Last Updated: February 19th, 2024
This privacy notice applies to Casa Domo, LLC., D.B.A. ASRA (“Company”) website, or application (collectively “Company Services” “Casa Domo”) where this privacy notice is referenced, regardless of how you access or use them, including through mobile devices. This Privacy Policy incorporates by reference the Company’s Terms of Use. Note that we combine the information we collect from you from the Website, Application, and through the Service generally, or offline.
This privacy policy has been compiled to better serve those who are concerned with how their ‘Personal Information’ is being used online. Personal Information is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context.
PLEASE READ OUR PRIVACY POLICY CAREFULLY TO GET A CLEAR UNDERSTANDING OF HOW WE COLLECT, USE, PROTECT OR OTHERWISE HANDLE YOUR PERSONAL INFORMATION IN ACCORDANCE WITH OUR SERVICES. BY USING THIS SERVICE, YOU EXPRESSLY ACKNOWLEDGE AND AGREE TO OUR COLLECTION, USE, SHARING, AND PROTECTION OF YOUR PERSONAL INFORMATION AS SUMMARIZED BELOW AND AS FULLY DESCRIBED IN OUR USER PRIVACY NOTICE.
- Management and Application Servicer. We use management software provided by Jurny Inc., as such we the policies and procedures we described here only apply to our services and sites. For information on Jurny Inc.’s privacy policies please contact [email protected].
- Security Check. We use security screening software called Autohost. Autohost is a third-party software which screens guests’ documents prior to check-in. For information on Autohost’s privacy policies please see https://www.autohost.ai/privacy/.
- Prior to check-in, we will send an email or text message link, through Autohost, to guests requesting their name, address, phone number, and passport documents (ID). Guests may be asked to use their camera phone to scan their documents.
- How We Disclose Your Personal Data. WE DO NOT SELL YOUR PERSONAL DATA TO THIRD PARTIES, including third-party advertisers. There are certain circumstances in which we may disclose, transfer, or share your Personal Data with certain third parties such as Stripe with notice to you, as set forth in this Privacy Policy.
- Information We Collect & How We Process Data
- We are a data Processor and Collector. We process data received from our services and take proportionate precaution in storing such information for short periods on our secure servers until permanently destroyed. Our servers and offices are located in the U.S., so your information may be transferred to, stored, or processed in U.S.
- Our Service collects information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (” personal information”). In particular, our Service has collected the following categories of personal information from its consumers within the last twelve (12) months:
- Category A: Identifiers
- Examples: A real name Information, Internet Protocol address, email address, or other similar identifiers, device information.
- Collected: YES
- Category B: Personal information categories.
- Examples: A name, signature, physical characteristics or description, address, telephone number, zip code, education, employment, employment history, or any other financial information.
- Collected: NO
- Category C: Protected classification characteristics under applicable laws.
- Examples: Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).
- Collected: NO
- Category A: Identifiers
- We obtain the categories of personal information listed above from the following categories of sources:
- Directly from you. For example, from forms you complete on our Service.
- Indirectly from you. For example, from observing your actions on our Service or interactions with our advertisers.
- Categories of Personal Information We Collect
- Personally Identifiable Information is information that identifies a specific person. When you engage in certain activities via the Company Service, including but not limited to creating an account, sending feedback, or otherwise participating in the Company Service (collectively, “Identification Activities”), we will ask you to provide certain information about yourself. We also collect the following:
- Identity Data
- Contact Data
- Profile Data
- Usage Data
- Transaction Data
- Technical Data
- If you elect to engage in an Identification Activity we will ask you to provide us with certain personal information about yourself, such as your name, email address, telephone number and/or any other information you provide to us, to process your transaction, send communications about them to you, and populate forms for future transactions.
- When you enroll in the Company Service, we will also ask you to provide us with additional information. Depending on the Identification Activity, some of the information we ask you to provide will be identified as mandatory and some identified as voluntary. If you do not provide mandatory information for an Identification Activity, you will not be permitted to engage in that Identification Activity with the Company Service. Depending on the Identification Activity, Company might not re-ask you for Personally Identifiable Information if such are already stored with us.
- Information Collected from All Users
- Information you provide to us: For all Users we collect Personal Data when you voluntarily provide such information to the Services, such as when you register for access to the Services, contact us with inquiries, respond to one of our surveys or browse or use certain parts of the Services. The Personal Data we may collect includes without limitation your name, address, email address and any other information that you choose to provide and/or that enables Users to be personally identified.
