Last Updated: April 8, 2019
Expedition America, Inc. Privacy Policy for the Mobile Application “SWIGO”
SWIGO knows that you take your privacy seriously. We do, too. We intend to be transparent with you about our data practices and to give you control over information we collect about you (your “Data”), some of which may identify you or from which you may be identified (“PII”).
This is the Privacy Policy for Expedition America, Inc. for the mobile application herein referred to as “SWIGO”.
SWIGO offers the following services:
- Consumer Services, which include our websites (www.eatour.com and www.swigotravel.com) (collectively, the “Sites”), our SWIGO mobile application (the “App”), and our features (i.e. attributes that SWIGO makes available, such as the ability for users to check into destinations and venues), content (e.g. messages, reviews, photos that users may provide), and widgets (i.e. applications that allow users to access the Apps) (all, collectively, the “Consumer Services”); and
- Enterprise Services, which include our media, attribution, analytics, Application Programming Interface (“API”) and Software Development Kit (“SDK”) products (collectively, the “Enterprise Services”).
This Privacy Policy is
divided into four parts:
Part
I applies to Data about users of our Consumer Services (“SWIGO
Users”).
Part
II applies to Data provided by customers of our Enterprise
Services (“Enterprise Customers”) about users of Enterprise Customers’ products
(“Partner End-users”).
Part
III applies to Data about individuals other than SWIGO Users
and Partner End-users, such as individuals acting in their professional
capacity as representatives of a third party developer, vendor, partner or
enterprise customer.
Part
IV applies to all Data that we may collect and further
process in the circumstances described in all of Parts I, II and III.
Part I – SWIGO Users
Below are the types of Data we collect about SWIGO Users and the ways in which we may collect, use and share that Data.
What Data Does SWIGO Collect
Data You Provide To Us:
We receive and store Data that you provide to us when you create an account and use our Consumer Services. When you create an account, we may collect your full name, email address, phone number, birthday, gender, the city in which you created your account, and where applicable, your Twitter, Facebook or Google username and other Data if you create an account using your third party log-in credentials (please see “Data Received From Third Parties” below). As you interact with us and use our Consumer Services, we may also collect other Data that you directly provide to us, which may include pictures that you choose to upload to your account, any check-ins to destination, venues or events that you choose to make, your likes, who you follow, who you friend, check-ins, comments or tips you make, whether you have created or edited venues, dates for your check-ins and any other Data that you voluntarily provide to us.
Data Collected When You Use Our Consumer Services:
If you opt-in, we automatically receive Data about your location and/or IP address whenever you interact with, or use, the Consumer Services (e.g. open the App, visit our website, etc.). We use various technologies to determine your location, such as the location services of your operating system or browser, sensor data from your device (e.g. magnetometer or barometer, Bluetooth data, beacon data, Wi-Fi access points, GPS data, and cell tower data), and other Data that may help us to understand your precise location. We may also collect additional Data about you when you use the Consumer Services. For example, we receive Data:
- relating to how you interact with the Consumer Services, such as your search terms, what pages you view, your access times, the time you spend on each page, your IP address, the redirected pages, or any messages you write to other users or post to the Consumer Services;
- relating to your device, such as your hardware model, operating system, unique ID, browser type, language, and wireless network; and
- collected by cookies and other technologies, such as cookie ID, advertising ID or other unique advertising ID, web beacons, local storage and pixels. You can control certain types of cookies through your browser settings or other tools. You may review our Cookie Policy for further information.
If you use our Apps and have enabled background location services in our Apps, you have permitted us to collect the above Data about you in the background even when you do not have the Apps open (as permitted by your device settings). You may turn off location services at any time by going to your device settings and toggling off background location. For more information about location, please see “Determining and Sharing Location” below.
