Privacy Policy and Cookie Notice

Please read this Privacy Policy carefully before using our Website or submitting any personal information.

Last updated: May 26, 2026

Perfetto Traveler, LLC dba Perfetto Traveler, a Nevada limited liability company, is referred to in this Privacy Policy as “Perfetto”, “we,” “us,” or “our.” We are committed to respecting your privacy and protecting your personal information.  In support of our commitment, we developed this privacy policy (together with our Cookie Notice and Controls, collectively, “Privacy Policy”) in order to be transparent about how we collect, use, disclose and safeguard your (and/or the members of your group/traveling party’s) personal information submitted by you at https://www.perfettotraveler.com/ (“Website”), as well as any sub-domains and affiliated sites, or any other media form, media channel (including, without limitation, email), mobile website, mobile application, or call center, related or connected thereto our Website, regardless of whether they directly display or link to this Privacy Policy (individually, a “connected service”, and collectively, “connected services”).

 

This Privacy Policy applies to the following:

  • All connected services relating to Perfetto, including all information collected through our connected services.
  • Information collected by us (or on our behalf) but excluding instances where your information is collected under a different Privacy Policy or notice made available to you at the time your information is collected.
  • Information shared with us by third parties for our own use, as well as publicly available information collected by us.

 

The collection, use, and disclosure (collectively, “processing”) of information described in this Privacy Policy is controlled by Perfetto. If you have any questions or concerns about this Privacy Policy or our practices with regards to the information processed under this notice, please contact us using the contact information and methods provided under How To Contact Us below. By using the Website, you are accepting the practices described in this Privacy Policy. These practices may be changed from time to time, but any changes will be posted to our Website and we will take the appropriate steps to inform you consistently of the significance of the changes, and in accordance with applicable law. As it deems necessary, Perfetto reserves the right to amend or make revisions to this Privacy Policy at any time and for any reason in its sole discretion. You can see the date the policy was last updated by looking at the “Last updated” date shown at the beginning of this Privacy Policy document. You are encouraged to review the Privacy Policy whenever you visit the site to make sure that you understand how any personal information you provide will be used. Your continued use of our services (including without limitation using our Website or submitting any personal information) after any changes to the Privacy Policy constitutes your consent to said changes.

 

Note: The privacy practices set forth in this Privacy Policy are for this Website only. If you link to or utilize other websites, you must review the privacy policies posted at those sites.

Individuals with Disabilities

If you have a disability and need access to our Privacy Policy in a different format, please email us at info@perfettotraveler.com. We will make every attempt to assist you.

 

Information We Process

We collect information that can be used to identify or contact a particular person (we refer to this type of data as “personal information”).  Personal information includes information that does not directly identify you by name or include your contact information, but which may be used to identify that a specific computer or device has accessed our connected services and which if combined with certain other information could be used to identify you.  We collect personal information when you provide it to us directly (e.g., when you submit a contact form through our connected services); when generated by your activity on our connected services (e.g., the amount of time spent on a particular page of our Website); and when shared with us by our business partners (e.g., email marketing vendors or collected from other sources (e.g., publicly-available sources).

 

Information You Give To Us

We collect personal information that you provide to us such as name, address, contact information, passwords and security data, and payment information.  You may visit our connected services without submitting any information about yourself.  However, we do collect personal information that you voluntarily provide to us when registering with us, expressing an interest in obtaining information about us, when engaging with us, or otherwise contacting us or utilizing our connected services.  This includes:

  • Registering an account as one of our members, a family member of a member or a guest of a member.
  • Requesting our communications.
  • Participating at one of our events.
  • Purchasing products or services from us.
  • Participating in member profiles and directories, apps, message boards, chat rooms, surveys or other connected services where registration is required.
  • Communicating by any other means with us.

The personal information that we collect depends on the context of your interactions with us, the choices you make and the products and features you use.  The personal information we collect can include the following:

  • Name and Contact Data.  We may collect your first and last name, email address, postal address, phone number, and other similar contact data.
  • Biographical Data. We may collect your birthday, country of citizenship, name and contact data for your emergency contact.
  • Proof of Identity Data. We may collect information from identification documents such as a driver’s license and/or passport.
  • We may collect passwords, password hints, and similar security information used for authentication and account access. We reserve the right to remove, reclaim, or change a username you select if we determine, in our sole discretion, that such username is inappropriate, obscene, or otherwise objectionable
  • We may collect profile photos and other pictures and videos you share with us.
  • Social Media Handles and Account Information.  We may collect third-party social media handles and account information that you choose to share with us, such as LinkedIn, YouTube, Facebook, Instagram, and Twitter account names and profile data.
  • Event Data.  We may collect information regarding the events in which you participate.
  • Health and Insurance Data. We may collect health information including physical and/or mental disabilities, pre-existing medical conditions, and dietary restrictions or allergies, in addition to information regarding insurance policies.
  • Payment Data.  We may collect data necessary to process your payment if you make purchases or donations, such as your payment instrument number (such as a credit card number), and the security code associated with your payment instrument.  All payment data is stored by our payment processor, and you should review its privacy policies and contact the payment processor directly to respond to your questions.

In addition, the terms herein apply if you provide us with any personal information of the members of a group you are traveling with. It is your responsibility to ensure that they are aware that you have done so, and that they accept how we use and process their information. ALL PERSONAL INFORMATION THAT YOU PROVIDE TO US MUST BE TRUE, COMPLETE AND ACCURATE, AND YOU MUST NOTIFY US OF ANY CHANGES TO SUCH PERSONAL INFORMATION

Information We Collect Automatically

Some information – such as IP address and/or browser and device characteristics and device geolocation data – is collected automatically when you visit our connected services. We use cookies and similar technologies on our connected services that automatically receive and track certain data about how you and other visitors interact with our connected services, preferences expressed and chosen settings.  For example, we may collect information about your device (such as your device and browser type, operating system, IP address, mobile network carrier, and device and advertising identifiers), and your use of our connected services (such as access dates and times, online features or pages viewed, system activity and the third-party site or service you were using before interacting with our connected services). In some cases, we do this through the use of cookies, pixel tags, local storage, statistical identifiers, software development kits, and similar technologies that create and maintain unique identifiers.

PLEASE SEE OUR COOKIE NOTICE AND CONTROLS TO LEARN MORE ABOUT OUR USE OF COOKIES AND SIMILAR TECHNOLOGIES, THE TYPES OF DATA COLLECTED THROUGH THESE TECHNOLOGIES, AND YOUR CHOICES REGARDING THEIR USE ON OUR ONLINE SERVICES.

Information Collected From Other Sources

We may obtain information about you from other sources, such as public databases, marketing partners, event organizers, as well as from other third parties.  Examples of the information we receive from other sources include social media profile information, and registration information submitted to third parties event sponsors and organizers.