- Information we automatically collect: We also automatically collect certain technical data that is sent to us from the mobile device and/or browser through which you access the Services (“Automatic Data”). Automatic Data, includes without limitation, a unique identifier associated with your access device and/or browser (including, for example, your Internet Protocol (IP) address) characteristics about your access device and/or browser, statistics on your activities on the Services, information about how you came to the Services and data collected through Cookies, Pixel Tags, Local Shared Objects, Web Storage and other similar technologies.
- When you register for the Services or otherwise submit Personal Data to us, we may associate other Non-Personal Data (including Non-Personal Data we collect from third parties) with your Personal Data. At such instance, we will treat any such combined data as your Personal Data until such time as it can no longer be associated with you or used to identify you.
- Information you provide to us: For all Users we collect Personal Data when you voluntarily provide such information to the Services, such as when you register for access to the Services, contact us with inquiries, respond to one of our surveys or browse or use certain parts of the Services. The Personal Data we may collect includes without limitation your name, address, email address and any other information that you choose to provide and/or that enables Users to be personally identified.
- Non-Personally Identifiable Information
- Non-Personally Identifiable Information is information that does not identify a specific person. This type of information may include things like the Uniform Resource Locator (“URL”) of the services or application you visited before coming to the Company Service or otherwise participating in the Company Service, the URL of the Services you visit after leaving the Company Service, the type of browser you are using, your Internet Protocol (“IP”) address, mobile carrier information, mobile device information, or general and/or aggregated location data that does constitute Personally Identifiable Information.
- We, and/or our authorized Third-party Service Providers, may automatically collect this information when you visit or use the Company Service using electronic tools like Cookies and Web beacons or Pixel tags, as described below in this Privacy Policy. Most of the other information we collect for mobile, such as your mobile device identification and mobile device type, the request type, your mobile carrier, your mobile carrier user identification, and the content of your request, does not by itself identify you to Company, though it may be unique or consist of or contain information that you consider personal.
- We use Non-Personally Identifiable Information to troubleshoot, administer the Company Service, analyze trends, gather demographic information, comply with applicable law, and cooperate with law enforcement activities. We will also share this information with our authorized Third-party Service Providers to measure the overall effectiveness of our products and services.
- Personally Identifiable Information is information that identifies a specific person. When you engage in certain activities via the Company Service, including but not limited to creating an account, sending feedback, or otherwise participating in the Company Service (collectively, “Identification Activities”), we will ask you to provide certain information about yourself. We also collect the following:
- Cookies. We use cookies, web beacons, unique identifiers, and similar technologies to collect information about the pages you view, the links you click, and other actions you take when using our Services, within our advertising or email content. You can control the use of cookies at the individual browser level, but if you choose to disable cookies, it may limit your use of certain features or functionality of the Service.
- How We Use Your Personal Data
- We collect and use the Personal Data we collect in a manner that is consistent with this Privacy Policy, and applicable privacy laws. We may use the Personal Data as follows:
- Specific Reason
- If you provide Personal Data for a certain purpose, we may use the Personal Data in connection with the purpose for which it was provided. For instance, if you contact us by e-mail, we will use the Personal Data you provide to answer your question or resolve your problem and will respond to the email address from which the contact came.
- We use your personal information to provide and improve our Services, provide you with a personalized experience on our sites, contact you about your account and our Services, provide you customer service, provide you with personalized advertising and marketing, and to detect, prevent, mitigate and investigate fraudulent or illegal activities.
- We use the personal information we collect from you for a range of different business purposes and according to different legal bases of processing.
- Personal Information you directly consent on giving.
- Transactions, Access, and Use. If you provide Personal Data in order to obtain access to or use of the Services or any functionality thereof, we will use your Personal Data to provide you with access to or use of the Services or functionality and to analyze your use of such Services or functionality. Such functionality includes our third-party payment partner Stripe or Lynnbrook. In order to use some portions of our service, you are required to pay using Stripe. Stripe and Lynnbrook adhere to PCI DSS compliance. If you have any questions regarding their application or services, please refer to the Stripe or Lynnbrook website. We do not store any credit card or payment information.
- Internal Business Purposes. We may use your Personal Data for internal business purposes, including without limitation, to help us improve the content and functionality of the Services, to better understand our Users, to improve the Services, to protect against, identify or address wrongdoing, to enforce our Terms of Service, to manage your account and provide you with customer service, and to generally manage the Services and our business.
- Use of Interest-Based Data. We sometimes make inferences about the type of services you may be interested in. We may use these inferences to help target advertising or customize recommendations to you, including on behalf of Servicers. We may do this on an aggregated or generalized basis.
