Privacy Policy
Privacy & Cookies Policy
Last Updated on May 14, 2024
Your privacy and the security and confidentiality of your data are very important to us. Youโve placed your trust in us by using our services, and we value that trust. We are committed to protecting and safeguarding any personal data that you give us. We want you to understand how we use your data and your rights regarding that data.
This website is owned and operated by STESA, a marketing, media, & directory network, which operates under a group (family) of brands. This Privacy & Cookies Policy explains how we collect, use, disclose, and process personal data through our websites, our mobile site(s), our iPhone, Android, and other mobile applications, and any other online communications and interfaces (the โsite(s)โ). If you are a business or a vendor partner with us, please refer to our contractual agreements to find additional information.
Please read the Privacy & Cookies policy below to learn about our practices. By visiting the site(s), you acknowledge that you have read and understand the practices described in this policy.
Summary of Key Issues
Collection: This section explains that we collect Personal Data provided to us or that we obtain while you are using the site(s).
Protection: This section explains how we employ technical, administrative, and physical safeguards that are designed to prevent unauthorized access, maintain data accuracy, and ensure the correct use of Personal Data.
Use: This section explains how we use Personal Data to provide you with products and services from our site(s) or to build features that will make those services easier to use and to contact you about these services, as well as our legal basis for these uses.
Sharing: This section explains that we share your Personal Data with external service providers, STESA, our network partners, our third-party partners, our agents, and otherwise as necessary to perform transactions with you and manage our business.
Marketing & Choices: You can exercise your control over most marketing communications. Please contact us via email if you have any questions.
Cookies: Our site(s) use cookies and other similar technologies. To opt out of advertising and certain other cookies, please notify us via email.
Data Subject Rights: STESA understands that you may want to change, access, or delete your Personal Data. You may do so by accessing your profile.
Cross-Border Data Transfers: Our site(s) are primarily but not solely operated in the United States. If you are located outside the U.S., your Personal Data will likely be transferred to the U.S. or another region, which might be a jurisdiction that may not provide an equivalent level of protection as your home jurisdiction. In such cases, the Cross-border data transfer would be necessary for the conclusion or performance of your transaction, and/or for the establishment, exercise, and defense of legal claims. To the extent the provision of your Personal Data is not necessary for those purposes, or as otherwise permitted by local law, your use of the site(s) or provision of any Personal Data constitutes your consent to the cross-border transfer of Personal Data and the other activities identified in this Privacy & Cookies Policy.
Children: While it is our desire that our site(s) are friendly to the eyes of every age who are nearby, you must be at least 18 years old to use our site(s).
Links: Our site(s) contain links to other websites or services that are not owned or controlled by us, including links to website(s) of suppliers and our advertisers, sponsors, and partners. We are not responsible for the content on linked site(s). This Privacy & Cookies Policy only applies to information collected by our site(s).
California Privacy Rights: California residents may have certain rights related to their Personal Data. Please see this section for a description of such rights.
Changes to Privacy & Cookie Policy: STESA & our network site(s) may revise our Privacy & Cookies Policy to reflect changes in the law, our Personal Data collection and use practices, the features of our site(s), or advancements in technology.
Contact Us: Should you have any questions, concerns, or comments, please contact us at team@stesa.org.
In order to provide you with our online services, we must collect personally identifiable information (โPersonal Dataโ). We may collect the following categories of Personal Data you provide to us while you are using the site(s):
Identifiers:
Commercial information:
Internet or other electronic network activity information:
Inferences drawn from other Personal Data:
Geolocation data:
In addition, we may receive certain categories of Personal Data listed above from sources other than you, specifically from the following categories of sources:
If you purchase services for other travelers or companions, you must make sure that you have the right to provide their personal Data to us and that those other travelers have accepted how STESA and our network site(s) use their information as stated in this policy. Personal Data of other travelers is collected only for the purpose of providing such Personal Data to the appropriate supplier to fulfill the requested service, or as otherwise may be required or permitted by applicable law.
Protecting your Personal Data is a top priority at STESA and our network site(s). We employ technical, administrative, and physical safeguards that are designed to prevent unauthorized access, maintain data accuracy, and ensure the correct use of Personal Data. To provide protection for credit card transactions while in transit, we currently use Secure Socket Layer encryption. If you have reason to believe that your interaction with us is no longer secure (e.g., if you feel that the security of any account you might have with us has been compromised), please contact us immediately as detailed in the โContact Usโ section of this Privacy & Cookies Policy.
We use Personal Data to provide you with services, to build features that will make the services easier to use, and to contact you. This includes a faster website experience, better customer support, timely notice of new services and special offers, and more relevant content.
