- Hotel & RV Park
- Casino
- Entertainment
- Dining
- Activities
- Pool & Spa
- Meetings & Events
- Careers
Effective and Last Updated: Monday, January 10, 2022
We at the Grand Sierra Resort recognize that privacy is important. This Privacy Policy explains our practices regarding Personal Information that we collect from you or about you during our interactions with you, whether online or offline. What we mean when we refer to “Personal Information” is explained in the Information We Collect section of this Privacy Policy.
We collect your Personal Information through:
The sources or points of collection of Personal Information described above are referred to together in this Privacy Policy as “Touch Points.”
Note: This Privacy Policy applies to our processing of Personal Information on behalf of and subject to the instructions of third parties such as airlines, car rental companies, companies that organize or offer packaged travel arrangements, marketing partners, other service providers, or corporate customers.
Please read this Privacy Policy carefully to understand our practices regarding your Personal Information. If you do not agree with our practices, your choices are either (1) not to use, access, visit, or participate in our Touch Points or (2) limit the Personal Information you provide. However, if you choose not to provide certain Personal Information, you may not be able to participate in a particular activity, realize a benefit we may offer, or access or receive certain content, functionalities, events, or services because the information is required for those matters.
BY USING, ACCESSING, OR VISITING ANY TOUCH POINTS OR BY AGREEING TO THIS PRIVACY POLICY WHEN YOU REGISTER TO USE, ACCESS OR VISIT ANY TOUCH POINTS, YOU ACKNOWLEDGE THAT WE MAY COLLECT, STORE, USE, AND SHARE YOUR PERSONAL INFORMATION AS DESCRIBED IN THIS PRIVACY POLICY.
This Privacy Policy may change from time to time (see Changes to Our Privacy Policy). Your continued use of our website or any of the other Touch Points after we make changes is deemed to be acceptance of those changes, so please check this Privacy Policy periodically for updates.
Local laws regarding privacy vary. Some jurisdictions place restrictions on our collection, processing, and use of Personal Information or provide additional rights to residents of those jurisdictions. Our practices with respect to residents of those jurisdictions may be more limited and the rights of those residents may be broader than those described in this Privacy Policy.
If you are a resident of the European Economic Area (EEA), please see Appendix A – EEU GDPR Privacy Notice for additional information regarding our use of your Personal Information and your rights.
If you are a resident of the State of California, please see Appendix B – California CCPA Privacy Notice for additional information regarding our use of your Personal Information and your rights. To learn more about your California privacy rights, visit https://oag.ca.gov/privacy/ccpa , (opens in a new tab).
We collect various types of information from and about you, including Personal Information.
“Personal Information” is
By way of example only, Personal Information includes:
We collect information through our Touch Points as follows:
Automatically-collected information is often statistical data that on its own is not able to identify you, your household, or your Smart Devices (“Non-Personal Information”). We may share Non-Personal Information in a collective (“aggregated”) and anonymous (“de-identified”) way with third parties. However, if Non-Personal Information is ever combined with other information so as to allow you, your household, or your Smart Devices to be identified, the combined information will be treated as Personal Information and used and shared as described in this Privacy Policy.
The technologies we use for automatic data collection includes the use of:
We use Personal Information that we collect about you or that you provide to us in a number of ways, including:
We may share your Personal Information with any third parties for any lawful purpose.
Unless otherwise prohibited by law, we may share Personal Information about you with the following types of third parties and for the following purposes:
We will take reasonable measures to (a) protect Personal Information from unauthorized access, disclosure, alteration or destruction, and (b) keep Personal Information accurate and up-to-date as appropriate.
We maintain a PCI compliance program and an IT compliance program.
Unfortunately, despite the efforts described above, no security system or system of transmitting data over the Internet or electronically is guaranteed to be entirely secure. We cannot and do not guarantee the security of any information you disclose or transmit to us via the Internet or by other electronic means, and are not responsible for the theft, destruction, or inadvertent disclosure of your Personal Information.
For your own privacy protection, we recommend that you do not include any particularly sensitive Personal Information such as passwords, social security numbers, credit card details, or bank account information, in any emails that you send to us. We will not contact you by email or text message to ask for that information.
If a data breach occurs, we will notify regulators or consumers as required by applicable laws or regulations.
We keep Personal Information about you for the period necessary to fulfill the purposes outlined in this Privacy Policy unless a longer retention period is required or allowed by applicable law.
Generally: (a) we keep Personal Information collected related to guest reservations for seven years after the stay is completed, and (b) we retain other Personal Information for shorter periods of time if possible and if permitted by law.
We will destroy your Personal Information as early as practicable and in a way that the information may not be restored or reconstructed.
