Diamond Resorts® is committed to protecting your personal information. We want all of our members, owners and non-member hotel guests to have a fantastic vacation experience with us and to return to our worldwide holiday destinations. When you do so, we want you to be confident that we take as much care of your personal information as we do of you and your family when you are visiting us.
2. Who is Diamond Resorts®?
Diamond Resorts® is a global leader in the vacation ownership industry. Our group includes all subsidiaries of Diamond Resorts International Inc., a company incorporated in the State of Delaware in the United States of America and our main operating company in Europe is Diamond Resorts (Europe) Limited located in the United Kingdom. We operate across several jurisdictions, if you would like more information about our global structure please click here. In this policy when we refer to "us", "we" and "our" we are referring to the Diamond group as a whole or a particular company within it, depending on the context.
3. Collecting your personal information
3.1. Information we collect from you
3.1.1. When you make a reservation or purchase a product from us
- If you buy a vacation ownership product from us, you will provide us with the following personal information: your name, address, telephone numbers and e-mail address. This is a contractual requirement and if you do not provide us with this information we will not be able to enter into a contract with you.
- If you take out a loan (either directly from one of our group companies or from a third party finance provider through us as a broker) you will be asked to provide the following details about yourself to support your application: your name, address, telephone number, date of birth, social security number, marital status, e-mail address, ages of dependent children, income, previous addresses, work history and home ownership status. We will also need your bank details so that we can set up regular payments or take payment card details from you. Provision of this information is a contractual, bank, and/or regulatory requirement. If you do not provide us with this information we will not be able to process your loan application.
- If you book accommodation with us direct as a rental or "hotel" guest we require your: name, address, telephone number and e-mail address, and payment card information to make your booking. If you create an online account with us, you provide a unique login name and password as part of the registration process. We usually retain payment card information following your stay because we hope you will come back and enjoy further stays with is and having your details on file assists in making payments quickly without having to re-type the same information repeatedly. We retain payment card information in tokenized format However, if you would rather we did not store your payment card information following your stay you can opt out by enquiring at front desk or by contacting us (see section 21 headed Contacting Us).
- If you are a Diamond Resorts® owner or member, or own a vacation ownership interest at a Diamond-managed resort, and you create an account on line through the member area of our Site you will have to provide the following information to allow us to verify your identity: your name and two of the following: membership number, contract number, telephone number/ postcode as part of our registration process and you will be asked to create a unique login name and a password. You may also choose to provide us with information about your interests, which enable us to offer a more personalized service to you.
3.1.2. At the front desk and on resort property
When you check in at one of our resorts we will confirm your name, address, telephone number and e-mail address. We will affirm payment information with you and ask to see or copy your identity documents if required by local law.
If you are taking part in an activity that we have arranged, we will need further information from you in order to arrange that activity. If a third party provides the activity we will pass some details on to them to fulfil your request. In addition, we will collect individual information from you in connection with on-property services, including, but not limited to, sales presentations, concierge services, and room service.
If you have an accident on site we will require a formal report and we will ask you to provide personal details as well as details of the accident.
We also use closed circuit television and other security measures at some of our properties. Cameras may, because of their position, capture or record images of guests and visitors in public areas and record information related to your location. Other technologies (such as keycards) may also give information about your location. Where we use any closed circuit television or any other technologies mentioned in this paragraph and the law requires it, we may have signs in place to tell you these are in operation and who to contact in case you have a question or wish to request to exercise your rights.
On some occasions, for quality assurance and other internal purposes, we may record (both audio and video) sales presentations in which you participate.
3.1.3. Sweepstakes and contests
Sometimes we run sweepstakes and contests to give you the opportunity to win great prizes and discounted promotional offers. Sweepstakes and contests differ but usually we ask you to provide us with your contact information, marital status, age group for entrant and spouse/cohabitant (if applicable), home ownership, and household income range to participate. Additionally, we may ask you for your consent to contact you for future promotions and marketing offers, which is optional and not required to enter the sweepstakes/contest.
3.1.4. Online surveys
Diamond Resorts® values opinions and comments from owners, members and guests so we frequently conduct online surveys. These surveys are optional for all owners, members and guests. We use information from surveys it to make improvements to Diamond Resorts™ products and services and to develop appealing content, features and promotions for customers.