Our legal basis to use your data, where one is required to be provided by applicable law, is as follows:
(a) as necessary to perform a transaction; (b) as necessary to comply with a legal obligation (such as record keeping to substantiate our compliance with law); (c) where you have provided consent as appropriate under applicable law; and (d) necessary for legitimate interests such as marketing that you have not previously objected to receiving. In general, you need to provide the Personal Data in order to make a reservation and otherwise enter into a transaction with us, for us to provide you with services, and as may be required for our compliance purposes in connection with such transactions, except in limited instances when we indicate that certain information is voluntary. Not providing Personal Data may prevent us from providing you with requested information and carrying out transactions. However, you can always exercise control over our use of Personal Data for direct marketing (click here for details) and you can control the use of cookies on our site(s) (click here for details).
We also use your Personal Data as described in the โDisclosing Your Personal Dataโ section below.
STESA & our network site(s) only disclose your Personal Data as described in this Privacy & Cookies Policy or as otherwise authorized by you.
Sharing your Personal Data for business purposes: We may disclose your Personal Data that we collect with the categories of recipients below for our business purposes:
Suppliers: We may disclose your Personal Data with involved third parties. Please refer to the websites of third-party suppliers for their Privacy Policies.
Companies within Our Corporate Family: We disclose your information with our affiliates and their subsidiaries in the U.S. and worldwide, as well as with STESA network organizations (including independent agents) and our group (family) of network organizations, including parent, sibling, subsidiary, and other related organizations. To learn more about our network (family) of companies and brands, please write to us. To learn more about your choices related to how we disclose your information with our group (family) of companies and independent agents, please see the โYour Data Subject Rightsโ section below. We may disclose your information with our group companies for the following business purposes:
Business Partners: In order to provide you with certain services, we may disclose your Personal Data with our business partners, or require that you transact directly with a business partner, such as a service provider. When you provide Personal Data in connection with these types of services, you are providing such Personal Data to those business partners, which hold such Personal Data on their or our behalf. Our contracts with our business partners offering these services require them to maintain such Personal Data in accordance with their published Privacy & Cookies Policy. Please refer to the websites of business partners for their Privacy Policies and other information. If you have any questions regarding details on this, please contact us via email.
STESA & its Networkโs Agents and Vendors: Many of the operations we perform require us to hire other companies to help us. Examples of such operations include sending and delivering postal mail and email, analyzing data we collect, marketing our services, handling credit card transactions, and providing customer service. While the companies we engage have access to Personal Data to perform their functions, they may not use it for other purposes. STESA & its network site(s) require these vendors to enter into confidentiality agreements and to agree to act in a manner consistent with the relevant principles articulated in this Privacy & Cookies Policy. Exceptions to this would be clear in our correspondence or on this page, or both. In some instances, we utilize service provider platforms to help us provide certain services. Whenever possible, this Privacy & Cookies Policy governs the collection and use of your Personal Data even though you are on a third-party website. In any instance, we want you to always know whose Privacy & Cookies Policy governs the collection and use of your Personal Data. In most cases, you can click on the Privacy & Cookies Policy link provided on the 3rd party site(s) you are using. If there are questions, concerns, comments, or lack of clarity, please contact us via email for help.
Future Business Transfers: Our business is constantly changing. As part of that process, STESA or its network organization may sell or buy other companies, and Personal Data may be transferred as part of these transactions. It is also possible that STESA or its network organization, or substantially all of its assets, may be acquired by another company, whether by merger, sale of assets, or otherwise, and Personal Data may be transferred as part of such a transaction. In such cases, the acquiring company would be required to honor the privacy promises in this Privacy & Cookies Policy or obtain your consent to any material changes to how your Personal Data will be handled by announcing an update to this Privacy & Cookies Policy.
Compliance with Law and Other Disclosures: STESA & its network organizations reserve the right to release Personal Data in order to comply with applicable law or to comply with a judicial proceeding, court order, or legal process served on us: We may also release Personal Data to enforce or apply Terms and Conditions applicable to the services, to protect us or others against fraudulent or inappropriate activities, or to otherwise protect the rights, property or safety of STESA & our network organizations, our affiliated companies, our customers, or others.
Disclosure of your Personal Data for other purposes: As described below in the section on Our Policy on Cookies and Other Tracking Technologies, we may disclose internet or other electronic network activity information about you, as well as general geolocation data based on IP address, with third-party cookie providers we use on our site(s) which may use this data for purposes other than strictly operational purposes. In certain jurisdictions, such sharing may be considered a โsaleโ of your Personal Data and you may have the right under applicable law to opt-out of or object to such sharing.