If you have registered on the Website, or are a member of our Guest Programs, you can log in to your account to change or update certain information and preferences to keep your data accurate, complete, and up-to-date. You may also contact us as described in the Contact Information section to update or correct certain Personal Information.
We will respond to your request and, if applicable and appropriate, make the requested change in our active databases within a reasonable timeframe. Please remember that we may not be able to fulfill certain requests while allowing you access to certain benefits and features. Even if you unsubscribe from our marketing communications, you may continue to receive certain communications from us, such as transactional, customer service, or other relationship messages, messages about your account and profile, and emails in response to communications or requests for information that we receive from you.
Please also note that we may not be able to remove your Personal Information from the databases of third parties to whom we already provided your Personal Information as of the date of your opt-out request.
If you have provided us with your contact information (and consent where required), we may contact you for marketing purposes such as sharing information about our services or inviting you to events or to participate in special promotions. Those communications may be through postal mail, email, text messages, social media, mobile applications, and alerts, or other means.
We may provide you with options to set your preferences for receiving email communications from us; that is, you can agree to receive some communications but not others. At any time, you may also opt-out of receiving future commercial emails from us by following the “Unsubscribe” instructions contained in the commercial emails that you receive from us. You may also contact us as described in the Contact Information section of this Privacy Policy if you want to opt-out from receiving future marketing emails or correspondence.
If you are a Guest Program member, you may change the communications you receive from us by logging on to your Guest Program account and making the changes to your preferences or contact us as described in the Contact Information section of this Privacy Policy.
You can opt-out of receiving our marketing emails. To stop receiving our promotional emails, follow the instructions in any marketing email you get from us. You can also change your preferences in your account. It may take about ten days to process your request. Even if you opt-out of getting marketing emails, we will still be sure to send you transactional messages. For example, we may still contact you about your reservations or purchases.
You can modify the information you have given us. To correct or delete information or update account settings, log into your account, and follow the instructions. We make changes as soon as we can. This information may stay in our backup files. If we cannot make the changes you want, we will let you know and explain why. If you contact us requesting access to your information, we will respond within a reasonable period of time.
You can control cookies and tracking tools on your mobile device or web browser. For example, you can turn off the GPS locator or push notifications on your device. Visit the help page of your device or browser for more information on how to control your privacy preferences.
Our Website is not intended for persons under the age of 21. No one under age 21 may provide any Personal Information on the Website. In addition, we do not knowingly collect Personal Information from children under 18. If you are under 18, do not use or provide any information on this Website. If we learn we have collected or received Personal Information from a child under 18 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 18, please contact us. A parent or guardian of a child under the age of 18 may request the deletion of the child’s Personal Information.
Our Website may contain links to other sites and resources provided by third parties, including links contained in banner advertisements and sponsored links. Those links are provided for your convenience only.
If you decide to access any of the third-party websites linked to our Website, please note:
We may also offer internet access to guests of our Resort through a third-party Internet provider. Your use of that internet service is subject to the internet provider’s terms of use and privacy policy. You may access those terms and policies using the links on the internet service sign-in page, or by visiting the internet provider’s website.
We may amend this Privacy Policy at our discretion and at any time. We will post the updated Privacy Policy on this website and update the Privacy Policy’s effective and last updated date. You are responsible for ensuring we have an up-to-date active and deliverable email address for you, and for periodically visiting our Website and this Privacy Policy to check for any changes.
If you have any questions or comments about this Privacy Policy, the ways in which we collect and use your information, your choices and rights regarding that use, or wish to exercise your rights over your Personal Information, please contact us as follows:
OUR COMPLIANCE WITH ARTICLE 26 OF THE EUROPEAN UNION’S DATA PROTECTION DIRECTIVE (DIRECTIVE 95/46/EC, 1995 O.J. (L281) 31) ALSO KNOWN AS THE EU GENERAL DATA PROTECTION REGULATION (“GDPR”) IS VOLUNTARY. WE DO NOT CONSENT OR SUBMIT TO THE JURISDICTION OF THE EUROPEAN UNION FOR ANY PURPOSE OR MATTER OF ANY KIND OR WAIVE ANY RIGHTS OR DEFENSES IN LAW OR EQUITY WITH RESPECT THERETO.
Our website, mobile applications, and the services or products available through them are targeted primarily, but not exclusively for, users in the United States of America. Any information you enter on our website or mobile applications is transferred outside of the European Union to the United States of America which does not offer an equivalent level of protection to that required in the European Union.