3.1.5. Other Sources of Personal Information
We also collect information from you when:
- you contact us, including, but not limited to, through the Sites, through customer service and/or call centers, at our properties:
- you use our mobile App;
- you log on as a member or guest to our Sites or otherwise use our Sites; and
- you interact with any of our social media platforms, for instance by liking and sharing our posts on Facebook or Twitter. Please ensure you read the privacy policies in relation to your social media accounts as we are not responsible for their uses of your personal information.
3.2. Information you give us about other people
3.3. Information we collect about you automatically
Like many other websites, on our Sites, we, our service providers, or third-party services may automatically receive or collect from you certain information when you use the Sites. For example, we use servers that automatically record information about your IP address, which ads you click on, the page that directed you to our Site and the browser type used while accessing our Sites. A server log stores the information collected so it can be analyzed to determine possible security threats and debug errors, to help us assess browser usage so we know when to deprecate older browsers, to allow us to detect broken site links, monitor the effectiveness of changes and assess what features on our Sites are relied on most heavily. Other information that we may collect about you automatically may include:
- Your browser or operating system;
- Your manner of connecting to the Internet (including the type of device you are using) and the name of your Internet service provider or wireless carrier;
- Data relating to malfunctions or problems that occur when you use the Service;
- Log file information, including your Web request, Internet Protocol ("IP") address, browser type, referring/exit pages and URLs, number of clicks and how you interact with links on our service, domain names, landing pages, pages viewed, and other such information; and
- Information collected by cookies and other tracking technologies: cookies, web beacons (also known as "tracking pixels"), embedded scripts, location-identifying technologies, fingerprinting, device recognition technologies, in-app tracking methods and other tracking technologies now and hereafter developed ("Tracking Technologies") may be used to collect information about interactions with the Services or e-mails, including information about your browsing and purchasing behavior.
We may combine some non-personal information with your personal information to further enhance your experience while on the Site.
3.4. Information third parties give us about you
In some instances, you provide your information to a third party, either in connection with the Sites, our properties, or otherwise in connection with our relationship with you or your use of our services, or independent of our relationship to you, or as otherwise described in this policy. These third parties provide us the information that you provided to them. The information you provide to such third parties is subject to the privacy statement of the applicable third party.
3.4.1. Exchange guests and guests booking through a third party travel agent
If you visit one of our resorts as an exchange guest or make your booking at our resorts through a third party travel agent, we receive information from them to administer your booking. We integrate some third parties into our reservations system to make the booking process run more smoothly. The personal information we receive from these sources depends on the nature of your booking and the third party with whom you made it. You should be able to find further information about what information they collect and is provided to us by reading the privacy statement of the appropriate third party.
3.4.2. Credit history
If you purchase a vacation ownership product from us that you financed (whether by one of our group companies or through a third party brokered by us), we may require information about your credit history. Where required, we will ask you to consent to us obtaining this information from a credit referencing agency so we can complete your application.
4. If you do not provide personal information
You should note that if you do not provide personal information we require we may not be able to provide you with the service or product you request.
5. How will we use your personal information?
In general, we may use your information in the following ways (see below for more specific uses):
- To process your registration, manage your account (including your payment information and preferences), and deliver our Sites and features desired by you (including any customization features requested by you);
- To improve our Sites;
- To fulfill other purposes disclosed to you at the time you provide us with your information or otherwise where we are legally permitted to do so;
- To personalize content and offers and serve you advertising that may be of interest to you;
- To respond to your inquiries;
- To fulfill your request for products or services;
- To provide you with updates and other information regarding the Sites;
- To understand your general location (i.e., not your specific geolocation), including based on your IP address and information you provide to third parties;
- To keep our Sites safe and secure and to prevent detect fraud and abuse;
- To comply with our legal obligations, policies, and procedures;
- To administer and manage our Sites including content and layout, site usage, troubleshooting, data analysis, testing, research, statistical and survey purposes
Members and Owners
If you are a member or owner in one of our vacation ownership clubs, we use your personal information to carry out our obligations to you. This means we will use your personal information to: allow you to complete reservations, save points, honor exchanges, make payments, service your requests and administer our relationship with you. We also use your personal information to contact you for customer service purposes and to process payment transactions.