Data Received From Third Parties
We may receive Data about you from third parties, including Enterprise Customers (e.g. customers of our Media Products) and/or third parties with services that interact with the Consumer Services or that provide services to us, such as unaffiliated apps and websites, e.g., websites and applications offered by third party developers that integrate with our API, advertising exchanges, ad platforms, ad networks or from our partners. This Data may include Data about your activity when using the Consumer Services or on unaffiliated websites and apps, or Data received from web browsers or operating systems such as browser types and settings, the operating systems, device models, carriers, location information, IP address, mobile device and advertising identifiers (e.g. Apple IDFA or Google Advertising ID), as well as cookie information, pixel or other similar technology. If you created your account using your Google, Twitter or Facebook account profile, we may receive certain information from these companies, such as your first name, last name, gender, birthday, email address and your Google, Twitter, Instagram or Facebook ID.
How Is My Data Used?
Below are the ways that we may use Data about SWIGO Users.
To Operate, Maintain And Improve The Consumer Services
We may use your Data to operate and maintain the Consumer Services, and to understand you better and tailor the Consumer Services to you. If you download more than one App, we may combine your Data provided in each App. If you use the Consumer Services when you are not logged into your SWIGO account, when you subsequently log into your SWIGO account, we may combine Data collected while you were not logged in with your SWIGO account.
We may also use your Data for research and development, to improve the Consumer Services, or to offer new products, features and tools, but only to the extent that this is in compliance with applicable law. For example, we may redesign the App to make it easier for you to search for Venues, Cities or events in the SWIGO check in utility/screens. We may also use your Data to customize our App and Sites to provide you with your own special experience such as in the SWIGO “Friend Activity Feed” which shows the venues, cities and events that your friends within the app have checked into. We do this by inferring your interests and preferences, looking at your check in history and who your friends are or allowing you to find and add friends who are also using the App and Sites from your device’s contact list or if applicable, your Facebook, Google, Instagram or Twitter account if you have opted to connect these accounts to your SWIGO account. In these situations, we do not store your contact lists.
We also may use your Data to help us map Locations (as defined below). For example, we may use device signals to determine that a particular device is within a particular venue. Additionally, if you consent to sharing crash data (when the App crashes) with us, we may use that data to help us analyze the cause of the crash.
Communicate With You
We may use your Data to communicate with you, including by email, text (only if you opt-in), or in our App, about new product offerings, updates to the Consumer Services, or anything else we think may be of interest to you. You can opt out of receiving marketing and promotional communications at any time.
Protection Of Our Rights
We may use your Data to protect the rights, property or safety of SWIGO, the Consumer Services, our users and employees, or any third party. For example, we may use your Data if we need to enforce or apply our Terms of Service or Policies.
Enterprise Services
We may use your Data in our Enterprise Services and in other services that we may provide to businesses. For example, when partners use our SDK, we may receive certain Partner End User Data back (e.g., wifi end points, Visit Data, and other Data), including Data about SWIGO Users, if the Partner End-Users are also users of our Consumer Services. We may use this Data for our business purposes or to improve the Enterprise Services. As always, you can always opt-out of this type of sharing by disabling your background location services for the Apps. See also “Media Products” section of Part III below.
When Is My Data Shared?
We neither rent nor sell Data about users without their consent unless anonymized, aggregated or pseudonymized. Though, as described more fully in this Privacy Policy, we may license or otherwise provide certain other Data to third parties, provided we have received your consent to do so.
Data That May Be Shared With Other Users
When you use the Consumer Services, your authorized friends may see some of your PII, such as your name, email address, phone number associated with your account, profile photo, hometown and links to your Instagram, Twitter and Facebook accounts (if you have connected those accounts to your SWIGO account), a list of your friends, a map of your check-in history, any content or comments that you post, and which Apps you use. When you communicate on or through the Consumer Services, such as by direct messaging to your friends or checking-in to a business, an establishment, or a location (each a “Location”), such as a venue, city, club, event restaurant, your friends may see this Data, too. You can always control what you want visible to others, by choosing to not check-in to any location, blocking other users at any time or deleting content or check-ins that you have posted.
Publicly available Data such as the Data available in your user public profile, tips, likes, saves, public photos, messages sent between individual users, messages sent in group chats, lists that you create and follow, destinations or venues checked into and lists of friends and/or followers may be searchable by search engines and be shared with or disclosed to third parties, including through our Enterprise Services to our partners and customers.