The United States of America uses a sectoral model of privacy protection that relies on a mix of legislation, governmental regulation, and self-regulation. Article26 of the European Union’s Data Protection Directive (Directive 95/46/EC, 1995 O.J. (L281) 31) also known as the EU General Data Protection Regulation (“GDPR”) allows for the transfer of personal data from the European Union to a third country if the individual has unambiguously given his consent to the transfer of Personal Data, regardless of the third country’s level of protection.
BY USING OUR WEBSITE, OUR MOBILE APPLICATIONS, OR OUR SERVICES, YOU CONSENT TO THE TRANSFER OF ALL PERSONAL DATA TO THE UNITED STATES OF AMERICA WHICH MAY NOT OFFER AN EQUIVALENT LEVEL OF PROTECTION TO THAT REQUIRED IN THE EUROPEAN UNION AND TO THE PROCESSING OF THAT INFORMATION BY US ON OUR SERVERS LOCATED IN THE UNITED STATES OF AMERICA AS DESCRIBED IN THIS PRIVACY POLICY.
If you are a resident of the European Economic Area (EEA), the GDPR provides you with certain data protection rights. GSR aims to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data. When used in this GDPR Notice, the term “Personal Data” means collectively, Personal Information, Unique Identifiers, Advertising Identifiers, and Location Data which you have provided to us or has otherwise been collected by us when you use or otherwise access our Touch Points.
Under the GDPR you have certain data protection rights which are summarized in this Appendix A. Some of the rights are complex, and not all of the details are included in our summaries. Therefore, you should read the relevant laws and guidance from the regulatory authorities for a full explanation of these rights.
Your principal rights under data protection law are:
Please note that we may ask you to verify your identity before responding to requests in exercising your rights.
You also have the right to complain to a Data Protection Authority (as defined in the GDPR) about our collection and use of your Personal Data. For more information, please contact your local data protection authority in EEA.
Our legal basis for collecting and using your Personal Data depends on the Personal Data we collect and the specific context in which we collect it. We may process your Personal Data because:
If you wish to be informed of what Personal Data we hold about you or if you want to exercise any of your rights under the GDPR, please contact us by following the procedures described in the Contact Information section of this Privacy Policy.
This California CCPA Privacy Notice (“CCPA Notice”) supplements the information contained in our Privacy Policy and applies solely to visitors, users, and others who reside in the State of California (“consumers” or “you”). This CCPA Notice is provided in compliance with the California Consumer Privacy Act of 2018 (“CCPA”) and other California privacy laws. Any terms defined in the CCPA have the same meaning when used in this CCPA Notice.
California Consumer Privacy Act. If you are a California resident, you have specific privacy rights governed by the California Consumer Privacy Act (CCPA). These rights include:
Disclosure. You have the right to request a report showing the personal information collected, shared, and sold about you in the past 12 months.
Opt-Out. You have the right to opt-out to the sale of your personal information to third parties.
Deletion. You have the right to request that we delete any personal information collected from you.
Non-Discrimination. We shall not discriminate against you based on your exercise of any of the above rights.
You may submit a request to enact any of the above rights by contacting us as described in the Contact Information section of this Privacy Policy. We may require additional information to verify your identity before responding to a CCPA rights request. We will respond to your request within 45 days if possible and required under the law.
Personal Information Collected on California Residents:
Personal Information Disclosed for a Business Purpose or Sold About California Residents:
Category | Examples | Collected | Sold |
---|---|---|---|
A. Identifiers | A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers. | Yes | No |
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). | A name, signature, Social Security number, physical characteristics or description, address, phone number, mobile number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some Personal Information included in this category may overlap with other categories. | Yes | No |
C. Protected classification characteristics under California or federal law. | Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth, and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). | Yes | No |
D. Commercial information. | Records of personal property, products, or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. | Yes | No |
E. Biometric information. | Genetic, physiological, behavioral, and biological characteristics or activity patterns used to extract a template or other identifier or identifying information, such as fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. | Yes | No |
F. Internet or other similar network activity. | Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement. | Yes | No |
G. Geolocation data. | Physical location or movements. | Yes | No |
H. Sensory data. | Audio, electronic, visual, thermal, olfactory, or similar information. | Yes | No |
I. Professional or employment-related information. | Current or past job history or performance evaluations. | Yes | No |
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R .Part 99)). | Education records directly related to a student maintained by an educational institution or party acting on its behalfs, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. | Yes | No |
K. Inferences that are drawn from other Personal Information. | Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. | Yes | No |
L. Personal Information does not include: | Publicly available information from government records; De-identified or aggregated consumer information; Information excluded from the CCPA’s scope, like Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data; or Personal Information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994. | Yes | No |
We obtain the categories of Personal Information listed above from the following categories of sources:
Business or Commercial Purposes for Collecting or Selling Personal Information about California Residents:
Third Parties with Whom we Share Personal Information:
Mobile numbers collected as part of opt-in for a texting messaging program will not be shared or sold.