- Other Purposes. If we intend to use any Personal Data in any manner that is not consistent with this Privacy Policy, you will be informed of such anticipated use prior to or at the time the Personal Data is collected or we will obtain your consent subsequent to such collection but prior to such use.
- Aggregated Personal Data. In an ongoing effort to understand and serve our Users better, we often conduct research on our customer demographics, interests and behavior based on Personal Data and other information that we have collected. This research is typically conducted on an aggregate basis only that does not identify you. Once Personal Data is in an aggregated form, for purposes of this Privacy Policy, it becomes Non-Personal Data.
- Staying Signed in. When you sign in to your account on our Services, we give you the option to stay signed in to your account for certain amount of time. If you are using a public or shared cellular device, we encourage you not to choose to stay signed in. You or any other user of the cellular device/browser you signed in on will be able to view and access most parts of your account and take certain specific actions during this signed in period without any further authorization. If you are using a public or shared cellular device, you should sign out and/or clear your cookies when you are done using our Services to protect your account and your personal information.
- Google, Social Media and Other Third-party Connections. You can connect your Company account to your accounts on third-party services like Google, in which case we may collect, use, disclose, transfer and store/retain information relating to your account with such third-party services in accordance with this Privacy Policy.
- Legal Requirements. We may disclose your Personal Data if required to do so by law in order to (for example) respond to a subpoena or request from law enforcement, a court or a government agency (including in response to public authorities to meet national security or law enforcement requirements), or in the good faith belief that such action is necessary to (a) comply with a legal obligation, (b) protect or defend our rights, interests or property or that of third parties, (c) prevent or investigate possible wrongdoing in connection with the Services, (d) act in urgent circumstances to protect the personal safety of Users of the Services or the public, or (e) protect against legal liability.
- Security. Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply, i.e. your password, is encrypted via TSL and cloud technology provide by Oracle Cloud Servers.
- Your Rights & Data Retention
- We retain your Personal Data for as long as necessary to provide you with our Services, or for other important purposes such as complying with legal obligations, resolving disputes, and enforcing our agreements. If you have an account with us, we will typically retain your Personal Data for no longer than 90 days.
- Data protection law provides you with rights in respect of Personal Data that we hold about you, including the right to request a copy of the Personal Data, request that we rectify, restrict or delete your Personal Data, object to profiling and unsubscribe from marketing communications.
- Users may update their choices regarding the types of communications you receive from us through your online account. You also may opt-out of receiving marketing emails from us by following the opt-out instructions provided in those emails.
- Please note that we reserve the right to send you certain communications relating to your account or use of the Service (for example, administrative and service announcements) via email and other means and these transactional account messages may be unaffected if you opt-out from receiving marketing communications.
- All Users may request access to or correction of any Personal Information we have about them or close their account and/or request deletion of all Personal Information we have about them. In certain jurisdictions, Users may have certain rights with regard to their Personal Information. We will honor User requests to the extent we can reasonably do so and as required by law, but some information will remain on the Services, such as information you posted publicly.
- We will use commercially reasonable efforts to honor your requests however, certain information will actively persist on the Service even if you close your account. In addition, the rights described above may be limited, for example, if fulfilling your request would reveal personal information about another person, or if you ask us to delete information we are required by law to keep or have compelling legitimate interests in keeping (such as for fraud prevention purposes).
- Limit the Personal Data You Provide. You cannot browse the Services without providing any Personal Data (other than Automatic Data to the extent it is considered Personal Data under applicable laws) or with limiting the Personal Data you provide. If you choose not to provide any Personal Data or limit the Personal Data you provide, you may not be able to use certain functionality of the Services.
- Personal Data Provided to Others. This Privacy Policy does not apply to any Personal Data that you provide to another User or visitor through the Services or through any other means.
- Third-party Privacy Practices. This privacy notice addresses only our use and handling of personal information we collect from you in connection with providing you our Services. If you disclose your information to a third-party, or visit a third-party Services via a link from our Services, their privacy notices and practices will apply to any personal information you provide to them or they collect from you. We cannot guarantee the privacy or security of your personal information once you provide it to a third-party and we encourage you to evaluate the privacy and security policies of your trading partner before entering into a transaction and choosing to share your personal information. This is true even where the third parties to whom you disclose personal information are bidders, buyers or sellers on our site.