Data That May Be Shared With Third Party Partners And Service Providers
A key purpose of the Consumer Services is to help users discover who is going to the location(s) that they are going to and to learn about Locations, upcoming events, and travel destination that are relevant to them, and for these organizations to provide information about themselves, their Locations and events to users, as well as to reward users when they visit their Location or event through offers or specials provided to you in compliance with applicable law. When you visit a Location, your visit may be shared with that Location so they can provide superior products and services to you. Sharing your visit means providing the Location with your user name, profile photo and the handles for any social media accounts you have connected with your SWIGO account (e.g., your Twitter or Instagram ID) at the time you “check-in” to a Location. You can always control what Data you choose to share with Locations by choosing not to check in to any destination or venue that you do not want to be publicly shared or distributed with third party parnters.
We may also use service providers, vendors and contractors to provide or perform services on our behalf. In these cases, we may need to share your PII with them. Our service providers, vendors and contractors will be subject to binding contractual obligations to: (i) only process the PII in accordance with our prior written instructions; and not use the PII for their own purposes; and (ii) use appropriate measures to protect the confidentiality and security of the PII; together with any additional requirements under applicable law.
When we partner with a business, we may share Data with them but only in aggregate or in some cases, we may share a non-identifying ID such as an advertising ID or a hashed identifier (“pseudonymized”). When we share Data in a pseudonymized form, a unique identifier is shared so that our partner can measure conversion as to whether an individual has seen its ad, visited its website, or you went to its brick and mortar location. We may also share or disclose aggregated, pseudonymized, and/or anonymous Data to other third parties, including SWIGO Users you may follow, and developers who use our API or SDK, or our other Enterprise Customers, for analytical or other purposes. See also “Media Products” section of Part III below.
When You Consent
Except as permitted under this Privacy Policy, we will only share your PII with your consent. For example:
- If you consent or authorize a third party app to access your SWIGO account, we may share your Data with such third party app. You can revoke your consent at any time through email to info@EAtour.com.
- We sometimes enter into relationships with partners to offer contests and promotions through the Consumer Services. For example, we may partner with a brand to have a contest to win a prize and if you enter the contest, we may share your email address and/or other necessary PII with such brand, with your consent. In these cases, we will only share Data that is necessary with our partner.
Other times
We may share your Data when we believe in good faith that such release is necessary to comply with law or a legal process, including laws outside your country of residence; to protect our rights, property, or safety of SWIGO, our employees, the Consumer Services and others.
We may share your Data as part or in anticipation of a business sale, merger, consolidation, investment, change in control, transfer of substantial corporate assets, reorganization, liquidation, or similar business transaction or corporate event.
Determining and Sharing Location
Some features and functionality in our App may require that you provide your location. If you have your location services turned on, whenever you open and use or interact with our App (e.g. check into a city, venue, club or restaurant) on your mobile device, we collect and use your location data from your mobile device (e.g., latitude and longitude) to tailor the Consumer Services to your current location (i.e. we’ll show you a list of nearby locations and venues to check into). We will only process your location data with your permission. If you have background location data turned on by granting us permission through your device’s location settings and in your privacy settings, we will, from time to time, obtain your device’s location even if you are not directly interacting with the App. Other than in an anonymized, pseudonymized or aggregated form, your location is never shared with others, except with your consent or as permitted under this Privacy Policy.
Each of your check-ins using the Consumer Services is saved to your “Check-in History & Timeline/User Profile” which allows you and your friends to see the locations you have checked in since you created your account. You can delete any of your check-ins from the check-in page in our App.
What About Cookies and Similar Technologies?
We may use technologies like cookies, pixels, web beacons, local storage and other identifiers on our Sites, in our emails, within our Apps and sometimes in third party apps that use our API or SDK to provide you with a range of products and services. We use these technologies for a number of purposes, such as for authentication, security, preference settings, advertising and analytics. We sometimes work with advertisers or other partners, and advertising service providers to serve ads to you on the Consumer Services, or a third party website or app, that may be relevant to you based on your interaction with the Consumer Services, including places you have “checked in”.