Combining Information

Where permitted by law, we may combine the personal information you provide to us through our connected services with information we collect through other connected services, information collected offline, and information provided to us by third parties.  Where permitted by law and feasible, we may also combine your personal information with data collected automatically through your use of our connected services, in which case we will treat any information that is combined or associated with your personal information as personal information for as long as it can reasonably be linked with your personal information.  We use this consolidated information to improve our connected services and product and service offerings, enhance our marketing and research activities, communicate information to you, and for any other legitimate purpose described in this Privacy Policy.

How We Use Your Information

We process your information for a variety of legitimate business purposes described below, such as providing access to and securing your account, organizing and administering events, contacting you, and other operational purposes.

We use your personal information for a variety of legitimate business purposes, including the following:

  • To facilitate account creation and logon process and administer user accounts.  We use your registration information and information collected automatically through cookies and similar technologies to create, administer, and provide you with access to your account.  In some cases, we process your information for these purposes pursuant to your consent.  In other cases, we process your information for these purposes in order to fulfill our obligations under an agreement with you.  In other cases, we process your information for these purposes based on our legitimate interest in providing members with a forum and mechanism to connect.
  • To supplement account profiles and sharing.  If you choose to link your account with us to a third-party account such as your Google or Facebook account, we use the information you allowed us to collect from those third parties to supplement your profile information and to enable you to easily share information with others on the applicable third-party services.  In some cases, we process your information for these purposes pursuant to your consent.  In other cases, we process your information for these purposes based on our legitimate interest in enhancing our products and services.
  • To send you marketing and promotional communications. We and/or our third-party marketing partners may use the personal information you send to us for our marketing purposes, if this is in accordance with your marketing preferences. You can opt-out of our marketing emails at any time (see Your Privacy Rights below).  In some cases, we process your information for these purposes pursuant to your consent.  In other cases, we process your information for these purposes based on our legitimate interest in direct marketing.
  • To send administrative information to you. We may use your personal information to send you products, services and new feature information and/or information about changes to our terms, conditions, and policies.  In some cases, we process your information for these purposes in order to fulfill our obligations under an agreement with you.  In other cases, we process your information for these purposes based on our legitimate interest in providing you with relevant information about our products, services, and events.
  • To send periodic emails. The email address you provide for order processing will be used to send you information and updates pertaining to your order. It may also be used to respond to your inquiries, and/or other requests or questions. If you decide to opt-in to our mailing list, you will receive emails that may include company news, updates, related product or service information, etc. If at any time you would like to unsubscribe from receiving future emails, we include detailed instructions to do so at the bottom of each email or you may contact us via our Website and/or mobile application.
  • Administer events. We may use your information to administer events when you elect to participate in events.  In some cases, we process your information for these purposes pursuant to your consent.  In other cases, we process your information for these purposes in order to fulfill our obligations under an agreement with you, such as a registration agreement.  In other cases, we process your information for these purposes based on our legitimate interest in facilitating events.
  • Request feedback. We may use your information to request feedback and to contact you about your use of our connected services.  In some cases, we process your information for these purposes pursuant to your consent.  In other cases, we process your information for these purposes based on our legitimate interest in product, service and event development.
  • To protect our connected services. We may use your information as part of our efforts to keep our connected services safe and secure (for example, for fraud monitoring and prevention).  We process your information for these purposes based on our legitimate interest in preventing fraud and securing our connected services and information.
  • To enforce our terms, conditions and policies.  In some cases, we process your information for these purposes in order to fulfill our obligations under an agreement with you, such as a registration agreement, or membership agreement.  In other cases, we process your information for these purposes based on our legitimate interest in ensuring network and information security and preventing fraud.  In other cases, we process your information for these purposes in order to comply with or enforce our rights under applicable law.
  • To receive and issue payments.  In some cases, we process your information for these purposes in order to fulfill our obligations under an agreement with you.  In other cases, we process your information for these purposes based on our legitimate interest in debt collection and facilitating payments.
  • To respond to legal requests and prevent harm.  If we receive a subpoena or other legal request, we may need to inspect the data we hold to determine how to respond.  In some cases, we process your information for these purposes based on our legitimate interest in complying with applicable laws and preventing harm.  In other cases, we process your information for these purposes in order to comply with or enforce our rights under applicable law.
  • For the purposes identified in our Cookie Notice and Controls.  In some cases, we process your information for these purposes pursuant to your consent.  In other cases, we process your information for these purposes based on our legitimate interests in performing connected service analytics, product development, direct marketing, understanding user preferences, and securing our connected services.  In other cases, we process your information for these purposes in order to comply with or enforce our rights under applicable law.
  • For other business purposes.  We may use your information for other business purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns and to evaluate and improve our ventures, products, services, marketing and your experience.  In some cases, we process your information for these purposes pursuant to your consent.  In other cases, we process your information for these purposes based on our legitimate interests in performing connected service analytics, product development, direct marketing, and understanding user preferences.

We may generate aggregate or de-identified data that does not contain your personally identifiable information.  We are not restricted in how we use or share such aggregated or de-identified data.

How We Share Your Information

We share information with our affiliates, service providers, marketing partners, business partners, with other members or users of our connected services, in the event of a business transfer, and for legal purposes.

We may share or otherwise disclosure your personal information with/to the categories of recipients identified below for the following purposes:

  • Perfetto and Our Affiliates.  Any information collected by Perfetto will be shared with other Affiliates of Perfetto in order to jointly engage in the activities described in this Privacy Policy and otherwise provide you with our travel-related products and services.  We may also share your information with our other affiliates, in which case we will require those affiliates to honor this Privacy Policy.  “Affiliates” include any subsidiaries, joint venture partners, or other companies that we control or that are under common control with us.  In some cases, we share your information for these purposes pursuant to your consent.  In other cases, we share your information for these purposes in order to fulfill our obligations under an agreement with you, such as a registration agreement, or membership agreement.  In other cases, we share your information for these purposes based on our legitimate interest in supporting our internal administrative operations.
  • Vendors, Consultants and Other Third-Party Service Providers.  We may share your data with third-party vendors, service providers, contractors or agents who perform services for us or on our behalf and require access to such information to do provide such services.  Examples include payment processing, data analysis, email delivery, hosting services, customer service and marketing efforts. We may allow selected third parties to use tracking technology on the connected services, which will enable them to collect data about how you interact with the connected services over time. This information may be used to, among other things, analyze and track data, determine the popularity of certain content and better understand online activity.  In some cases, we share your information for these purposes pursuant to your consent.  In other cases, we share your information for these purposes in order to fulfill our obligations under an agreement with you.  In other cases, we share your information for these purposes based on our legitimate interest in supporting our operational activities.  Unless described in this Privacy Policy or at the time your information is collected, we do not share, sell, rent or trade any of your information with third parties for their promotional purposes.
  • Third-Party Advertisers.  We may use third-party advertising companies to serve ads when you visit our connected services. These companies may use information about your visits to our connected services and other websites that are contained in or generated by cookies and similar technologies in order to provide advertisements about goods and services of interest to you.  Please see our Cookie Notice and Controls below for additional information.  In some cases, we share your information for these purposes pursuant to your consent.  In other cases, we share your information for these purposes based on our legitimate interest in marketing and improving our products, services and events.
  • Business Partners.  We may share your information with our business partners to offer you certain products, services or promotions.  If we offer products, services, events or content on a ‘co-branded’ basis, you may see both our logo and the logo of the co-branded partner.  To access, use, or participate in co-branded products, services, events or content, you may have to provide certain requested information which may be shared with our co-branded partners.  You should read the individual privacy policies and terms of use of our co-branded partners, as these may differ in some respects from this Privacy Policy.  Remember, you can always opt-out of sharing your information with a co-branded partner by choosing not to use or participate in the product, service, event, or content provided.  In some cases, we share your information for these purposes pursuant to your consent.  In other cases, we share your information for these purposes in order to fulfill our obligations under an agreement with you, such as a registration agreement, or membership agreement. In other cases, we share your information for these purposes based on our legitimate interest in promoting and facilitating our products, services and events.
  • Other Members and Users.  Your member profile information and posted content (if any) may be shared with other registered members through account directories, apps, message boards, chat rooms or other interactive connected services in which you participate.  In some cases, we share your information for these purposes pursuant to your consent.  In other cases, we share your information for these purposes in order to fulfill our obligations under an agreement with you, such as a registration agreement, or membership agreement.  In other cases, we share your information for these purposes based on our legitimate interest in providing members with a forum and mechanism to connect.
  • Business Transfers.  We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.  We share your information for these purposes based on our legitimate interest or in order to comply with or enforce our rights under applicable law.
  • Legal Purposes.  We may also disclose information we collect to legal counsel, law enforcement, and other appropriate authorities in special cases, including when we have a reason to believe that such disclosure is necessary to identify, contact, or bring a legal action against someone who may be causing injury to or interference with our rights and property or those of any other person; or when we believe that it is required by applicable laws, court orders, or government regulations.  We share your information for these purposes in order to comply with or enforce our rights under applicable law.
  • You agree that we may send marketing or advertising materials to you via email or mail, including but not limited to, newsletters, blog updates, travel developments, etc. If you do not wish to receive marketing materials from us or any company we are affiliated with, please contact us and submit a request to remove your personal information from our marketing list. Any personal information shared with our affiliates (including, without limitation, our host agency, if applicable) will be protected by and subject to this Privacy Policy as well as the privacy policies of our affiliates. We also may share your information with other third-party suppliers who provide services for your booking(s) and their privacy policies apply to the information they receive from us.

Use Of Cookies and Similar Technologies

We may use cookies and other tracking technologies (like web beacons and pixels) to collect and store your information.  Specific information about how we use such technologies, how you can refuse certain cookies or manage and change your cookie preferences or delete cookies entirely, can be found in our Cookie Notice and Controls.

International Transfers

We may transfer, store, and process your information in, to, through or with countries other than your own.

Perfetto and our servers are located in the United States. If you are engaging with us from outside the United States, please be aware that your information will be transferred to, stored, and processed by us in our facilities located in the United States and by those third parties with whom we may share your personal information, which third parties may be located in the United States or in other countries.  The level of protection for your information in the United States or such other countries may not be the same as the level of protection in your country.

If you are a resident in the European Economic Area, then these countries may not have data protection or other laws as comprehensive as those in your country. We will, however, take all necessary measures to protect your personal information in accordance with this Privacy Policy and applicable law. Please see the Supplemental Information and Rights for European Residents section for more information.

In particular, we comply with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States and has certified its compliance with it. As such, we are committed to subjecting all personal information received from European Union (EU) member countries, in reliance on the Data Privacy Framework, to the Framework’s applicable principles. To learn more about the Data Privacy Framework, visit https://www.dataprivacyframework.gov/Program-Overview.

Perfetto is responsible for the processing of personal information it receives, under the Data Privacy Framework, and subsequently transfers to a third-party acting as an agent on its behalf. With respect to personal information received or transferred pursuant to the Data Privacy Framework, Perfetto is subject to the regulatory enforcement powers of the U.S. FTC. In certain situations, we may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Links To Third-Party Websites

We are not responsible for and do not endorse the content of third-party websites or resources available through our connected services. This Privacy Policy only applies to our connected services that link to this Privacy Policy.  However, our connected services may contain links to third-party sites or services.  We do not endorse and are not responsible for the content of third-party websites or resources, and our Privacy Policy does not apply to any sites that are not controlled by Perfetto, even if you access such sites via a link on our connected services.  You should review the privacy policies and terms of use of any third-party site before providing any information to the controller of such site.

Artificial Intelligence (AI) and Automated Processing

We use artificial intelligence (AI), machine learning, and other automated technologies to help deliver, improve, and personalize our services. These technologies may be used for purposes including, without limitation: analyzing usage patterns to enhance the user experience; providing personalized content, recommendations, itineraries, or travel services; supporting customer service through AI-powered chatbots or virtual assistants; detecting, preventing, and investigating fraud, abuse, security incidents, and policy violations; flagging potentially harmful or inappropriate content; and supporting internal analytics, research, and service optimization.

In connection with these activities, Perfetto may process information you provide to us, information collected automatically through your use of our services, and information obtained from third parties, as described in this Privacy Policy. Where permitted by applicable law, we may use such information to infer your preferences, interests, or likely travel needs and to create or refine profiles for personalization, recommendation, and service improvement purposes. Further, we may use anonymized or aggregated data to train, develop, or improve AI systems. We do not use personal information for AI model training unless we have obtained your consent or are otherwise authorized to do so under applicable data protection laws.

We may also engage third-party service providers to support AI and automated processing activities. These providers may process personal information on our behalf in accordance with contractual restrictions and applicable law and may also process data in accordance with their own privacy policies where applicable. A list of such service providers may be made available upon request. We encourage you to review their privacy policies for additional information.

In some cases, our AI technologies may act on your instructions to assist with or complete bookings, itinerary changes, or other travel-related transactions. Where you direct an AI-enabled feature to take such actions, it may select, reserve, modify, or confirm services based on your inputs, preferences, and other available information, either automatically or with limited human involvement. In some instances, transactions may require your review and confirmation before completion.