- Children’s Online Privacy Protection Act (COPPA). We do not knowingly collect Personal Data from children under the age of sixteen (16). If you are under the age of sixteen (16), please do not submit any Personal Data through the Services. We encourage parents and legal guardians to monitor their children’s Internet usage and to help enforce our Privacy Policy by instructing their children never to provide Personal Data through the Services without their permission. If you have reason to believe that a child under the age of 16 has provided Personal Data to us through the Services, please contact us and we will endeavor to delete that information from our databases.
- International Privacy Laws
- If you are visiting the Services from outside of the United States of America, please be aware that you are sending information (including Personal Data) to the U.S. where our servers are located. That information may then be transferred within the U.S. or back out of U.S. to other countries outside of your country of residence, depending on the type of information and how it is stored by us. These countries (including the United States) may not necessarily have data protection laws as comprehensive or protective as those in your country of residence; however, our collection, storage and use of your Personal Data will at all times continue to be governed by this Privacy Policy.
- Modifications
- We reserve the right, in our sole discretion, to update or modify this Privacy Policy at any time (collectively, “Modifications”). Modifications to this Privacy Policy will be posted to the Site with a change to the “Updated” date at the top of this Privacy Policy. In certain circumstances Company. may, but need not, provide you with additional notice of such Modifications, such as via email or with in-Service notifications.
- Please review this policy periodically, and especially before you provide any Personal Data. This Privacy Policy was updated on the date indicated above. Your continued use of the Services following the effectiveness of any Modifications to this Privacy Policy constitutes acceptance of those Modifications. If any Modification to this Privacy Policy is not acceptable to you, you should cease accessing, browsing and otherwise using the Services.
- Dispute Resolution. If you have a complaint about Company’s privacy practices you should contact us. We will take reasonable steps to work with you to attempt to resolve your complaint in accordance with the “Terms” incorporated with these policies.
- General Data Protection Regulation (GDPR)
- The GDPR requires Us and our Servicers using the Service to provide Users with more information about the processing of their Personal Data. The GDPR requires us to tell you about the legal ground we’re relying on to process any Personal Data about you. The legal grounds for us processing your Personal Data for the purposes set out above will typically be because:
- You provided your consent; it is necessary for our contractual relationship;
- The processing is necessary for us to comply with our legal or regulatory obligations;
- And/or the processing is in our legitimate interest as a service.
- The GDPR requires Us and our Servicers using the Service to provide Users with more information about the processing of their Personal Data. The GDPR requires us to tell you about the legal ground we’re relying on to process any Personal Data about you. The legal grounds for us processing your Personal Data for the purposes set out above will typically be because:
- Residents of Canada. Company and all it’s representatives agree to comply with the Personal Information Protection and Electronic Documents Act (PIPEDA). In the event of any change, modification or adoption of a new provision to the said Act from the present version in effect on the date of these terms, Company shall modify these terms accordingly.
- Nevada Residents
- Under Nevada law, certain Nevada residents may opt out of the sale of “personally identifiable information” for monetary consideration to a person for that person to license or sell such information to additional persons. “Personally identifiable information” includes first and last name, address, email address, phone number, or an identifier that allows a specific person to be contacted either physically or online.
- If you are a Nevada resident who has purchased services from us, you may submit a request to opt out of any potential future sales under Nevada law by emailing us. Please note we will take reasonable steps to verify your identity and the authenticity of the request.
- Rights For California Residents
- If you are a California resident, the California Consumer Privacy Act (CCPA) may provide you with additional rights regarding the use of your personal information. These rights include:
- The right to access the personal information we process about you;
- The right to know what personal information is collected about you and if any information is sold or disclosed, and to whom;
- The right to request the deletion of your personal information;
- The right to opt-out from the sale of your personal information.
- You can exercise any applicable rights by emailing [email protected] You may be required to submit proof of your identity and/or address, if we are unable to confirm your identity or cannot verify that you are a California resident. We will try to respond to a verifiable consumer request within 45 days of its receipt.
- If you are a California resident, the California Consumer Privacy Act (CCPA) may provide you with additional rights regarding the use of your personal information. These rights include:
- Transfers of Personal Data
- Casa Domo is a Company from the United States of America, we may need to transfer your Personal Data outside of the country from which it was originally provided. This may be intra-group or to third parties that we work with who may be located in jurisdictions outside the EEA, Switzerland and the UK which have no data protection laws or laws that are less strict compared with those in Europe.
- Whenever we transfer Personal Data outside of the EEA, Switzerland or the UK, we take legally required steps to make sure that appropriate safeguards are in place to protect your Personal Data.
- Contact Us. If you have a question or a complaint about this privacy notice, our global privacy standards, or our information handling practices, you can reach us at: [email protected]