As explained above, you may choose not to provide us with Personal Data; however, doing so may prevent us from providing you with requested information and carrying out transactions.
You have control regarding our use of your Personal Data for direct marketing. If you would prefer not to receive notices of special savings or promotions, or other marketing materials or offers, you may simply opt-out from receiving them by informing us via email or using the unsubscribe button where available. We comply with all applicable laws. Where required by law, we ask for your prior consent for direct marketing when we are aware of the law. Please note that even if you opt out of receiving marketing communications from us, we may need to send you service-related communications, such as confirmations of any future reservations you make, which may sometimes contain offers as well.
You may also have the opportunity on our site(s) to provide a mobile phone number to receive certain alerts or updates, which may be discontinued at any time. You may also use the settings within your mobile app to enable or turn off mobile push notifications from us. If this doesnโt work, please email us for help on this.
Cookies and similar tracking technologies, such as beacons, scripts, and tags, are small bits of code, usually stored on a userโs computer hard drive or device, which enable a website to โpersonalizeโ itself for each user by remembering information about the userโs visit to the website.
The site(s) uses cookies to store your preferences, display content based upon what you view to personalize your visit, analyze trends, administer the site(s), track usersโ movements around the site(s), serve targeted advertising and gather demographic information about our user base as a whole. On mobile websites and mobile apps, we may use Anonymous Device IDs and/or Advertiser Identifiers in a manner similar to our use of cookies on our websites. Although these activities involve developing an understanding of you as a user, we use this information for the purposes described. Given the nature of our site(s) and services and the limited amount of Personal Data we obtain about you, this activity is not expected to produce legal effects for you nor otherwise is it expected to significantly affect you. More detailed information about our use of cookies and how to opt-out of advertising and certain other cookies is provided below.
STESA & its network site(s)โ Cookies (First Party Cookies): We use our cookies to improve your web-browsing experience. For example, we use a cookie to reduce the time it takes for you to submit requests by storing a registered userโs email address so that you do not need to enter your email address each time that you log in. We will also use a cookie to keep track of your search criteria while you are engaging our services. Our cookies are associated with your Personal Data. However, no third party may use the information we collect through STESA and its network site(s)โ cookies for their own purposes.
Third Party Cookies: We work with third parties that place cookies on our site(s) to provide their services, including:
Ad Targeting: We work with third-party advertising companies to serve ads while you are visiting our site(s). We permit these companies to place and access their own cookies on your computer in the course of serving advertisements on this site(s). In order to provide advertisements about goods and services of interest to you, these companies may use information obtained through their cookies (which is not to include your name, address, email address, or telephone number) about your visits to the site(s) and other websites, in combination with non-personally identifiable information about your purchases and interests from other online site(s). Other companiesโ use of their cookies is subject to their own privacy policies and not ours.
Data Providers: We also allow data providers to collect web log data from you (including IP address and information about your browser or operating system), when you visit our site(s), or place or recognize a unique cookie on your browser to enable you to receive customized ads or content. These cookies contain no personally identifiable information. The cookies may reflect demographic or other data, with identifying elements removed, linked to data you voluntarily have submitted to us, e.g., your email address, that we may disclose with data providers solely in hashed, non-human-readable form.
Analytics/Measurement: We also use third-party analytics cookies to gain insight into how our visitors use the site(s) and optimize and improve our site(s). The data we gather includes which web pages you have viewed, which referring/exit pages you have entered and arrived from, which platform type you have used, date and time stamp information, and details such as the number of clicks you make on a given page, your mouse movements and scrolling activity, the search words you use, and the text you type while using our site(s). We also make use of analytics cookies as part of our online advertising campaigns to learn how users interact with our site(s) after they have been shown an online advertisement, which may include advertisements on third-party websites.
Remarketing Pixel Tags and Other Technologies: We may disclose website(s) usage information with third-party advertising companies for the purpose of managing and targeting advertisements and for market research. For these purposes, we and our third-party advertising companies may place or recognize a cookie on your computer or device or directly in our emails or communications or may place pixel tags (also called clear gifs) on certain web pages. We will then use the information that is collected to serve you relevant advertisements when you are visiting other site(s) on the Internet. These advertisements may be targeted to specific searches you conducted on STESA & its network site(s) during earlier browsing sessions.
Flash Cookies: Our partners, who provide certain features on our site(s) or display advertising based on your browsing activity, also use Local Shared Objects such as Flash cookies, and Local Storage such as HTML5, to collect and store content information and preferences. Various browsers may offer their own management tools for removing HTML5 local storage. To manage Flash cookies, please click here.