To the extent we use automated processing, including profiling, to make decisions that produce legal or similarly significant effects, we will provide any notices, disclosures, and rights required under applicable law. Where required, you may have the right to request human review or intervention, express your point of view, and contest such decisions. Where required by applicable law, we will obtain your consent before using personal information for certain AI-related purposes and will provide any additional disclosures or opt-out rights required by law. If you have questions or concerns about our use of AI technologies or wish to exercise your rights, please contact us at info@perfettotraveler.com.

Retention Of Your Personal Information

Perfetto keeps your information only for as long as reasonably necessary to fulfill the purposes for which it was collected, to provide our connected services, to comply with our legal, accounting, tax, and reporting obligations, to resolve disputes, to enforce our agreements, and to protect against fraudulent, abusive, or unlawful activity.

In determining the appropriate retention period for personal information, Perfetto considers the amount, nature, and sensitivity of the personal information; the potential risk of unauthorized use or disclosure; the purposes for which we process the information and whether we have an ongoing business need to process your personal information; whether we can achieve those purposes through other means; and the applicable legal, regulatory, tax, accounting, or other requirements. When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible. Please see the Retention Periods by Category information chart that follows for more details.

Retention Periods by Category:

Category of Personal Information Retention Period / Criteria
Account registration and profile information Retained for as long as your account remains active, and for a reasonable period thereafter as necessary to support account recovery, fraud prevention, dispute resolution, and legal compliance.
Identity and contact information Retained for the duration of the business relationship and thereafter for the period necessary to comply with legal, tax, accounting, and recordkeeping obligations, and to resolve disputes.
Booking, travel, transaction, and order information Retained for the period necessary to complete the transaction, provide related services, handle post-service support, prevent fraud, and satisfy legal, accounting, and tax obligations.
Payment information Stored by our payment processor and retained by us only as necessary for transaction administration, fraud prevention, chargeback handling, and legal compliance. We do not retain full payment card data on our servers after a transaction, except where permitted or required by law.
Communications and customer support records Retained for as long as reasonably necessary to respond to inquiries, maintain service records, train staff, resolve disputes, and comply with legal obligations.
Marketing and preference data Retained until you withdraw your consent, opt out, or otherwise update your preferences, plus a reasonable period to process and document the change and maintain suppression records.
Website, device, and usage data Retained for a period reasonably necessary to support analytics, security, service improvement, and troubleshooting, after which it is deleted, aggregated, or de-identified, unless a longer period is required for legal, security, or dispute-related purposes.
Cookie and similar tracking data Retained for the lifespan of the cookie or similar technology, or for the period described in our Cookie Notice and Controls, unless deleted earlier through your settings or browser controls.
AI and personalization inputs and outputs Retained for as long as reasonably necessary to provide recommendations, personalize services, improve system performance, detect abuse, and support legal or operational needs, subject to any applicable consent, deletion, or opt-out rights.
Security logs and fraud-prevention records Retained for a period reasonably necessary to detect, investigate, and prevent security incidents, fraud, misuse, or unauthorized access, and to meet legal and compliance obligations.
De-identified or aggregated information Retained and used without a fixed retention period, provided it is maintained in a form that does not reasonably identify you and is not re-identifiable except where permitted by law.

How We Protect Your Information

We have implemented appropriate technical and organizational data security measures designed to protect the security of any personal information we process from unauthorized access, loss, or misuse.  To the extent appropriate or required by applicable law, these security measures include the following:

  • Access to personal information is limited to authorized employees and service providers who need access to perform the activities described in this Privacy Policy on our behalf.
  • Personal information is pseudonymized where appropriate or required by law, and sensitive personal information transferred to or stored on any mobile device is encrypted using industry-accepted encryption solutions.
  • Personnel engaged in the processing of personal information are informed of the confidential nature of personal information, receive appropriate training on their responsibilities, and are obligated pursuant to our policies to maintain the confidentiality of personal information.
  • The effectiveness of our security measures are regularly tested, assessed, and evaluated to ensure the ongoing security of processing systems.
  • Internet-connected databases containing personal information are monitored for unauthorized intrusions using network-based and/or host-based intrusion detection mechanisms.
  • Service providers and other third parties engaged by us to process personal information on our behalf are contractually obligated to process personal information only on our documented instructions and must provide similar security measures as those used by us or as required under applicable law.
  • Cardholder data is safeguarded via PCI DSS compliance. All supplied sensitive/credit information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our payment gateway provider's database only to be accessible by those authorized with special access rights to such systems and are required to keep the information confidential. After a transaction, your private information (credit cards, social security numbers, financials, etc.) will not be stored on our servers.

Although we strive to provide reasonable and appropriate security for the personal information we process, no security system can prevent all potential security breaches.  In particular, email or forms sent using our connected services may not be secure.  You should take special care before deciding to send us information via email and the transmission of personal information to and from our connected services is at your own risk.  Further, if you create an account through our connected services, it is your responsibility to protect your access credentials from unauthorized access or use.

Data Breach Response and Notification

We have implemented and continue to maintain a reasonable incident response program designed to detect, investigate, contain, and remediate unauthorized access to, acquisition of, disclosure of, alteration of, or destruction of personal information. If Perfetto becomes aware of a potential or actual security incident involving personal information, we will take commercially reasonable steps to investigate the nature and scope of the incident, contain and remediate the incident, and determine whether notice is required under applicable law.

Our response to any such incident may include prompt internal escalation to our legal, privacy, security, compliance, and technical personnel, and, where appropriate, third-party forensic and incident response specialists. We may investigate the types of information involved, the number of affected individuals, the likely consequences of the incident, whether the information was encrypted, rendered unusable, or otherwise protected, and whether any unauthorized person actually accessed or acquired the information. We will assess whether the incident creates a risk to the rights and freedoms of individuals, or otherwise triggers a notice obligation under applicable law, and we will document the incident, our investigation, our findings, and any corrective actions taken.

To the extent we are acting as a controller under the GDPR, and a personal data breach is likely to result in a risk to the rights and freedoms of natural persons, we will notify the appropriate supervisory authority without undue delay and, where feasible, within seventy-two (72) hours after becoming aware of the breach, unless a longer period is permitted under applicable law. Where the breach is likely to result in a high risk to your rights and freedoms, we will also notify affected individuals without undue delay, unless an exception applies under applicable law.

To the extent we are subject to California law or other applicable U.S. state breach notification laws, we will provide any notices required by such laws to affected individuals and, where applicable, to regulators, consumer reporting agencies, or other governmental authorities, in each case within the timeframes required by applicable law. If direct notice is impracticable, we may provide substitute notice or other notice permitted by applicable law.

We may delay notification if law enforcement determines that such notice would impede a criminal investigation or compromise national security, or if otherwise permitted by applicable law. If we determine that notice is not required, we may nevertheless retain records of the incident and our assessment in accordance with our legal and business obligations.

