Privacy Policy

Your privacy is our concern

BM RATE PARITY LTD, with Company Number HE409804, is a company operating
under Cyprus law, registered in the Registrar of Companies of Cyprus the 2nd of June,
2020 with Organization number: 569861, Record number: 26772638. This company
owns the domain name https://www.rateparity.com (hereinafter jointly known as the
“Website”).

Address
17H, Chitron str. ( Χυτρών)
1075, Nicosia, Cyprus
Telephone: +30 210 4101130
Email: privacy@rateparity.com

BM RATE PARITY LTD (hereinafter collectively and individually referred to as
“RateParity”, “us”, “our” and “we”), is a technology company specialised in offering
services to hotels and hotel chains to boost their online bookings.

We consider privacy to be paramount, both for visitors of our website
https://www.rateparity.com/ (hereinafter, the “website”) and for anyone else that may be
affected by information provided to us through our website, whose data are processed
by RateParity as part of the provision of service (hereinafter and jointly “you” and the
“user”, and the plural “you” and the “users”). In this regard, RateParity undertakes to
process your data in compliance with the applicable and in-force data protection
legislation at all times. More specifically, RateParity shall comply with the premises
established in Regulation (EU) 2016/679 of the European Parliament and of the Council
of 27 April 2016 on the protection of natural persons with regard to the processing of
personal data and on the free movement of such data, also known as the General Data
Protection Regulation, repealing Directive 95/46/EC (GDPR) on the protection of
personal data and the guarantee of digital rights.

On this basis, RateParity publishes its Privacy Policy in order to make users aware of
the processing of their data and the applicable fundamental principles on personal data
protection. Despite this, certain services provided, or services that may be provided in
the future, on the website may contain specific conditions of use with provisions for
personal data protection, which prevail over this Privacy Policy.

Regarding the foregoing, we urge all users to closely read this Privacy Policy in order to
become familiar with the rules and practices that we have developed in order to protect
personal data and to get to know more about our relationships with third parties that
may have access to your data.

In any case, the user is solely responsible for the information that they provide us with
via the website and, if RateParity wished to use it in the future for purposes other than
those referred to, we will inform you of these new purposes and request your consent, if
required. On using our website, you admit to having read and accepted this Privacy Policy and
our Legal Notice.

1. Who is the data controller?
Contact details of the data controller BM RATE PARITY LTD, with Company
Number HE409804, with registered address at 17H, Chitron str. 1075, Nicosia,
Cyprus, and contact email address privacy@rateparity.com, corresponding to
the data protection officer (DPO) of RateParity.

2. What data protection rights do users have?
Users may request the following rights:

  • Right to access your personal data: you may ask RateParity whether
    or not we are processing your data, and if so, you can request access to
    them.
  • Right to rectify your data if it is inaccurate, or to complete it if it is
    incomplete.
  • Right to erase your data.
  • Right to restrict the processing of your data: in this case, we will only
    store your data in order to exercise or defend legal claims.
  • Right to object to the processing of your data: RateParity shall stop
    processing personal data unless we must continue processing them for a
    legitimate reason or for exercising or defending possible legal claims.
  • Right to data portability: in the event that the user wishes that their
    data be processed by another data controller, RateParity shall transfer
    your data to the new data controller.
  • Right to not be subject to a decision based solely on the automated
    processing of your data.

If you have granted consent for your data to be processed for a specific
purpose, you may withdraw this consent at any moment without prejudice to the
legality of the processing based on the consent given before its withdrawal.
In any case, when the user exercises their right to erasure, all personal data
linked to their account, as well as all information and content embedded in their
profile, shall be deleted. Likewise, in the event that the user exercises their right
to erasure on the data that are necessary in order for RateParity to continue
providing the services of their website, RateParity shall be obliged to terminate
their relationship with the user, proceeding to de-register the user without the
user being entitled to make any claim against them.

In order to exercise their rights, users must send a written communication to the
registered address of RateParity or to the email address indicated in part 1 of
this Privacy Policy, including in both cases a photocopy of their National
Identification Card or any other equivalent identification document.