When you contact us or use our Sites to log on we will use your personal information to verify your identity or user credentials so that we can protect your information. We use what we know about you to provide customer service to you and (unless you object) keep your payment card details tokenized on our systems to process your transactions more quickly.
If we helped you finance your purchase with one of our own lending companies, we use your personal information to enable us to perform our legal and regulatory obligations as a responsible lender. If we brokered credit to you on behalf of a third party lender we used your personal information during that process.
We use your personal information to send you information about promotions, our products and services and your membership that may be of interest to you. For more information on our use of your personal information for marketing see section 11 headed How will you contact me for marketing purposes?
If you have rented accommodation from us as a hotel guest, we use the information you (or a third party travel agent) provide during the booking process to fulfil bookings you make with us. We store your details on our systems so that we are ready for you at check in and when you provide us with your payment card details we keep them tokenized on our systems (unless you object) which enables us to process your transactions more quickly. If you contact us with a query or complaint, we will use your details to provide effective customer service to you and to follow up with you afterwards, if we need to.
After you stay with us, we will send you surveys to ask you for ratings and reviews of your experience with us and give you the opportunity to share your experiences on social media.
We use information based on your reservation history to send you information about promotions and our products and services that may be of interest to you. For more information on our use of your personal information for marketing see section 11 headed How will you contact me for marketing purposes?
Entrants to sweepstakes or contests
If you enter one of our sweepstakes we will use your personal information to administer the contest and tell you whether or not you have been successful. We may use information provided when you entered a contest to send you information about our products and services you might be interested in. For more information on our use of your personal information for marketing see section 11 headed Will you contact me for marketing purposes?
We may engage and work with third parties to serve advertisements on the Service and/or on third-party services. Some of these ads may be tailored to your interest based on your browsing of the Sites and elsewhere on the internet, which may include use of precise location and/or Cross-device Data, sometimes referred to as "interest-based advertising" and "online behavioral advertising" ("Interest-based Advertising"), which may include sending you an ad on a third-party service after you have left the Sites (i.e., "retargeting").
We use feedback from all of our customers to develop promotions and product improvements.
We will treat information that does not personally identify you as non-personal information, and we may de-identify, anonymize or otherwise convert your personal information to non-personal information. As permitted by applicable law, we reserve the right to use, process, share and otherwise exploit your non-personal information without limitation.
6. Legal bases for processing your personal information – Europe Only
If you are in a country in the European Union, you are entitled to an explanation of the legal bases we rely on to process your personal information, which is set out below.
6.1. To perform a contract
We need to process your personal information to complete a sale to you of a product or service you have requested, service your requirements to book accommodation or services with us or on your behalf with third parties, and to administer and fulfill our contractual obligations to you.
6.2. To enable us to comply with a legal obligation
We will need to use your personal information so we can comply with legal obligations to which we are subject. This includes any requirement to produce audited accounts, any legal obligation to share information with law enforcement agencies, public or governmental authorities and to comply with legal process.
6.3. Necessary for the exercise or defense of legal claims
If you have an accident at one of our resorts, we will collect information about the incident and the circumstances surrounding it (which may include information you provide us with about injuries and medical treatment). We process that information to inform discussions with insurers and to conduct any resulting legal claims.
During the booking or sales process we may ask you for your consent to send you specified kinds of marketing communications. If you have given your consent to receive marketing communications you may withdraw it at any time either by clicking through an unsubscribe link in an e-mail or by contacting us by one of the methods set out in section 21 headed Contacting us (see section 11 headed Will you contact me for marketing purposes? for more information).
6.5. Our legitimate interests
We will use your personal information if doing so is necessary for our legitimate interests and your rights as an individual do not override those legitimate interests.
For example, when we contact you to offer assistance with your product or when you contact us with queries. Also, if we contact you about our other products and services you might be interested in (see section 11 headed Will you contact me for marketing purposes? for more information). Other examples include when we process your personal information to enforce contracts we are subject to (including our contract with you), carry out fraud prevention activities and activities to increase network and information security, to protect our operations, our (or your) rights, safety or property or other people’s, to identify usage trends, determine the effectiveness of promotional campaigns, to expand our business activities and improve our products and services and the content and functionality of our Sites.