This section is intended to describe our general incident response and notification practices and does not create any contractual right or guarantee. Nothing in this section limits any rights you may have under applicable law.

Account Information

Please contact us if you would at any time like to review or change the information in your account or terminate your account.  Upon your request to terminate your account, we will deactivate or delete your account and information from our active databases.  However, some information may be retained in our files to prevent fraud, troubleshoot problems, assist with any investigations, enforce our Terms of Use and/or comply with legal requirements.

SMS Communications

By providing your mobile phone number, you consent to receive SMS (text) messages from Perfetto. These may include promotions, cart reminders, and other marketing communications. Message frequency varies, but you will receive no more than three SMS messages per day, and only one cart reminder SMS within 24 hours of any confirmed cart abandonment event. All messages will be sent only between 8:00 AM and 8:00 PM local time. Consent to receive SMS is not a condition of purchase.

You can reply HELP for help, and you may opt out at any time by replying STOP and/or by following the instructions to unsubscribe included in any message. Your opt-out request will be processed promptly and honored for the defined time period. Standard message and data rates may apply.

Cookies and SMS Abandoned Cart Disclosure. We use cookies to track items you add to your shopping cart, including when you begin but do not complete checkout (“cart abandonment”). This information is only used to trigger a single cart reminder SMS per abandoned cart event, as described above, and such SMS will be sent within 24 hours of the abandonment.

Third-Party Data Sharing. Your opt-in status and consent to receive SMS will not be shared with any third party except those vendors, platform providers, or carriers directly involved in delivering SMS services. For further details on data collection, use, and protection, please see the other sections of this Privacy Policy.

We retain records of your consent, opt-out requests, and message events in accordance with applicable consumer protection laws.

Changes in Preference and Opting Out of Email Marketing

We comply with the CAN-SPAM Act of 2003 and do not spam or send misleading information. Should you wish to no longer receive communication from us, you have the option of unsubscribing by clicking “unsubscribe” in the bottom of the email we send to you or by contacting us using the details provided under How To Contact Us below. You will then be removed from the marketing email list – however, we will still need to send you service-related emails that are necessary for the administration and use of your account. As for third-party websites, please contact them directly to unsubscribe and/or opt out from their communications. We are in compliance with the GDPR along with the email marketing service we use to collect your data.

Jurisdiction-Specific Rights

In some regions and jurisdictions (such as California and other U.S. states, and the European Economic Area), you may have certain additional rights under applicable data protection laws.  To the extent that relevant jurisdictions grant additional privacy rights to individuals, these rights are described separately under the applicable Supplemental Information and Rights sections included with and incorporated in, this Privacy Policy below.

Controls For Do-Not-Track Features

Our connected services do not respond to “do not track” requests or signals at this time. Certain web browsers may allow you to enable a “do not track” option that sends signals to the websites you visit indicating that you do not want your online activities tracked.  Right now, there is no industry standard for how companies should respond to “do not track” signals, although one may be adopted in the future.  If we do so in the future, we will modify this Privacy Policy accordingly.  More information about “do not track” is contained in our Cookie Notice and Controls below.

Important Information Regarding Minors; Children & Family Bookings

Our connected services are intended for general audiences and are not directed to children. We comply with the requirements of the Federal Trade Commission’s Children's Online Privacy Protection Act (COPPA), and as such we do not knowingly collect any personal information from children under the age of 13 through our connected services, except after obtaining verifiable parental consent or as otherwise permitted under applicable law. However, we understand that our services may be used in connection with family travel and group bookings, and in some cases a parent, legal guardian, or other authorized adult may provide us with information relating to a child or minor traveler in order to book, manage, or support travel-related services.

Where a parent, legal guardian, or other authorized adult submits information on behalf of a child or minor traveler, or otherwise authorizes us to process such information, we may collect, use, disclose, and retain that information as described in this Privacy Policy for purposes of providing, administering, and supporting the requested services, including reservation processing, itinerary management, customer support, travel coordination, safety, fraud prevention, and compliance with applicable legal obligations. We do not knowingly use children’s personal information for targeted marketing to a child where prohibited by law, and we do not knowingly collect personal information from children under the age of 13 through our connected services except where permitted by law and, where required, after obtaining verifiable parental consent.

If Perfetto learns that we have collected personal information from a child under the age of 13 in a manner that is not permitted by applicable law, we will take appropriate steps to delete such information or to obtain verifiable parental consent, as applicable. If a parent or legal guardian believes that a child has provided us with personal information without permission, the parent or legal guardian should contact us using the information provided in the section entitled How To Contact Us herein to request access to, correction of, or deletion of such information, where required by applicable law.

To the extent required by applicable law, including applicable European Union and United Kingdom data protection laws, we will obtain any necessary parental or guardian consent before processing a child’s personal information for the relevant service. Where we rely on a parent, legal guardian, or authorized adult to provide information about a child or minor traveler, it is that person’s responsibility to ensure that they have the authority to do so and that the information provided is accurate and complete.

IF YOU ARE NOT OLD ENOUGH TO FORM LEGALLY BINDING OBLIGATIONS IN YOUR APPLICABLE JURISDICTION, PLEASE TALK TO YOUR PARENTS OR GUARDIANS BEFORE USING OUR ONLINE SERVICES OR PROVIDING YOUR NAME OR OTHER PERSONAL INFORMATION TO Perfetto.  YOU CANNOT SUBMIT INFORMATION TO OUR ONLINE SERVICES WITHOUT YOUR PARENT’S OR GUARDIAN’S PERMISSION.  If the parent or guardian of a child believes that their child has provided us with personal information without permission, the parent or guardian should contact us using the details provided under How To Contact Us below to request access to the information and deletion of such information where required. For more information regarding protecting children’s privacy online visit https://www.ftc.gov/business-guidance/privacy-security/childrens-privacy. This section is intended to supplement, and not limit, the other provisions of this Privacy Policy.

Governing Law and Jurisdiction

This Privacy Policy shall be governed by and construed in accordance with the laws of the State of Nevada, without regard to conflict of law principles. Any controversy or claim arising out of or relating to these terms shall be brought exclusively in a court of competent jurisdiction located in the State of Nevada.

How To Contact Us

If you have any questions or comments about this Privacy Policy, or to submit a request or otherwise exercise your privacy rights under this Privacy Policy, please contact us at info@perfettotraveler.com.

PERFETTO TRAVELER, LLC

Cookie Notice and Controls

Our connected services use cookies and similar technologies to help us understand how you interact with our products and connected services, to improve your experience, and to allow you to use certain features made available through our connected services (such as sharing content via social networks or other communications channels).

This Cookie Notice describes how cookies and similar technologies are used with our connected services, as well as your choices regarding the use of cookies on our services and the tools available to you to exercise your preferences.  For more information regarding the collection and use of information via our connected services, please read our Privacy Policy.