3. How can you file a claim to the Cyprus Data

Protection Agency (AEPD)?
You can use the forms relating to the rights referred to in the previous part
by visiting the official website of the Spanish Data Protection Agency
(http://www.dataprotection.gov.cy/dataprotection/dataprotection.nsf/home_el/ho
me_el?opendocument).
Claim before the Control Authority: if you consider that RateParity is using
your personal data inappropriately, you can file your complaint to the DPO of
RateParity or to the corresponding Control Authority. In Cyprus, you must
consult the The Commissioner for personal data protection
(www.dataprotection.gov.cy/dataprotection/dataprotection.nsf/home_el/home_el
?opendocument).

4. In which cases do we collect your personal data and
what type of data are they?
For the purpose of this Privacy Policy, “personal data” shall be considered any
information that identifies you or that may be used to identify you, such as, for
example, your name, address, telephone number or email address.
If you decide to provide us with your personal data, RateParity may use any of
the data that you enter in any of the forms that you complete or data that you
provide us with via the different RateParity email accounts that are available for
you to use to contact us.

These data are processed when you interact with RateParity and our
representatives; when you participate or request to participate in any activities
related to RateParity, such as providing services or online surveys relating to
our services; when you apply for one of our job offers; when you interact with
our website and it is requested that you provide us with personal data, as
described in this Privacy Policy and Cookies Policy; when you register on our
website or use certain features without registering, such as participating in our
interactive services.

Personal data that our website obtains from your computer or electronic device:
Cookies, only for https://www.rateparity.com/
If you would like more information on how RateParity uses cookies, consult our
Cookies Policy.

5. How do we use users’ personal data?
RateParity informs applicable users that the personal data that they provide us
with and that we collect shall be identified in the Record of Processing Activities
owned by RateParity, and shall be used:

  • To respond to consultations or information requests that may be made by
    users;
  • To provide users, upon request, with a demonstration of our services;
  • To provide our services in compliance with the Legal Notice and the
    Terms and Conditions, if applicable, that have been established between
    RateParity and each user;
  • To respond to applications to job offers;
  • For the use or provision of services, in the event that the user has
    previously registered on the website, in compliance with the General
    Conditions for Use of the website and the specific conditions of each
    service;
  • To personalise and improve the website’s tools and features in order to
    guarantee its correct technical functioning;
  • In the event that the user has selected the corresponding box, to keep
    them informed through sending notifications or newsletters via email
    and/or other electronic means, the content of which shall mainly be
    regarding our services, activities, projects, updates and new features of
    the website;
  • To use them for any other purpose that may be demanded or allowed by
    applicable legislation or for the purpose for which you have granted your
    consent.

6. Why do we process your personal data?
RateParity may process your data for any of the following legal bases: (A)
legitimate commercial purposes; (B) when you have given your consent; (C)
when it is necessary in order to comply with the legal and regulatory obligations
of RateParity and (D) for any reason necessary to comply with a contract of
which you are a party.

7. Who can access your personal data?
Depending on the purposes for which the personal information is collected, the
following people may interchangeably access these data:

  • Authorised RateParity staff or its representatives acting on behalf of
    RateParity, subject to applicable data protection legislation;
  • Regulatory authorities or third parties, in compliance with applicable
    legislation;
  • Third parties (service providers that process data as data controllers,
    following the instructions of RateParity). All of the aforementioned may
    only access your data once the necessary measures have been taken to
    ensure that we are able to share these data in compliance with
    applicable data protection legislation.

We shall not sell or disclose to third parties any personal information or data
that you have provided us with via our website and that make it possible to
identify you either directly or indirectly.

8. Where are your personal data processed?
RateParity shall not carry out any transfer of personal data outside the
European Economic Area (EEA). In the event that such a transfer was to occur,
RateParity would only do so in compliance with applicable data protection
legislation. Regardless of the place where your personal data are collected or
processed, RateParity ensures and guarantees that the service providers
maintain suitable levels of administrative, technical and physical security in
order to protect your information.
For more information on the use of contractual models by RateParity, please
contact us by emailing privacy@rateparity.com.

9. How do we protect your personal data?
In order to ensure the safety of information, RateParity applies various technical
and organisational measures to guarantee the suitable level of security in
compliance with applicable regulations. In any case, RateParity shall take
suitable technical and organisational measures both when designing the data
processing system and during the carrying out of the processing itself in order
to preserve security and prevent unauthorised processing. However, despite the
careful implementation of such measures, the user is informed that internet
security measures are not impenetrable. RateParity is not responsible for the
actions of third parties who access these data and information by violating these
measures.