7. Your personal information and your rights – Europe only
7.1. Asking us to restrict our use of your personal information
You have the right to ask us to place a restriction on our use of your personal information if one of the following applies to you:
- you contest the accuracy of the information that we hold about you, while we verify its accuracy;
- we have used your information unlawfully, but you request us to restrict its use instead of erasing it;
- we no longer need the information for the purpose for which we collected it, but you need it to deal with a legal claim; or
- you have objected to us using your information, while we check whether our legitimate grounds override your right to object.
7.2. Objecting to our use of your personal information
You have the right to object to our use of your personal information where our reason for using it is based on our legitimate interests or your consent (rather than when the reason for using it is to perform an obligation due to you under a contract with us).
7.3. Asking us to delete your personal information
You can ask us to delete your personal information if:
- we no longer need it for the purposes for which we collected it;
- we have been using it with no valid legal basis;
- we are obliged to erase it to comply with a legal obligation to which we are subject;
- we need your consent to use the information and you withdraw your consent;
- you object to us processing your personal information where our legal basis for doing so is our legitimate interests and there are no overriding legitimate grounds for the processing.
However, this right is not absolute. Even if you make a request for deletion, we may need to retain certain information for legal or administrative purposes, such as record keeping, maintenance of opt-out requirements, defending or making legal claims or detecting fraudulent activities. We will retain information in accordance with section 12 headed How long will you keep my personal information below.
If you do exercise a valid right to have your personal information deleted, please keep in mind that deletion by third parties to whom the information has been provided might not be immediate and that the deleted information may persist in backup copies for a reasonable period (but will not be available to others).
7.4. The right to transfer your personal information to another service provider
You may request that we transfer some of the personal information you have provided to you or another service provider in electronic copy. This applies to personal information we are processing to service a contract with you and to personal information we are processing based on your consent.
7.5. The right of access to your personal information
You have the right to ask us for confirmation on whether we are processing your personal information, and access to the personal information and related information.
7.6. The right to correction.
You have the right to have your personal data corrected, as permitted by law.
7.7. The right to withdraw consent
You have the right to withdraw consent that you have provided.
7.8. Making a complaint
If you have any concerns or complaints regarding our processing of your personal information, please contact us as described in section 21 headed Contacting us below and we will do our very best to answer any question and resolve any complaint to your satisfaction.
If, for whatever reason, you feel we do not meet the high standards you expect of us, you are also entitled to make a complaint to your local supervisory authority:
Garante per la protezione dei dati personali
Agencia Española de Protección de Datos
Information Commissioner’s Office
8. Your personal information and your rights - excluding Europe
8.1. Accessing your personal information
You always have the right to access the personal information we keep about you, subject to certain legal restrictions.
8.2. Updating and correcting your personal information
We are keen to ensure that any personal information we hold about you is kept up to date and is accurate. We will promptly correct or complete any personal information we hold about you that becomes out of date, is inaccurate or incomplete if you ask us to do so. Alternatively, if you have an online account you can update your details there.
9. Your personal information and your rights – California Residents
9.1 California Consumer Privacy Act Notice
The California Consumer Privacy Act (“CCPA”), which provides California Consumers certain rights regarding their Personal Information (“PI”) as those terms are defined in the CCPA, became effective on January 1, 2020. As of that date, the California Attorney General had not completed the rule making process to establish the regulations for businesses to implement the law.
In the meantime, we are providing you with notice of the PI we collect and our purposes for that collection for data that may be subject to the CCPA (“CCPA Notice”). This CCPA Notice does not cover information that is outside of the scope of the CCPA, including data we collect and process as which is regulated by the Gramm-Leach-Bliley Act of 1999. This notice also does not apply to data collected from employees, applicants or contractors or to data collected from individuals acting as representatives of another business in connection with business communications or transactions.