Overview of Cookies and Similar Technologies

A cookie is a small text file that a website saves on your computer or mobile device when you visit the site, either for the duration of your visit (a session cookie) or for repeat visits (a persistent cookie).  Session cookies are deleted from your computer or device once you leave the connected service.  Persistent cookies remain on your device and are sent back to the originating website on subsequent visits (or to another website that recognizes the cookie) to notify the website of your previous online activity.  Cookies on this connected service may be delivered by Perfetto (a first-party cookie) or a third-party (a third-party cookie) and may also be set in association with emails you receive from us.  Cookies help us enhance your experience when using our connected services.  They also help us understand how people use our connected services (such as which pages or features are most popular) so that we can better serve our users and members.

 

In addition to cookies, we may also use other similar technologies with our connected services, such as pixel tags (also known as clear GIFs, web beacons, pixels, or web bugs), local storage, statistical identifiers, and software development kits.  Pixel tags are small blocks of code installed on a website that allow a third-party to deliver its third-party cookies when a visitor goes to the website and are generally used by third parties to monitor and track user activity on a website.  Local storage (such as HTML 5) allows a website to store and retrieve data on an individual’s device with no expiration date.  Statistical identifiers refer to identifiers created using certain device and server data.  Collectively, this information makes a user’s browser or device sufficiently distinct for a website to reasonably determine that it is encountering the same browser or device over time and used for the same purposes as cookies.  Software development kits (also called SDKs) function like third-party cookies and pixel tags but operate in the mobile app environment where cookies and pixel tags do not function as effectively.  Instead of using cookies and pixels tags, an app developer can install pieces of code provided by third parties (such as analytics providers) in its mobile app in order for the third parties to monitor and analyze the use and performance of the mobile app.

These technologies enable us and our partners to recognize when someone has visited our connected services or opened an email, allowing us to do things such as monitor the traffic patterns of users from one page within our Website to another, understand whether a visitor has come to our Website from an online advertisement displayed on a third-party site or in an email, and measure and improve the performance of our connected services.  In many instances, these technologies are reliant on cookies to function properly, and so disabling or declining cookies will also disable their functioning.

Cookies Used with Our Online Services

Like most websites, we use certain cookies and similar technologies with our connected services that allow us to collect various information that does not (on its own) identify any particular individual.  This helps us identify visitors who return to our connected services, informs us of things such as how many users visited our connected services, the services, web pages and features accessed, and whether there were any technical problems in loading pages or navigating through our connected services. By collecting this information, we learn what parts of our connected services are the most interesting or valuable to our users and members and can monitor overall interest in our products and services.  It also lets us spot technical problems with our connected services so we can address them right away and helps us upgrade our services and improve our offerings for our users and members.

The types of information typically collected through cookies and similar technologies include IP address (which is used to infer approximate location); Internet service provider; browser type and settings; device information (for example, type of device, operating system, device manufacturer); referring/exiting URL; request/response date and time; clickstream data; device ID or advertising ID; and your name, email address and password if you are logging into your account. We may use Google Analytics cookies to collect information about how visitors use our connected services. These cookies collect information in the aggregate to give us insight into how our connected services are being used. We anonymize IP addresses in Google Analytics, and the anonymized data is transmitted to and stored by Google on servers in the United States. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google. The following table has more information about these cookies.

For an overview of these Google Analytics cookies, please visit: https://support.google.com/analytics/answer/6004245.

You may install a Google Analytics Opt-out Browser Add-on by going here: https://tools.google.com/dlpage/gaoptout.

Geolocation Information

Depending on the connected services and your computer or device permissions, we may collect information about your device’s approximate (for example, country or zip code) or precise location.  Various technologies may be used to collect this location information, such as IP addresses, GPS, and other sensors that may provide information on nearby devices, Wi-Fi access points, and cell towers.  We will only collect your computer’s or device’s precise location with your consent.  In addition, some photos or other content you place within the connected services (such as your profile picture or competition videos) may contain recorded location information. Location information is used to measure and improve the performance of our connected services and to optimize your experience.

How to Manage and Disable Cookies

When you first visit our Website, a pop-up banner aimed at obtaining your consent to the use of Cookies may appear. As long as you have not expressed your choice, this banner will remain visible in accordance with the applicable regulation and no Cookies (other than Necessary Cookies) will be installed on your device. You can manage and change your cookie preferences or delete cookies entirely as discussed below.

Website and/or Browser Settings

Our Website may feature a pop-up or other means to allow you to opt out of certain cookies. Browser settings allow you to choose whether or not to accept cookies or limit certain cookies.  Most browsers also provide functionality that lets you review and erase cookies.  To disable cookies through your browser, follow the instructions usually located within the “Help,” “Tools” or “Edit” menus in your browser.  If you need additional assistance, information on how to manage a disabled cookies on commonly used bowsers is available in this guide.  If you use our connected services without changing your browser settings, we will assume that you are ok to receive all cookies on the connected services.  Please be aware that if cookies are disabled, not all features of our connected services may operate as intended.  Also, please note that disabling a cookie or category of cookies does not delete the cookie from your browser unless manually completed through your browser function.

Cookies Used for Personalized Advertising

If you would prefer that we not sell or share information that may be used to help determine which advertisements to serve you, opt out by clicking the applicable “OPT-OUT” button, which can be found on most of our connected services. You may also opt out or change your behavioral advertising cookie preferences by visiting the opt-out page for the Digital Advertising Alliance (U.S. residents and those not in the EU or Canada), the European Interactive Digital Advertising Alliance (European residents), or the Digital Advertising Alliance of Canada (Canadian residents).

Flash Cookies

Flash cookies cannot be changed by browser settings.  If you do not want Flash cookies stored on your computer, you can adjust the settings of your Flash player to block Flash cookies storage using the tools contained in the Website Storage Settings Panel.  You can also control Flash Cookies by going to the Global Storage Settings Panel and following the instructions (which may include instructions that explain, for example, how to delete existing Flash cookies, how to prevent Flash LSOs from being placed on your computer without your being asked, and (for Flash Player 8 and later) how to block Flash cookies that are not being delivered by the operator of the page you are on at the time).  Please note that setting the Flash Player to restrict or limit acceptance of Flash cookies may reduce or impede the functionality of some Flash applications, including, potentially, Flash applications used in connection with our services or online content.

Mobile Devices

Your mobile operating system may let you opt out from having your information collected or used for interest-based advertising on mobile devices.  You should refer to the instructions provided by your mobile device’s manufacturer, but this functionality is usually available in the “Settings” section of your device.