How do I Access or Delete My Data?
You can access and delete your data in multiple ways. You can delete your check-in data through the check in screen on the app by swiping left on the check-in location that you wish to delete. You can delete messages by swipping left on the message chain that you wish to delete within the Message function on the app.
You may also delete your Data and account at any time on our Sites by clicking on the Delete Your Account by emailing info@EAtour.com with a copy of your Drivers License or Passport identifying you as the owner of the account with the your request to delete your account. If you delete your Data, your profile, including your check-in history, messages and photos will be removed from the Consumer Services, and you will no longer be able to access such Data. We will not be able to restore your account once it has been deleted. Deletion of your account may not be immediate. Residual copies of your PII or posts may remain on backup media for a short period of time thereafter. Additionally, we may store certain Data that is not PII, i.e. does not directly identify you, in our internal systems, which we may use in our Enterprise Services. We may also retain Data as required by applicable law and we will not delete any Data that is not PII, i.e., has already been anonymized.
If you have questions about accessing, updating, or deleting your Data, please email info@EAtour.com
How to Opt Out of Marketing and Promotional Emails and Text
Messages
- By Email: You can opt out of marketing or promotional emails at any time by clicking the “unsubscribe” button at the bottom of the email received and following the steps to remove your self from any further emails for marketing and promotional reasons.
- By SMS: If you have opted in to
receive SMS messages, you can always unsubscribe at any time by texting STOP in
response to a message or by following the instructions in the SMS.
How to Opt-Out of Interest-Based Advertising
We adhere to the Digital Advertising Alliance (“DAA”) Self-Regulatory Principles for Online Behavioral Advertising. At this time, however, we do not honor web browser Do Not Track (“DNT”) signals or other similar mechanisms.
You may opt out of interest-based advertising as follows:
- You may opt out of seeing interest-based ads from us or our third party advertising partners on your desktop browser and/or mobile web browser by visiting the DAA at http://www.aboutads.info/choices/ or by visiting the Network Advertising Initiative (“NAI”) at http://www.networkadvertising.org/choices/.
- You may opt out of seeing interest-based ads in the Apps by downloading the DAA’s AppChoices application, which is available at http://www.aboutads.info/appchoices.
- If you have a SWIGO or Swarm account, you may opt-out of seeing interest-based ads from SWIGO only in the privacy settings section of your respective account.
- Certain versions of your device’s operating system permit you to opt out of interest based advertising. Please visit your device settings to limit such tracking.
Please note that when you opt out of interest-based ads, you will still see
ads, but they will no longer be based on your interests or behavior. After you
have opted out, we will no longer use any PII collected from you on that
particular browser or device for advertising purposes. We will also be unable
to connect that device or browser to a different device or browser.
How to Remove Background Location Sharing?
If you use our Apps and have opted-in to sharing your background location with us, you may remove your permission at any time by going into your operating device settings and toggling off background sharing.
Part II – Partner End-Users
Below are the ways in which we may collect, use and share Data about Partner End-Users.
API or Data Files
We share Data with third party developers via our API, which may also involve those third party developers agreeing to share Data about Partner End-Users with us. In some cases, they have committed not to share Partner End-User Data with us if it comprises PII or without the Partner End-User consenting to the sharing. We may also share Data with third party developers via flat data files, and may receive a flat data file from developers in return.
SDK Products
App developers may partner with us to use our SDK, which they integrate into their own apps to help them identify when Partner End-Users are near interesting places of relevance to their service (e.g. a nearby store with respect to which they can offer a coupon), identify accurate venue data (such as the geo-coordinates of a venue or club) or to identify when their end users have visited a specific venue (“Visit Data”). When partners use our SDK, we may receive certain Partner End-User Data back (e.g. wifi end points, Visit Data, and other Data). We may incorporate such Partner End-User Data into our Enterprise Services, and if contractually permitted, license such Partner End-User Data to business partners. In some cases, if contractually permitted, we may share non-identifying IDs such as an advertising IDs or other pseudonymized data.