We collect and share the following PI that may be subject to the CCPA for the following purposes:
|Category of Personal Information||Sources of Personal Information||Purposes for Collection||Categories of Third Parties with whom Personal Information is shared||Purposes of Third Parties Receiving PI|
|1. Identifiers||You, our corporate affiliates, marketing affiliates, Vendors, financing partners, advertising partners, third party services you utilize (e.g., social media)||Performing services that you have requested; improving our services; quality assurance; research and development; marketing||Service providers and agents who perform services on our behalf (“Vendors”), our corporate affiliates, financing partners, marketing affiliates||Performing services on our behalf, fraud prevention, detecting security incidents, quality assurance, marketing|
|2. Personal Records||You, our corporate affiliates, marketing affiliates, Vendors, third party services you utilize (e.g., social media)||Performing services that you have requested; improving our services; quality assurance; research and development; marketing||Vendors, our corporate affiliates, financing partners, marketing affiliates||Performing services on our behalf, fraud prevention, quality assurance, marketing|
|3. Consumer Characteristics||You, our corporate affiliates, financing partners||Performing services that you have requested, improving our services, improving our services, quality assurance, research and development||Vendors, our corporate affiliates, financing partners||Performing services on our behalf, quality assurance|
|4. Customer Account Details / Commercial Information||You, our corporate affiliates, marketing affiliates, Vendors, financing partners, advertising partners, third party services you utilize (e.g., social media)||Performing services that you have requested, improving our services, improving our services, quality assurance, research and development, marketing||Vendors, our corporate affiliates, financing partners, marketing affiliates||Performing services on our behalf, quality assurance, research and development, Marketing|
|5. Biometric Information||You, our corporate affiliates||Improving our services, quality assurance, fraud prevention, protecting against illegal activity||Vendors, our corporate affiliates||Performing services on our behalf, quality assurance, fraud prevention, protecting against illegal activity|
|6. Internet Usage Information||You, your devices, our corporate affiliates, advertising partners, third party services you utilize (e.g., social media)||Performing services that you have requested, improving our services, improving our services, quality assurance, research and development, marketing||Vendors, our corporate affiliates, advertising partners||Performing services on our behalf, quality assurance, detecting security incidents, research and development, Marketing|
|7. Geolocation Data||You, your devices, our corporate affiliates||Providing services you have requested, improving our services, quality assurance, fraud prevention, protecting against illegal activity||Vendors, our corporate affiliates||Performing services on our behalf, quality assurance, fraud prevention, protecting against illegal activity, marketing|
|8. Sensory Data||You, our corporate affiliates||Providing services you have requested, improving our services, quality assurance, fraud prevention, protecting against illegal activity||Vendors, our corporate affiliates||Performing services on our behalf improving services, quality assurance, fraud prevention, protecting against illegal activity|
|9. Professional or Employment Information||You, our corporate affiliates, financing partners||Providing services you have requested||Vendors, our corporate affiliates, financing partners||Performing services on our behalf improving services, quality assurance, fraud prevention, protecting against illegal activity|
|10. Inferences from PI Collected||You, your devices, our advertising partners, our internal systems||Providing services that you have requested, marketing||Vendors, advertising||Performing services on our behalf, quality assurance, research and development, marketing|
If you are a California Consumer and would like to register a request pursuant to your CCPA “right to know about personal information collected, disclosed or sold” (including right to obtain copies of specific pieces and/or information about categories of personal information practices), “right to request deletion of personal information,” or “right to opt-out of the sale of personal information,” you can contact us at CaliforniaPrivacy@diamondresorts.com and we will respond to your request when we are able to do so in accordance with the upcoming regulatory guidance on how to properly verify you and respond to your requests.
We will revise this CCPA Privacy Notice from time to time as implementing regulations further develop and take effect and we are able to provide you with better information on your CCPA rights and how to exercise them.
9.2 California Civil Code section 1798.83
If you are a resident of California, California Civil Code section 1798.83 allows you to request information regarding the disclosure of your personal information by us to third parties for the third parties' direct marketing purposes. This applies only to their activities within the State of California.
10. How to exercise your rights regarding your personal information
Wherever you live, if you wish to exercise any of your rights regarding your personal information, please contact us as set out in section 21 headed Contacting Us and we will be pleased to help you with your request. Please note, that to protect your privacy we will contact you to verify your identity before we disclose any personal information to you or make any changes to the personal information we hold about you.
