PRIVACY POLICY

Last updated September 12, 2024

This Privacy Policy describes how and why we, along with our subsidiaries and affiliates (collectively referred to as "Reserv," "we", "us", or "our"), might collect, store, use, and/or share ("process") your information when you use our services ("Services"), including but not limited to when you: 

• Visit our websites, mobile applications, social media pages, newsletters, or otherwise communicate with us;
• Engage with us in other related ways ― including any sales, marketing, or events; 
• Use our online data rooms that we operate; and
• Perform other activities described in this Privacy Policy. 

Throughout this Privacy Policy, "Personal Information" means any information relating to an identified or identifiable individual. We are committed to ensuring the privacy and integrity of the Personal Information you share with us or we otherwise collect as we provide these Services. 

Questions or concerns?

Reading this Privacy Policy will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use our Services. If you still have any questions or concerns, please contact us at privacy@reserv.com.

What Personal Information do we process?

When you visit, use, or navigate our Services, we may process Personal Information depending on how you interact with us and the Services, the choices you make, and the products and features you use. Learn more about Personal Information you disclose to us.

Do we process any sensitive Personal Information?

We may process sensitive information in relation to our Services defined in this Privacy Policy.

Do we receive any information from third parties?

We may receive information from public databases, marketing partners, social media platforms, and other outside sources. Learn more about information collected from other sources.

How do we process your information?

We process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law. We may also process your information for other purposes with your consent. We process your information only when we have a valid legal reason to do so. Learn more about how we process your information.

In what situations and with which types of parties do we share Personal Information?

We may share information in specific situations and with specific categories of third parties. Learn more about when and with whom we share your Personal Information.

How do we keep your information safe?

We have organizational and technical processes and procedures in place to protect your Personal Information. However, no electronic transmission over the internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information. Learn more about how we keep your information safe.

What are your rights?

Reserv recognizes personal rights associated with regards to your Personal Information. 

WHAT INFORMATION DO WE COLLECT?

Personal Information You Disclose to Us

In Short: We collect Personal Information that you provide to us through the Service or otherwise.

We collect Personal Information that you voluntarily provide to us when you interact with the Services, express an interest in obtaining information about us or our products and Services, when you participate in activities on the Services, or otherwise when you contact us.

Personal Information Provided by You

The Personal Information that we collect depends on the context of your interactions with us and the Services, the choices you make, and the products and features you use. The Personal Information we collect may include the following:

• Contact data, such as your first and last name, salutation, billing and mailing address, phone number, email address, professional title, and company name. 
• Demographic data, such as your city, state, country of residence, and postal code. 
• Communications data based on our exchanges with you, including when you contact us through the Service, email, social media, or otherwise. 
• Details regarding first notification of loss claims and claim-related incidents. 
• Online identifiers and account information, such as your username and/or password for any of our websites. 
• Payment and transactional data, including payment card information or bank account numbers used to bill for our services and your billing and payment history. 
• Marketing data, such as your preferences for receiving our marketing communications and details about your engagement with them. 
• Professional or employment-related information if you apply for a job through our website or otherwise, such as your job title, employer information, work history, and education information, such as the schools you attended. 
• Other data not specifically listed here, which we will use as described in this Privacy Policy or as otherwise disclosed at the time of collection. 

Information Automatically Collected

In Short: Some information — such as your Internet Protocol (IP) address and/or browser and device characteristics — is collected automatically when you visit our Services.

We automatically collect certain information when you visit, use, or navigate the Services. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Services, and other technical information. This information is primarily needed to maintain the security and operation of our Services, and for our internal analytics and reporting purposes.

Like many businesses, we also collect information through cookies and similar technologies.

The information we automatically collect includes:

• Device and Usage Data. Device and usage data is service-related, diagnostic, usage, and performance information our servers automatically collect when you access or use our Services and which we record in log files. Depending on how you interact with us, this log data may include your IP address, device information, and browser type.
• Internet activity or electronic network activity informationthat we collect about your interaction with our websites, emails, and other online content, such as the pages you viewed, emails you opened, links you clicked, how long you spent on a page, navigation paths between pages or screens, information about your activity, your preferences, access times, and duration of access. 
• General location data when you authorize the Service to access your device's location.
• Communication interaction data such as your interactions with our email, chat messages, voicemail, text, or other communications (e.g., whether you open and/or forward emails) - we may do this through use of pixel tags (which are also known as clear GIFs), which may be embedded invisibly in our emails.