Controlling Cookies: You have a choice over the use of cookies as described in this Privacy & Cookies Policy. Our site(s) are not currently configured to respond to Do Not Track signals. If you would rather we do not use STESA & its network site(s)โ cookies when you visit us, please configure your specific browser settings to reject cookies.
To opt out of third-party cookies, please utilize the appropriate option(s) below:
Please keep in mind that without cookies you may not have access to certain features on the site(s), including access to your profile or account and certain personalized content. Removing all cookies from your computer could also affect your subsequent visits to certain website(s), including this site(s), by requiring that, for example, you enter your login name when you return to that website.
Mobile Devices
We and/or our data providers may collect and store a unique identifier matched to your mobile device in order to deliver customized ads or content while you use applications or surf the internet, or to identify you in a unique manner across other devices or browsers. In order to customize these ads or content, we or a data partner may collect demographic or other data, with identifying elements removed, about you received from third parties, as well as data you voluntarily have submitted to us (e.g., your email address) and/or data passively collected from you, such as your device identifier or IP address. For advertising purposes, however, we will typically share your email address with our data partners in hashed, non-human readable form. Exceptions will be communicated with you via email or on this page.
If you no longer wish to receive interest-based advertising on your mobile device browser or applications, please refer to your deviceโs operating system settings, or follow instructions below.
STESA & its network organizations understand that you may want to change, access, or delete your Personal Data. You may do so by accessing your profile or by emailing us. To protect your privacy and security, we will need to verify your identity before acting on a request. In most circumstances, we will then answer your request within 30 days of verification. If you have created a profile on any of the services available on the site(s), your email address and password are required in order to access your profile information.
Depending on the jurisdiction where you reside, you may have specific rights under local legislation to: (i) request access to your Personal Data; (ii) request rectification of your Personal Data; (iii) request erasure of your Personal Data; (iv) request restriction of processing of your Personal Data; (v) request data portability; and (vi) object to the processing of your Personal Data, including opting out of certain targeted advertising, profiling, and certain sharing of your Personal Data or processing of your Personal Data for marketing purposes; (vii) opt-out of the sale or share of your Personal Data; (viii) appeal our decision to decline a request. You may also have the right to request from us the Personal Data from or about you that we have โsoldโ (as such term is defined under applicable law), shared, or disclosed for a business purpose within the past 12 months. Please email us if you need help to exercise such rights. You may also have the right to lodge a complaint with a supervisory authority. Please note that, in order to provide appropriate security to your information, we may require additional data points or information from you in order to verify your identity prior to completing certain requests related to your Personal Data (e.g., requiring the matching of two or three data points provided by you with information maintained by STESA & its network organizations).
We will not discriminate against you for exercising any of your rights. Please note, however, that there may be certain circumstances where we are unable to complete your request, such as when we are unable to verify your identity or as otherwise permitted under applicable law.
Colorado and Connecticut residents may authorize another person, acting on the residentโs behalf, to opt-out of the processing of the consumerโs personal data for targeted advertising or sale.
Retention
We will retain your information for as long as your account is active or as needed to provide you services. In addition, we will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
Appeals
If your request to exercise your data subject rights is rejected, you will receive a notification with the details of the reason for rejection and instructions about how to make an appeal. We will respond to you within 45 days of your appeal submission. If you are a Virginia resident and your appeal is denied, you may contact the Attorney General to submit a complaint by visiting the Office of the Attorney Generalโs website to complete an Online Consumer Complaint Form.
We care. In exercise of your rights, if you use a form to opt out of any marketing, cookie, or similar programs, that is controlled by any entity other than STESA, including a government form as described in this policy, to prevent any miscommunication or non-compliance, please also send us an email at team@stesa to let us know your desire so that we can ensure our own responsiveness & compliance. Please look for a reply within 72 hours to ensure receipt of your request.
Our site(s) are primarily operated in the United States. If you are located in Europe, please note that there is different privacy legislation in various parts of the world including Europe. STESA & its network organizations respect and comply with all applicable laws and guidelines to the best of our ability. We do not, however, have the ability to maintain knowledge of the policies that may affect people accessing our site(s) from various parts of the globe. In such cases where there may be a question as to jurisdiction, it is best to presume the jurisdiction of Delaware, USA, or California, USA. We adhere to the US Department of Commerce with respect to European Customer Data, including its Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability.