11. Will you contact me for marketing purposes? How do I opt-out of marketing and other processing activities?
As an owner, member or guest we would like to provide you with updates about promotions, special offers, new services and products which may be of interest to you based on what we know about you. If you have booked accommodation with us, we may send you information about offers for related travel services such as flights and rental cars.
Depending on your location (and reflecting applicable law), you may have been asked to indicate your preferences, provide us with your consent regarding the receipt of such information from us, and indicate how you would like to receive it.
Wherever you are located, we will send you marketing communication based on any preferences you may have expressed.
We only want to send you information you are interested in. If you do not want to receive these communications or would like to understand more about other unsubscribe options, see below under "Communications" in this section or please contact us as set out in section 21 headed "Contacting Us".
We do not sell your personal information to third parties for marketing purposes and do not intend to do so in the future, except as expressly described in this policy.
Communications. You can opt out of receiving certain promotional communications (e-mails, text messaging, phone calls, or push notifications) from us at any time by (i) for promotional e-mails, following the instructions provided in e-mails to click on the unsubscribe link, or if available by changing your communication preferences by logging onto your account; (ii) for text messages, following the instructions provided in text messages from us to text the word, "STOP"; (iii) for calls, you can advise us of this during the telephone call, and (iv) for app push notifications, turn off push notifications on the settings of your device and/or the app, as applicable. Please note that your opt-out is limited to the e-mail address or phone number used and will not affect subsequent subscriptions. If you opt-out of only certain communications, other subscription communications may continue. Even if you opt out of receiving promotional communications, we may, subject to applicable law, continue to send you non-promotional communications, such as those about your account, transactions, servicing, or our ongoing business relations.
Mobile Apps. With respect to our mobile apps ("apps"), you can stop all collection of data generated by use of the app by uninstalling the app. Also, you may be able to exercise specific privacy choices, such as enabling or disabling certain features (e.g., location-based services, push notifications, accessing calendar/contacts/photos, etc.), by adjusting the permissions in your mobile device and/or the app’s settings. Beware that if GPS precise location services are disabled, other means of establishing or estimating location (e.g., connecting to or proximity to wi-fi, Bluetooth, beacons, or our networks) may persist. To learn more about how you can control location permissions using your mobile device’s operating system settings, please visit the following links depending on which device you use:
For Android 6.0 and above:
For earlier versions of Android:
12. How long will you keep my personal information?
We use versions of our regular Sites that are optimized for mobile, which process the personal information you give us in much the same way as our Site does. We offer a Diamond App which allows you to use location services to find accommodations and facilities nearby.
14. Who will the information be shared with, if anyone?
We share your personal information with third parties to fulfil any request to us for bookings or services with them. Vacation ownership sales are protected by the use of a trustee who makes sure ownership is allocated correctly, so if you purchase a vacation ownership product from us we will pass your personal information onto the trustee. As you may expect, if you signed up for finance from a third party finance company we will pass documentation on to them after you have signed it. Like other vacation companies, we are sometimes obliged by law to disclose your personal information to governmental or customs/ immigration authorities in countries on your itinerary.
Like many companies, we pass on customer personal information to external companies we use to carry out services on our behalf such as mailing campaigns, sales and conducting surveys. Sometimes these companies (and their sub-processors) conduct processing of your personal information in countries other than your home country. To learn more about how we protect your personal information when it is subject to a cross-border transfer see section 15 headed Cross-border data transfers from the European Economic Area and Section 16 headed Cross-border data transfers (non EEA or Switzerland).
14.1. Affiliate resorts
Affiliate resorts are resorts which we do not own or manage, but with whom we have agreements to allow members of our vacation ownership clubs to use their points to stay at those resorts. We have agreements with affiliate resorts all over the world to give our members an even greater choice for their perfect vacation, including through promotional communications sent directly to you from the affiliate resorts. If you tell us you want to book an affiliate resort, we will make the booking on your behalf, providing information required by the affiliate to administer your booking and contact you if they need to. We will share your name and contact details, your status as a Diamond Resorts™ member and any access requirements or special requests you tell us about. When you check in and during your stay at an affiliate resort you may be asked for further information.