Information Collected From Other Sources

In Short: We may collect limited data from public databases, marketing partners, social media platforms, and other outside sources.

In order to enhance our ability to provide services to you and update our records, we may obtain information about you from other sources, such as public databases, joint marketing partners, affiliate programs, data providers, social media platforms, and from other third parties. This information includes mailing addresses, job titles, email addresses, phone numbers, intent data (or user behavior data), Internet Protocol (IP) addresses, and vehicle history information. If you interact with us on a social media platform using your social media account (e.g., Facebook or Twitter), we receive Personal Information about you such as your name, email address, and gender. Any Personal Information that we collect from your social media account depends on your social media account's privacy settings.

HOW DO WE PROCESS YOUR INFORMATION?

In Short: We process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law. We may also process your information for other purposes with your consent.

We process your Personal Information for a variety of reasons, depending on how you interact with our Services, including:

• To deliver and facilitate delivery of services to the user. We may process your information to provide you with the requested service.

• To respond to user inquiries/offer support to users. We may process your information to respond to your inquiries and solve any potential issues you might have with the requested service.

• To send administrative information to you. We may process your information to send you details about our products and services, changes to our terms and policies, and other similar information.

• To request feedback. We may process your information when necessary to request feedback and to contact you about your use of our Services.

• To send you marketing and promotional communications. We may process the Personal Information you send to us for our marketing purposes, if this is in accordance with your marketing preferences. You can opt out of our marketing emails at any time. For more information, see "WHAT ARE YOUR PRIVACY RIGHTS?" below.

• To protect our Services. We may process your information as part of our efforts to keep our Services safe and secure, including fraud monitoring and prevention.

• To identify usage trends. We may process information about how you use our Services to better understand how they are being used so we can improve them.

• To determine the effectiveness of our marketing and promotional campaigns.We may process your information to better understand how to provide marketing and promotional campaigns that are most relevant to you.

• To save or protect an individual's vital interest. We may process your information when necessary to save or protect an individual's vital interest, such as to prevent harm.
• To comply with applicable laws. We may use your Personal Information to comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas, investigations or requests from, or coorperate with governmental authorities; protect our, your, or others' rights, privacy, safety or property (including making and defending legal claims); audit our internal process for compliance with legal and contractual requirements or our internal policies; enforce terms and conditions that govern the Service; and prevent, identify, investigate, and deter fraudulent, harmful, unauthorized, unethical, or illegal activity, including cyberattacks and identity theft. 

WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR INFORMATION?

In Short: We only process your Personal Information when we believe it is necessary and we have a valid legal reason (i.e., legal basis) to do so under applicable law, like with your consent, to comply with laws, to provide you with services to enter into or fulfill our contractual obligations, to protect your rights, or to fulfill our legitimate business interests.

The General Data Protection Regulation (GDPR) and UK GDPR require us to explain the valid legal bases we rely on in order to process your Personal Information. As such, we may rely on the following legal bases to process your Personal Information:

• Consent. We may process your information if you have given us permission (i.e., consent) to use your Personal Information for a specific purpose. You can withdraw your consent at any time. Learn more about withdrawing your consent.

• Performance of a Contract. We may process your Personal Information when we believe it is necessary to fulfill our contractual obligations to you, including providing our Services through our customers.

• Legitimate Interests. We may process your information when we believe it is reasonably necessary to achieve our legitimate business interests and those interests do not outweigh your interests and fundamental rights and freedoms. For example, we may process your Personal Information for some of the purposes described in order to:

• Analyze how our Services are used so we can improve them to engage and retain users

• Support our marketing activities

• Diagnose problems and/or prevent fraudulent activities

• Understand how our users use our products and services so we can improve user experience

• Legal Obligations. We may process your information where we believe it is necessary for compliance with our legal obligations, such as to cooperate with a law enforcement body or regulatory agency, exercise or defend our legal rights, or disclose your information as evidence in litigation in which we are involved.