Do Not Track. Our websites and apps are not designed to respond to “do not track” requests from browsers.
Our sites and apps are not intended for children.
Our sites and apps are meant for adults. We do not knowingly collect personal information from children under 13. If you are a parent or legal guardian and think your child under 13 has given us information, you can email us here. You can also write to us at the address listed at the end of this policy. Please mark your inquiries “COPPA Information Request.”
We may use or disclose the Personal Information we collect for one or more of the following business purposes:
We will not collect additional categories of Personal Information or use the Personal Information we collected for materially different, unrelated, or incompatible purposes without providing you notice.
We may share or disclose your Personal Information to a third party for a business purpose or sell your Personal Information subject to your right to opt-out of those sales (See Deletion Request Rights section of this CCPA Notice). When we disclose Personal Information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that Personal Information confidential and not use it for any purpose except performing the contract. The CCPA prohibits third parties who purchase the Personal Information we hold from reselling it unless you have received explicit notice and an opportunity to opt-out of further sales.
Disclosures of Personal Information for a Business Purpose
We disclose your Personal Information for a business purpose to the following categories of third parties:
In the preceding twelve (12) months, we have disclosed the following categories of Personal Information for a business purpose:
Category A: | Identifiers |
---|---|
Category B: | California Consumer Records Personal Information categories |
Category C: | Protected classifications characteristics under California or federal law |
Category I: | Professional or employment-related information |
Sales of Personal Information
In the preceding twelve (12) months, we have not sold Personal Information.
The CCPA provides California resident consumers with specific rights regarding their Personal Information. This section describes your CCPA rights and explains how to exercise those rights.
Access to Specific Information and Data Portability Rights
You have the right to request that we disclose certain information to you about our collection and use of your Personal Information over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you:
Deletion Request Rights
You have the right to request that we delete any of your Personal Information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your Personal Information from our records, unless an exception applies.
We may deny a deletion request if we cannot verify that the consumer making the request is the consumer about whom we have collected information or is a person authorized by the consumer to act on that consumer’s behalf.
We may also deny your deletion request if retaining the information is necessary for us or our service providers to:
Exercising Access, Data Portability, and Deletion Rights
To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by may submit a request to us by visiting our web page and sending us a message or by any of the other methods described in the Contact Information section of this CCPA Notice.
Only you or a person registered with the California Secretary of State that you authorize to act on your behalf may make a verifiable consumer request related to your Personal Information. You may also make a verifiable consumer request on behalf of your minor child.
You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:
We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use Personal Information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
Response Timing and Format
We endeavor to respond to a verifiable consumer request within 45 days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your Personal Information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
Personal Information Sales Opt-Out and Opt-In Rights
If you are 16 years of age or older, you have the right to direct us to not sell your Personal Information at any time (the “right to opt-out”). We do not sell the Personal Information of consumers we actually know are less than 16 years of age, unless we receive affirmative authorization (the “right to opt-in”) from either the consumer who is between 13 and less than 16 years of age or the parent or guardian of a consumer less than 13 years of age. Consumers who opt-in to Personal Information sales may opt-out of future sales at any time.
To exercise the right to opt-out, you (or your authorized representative) may submit a request to us by visiting our web page and sending us a message.
Once you make an opt-out request, we will wait at least twelve (12) months before asking you to reauthorize Personal Information sales. However, you may change your mind and opt back into Personal Information sales at any time by visiting our website and sending us a message.
We will only use Personal Information provided in an opt-out request to review and comply with the request.
Non-Discrimination
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:
However, we may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your Personal Information’s value to our business and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt-in consent, which you may revoke at any time.
California’s “Shine the Light” law (Civil Code § 1798.83) permits users of our Website that are California residents to request certain information regarding our disclosure of Personal Information to third parties for their direct marketing purposes. To make such a request, please send us an electronic message through our website or write us at our address listed on our webpage.
Changes to this CCPA Notice
We reserve the right to amend this CCPA Notice at our discretion and at any time. When we make changes to this CCPA Notice, we will post the updated notice on the Website and update the notice’s effective date. Your continued use of our Website following the posting of changes constitutes your acceptance of those changes.
Contact Information
If you have any questions or comments about this CCPA Notice, our Privacy Policy, the ways in which we collect and use your information, your choices and rights regarding that use, or wish to exercise your rights under California law, please contact us as described in the Contact Information section of this Privacy Policy.