14.2. Exchange companies
If you are a member or owner you may have signed up for a membership with a third party organization such as Interval International or RCI that allows you to "exchange" your week or points for vacations at non-Diamond resorts. If you signed up with an exchange company when you bought your product from us, we will send your signed contract on to the company along with your name, address, telephone number and e-mail address to allow it to administer your membership.
Any time you request an exchange we will confirm with the exchange company whether or not you are entitled to make the exchange and if you are not the reason why.
14.3. Providers of member benefits
14.4. Travel fulfilment partners
In order to offer a full and seamless service to our members and owners, we have partnered with several companies to allow us to offer, through them, all of the services you need for your vacation (for example, flights and rental cars). Some of these companies also help us to fulfil gifts and incentives provided during the sales process. As you would expect, if you contact us to make a booking with them we will send them the personal information they need to fulfil your request and to send you any tickets and/ or confirmations.
During this process, we might have to share personal information about you, which is sensitive. For example, if you request an airline booking we may pass on information about a medical condition you have told us about or about your dietary requirements to inform meal choices on the flight.
14.5. Third party finance providers and providers of banking services
If you purchased third party financing brokered by us when you bought your vacation ownership product we will pass on to them any personal information you provided to us as part of the application process. Similarly, if we need to set up a direct debit to take an agreed regular payment from you, we will pass information about you to our bank to enable us to do this.
14.6. First National Trustee Company Limited
Information for Diamond European Members is shared with First National Trustee Company Limited, an Isle of Man based company (whose details are set out in the Deed of Trust members received when they purchased their product or which you can request from us at any time) in order to enable it to perform its supervisory and regulatory functions.
14.7. Third parties carrying out services on our behalf
We engage third parties to carry out services on our behalf that involve the processing of your personal information. For example, to process reservations, to conduct market research activities, to process the results of contests, to collect monies owed to us, to process payments, to send out mailings for billing or information about our services, to securely store archived or back up data for us and to carry out marketing campaigns on our behalf. In addition, we sometimes use third party providers of software on our websites to collect personal information from you, such as e-mail sign ups and to allow you to share your comments on our resorts and services via social media.
The personal information we provide to such third parties is protected by an appropriate legal agreement ensuring that your personal information is used solely for the purposes for which it was provided.
14.8. Authorities permitted by law
We will only disclose your information to law enforcement and other governmental authorities if required by law or if doing so is strictly necessary for the prevention, detection or prosecution of criminal acts and fraud. Diamond Resorts™ may also disclose owner, member, non-member and non-owner information, if, in good faith, we believe that disclosure is necessary or advisable including, without limitation, to protect the rights or properties of Diamond Resorts™ or in order to identify, contact or bring legal action against someone who may be causing interference with our rights or properties, whether intentionally or otherwise, or when anyone else could be harmed by such activities.
Laws introduced in the United States and other countries to give cross border control agencies access to customer data. Accordingly, we may disclose any personal information held about you and your travel arrangements to the customs and immigration authorities of any country in your itinerary if required by law.
14.9. Corporate transactions
We may disclose your information to a third party who acquires any part of Diamond Resorts® or any of its affiliates, whether such acquisition is by way of merger, consolidation or purchase of all or a substantial portion of Diamond Resorts™ assets.
15. Cross-border data transfers from the European Economic Area
15.1. Diamond Resorts® is a global organization headquartered in the United States. We process your personal information on servers located in a number of countries, including the United States. If you are located in the European Economic Area (EEA) or Switzerland, transfers of your personal information out of the EEA are protected by standard contractual clauses approved by the European Commission for the transfer of personal information and by Diamond Resorts’™ compliance with the EU-US and the Swiss – US Privacy Shield Framework.
15.2. Diamond Resorts International, Inc.; Diamond Resorts Holdings, LLC; Diamond Resorts Corporation; Diamond Resorts Centralized Services Company; Diamond Resorts International Marketing, Inc.; Diamond Resorts Management, Inc.; Diamond Resorts International Club, Inc.; and Diamond Resorts Financial Services, Inc. (the "U.S. Diamond Entities") have entered into standard Model Contract Clauses agreements approved by the European Commission for the transfer of personal information out of the European Economic Area The U.S. Entities also comply with the EU-U.S. Privacy Shield Framework and with the Swiss – U.S. Privacy Shield Framework (collectively, "Privacy Shield") as set forth by the U.S. Department of Commerce regarding collection, use, and retention of personal information transferred from the European Economic Area (EEA) member countries or from Switzerland to the United States, respectively. The U.S. Diamond Entities will adhere to the Privacy Shield Principles for as long as the U.S. Diamond Entities retain such personal information.