In addition, we may acquire data from third parties and append such information to Partner End-User Data. We will delete Partner End-User Data if requested by our partners.
In the event that a Partner End-User is also a SWIGO User, we may combine all data about the user into a single profile.
Part III – Individuals Who Are Not SWIGO Users or Partner End-Users
Below are the ways in which we may collect, use and share Data about individuals who are not SWIGO Users or Partner End-Users.
Media Products
We, our partners, and advertising service providers may receive Data from unaffiliated apps and websites, advertising exchanges, ad platforms, ad networks or from our partners, which we, our partners and advertising service providers may use to send interest-based advertising. The Data collected for this purpose may include Data such as activity when using the Consumer Services or on unaffiliated websites and apps, or Data received from web browsers or operating systems such as browser types and settings, the operating systems, device models, carriers, location information, IP address, mobile device and advertising identifiers (e.g. Apple IDFA or Google Advertising ID), as well as cookie information, pixel or other similar technology.
We may combine the Data described above with demographic, location and other interest-based segment Data from third parties to provide the Enterprise Services.
When we partner with a business, PII is not shared with them. We will only share Data in aggregate or in some cases, pseudonymized form. When we share Data in a pseudonymized form, a unique identifier, such as an Advertising ID, is shared so that our partner can measure conversion as to whether an individual has seen its ad, visited its website, or visited their brick and mortar location.
Other
We may collect Data about individuals acting in their professional capacity as a representative of a third party developer, vendor, partner or enterprise customer. We may collect their names, job titles, phone numbers, email addresses and/or billing addresses (of their organization), so that we can contact and interact with these organizations in relation to the contracting process, billing, and/or promotions. We do not combine Data from these individuals with any Data about users of our Consumer Services.
In the case of developers who use our API or SDK, we also collect Data that developers provide on their developer account profiles, as well as certain Data that we process when a developer uses his or her account (such as time of use and device information).
We may share Data we collect about these individuals with service providers, vendors and contractors to provide or perform services on our behalf, such as providers that help us manage customer relationships, sales, and marketing for SWIGO or may, in some cases, share Data about these individuals with our Enterprise Customers. Our service providers, vendors and contractors will be subject to binding contractual obligations to: (i) only process this Data in accordance with our prior written instructions, and not use the Data for their own purposes; (ii) use measures to protect the confidentiality and security of the Data; (iii) comply with additional requirements under applicable law. We may also share this Data when we believe in good faith that such release is necessary to comply with law or a legal process, including laws outside the individual’s country of residence; to protect our rights, property, or safety of SWIGO, our employees, the Consumer Services and others. We may also share this Data as part or in anticipation of a business sale, merger, consolidation, investment, change in control, transfer of substantial corporate assets, reorganization, liquidation, or similar business transaction or corporate event.
Part IV – Individuals Described In All of Parts I, II and III.
This Part IV applies to Data about individuals we may collect in the circumstances described in all of Parts I, II and III.
Your legal rights
Subject to applicable law, you may have a number of rights regarding the processing of your PII, including:
- the right to request access to, or copies of, your PII that we process or control, together with information regarding the nature, processing and disclosure of that PII;
- the right to request rectification of any inaccuracies in your PII that we process or control;
- the right to request, on legitimate grounds:
- deletion of your PII that we process or control; or
- restriction of processing of your PII that we process or control;
- the right to object, on legitimate grounds, to the processing of your PII by us or on our behalf;
- the right to have your PII that we process or control transferred to another data controller, to the extent applicable;
- where we process your PII on the basis of your consent, the right to withdraw that consent; and
- the right to file a complaint with a Data Protection Authority regarding the processing of your PII by us or on our behalf.
- This does not affect your statutory rights.
To exercise one or more of these rights, or to ask a question about these rights or any other provision of this Privacy Policy, or about our processing of your PII, please use the contact details provided below.