In legal terms, we act as both "data controller" and "data processor" under European data protection laws. Where we determine the means and/or purposes of the data processing we perform, we are the "data controller" (such as in the case of collecting service related statistics for diagnosing and troubleshooting our website). Where we are processing your data on behalf of one of our customers (such as in the case of responding to a first notification of loss), we act as the "data processor". This Privacy Policy does not apply to the Personal Information we to the Personal Information we collect or process as a "data processor" on behalf of our customers. In those situations, the customer that we provide services to and with whom we have entered into a data processing agreement is the "data controller" responsible for your Personal Information, and we merely process your information on their behalf in accordance with your instructions. If you want to know more about our customers' privacy practices, you should read their privacy policies and direct any questions you have to them.

We may process your information if you have given us specific permission (i.e., express consent) to use your Personal Information for a specific purpose, or in situations where your permission can be inferred (i.e., implied consent). You can withdraw your consent at any time. 

In some exceptional cases, we may be legally permitted under applicable law to process your information without your consent, including, for example:

• If collection is clearly in the interests of an individual and consent cannot be obtained in a timely way

• For investigations and fraud detection and prevention

• For business transactions provided certain conditions are met

• If it is contained in a witness statement and the collection is necessary to assess, process, or settle an insurance claim

• For identifying injured, ill, or deceased persons and communicating with next of kin

• If we have reasonable grounds to believe an individual has been, is, or may be victim of financial abuse

• If it is reasonable to expect collection and use with consent would compromise the availability or the accuracy of the information and the collection is reasonable for purposes related to investigating a breach of an agreement or a contravention of the laws of Canada or a province

• If disclosure is required to comply with a subpoena, warrant, court order, or rules of the court relating to the production of records

• If it was produced by an individual in the course of their employment, business, or profession and the collection is consistent with the purposes for which the information was produced

• If the collection is solely for journalistic, artistic, or literary purposes

• If the information is publicly available and is specified by the regulations

WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?

In Short:We may share information in specific situations described in this section and/or with the following categories of third parties.

Vendors, Consultants, and Other Third-Party Service Providers.We may share your data with third-party vendors, service providers, contractors, or agents ("third parties") who perform services for us or on our behalf and require access to such information to do that work. We have contracts in place with our third parties, which are designed to help safeguard your Personal Information. This means that they cannot do anything with your Personal Information unless we have instructed them to do it. They will also not share your Personal Information with any organization apart from us. They also commit to protect the data they hold on our behalf and to retain it for the period we instruct. The categories of third parties we may share Personal Information with are as follows:

• Affiliate Marketing Programs

• Cloud Computing Services

• Communication & Collaboration Tools

• Data Analytics Services

• Data Storage Service Providers

• Finance & Accounting Tools

• Government Entities

• Performance Monitoring Tools

• Product Engineering & Design Tools

• Sales & Marketing Tools

• Testing Tools

• User Account Registration & Authentication Services

• Website Hosting Service Providers

• Insurers, Reinsurers, and as required by applicable law

We also may need to share your Personal Information in the following situations:

• Business Transfers. We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
• When we use Google Analytics. We may share your information with Google Analytics to track and analyze the use of the Services.. To opt out of being tracked by Google Analytics across the Services, visit https://tools.google.com/dlpage/gaoptout. You can opt out of Google Analytics Advertising Features through Ads Settings and Ad Settings for mobile apps. Other opt out means include http://optout.networkadvertising.org/ and http://www.networkadvertising.org/mobile-choice. For more information on the privacy practices of Google, please visit the Google Privacy & Terms page.

• Affiliates. We may share your information with our affiliates, in which case we will require those affiliates to honor this Privacy Policy. Affiliates include our parent company and any subsidiaries, joint venture partners, or other companies that we control or that are under common control with us.

• Business Partners. We may share your information with our business partners to offer you certain products, services, or promotions.