If we become subject to an FTC or court order based on non-compliance, the U.S. Diamond Entities shall make public any relevant Privacy Shield-related sections of any compliance or assessment report submitted to the U.S. Federal Trade Commission, to the extent consistent with confidentiality requirements.
When the U.S. Diamond Entities receive personal information under the Privacy Shield and then transfer it to third party service providers, we are liable for any processing of personal information by such third parties that is inconsistent with the Privacy Shield Principles unless we are not responsible for the event giving rise to any alleged damage.
Under the Privacy Shield you are entitled to access, correct, amend, or delete personal information about you that we hold where it is inaccurate, or when it has been processed in violation of the Privacy Shield Principles. You may access, amend, correct or delete your registration information by accessing your account on the Website. You may also exercise this right by contacting us as set forth in section 21 headed Contacting us below.
With respect to personal information received or transferred pursuant to Privacy Shield, the U.S. Diamond Entities are subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission.
In certain situations, the U.S. Diamond Entities may be required to disclose your personal information in response to lawful requests by public authorities, including in order to meet national security or law enforcement requirements. For more information, please see section 14 headed
Who will the information be shared with, if anyone?
The U.S. Diamond Entities have further committed to refer unresolved Privacy Shield complaints to our U.S.-based third party dispute resolution provider, the Better Business Bureau ("BBB"). If you do not receive timely acknowledgement of your complaint from us, or if we have not resolved your complaint, please contact or visit the BBB at https://www.bbb.org/EU-privacy-shield/contact-us for more information or to file a complaint. The services of the BBB are provided at no cost to you.
Under certain limited circumstances, EEA and/or Swiss individuals may invoke binding Privacy Shield arbitration as a last resort if all other forms of dispute resolution have been unsuccessful. To learn more about this method of resolution and its availability to you, please visit https://www.privacyshield.gov.
16. Cross-border transfers (not EEA or Switzerland)
17. Security measures
The security of your personal information is important to us. We take various reasonable organizational and technical measures to protect your personal information from unauthorized access, disclosure, alteration or destruction. We have policies and procedures in place to ensure team members know what is expected of them in relation to personal information. We have in place appropriate procedures for accessing our systems and access is limited by role. Laptops are encrypted and we use secure verification systems for devices accessing our systems. We have also put processes in place to address suspected breaches of your personal information. If required by law to do so we will notify you and/ or the relevant supervisory authority in the event of a data breach.
For online transactions, we use reasonable technological measures to protect personal information that you transmit to us via our Sites. However, no security system or system of transmitting data over the internet is entirely secure.
The transmission of personal information via the internet is never completely secure. While we endeavor to protect and maintain the confidentiality of the personal information you submit to us we cannot accept, and hereby expressly disclaim any liability from losses relating to the unauthorized disclosure or interception via the Internet of any information that you submit.
For your own privacy protection, we encourage you to limit the personal information you send to us by e-mail. In particular, please do not send payment card numbers to us by e-mail.
We love to provide perfect family vacations and experiences, but our products are not aimed at children. You have to be at least 18 years old to transact with us. If you are under 16 years of age please do not send us any information about yourself. If we discover that we have collected any personal information online from a child under the age of 16 and have not received verifiable parental consent for such collection, we will remove that information from our databases as soon as possible.
21. Contacting us
In Europe by writing to our Customer Services Department at Citrus House, Caton Road, Lancaster, LA1 3UA, by telephoning our Customer Services Department at 0345 3590010, or by e-mailing our Customer Services Department at firstname.lastname@example.org.
In the United States or Canada by writing to our Customer Service Department at 10600 W. Charleston Blvd, Las Vegas, Nevada 89135, by telephoning 877.374.2582, or by e-mailing our Customer Services Department at THEClub@diamondresorts.com.
22. Do Not Sell Opt-Out Rights - Nevada Residents
Updated: January 23, 2020