Do Not Track (DNT)

Certain web browsers may allow you to enable a “do not track” option that sends signals to the websites you visit indicating that you do not want your online activities tracked.  This is different from blocking cookies as browsers with the “do not track” option selected may still accept cookies. Right now, there is no industry standard for how companies should respond to “do not track” signals, although one may be adopted in the future.  We do not respond to “do not track” signals at this time.  If we do so in the future, we will modify this Cookie Notice accordingly. More information about “do not track” is available at www.allaboutdnt.com.

Cookie Notice Changes

We may update this Cookie Notice from time to time.  Any changes will be posted on this page with an updated revision date.  If we make any material changes, we will provide notice through the connected service or by other means.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Supplemental Information for U.S State Privacy Rights

 

State consumer privacy laws may provide their residents with additional rights regarding our use of their Personal Information.

 

CALIFORNIA RESIDENTS

If you are a California resident, the following additional information and rights apply to you subject to the California Consumer Privacy Act (CCPA) with respect to Perfetto’s collection, use, and disclosure of personal information about you.  For purposes of this section, “personal information” means information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California consumer or household.  “Personal information” does not include publicly available information or information that is deidentified or in the aggregate.

 

Collection, Use, and Disclosure of Personal Information

Categories of Personal Information Collected

Perfetto has collected the following categories of personal information about California consumers in the preceding 12 months:

  • Identifiers, such as a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, telephone number, account name, Social Security Number, driver’s license number or state identification card number, passport number, or other similar identifiers.
  • Other identifiers or consumer information, such as physical characteristics or description, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.
  • Characteristics of protected classifications under California or federal law, such as race, color, sex, age (40 and older), religion, national origin, disability, citizenship status, genetic information, marital status, sexual orientation and identity, political affiliations or activities, military or veteran status, medical condition, or status as a victim of domestic violence, assault, or stalking.
  • Commercial information, including records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
  • Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an Internet Web site, application, or advertisement.
  • Geolocation data.
  • Audio, electronic, visual, thermal, olfactory, or similar information.
  • Professional or employment-related information.
  • Inferences drawn from any of the information identified above to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, preferences, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

Perfetto uses these categories of personal information for the purposes described under How We Use Your Information above.

Categories of Personal Information Disclosed for Business Purposes

Perfetto has disclosed for a business purpose the following categories of personal information about California consumers in the preceding 12 months:

  • Identifiers, such as a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, telephone number, account name, Social Security Number, driver’s license number or state identification card number, passport number, or other similar identifiers.
  • Other identifiers or consumer information, such as physical characteristics or description, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.
  • Characteristics of protected classifications under California or federal law, such as race, color, sex, age (40 and older), religion, national origin, disability, citizenship status, genetic information, marital status, sexual orientation and identity, political affiliations or activities, military or veteran status, medical condition, or status as a victim of domestic violence, assault, or stalking.
  • Commercial information, including records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
  • Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an Internet Web site, application, or advertisement.
  • Geolocation data.
  • Audio, electronic, visual, thermal, olfactory, or similar information.
  • Professional or employment-related information.
  • Inferences drawn from any of the information identified above to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, preferences, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

“Business purposes” include the use of personal information as reasonably necessary and proportionate for operational purposes, such as performing services on our behalf (e.g., maintaining or servicing accounts, providing customer service, processing orders, verifying member information, processing payments, or providing marketing or analytic services), auditing related to a current interaction with you and concurrent transactions, detecting and protecting against security incidents, debugging to identify and repair errors, conducting research, and undertaking activities to verify or maintain the quality or safety of our products and services.

Categories of Personal Information Sold

Perfetto has not sold personal information about California consumers in the preceding 12 months.

 

Your Privacy Rights Under California Law

In addition to the Personal Information rights described above, California residents also have the rights described below.

Right to Notice and Access

You have the right to request that Perfetto disclose additional information regarding our collection and use of your personal information, including the following:

  • The categories of personal information we have collected about you.
  • The categories of sources from which personal information is collected.
  • The purpose for collecting or selling personal information.
  • The categories of third parties with whom we share personal information.

In addition, you have the right to request access to the specific pieces of personal information we have collected about you.  To request this additional information or to access your personal information, please submit a request to Perfetto using one of the methods described below under How to Exercise Your California Privacy Rights.

Right to Deletion of Personal Information

You have the right to request that Perfetto delete any personal information about you which we have collected from you.  To request deletion of your personal information, please submit your request to Perfetto using one of the methods described below under How to Exercise Your California Privacy Rights.  Please be aware that such a request does not ensure complete or comprehensive deletion of your personal information and that there may be circumstances in which the law does not require or allow deletion even if requested.

Right to Transparency Regarding Disclosure or Sale of Personal Information

You have the right to request that Perfetto disclose additional information regarding the disclosure or sale of your personal information, including the following:

  • The categories of personal information that Perfetto disclosed about you for a business purpose.
  • The categories of personal information that Perfetto sold about you and the categories of third parties to whom the personal information was sold (by category or categories of personal information for each third-party to whom the personal information was sold).

In addition, you have the right to request information regarding the disclosure of your personal information by Perfetto to third parties for the third parties’ direct marketing purposes.

To request additional information regarding the disclosure and sale of your personal information (as applicable), or to opt-out of the disclosure of your personal information to third parties for their direct marketing purposes, please submit your request to Perfetto by using one of the methods described below under How to Exercise Your California Privacy Rights.

Right to Opt-Out of the Sale or Sharing of Personal Information

Perfetto generally does not sell your personal information and only shares your personal information with necessary suppliers and vendors in connection with the travel products and services being provided to you. If Perfetto sells your personal information to third parties, you can opt-out of the sale of your personal information at any time by submitting a request to Perfetto using one of the methods described below under Do Not Sell or Share My Personal Information.

Do Not Sell or Share My Personal Information

You have the right to opt-out of the sale or sharing of your personal information. Once we receive and confirm a verifiable consumer request from you, we will stop selling or sharing your personal information. To exercise your right to opt-out, please contact us via phone or email provided above.

Rights of Children

Notwithstanding anything else contained in this Privacy Policy, Perfetto will not sell the personal information of individuals if Perfetto has actual knowledge that the individual is less than 16 years of age, unless the individual, in the case of individuals between 13 and 16 years of age, or the individual’s parent or guardian, in the case of individuals who are less than 13 years of age, has affirmatively authorized the sale of the individual’s personal information (the “right to opt-in”).

Right to Removal of Content Posted Publicly by Minors

If you are a California resident under the age of 18, and a registered user of any connected services where this Privacy Policy is posted, you may request and obtain removal of content or information you have publicly posted.  To make such a request, please use one of the methods described under How to Exercise Your California Privacy Rights below and include a detailed description of the specific content or information to be removed.  Please be aware that such a request does not ensure complete or comprehensive removal of the content or information you have posted and that there may be circumstances in which the law does not require or allow removal even if requested.