• Other Users. When you share Personal Information (for example, by posting comments, contributions, or other content to the Services) or otherwise interact with public areas of the Services, such Personal Information may be viewed by all users and may be publicly made available outside the Services in perpetuity. If you interact with other users of our Services and register for our Services through a social network (such as Facebook), your contacts on the social network will see your name, profile photo, and descriptions of your activity. Similarly, other users will be able to view descriptions of your activity, communicate with you within our Services, and view your profile.

WHAT IS OUR STANCE ON THIRD-PARTY WEBSITES?

In Short:We are not responsible for the safety of any information that you share with third parties that we may link to or who advertise on our Services, but are not affiliated with, our Services.

The Services may link to third-party websites, online services, or mobile applications and/or contain advertisements from third parties that are not affiliated with us and which may link to other websites, services, or applications. Accordingly, we do not make any guarantee regarding any such third parties, and we will not be liable for any loss or damage caused by the use of such third-party websites, services, or applications. The inclusion of a link towards a third-party website, service, or application does not imply an endorsement by us. We cannot guarantee the safety and privacy of data you provide to any third parties. Any data collected by third parties is not covered by this Privacy Policy. We are not responsible for the content or privacy and security practices and policies of any third parties, including other websites, services, or applications that may be linked to or from the Services. You should review the policies of such third parties and contact them directly to respond to your questions.

DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?

In Short:We may use cookies and other tracking technologies to collect and store your information.

We may use cookies and similar tracking technologies (like web beacons and pixels) to access or store information. 

IS YOUR INFORMATION TRANSFERRED INTERNATIONALLY?

In Short: We may transfer, store, and process your information in countries other than your own.

Our servers are located in the United States of America. If you are accessing our Services from outside the United States of America, please be aware that your information may be transferred to, stored, and processed by us in our facilities and by those third parties with whom we may share your Personal Information (see "WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?" above), in the United States of America, and other countries.

HOW LONG DO WE KEEP YOUR INFORMATION?

In Short: We keep your information for as long as necessary to fulfill the purposes outlined in this Privacy Policy unless otherwise required by law.

We will only keep your Personal Information for as long as it is necessary for the purposes set out in this Privacy Policy, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements). 

When we have no ongoing legitimate business need to process your Personal Information, we will either delete or anonymize such information, or, if this is not possible (for example, because your Personal Information has been stored in backup archives), then we will securely store your Personal Information and isolate it from any further processing until deletion is possible.

HOW DO WE KEEP YOUR INFORMATION SAFE?

In Short: We aim to protect your Personal Information through a system of organizational and technical security measures.

We have implemented appropriate and reasonable technical and organizational security measures designed to protect the security of any Personal Information we process. However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information. Although we will do our best to protect your Personal Information, transmission of Personal Information to and from our Services is at your own risk. You should only access the Services within a secure environment.

PRIVACY RIGHTS

We want to ensure that you are fully aware of all of your data protection rights. Users covered under the California Consumer Privacy Act ("CCPA"), the European General Data Protection Regulation ("GDPR"), or the United Kingdom GDPR are entitled to the following: 

The right to request deletion of the data. You can ask for the deletion of your Personal Information. If you ask us to delete your Personal Information, we will respect your request and delete your Personal Information, subject to certain exceptions provided by law, such as (but not limited to) the exercise by another consumer of his or her right to free speech, or our compliance requirements resulting from a legal obligation.

In accordance with applicable law, we are not obligated to provide or delete consumer information that is de-identified in response to a consumer request or to re-identify individual data to verify a consumer request.

The right to be informed. Depending on the circumstances, you have a right to know:

• whether we collect and use your Personal Information;

• the categories of Personal Information that we collect;

• the purposes for which the collected Personal Information is used;

• whether we sell or share your Personal Information to third parties;

• the categories of Personal Information that we sold, shared, or disclosed for a business purpose;

• the categories of third parties to whom the Personal Information was sold, shared, or disclosed for a business purpose;

• the business or commercial purpose for collecting, sharing, or selling Personal Information; and
• the specific pieces of Personal Information we collected about you.