With respect to cross-border data transfers from jurisdictions outside the US and Europe (i.e., the EU, EEA, Switzerland, and the UK), your Personal Data will likely be transferred to the US, a jurisdiction that may not provide an equivalent level of protection as your home jurisdiction. In such cases, the cross-border transfer to the US is necessary for the conclusion or performance of your transaction, for the establishment, exercise, and defense of legal claims, and for other purposes to the extent permitted by applicable law. To the extent the provision of your Personal Data is not necessary for those purposes, or as otherwise permitted by local law, your use of the site(s) or provision of any Personal Data constitutes your consent to the cross-border transfer of Personal Data and the other activities identified in this Privacy & Cookies Policy.
You must be 18 years or older to use the site(s). Our Services are not directed at or intended for use by children. We do not knowingly collect Personal Data from children under 18 years of age. The limited circumstances we might need to collect the Personal Data of children under 16 years old include: as part of a reservation, the purchase of other related services, or in other exceptional circumstances (such as features addressed to families). Again, this will only be used and collected as provided by a parent or guardian and with their consent. If you become aware that your child or any child under your care has provided us with information without your consent, please contact us using the contact details listed in the How to Contact Us section below.
Our site(s) contain links to other websites or services that are not owned or controlled by us, including links to websites of suppliers and our advertisers, sponsors, and partners. This Privacy & Cookies Policy only applies to information collected by and held within our site(s). We have no control over these third-party websites, and your use of third-party websites and features is subject to privacy policies posted on those websites. We are not responsible or liable for the privacy or business practices of any third-party websites linked to our site(s) or third-party social media features or functionality offered on our site(s), such as Facebook, Google Plus, Twitter, and YouTube. Your use of third partiesโ websites linked to our site(s) is at your own risk, so we encourage you to read the privacy policies of any linked third-party websites when you leave one of our site(s), link into our site(s) from another website or through a sign-in feature (for example, Facebook Connect or an Open ID provider), or utilize a third-party social media feature or functionality available on our site(s).
We collect certain categories of Personal Data that is considered โpersonal informationโ under California law. California law requires that we describe the personal information we collect about California consumers, including by identifying specific categories of information. As we describe in more detail in the โOur Collection of Your Personal Dataโ section above, we have collected the following categories of personal information in the past 12 months:
Identifiers:
Commercial information:
Internet or other electronic network activity information:
Inferences drawn from other Personal Data:
Geolocation data:
Certain personal information we collect about you may be considered โsensitive personal informationโ within the meaning of California law, including credit card information (for billing and transactional purposes in connection with providing products and services). We only use and disclose sensitive personal information as necessary in connection with the performance of services and the provision of goods, compliance with federal, state, or local laws, and as otherwise permitted by California law.
For information about the categories of sources from which we obtain personal information, please refer to the โOur Collection of Your Personal Dataโ section of this Privacy & Cookies Policy. For information about our purpose(s) for collecting, or possibly sharing your personal information, please refer to the โHow We Use Your Informationโ section of this Privacy & Cookies Policy.
We may share your personal information with third parties as described in the โDisclosing Your Personal Dataโ section of this Privacy & Cookies Policy. Under California law, some of these disclosure activities may be considered โsalesโ under California law, even if no money changes hands, and some of these disclosure activities are considered โsharingโ for purposes of cross-context behavioral advertising. California consumers have the right to opt out of the โshareโ and โsaleโ of their personal information.
The categories of personal information we have โsoldโ or โsharedโ as described in โHow We Share Your Informationโ in the past 12 months include the following:
We do not use or disclose โsensitive personal information,โ as the term is defined in California law, for purposes other than as necessary to provide you with our Services.
California law grants certain rights to California residents. These include:
To exercise your Privacy Rights under California law, contact us via the information provided in the โHow To Contact Usโ section below. To protect your privacy and security, we will need to verify your identity before acting on a request. Please also refer to the options available for directly managing cookies and similar technologies on your desktop or mobile device, as described above. Please note that you can make a request to know twice within a 12-month period.
We will not discriminate against you for exercising any of your rights under California law. Please note, however, that there may be certain circumstances where we are unable to complete your request, such as when we are unable to verify your identity or as otherwise permitted under applicable law. Only you or a person registered with the California Secretary of State that you authorize to act on your behalf may make a request related to your personal information. You may also make a request on behalf of your minor child.
As described above, we will retain your information for as long as your account is active or as needed to provide you services. In addition, we will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
STESA & its network organizations may revise this Privacy & Cookies Policy to reflect changes in the law, our Personal Data collection and use practices, the features of our site(s), or advancements in technology. If we make any material changes we will notify you by email (sent to the email address specified in your account) or through a prominent notice on the site(s) prior to the change becoming effective.
Should you have any questions, or to exercise your rights as detailed above, please contact us at team@stesa.org or by postal mail at PO Box 358 Oak View, CA, 93022 USA.