Right Not to Be Subject to Discrimination

Perfetto will not and cannot discriminate against you for exercising any of your rights described above, such as by denying you goods or services or by providing you with a different level of goods or services.  However, we can charge a different price or rate, or provide a different level or quality of goods or services, if that difference is reasonably related to the value provided to you by your personal information.  In addition, we may offer financial incentives, including payments to you as compensation, for the collection, sale, or non-deletion of your personal information.  If we offer you any such financial incentives, we will first notify you of the applicable incentives and will only include you into a financial incentive program with your prior opt-in consent (which may be revoked by you at any time).

How to Exercise Your California Privacy Rights

California Civil Code Section 1798.83 permits users who are California residents to request and obtain from us information about certain personal information we disclose to third parties for their direct marketing purposes in the preceding calendar year. To exercise any of your California privacy rights described above—including to request additional information regarding our collection and use of your personal information, to request access to your personal information, to request that we delete your personal information, to request additional information regarding the disclosure and sale of your personal information, or to opt-out of the disclosure of your personal information to third parties for their direct marketing purposes—please submit your request to Perfetto using one of the methods provided under How To Contact Us above.

 

If any complaint with us is not satisfactorily resolved, you can contact the Complaint Assistance Unit of the Division of Consumer Services of the California Department of Consumer Affairs at 1625 North Market Blvd., Suite N 112, Sacramento, California 95834 or by telephone at (800) 952-5210 or (916) 445-1254.

 

COLORADO, CONNECTICUT, VIRGINIA and UTAH RESIDENTS

Colorado, Connecticut, Virginia, and Utah each provide their state residents with rights to: (i) confirm whether we process their personal information; (ii) access and delete certain personal information; (iii) data portability; and (iv) opt-out of personal data processing for targeted advertising and sales. In addition, Colorado, Connecticut, and Virginia also provide their state residents with rights to: (i) correct inaccuracies in their personal information, taking into account the information's nature processing purpose; and (ii) opt-out of profiling in furtherance of decisions that produce legal or similarly significant effects.  For more information regarding Colorado, Connecticut, Virginia and Utah privacy rights, please submit your request to Perfetto using one of the methods provided under How To Contact Us above.

 

NEW YORK RESIDENTS

Perfetto is compliant with the Stop Hacks and Improve Electronic Data Security Act (NY SHIELD Act) which requires a business holding personal data on New York residents to take active steps to implement reasonable cybersecurity protections and safeguards in order to prevent hackers from accessing concerning consumer data.

 

For more information regarding U.S. State privacy rights, please submit your request to Perfetto using one of the methods provided under How To Contact Us herein.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Supplemental Information and Rights

for EUROPEAN RESIDENTS

 

If you reside in Europe or your personal information is otherwise covered by the European Union’s General Data Protection Regulation (GDPR) or U.K. Data Protection Act (collectively, “European Privacy Regulations”), the following additional information and rights apply to you with respect to Perfetto’s collection, use, and disclosure of personal information.  For purposes of this section, “personal information” means any information that identifies an individual or for which there is a reasonable basis to believe the information can be used to identify an individual.  “Personal information” does not include publicly available information or information that is deidentified or in the aggregate.

Controller | European Representative

The processing of personal information collected by Perfetto is governed by this Privacy Policy, and Perfetto is the “controller” of such information. To contact us concerning our processing of your personal information, please email info@perfettotraveler.com.

Your European Privacy Rights

In addition to the rights under Your Privacy Rights described above, you have various additional rights with respect to the collection, use, transfer, and processing of your personal information, as described below.  We reserve the right to limit these rights at any time where permitted under applicable law, including where your identity cannot be reasonably verified by Perfetto or to the extent your rights adversely affect the rights and freedoms of others.  To exercise any of the rights below, please submit your request to Perfetto. You have the right to obtain confirmation as to whether or not your personal information is being processed by Perfetto.  Where we are processing your personal information, you have the right to access the data and to obtain certain information about the processing of such data.

Right to Access and Rectification

You can request access to your personal information. You have the right to obtain rectification of any personal information that is inaccurate or incomplete, including by means of providing a supplementary statement.

 

Right to be Forgotten (Erasure)

You have the right to have your personal information erased where one of the following applies:

  • Your personal information is no longer necessary with regards to the purposes for which it was collected.
  • You withdraw your consent (where the processing is based on such consent).
  • You object to the processing where such processing is based on Perfetto’s (or a third-party’s) legitimate interest and there are no overriding legitimate grounds for the processing.
  • Your personal information must be erased in order to comply with a legal obligation under applicable law.

However, this right to erasure will not apply to the extent the processing is necessary for:

  • Compliance with a legal obligation which requires processing by applicable; or
  • Archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes, to the extent permitted under applicable law.

Right to Restriction of Processing

You have the right to restrict the processing of your personal information where one of the following applies:

  • The accuracy of the personal information is contested.
  • The processing is unlawful and you oppose the erasure of your personal information and request the restriction of its use instead.
  • Perfetto no longer needs the personal information for the purposes of the processing, but it is required by you for the establishment, exercise or defense of legal claims.
  • Where the processing is based on Perfetto’s (or a third-party’s) legitimate interest and you have objected to processing (as described immediately below).

Right to Object

You have the right to object (on grounds relating to your particular situation) at any time to the processing of your personal information for direct marketing purposes or where the processing is based on Perfetto’s (or a third-party’s) legitimate interest.  When objecting to processing based on our legitimate interest, Perfetto will no longer process your personal information unless Perfetto demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise, or defense of legal claims.

Right to Withdraw Consent

Where the processing of your personal information is based on your consent, you have the right to withdraw such consent at any time, without affecting the lawfulness of processing based on consent before such withdrawal.

 

Right to Data Portability

You have the right to receive your personal information, which you have provided to Perfetto, in a structured, commonly used and machine-readable format, and have the right to transmit such data to another entity without hindrance from Perfetto, where each of the following conditions are met:

  • Your request does not adversely affect the rights of others;
  • Your request does not adversely affect Perfetto’s rights (including intellectual property rights);
  • The processing is based on your consent or the performance of a contract to which you are a party; and
  • The processing is carried out by automated means.

Right Not to Be Subject to Solely Automated Decisions

You have the right not to be subject to a decision based solely on automated processing (including profiling) which produces legal effects concerning you or similarly significantly affects you, unless permitted under applicable law.

Right to Submit a Complaint to Supervisory Authorities

You have the right to lodge a complaint with an applicable data protection authority.  If you reside in Europe, you have the right to lodge such a complaint in the European country of your habitual residence, place of work, or place of an alleged infringement if you consider that the processing of your personal information infringes applicable European Privacy Regulations.  A list of all European supervisory authorities and their respective contact information is available here.