such as your name, email address and contact details. This information is used to administer the Rewards Program, to send you Rewards Program Offers, and to communicate with you about specific services, offers, benefits and features on our Website or relating to the Rewards Program for which you have expressed interest or registered. For some Website services, you will be asked to provide a password and user identification. This information is collected to confirm eligibility for use of the online services and to establish the identity of the authorized user. You are responsible for maintaining the confidentiality of that password and user identification.

SURVEYS & CONTESTS

From time-to-time our Website may request information from you via surveys or contests. Participation in these surveys or contests is completely voluntary. Contact information will be used to administer your participation in a contest, notify the winners and award prizes. Survey information will be collected and used for purposes of monitoring or improving the use and satisfaction of the Website and the Rewards Program’s services.

HOW WE SHARE YOUR INFORMATION AND WHOM WE SHARE IT WITH

During the course of business, we may disclose, transfer or otherwise make available Personal Information and Transaction Information to Hard Rock affiliates, licensees and franchisees that operate Hard Rock hotel and cafe locations and to third-party service providers who have been legally contracted to provide services on our behalf related to the Rewards Program, and are prohibited from using it for any other purpose. In the case of the Rewards Program, we use a company called Brierley & Partners, based in the United States, to store, process and analyze such Personal Information in connection with operation and administration of the Rewards Program, to IBM Corporation to enable use their Silverpop email marketing tool, and to Zaius, Inc. to enable us to use their analytics tool. For information on the way in which our service providers treat your Personal Information, please contact us as set out below.

We and our service providers may also need to disclose your Personal Information where required by law, court order, search warrant or other legally valid inquiry or order, or to an investigative body in the case of a breach of an agreement or contravention of law, or as otherwise required by Canadian, US or other law. We may also disclose your Personal Information where necessary for the establishment, exercise or defense of legal claims, to investigate or prevent actual or suspected loss or harm to persons or property, or as otherwise permitted by law.

We may transfer your Personal Information as an asset in connection with the sale or transfer of all or part of our business (including transfers made as part of insolvency or bankruptcy proceedings) or as part of a corporate reorganization or other change in corporate control.

CHOICE/OPT-IN

Our users are given the opportunity to 'opt-out’ to having their Personal Information used for purposes not directly related to the purposes for which it has been collected. For example, our online Rock Shop retail merchandise order form has an 'opt-out' mechanism so users who buy a product or register for a service from us, but don't want any marketing material, can keep their email address off of our lists. When you register for the Rewards Program, however, you will be given the choice to ‘opt-in’ to receive marketing communications regarding that program and other promotions from Hard Rock; we will not send you such communications in connect with the Rewards Program if you have not opted in. You can always unsubscribe or withdraw your consent to receiving such communications by following the directions in the communications or by contacting us at customer_care@HardRock.com.

HARD ROCK – THIRD PARTY DISCLOSURE POLICY

We may, under limited circumstances, send you offers for related products or services from affiliated Hard Rock companies or jointly offered by Hard Rock together with select third parties. These offers are sent only to those users who have opted-in to receiving marketing materials from Hard Rock.

PUBLIC FORUMS

The Website may make chat rooms, forums, message boards, and/or news groups available to its users. Please remember that any information you disclose in a public forum will be available to other visitors to our Website and will not be considered confidential or proprietary. To the extent you disclose your Personal Information in public forums, the use of the information by third-parties will not be subject to this Privacy Policy.

EU/US Privacy Shield Compliance

Hard Rock complies with the EU/US Privacy Shield framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member and treaty countries. We have certified that we adhere to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability.

If there is any conflict between the policies in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program and to view our certification page, please visit https://www.privacyshield.gov/.

In compliance with the EU/US Privacy Shield Principles, Hard Rock commits to resolve complaints about your privacy and our collection or use of your personal information. European Union citizens with inquiries or complaints regarding this privacy policy should first contact customer_care@hardrock.com or

Hard Rock Cafe International (USA), Inc.

Attn: Tom Gispanski

Customer Care – Privacy Shield

6100 Old Park Lane

Orlando, FL 32835

Please include your name, address and phone number or e-mail in all communications and state clearly the nature of your request or concern.

Hard Rock Cafe International (USA), Inc. has provided a private sector independent recourse mechanism (located in the United States) to investigate and expeditiously resolve individual complaints and disputes. This dispute mechanism will cover all personal data except for human resource data. For more information, visit the website for ICDR®/AAA® EU-U.S. Privacy Shield: International Centre for Dispute Resolution®, the international division of the American Arbitration Association® (ICDR/AAA) at https://info.adr.org/safeharbor/. Under certain limited conditions and as a last resort, the individual can invoke binding arbitration. The Federal Trade Commission has jurisdiction over Hard Rock’s compliance with the Privacy Shield.

If Hard Rock transfers your personal data to a third party, we will ensure the third party is contractually obligated to process your data only for limited, specific purposes consistent with this policy, to apply the same level of protection to that data as the EU-U.S. Privacy Shield Principles, and notify us if it makes a determination that it can no longer meet this obligation. Upon notice, Hard Rock will take reasonable and appropriate steps to stop and remediate unauthorized processing. In cases of onward transfer to third parties of data received pursuant to the EU-US Privacy Shield, Hard Rock is potentially liable for violations of Privacy Shield principles.

PROTECTING CHILDREN

Hard Rock takes special care to protect the safety and privacy of children. For that reason, we never collect or maintain information at our website from those we actually know are under 13. Our websites are general audience sites.

HOW WE ENSURE THE SECURITY OF YOUR DATA

We have implemented commercially reasonable precautions to protect the information we collect from loss, misuse, and unauthorized access, disclosure, alteration, and destruction. Please be aware that despite our best efforts, no data security measures can guarantee 100% security.

You should take steps to protect against unauthorized access to your password, phone, and computer by, among other things, signing off after using a shared computer, choosing a robust password that nobody else knows or can easily guess, and keeping your log-in and password private. We are not responsible for any lost, stolen, or compromised passwords or for any activity on your account via unauthorized password activity.

HOW TO CONTACT US

You may address all communications to Privacy Policy, Hard Rock Café International (USA), Inc., 6100 Old Park Lane, Orlando, FL. 32835, or e-mail customer_care@hardrock.com. Please include your name, address and phone number or e-mail in all communications and state clearly the nature of your request.

CHANGES

This Policy is current as of the Effective Date set forth above. We may change this Policy from time to time, provided that we will follow the notification procedures set forth in the Hard Rock Rewards Program Terms and Conditions regarding any such changes and you will have the same rights and remedies as set forth in those Terms and Conditions with respect to any such changes. We will use Personal Information in accordance with the Policy under which it was collected.

YOUR CALIFORNIA PRIVACY RIGHTS / NOTICE FOR CALIFORNIA RESIDENTS

California residents who have provided personal information to Hard Rock may obtain information regarding Hard Rock's disclosures, if any, of personal information to 3rd parties for 3rd party direct marketing purposes. Requests must be submitted to the following address: Hard Rock Cafe International (USA), Inc., 6100 Old Park Lane, Orlando, FL 32835. Attn.: California Privacy. Within 30 days of receiving such a request, we will provide a California Privacy Disclosure, which will include a list of certain categories of personal information disclosed during the preceding calendar year to 3rd parties for their direct marketing purposes, along with the names and addresses of the 3rd parties. This request may be made no more than once per calendar year. We reserve our right not to respond to requests submitted other than to the address specified in this paragraph.