10. How long do we store your data for?
RateParity processes your personal data for the period of time necessary to
fulfill the purposes established in this Privacy Policy and stores your personal
information for as long as necessary to comply with the provisions of the
relevant laws and regulations.

The criteria that we follow for this are determined by:

  • The purpose of the data collected and the fulfillment of this purpose.
  • The reasons that allow the data to be collected, e.g. when you have
    given consent, it may be withdrawn at any moment.
  • Storage periods demanded by contractual and legislative requirements.

Please be aware that in some cases, RateParity is obliged to store certain
pieces of your data.

11. Confidentiality
The professionals who work at RateParity and who have intervened in any way
in the provision of services to the user are bound to not disclose or use any of
the information that they have accessed. The information provided by the user shall
in all cases be considered confidential, without prejudice to it being used
for purposes other than those related to managing your requests and the
services contracted to RateParity, if applicable. Accordingly, we are bound to
neither disclose nor reveal information on users’ intentions, the reasons for
requesting advice or the duration of their relationship with RateParity.

12. Social networks
RateParity is present on some of the main social networks found on the internet
and is the data controller of the data published therein by RateParity.
RateParity shall process the data on each social network in compliance with the
rules established by each social network for this purpose. Therefore, until
indicated otherwise by RateParity, we may inform our followers on the
corresponding social network of our activities, events and other related topics,
including providing followers with customer service via the channels provided by
the social network for this purpose.
RateParity shall not extract any personal data from social networks unless the
user gives their express consent.

13. Special category personal data
We shall not collect or process any personal data that is particularly sensitive or
included in special categories of users’ personal data unless the users have
explicitly provided us with this data. Special categories of personal data refer to
information relating to race or origin, political opinions, religious or philosophical
beliefs or other beliefs of a similar nature, trade union membership, genetic
data, biometric data where used for purposes of identifying a natural person,
and data concerning health, a person’s sex life or sexual orientation.

14. Policy on the use of children’s data
This website is neither designed for nor intended for use by children under
sixteen (16) years old without their parents’ or legal guardian’s authorization.
Accordingly, we do not deliberately collect information on these people. In any
case, if the parents or legal guardians consider that their children have provided
us with personal data without their consent, please let us know by emailing us
at privacy@rateparity.com.

15. Direct marketing
We shall not use users’ personal data for direct marketing purposes without
your express prior consent.
If at any moment you decide that you wish to stop receiving commercial or
promotional information from RateParity, you may unsubscribe, free of charge
and without having to provide a justification, from our direct marketing
campaigns and oppose the future processing of your personal data for these
purposes by sending us an email to privacy@rateparity.com or by pressing “opt-out” in the email.
You may also use the procedure for unsubscribing found in
any promotional message that you receive from RateParity.

Please bear in mind that, even if you decide to unsubscribe from or opt out of
promotional emails or newsletters, we may still need to contact you regarding
important information of a non-commercial nature, such as resolving problems,
detecting and preventing errors or more generally in order to comply with the
website’s Legal Notice and/or Terms and Conditions.

16. Automated decision-making
We shall not use automated decision-making processes, including profiling,
unless you expressly authorize us to do so. In this case, we would notify you of
the logic used in the decision, as well as of the meaning and expected
consequences of the processing for you.

17. Links to other websites
RateParity websites contain links to other websites that we consider potentially
useful and informative for you. However, please be aware that we do not attest
for or recommend the content or services of these website, nor are we
responsible for their privacy policies. We recommend that you consider and
read the privacy policies of all websites that you visit. Remember that the
contents of this Privacy Policy are only applicable to data collected and/or
processed by RateParity.

18. Modifications and integrity of our Privacy Policy

We shall only use your personal data in compliance with the provisions of the
Privacy Policy that is in force at the moment in which we collect your personal
data. RateParity reserves the right to modify this Privacy Policy at any moment,
publishing these modifications on our website. Therefore, we recommend that
you consult the website every time that you view the Privacy Policy. If at any
moment we decide to use personal data in a way that differs from that which we
declared at the moment of their collection, we shall communicate this to you by
email, providing that we have your email address. At that moment you will be
given the option to authorise other uses or disclosures of the personal data that
you provided us with before the modification of our Privacy Policy.

In the event that any of the clauses of this Privacy Policy are annulled or
considered invalid, the rest of the conditions shall not be affected, completely
maintaining their validity and effect, at all times in light of current applicable
legislation.