Security
We use industry standard physical, technical, and logical security measures to protect your Data. We endeavor to safeguard your Data to ensure that it is kept secure. However, we cannot guarantee the security of Data in an account from unauthorized entry or use, hardware or software failure, and other factors.
Your account is protected by a password that you have chosen. We recommend using a password that is unique to your SWIGO account. If you use the Consumer Services on public or shared networks (e.g. public wifi), we cannot ensure the security of your account.
Children under 13
Neither the Consumer Services nor the Enterprise Services are directed to individuals who are under 13 years of age. We do not knowingly collect any Data from children under 13. If you notice or suspect that a user is under 13, please contact us immediately at info@EAtour.com.
PII Retention
The criteria for determining the duration for which we will keep your PII are as follows: we will retain copies of your PII only for as long as is necessary in connection with the purposes set out in this Privacy Policy, unless applicable law requires a longer retention period. In addition, we may retain your PII for the duration of any period necessary to establish, exercise or defend any legal rights.
International Users
Our Apps and all of our data, including your Data, are hosted on servers in the United States. If you are using or accessing the Consumer Services or Enterprise Services from outside of the United States, your Data will be transferred to, processed and stored in the United States. As a result, United States federal and state governments, courts, or law enforcement or regulatory agencies may be able to obtain your Data through laws applicable in the United States. United States laws may not offer the same privacy protections as the law of your jurisdiction.
SWIGO complies with the EU-U.S. Privacy-Shield Framework and Swiss-U.S. Privacy-Shield Framework (“Privacy Shield”) as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of PII transferred from the European Union (the “EU”) and Switzerland to the United States, respectively. SWIGO has certified to the Department of Commerce that it adheres to the Privacy Shield Principles (the “Principles”). All PII SWIGO receives from the EU in reliance on the Privacy Shield are subject to the Principles. All SWIGO entities, including Expedition America Inc., adhere to the Principles, where applicable. If there is any conflict between the terms in this Privacy Policy and the Principles, the Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/.
You have the right to access your PII. In compliance with the Principles, SWIGO commits to resolve complaints about our collection or use of your PII. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact us at info@EAtour.com. SWIGO has further committed to refer unresolved Privacy Shield complaints to JAMS, an alternative dispute resolution provider located in the United States. If you do not receive a timely acknowledgment of your complaint from us, or if we have not resolved your complaint, please contact or visit JAMS for more information or to file a complaint: https://www.jamsadr.com/file-an-eu-us-privacy-shield-claim. The services of JAMS are provided at no cost to you.
You have the ability, under certain conditions, to invoke binding arbitration for complaints regarding Privacy Shield compliance not resolved by any of the other Privacy Shield mechanisms. For more information, please visit: https://www.privacyshield.gov/article?id=ANNEX-I-introduction.
The Federal Trade Commission has jurisdiction over SWIGO’s compliance with Privacy Shield. This is in addition to our requirement to disclose PII to public authorities upon the receipt of a lawful request, including requests made in relation to national security or law enforcement requirements, as discussed above in this Privacy Policy.
If we transfer your PII to a third party acting as our agent, we remain responsible for how that PII is processed. This means that we will remain liable under the Principles if any third party acting as our agent processes your PII in a manner inconsistent with the Principles, unless we were not responsible for the event giving rise to the damage.
Changes to this Privacy Policy?
SWIGO may amend this Privacy Policy from time to time. We encourage you to regularly check this page to review any changes we might make in accordance with this Privacy Policy. If we make material changes in the way we use your Data, we will notify you by posting an announcement on our Sites or App, or by sending you an email (if we have your email). If permitted by law, users are bound by any changes to this Privacy Policy when they use the Consumer Services and Enterprise Services after such changes have been first posted.
Contact Us
If you have any questions or concerns regarding this Privacy Policy, please send a detailed message to: info@EAtour.com or Expedition America Inc. at 19645 S. Rancho Way, Rancho Dominguez, CA. 90220. We will make every effort to resolve your concerns.