The right to opt-out. You have the right to opt-out of the sale or sharing of your Personal Information. 

The right to correct. You have the right to request correction of your personal data if it is incorrect or no longer relevant. You also have the right to request Reserv to complete information you believe is incomplete. 

The right to limit/restrict processing. You have the right to request to limit or restrict the use and disclosure of sensitive Personal Information.

The right to object to processing. You have the right to object to Reserv's processing of your Personal Information, under certain conditions. 

The right to data portability. You have the right to request that Reserv transfer the data that we have collected to another organization, or directly to you, under certain conditions. 

(California residents only) The right to designate an authorized representative. You can designate an authorized agent to make a request under the CCPA on your behalf. We may deny a request from an authorized agent that does not submit proof that they have been validly authorized to act on your behalf in accordance with the CCPA.

The Right to Non-Discrimination for the Exercise of a Consumer's Privacy Rights. We will not discriminate against you if you exercise your privacy rights.

Residents in other jurisdictions may also have similar rights to the above. Please contact us if you would like to exercise one of these rights, and we will comply with any request to the extent required under applicable law.

Verification Process

Upon receiving your request, we will need to verify your identity to determine you are the same person about whom we have the information in our system. These verification efforts require us to ask you to provide information so that we can match it with information you have previously provided us. For instance, depending on the type of request you submit, we may ask you to provide certain information so that we can match the information you provide with the information we already have on file, or we may contact you through a communication method (e.g., phone or email) that you have previously provided to us. We may also use other verification methods as the circumstances dictate.

We will only use Personal Information provided in your request to verify your identity or authority to make the request. To the extent possible, we will avoid requesting additional information from you for the purposes of verification. However, if we cannot verify your identity from the information already maintained by us, we may request that you provide additional information for the purposes of verifying your identity and for security or fraud-prevention purposes. We will delete such additionally provided information as soon as we finish verifying you.

How do I exercise my rights? The easiest way to exercise your rights is by contacting us at privacy@reserv.com. We will consider and act upon any request in accordance with applicable data protection laws.

DO WE MAKE UPDATES TO THIS NOTICE?

In Short: Yes, we will update this notice as necessary to stay compliant with relevant laws.

CONFLICT OF INTEREST

We may update this Privacy Policy from time to time. The updated version will be indicated by an updated "Revised" date and the updated version will be effective as soon as it is accessible. If we make material changes to this Privacy Policy, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this Privacy Policy frequently to be informed of how we are protecting your information.

HOW CAN YOU CONTACT US ABOUT THIS NOTICE?

If you have questions or comments about this notice, you may contact our Data Protection Officer (DPO), by email at privacy@reserv.com or by post to:

Reserv, Inc.
Data Protection Officer
99 Wall Street
New York City, New York
United States of America

If you are a resident in the United Kingdom, we are the "data controller" of your Personal Information. We have appointed a local representative in the UK. You can contact them directly regarding our processing of your information, by email at privacy@reserv.com or by post to:

Reserv, Inc.
Data Protection Officer
275 New N Road
PMB 3077
London
N17AA

Our policy forbids employees from engaging in any other business that competes with our Company. Company policy also forbids a financial interest in an outside concern, which does business with or is a competitor of our Company (except where such ownership consists of securities of a publicly owned corporation regularly traded on the public stock market). We prohibit rendering of the directive, managerial, or consulting services to any outside concern which does business with or is a competitor of our Company, except with the knowledge and written consent of our Chief Operating Officer. If you think that there is a possibility that any business venture of yours may conflict with this policy, it is your responsibility to notify our Chief Operating Officer and obtain approval in writing.

COMPLAINT POLICY

Complaints are an important way for Reserv to receive feedback and provide valuable prompts to review our performance.

• Reserv is committed to:
• establishing a system that manages complaints effectively and efficiently
• ensuring that recommendations made through investigation reports and internal reviews are actioned
• maintaining accurate complaint records
• ensuring all staff are appropriately trained in complaints management
• handling complaints in accordance with regulatory requirements and the company's Customer Complaint Procedure

If you have a concern regarding the service you have received, please email feedback@reserv.com