Last Updated: Thursday, February 21, 2018

MEI-GSR Holdings, LLC (“GSR”), together with controlled affiliates (collectively, “we”, “us” or “our”), is a hospitality, gaming and entertainment company comprised of award-winning accommodations, gaming, restaurants, nightlife destinations, convention meeting space and family fun offerings (the “Venues”), that values your patronage and respects your privacy. This Privacy Policy (“Policy”) applies to information collected from and about visitors and users (“you”) through various online channels, including websites and mobile applications, operated by us (either directly or through our service providers) their respective web pages, sub-domains, and any other websites (and subdomains thereof) that we operate and that link to this Policy (collectively, the “GSR Sites”), including but not limited to:

• www.grandsierraresort.com
• blog.grandsierraresort.com
• club.grandsierraresort.com
• info.grandsierraresort.com
• rewards.grandsierraresort.com
• rooms.grandsierraresort.com
• gsrbeerandchili.com
• www.lexnightclub.com

This Policy also applies to information collected from or about you through email and other electronic submissions and communications between you and GSR Sites. We have adopted this Policy to describe the types of information that we collect from or about you, how and for what purposes that information may be used or disclosed, how you can make certain choices about what kinds of information is collected and how it is used, and the steps we take to protect that information.

This Policy does not apply to information collected offline or through any means other than through GSR Sites, or to information collected by any other company or third-party site, application or content (including advertising) that may link to or be accessible from GSR Sites. Certain transactions and services offered while visiting GSR Sites may be processed or provided by service providers and other strategic partners, even though it appears that you may not have left GSR Sites (e.g., reservations, know-your-customer, payment processing, hosting). In such cases, these third parties receive information solely for the purpose of your transaction with us, and not for their own independent use.

GSR Sites are operated from the United States in accordance with laws of the United States and visitors to GSR Sites should be aware that the laws of the United States may differ from those of your country of residence By using GSR Sites, participating in any activities of GSR Sites, and/or providing us with your personal information, you: consent to the transfers and processing of any information you provide to GSR Sites.

In compliance with the General Data Protection Regulation (“GDPR”) adopted by the European Union, we’re updating our Terms and Conditions, Privacy Policy and Terms of Service to make them even more understandable and transparent.

The GSR Sites are operated from the United States in accordance with laws of the United States and visitors to GSR Sites should be aware that the laws of the United States may differ from those of your country of residence. Furthermore, in voluntarily complying with the GDPR, MEI-GSR Holdings, LLC (“GSR”) does not consent or submit to the jurisdiction of the European Union for any purpose or matter of any kind or waive any rights or defenses in law or equity with respect thereto.

Please read this Policy carefully, which includes terms required for compliance with California Civil Code Section 1798.83 , GDPR, and Nevada Revised Statute Chapter 603A . WHEN YOU ACCESS GSR SITES, YOU AGREE TO THIS POLICY. IF YOU DO NOT AGREE TO THE TERMS OF THIS POLICY, DO NOT CONTINUE TO ACCESS OR USE GSR SITES. This Policy, together with the Terms of Use posted on GSR Sites, sets forth the general rules and policies governing your use of GSR Sites. Depending on your activities when visiting GSR Sites, you may be required to agree to additional terms and conditions. We encourage you to review this Policy frequently, as it may change from time to time.

Definitions

ServiceService is the http://www.GrandSierraResort.com website operated by MEI-GSR Holdings, LLC (“GSR”)Personal DataPersonal Data means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.Usage DataUsage Data is data collected automatically either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).CookiesCookies are small pieces of data stored on your device (computer or mobile device).Data ControllerData Controller means the natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal information are, or are to be, processed. For the purpose of this Privacy Policy, we are a Data Controller of your Personal Data.Data Processors (or Service Providers)Data Processor (or Service Provider) means any natural or legal person who processes the data on behalf of the Data Controller. We may use the services of various Service Providers in order to process your data more effectively.Data Subject (or User)Data Subject is any living individual who is using our Service and is the subject of Personal Data.

A. Types of Information Collected About You and How It Is Collected

We and our service providers collect various types of information from and about you, including:

• “Personal information” or “personally identifiable information,” includes Personal Data and information by which you may be personally identified or contacted, including, for example, your name, email address, telephone numbers, company affiliation, title, physical address, screen names, credit card details (including the three or four digit security code on the back of your credit card), bank account or other payment information, credit information, birth date, driver’s license number, social security number, passport number, loyalty/rewards club or other affinity program numbers, employment information, and any other information by which you may be personally identified, including online identifiers such as “cookies”. Personal information also may include information that may not be personally identifiable standing alone (for example, your age), but which may become personally identifiable when combined with personal information (for example, your age combined with your name).
• “Non-personal information,” which is information that is about you but which does not identify you individually and may be linked to personal information, including: information regarding your computer, devices and Internet connection (such as your IP address, your computer or device type and its capabilities and features, your browser type, the operating system or platform you are using, your general geographic location, and the name and location of your Internet Service Provider), information regarding your use of GSR Sites (including the referring page and the exiting website, clickstream data, the search terms you enter on GSR Sites, your movement within and interaction with GSR Sites, including what pages you look at, and the time, date, and duration of your visit to GSR Sites) and traffic patterns relating to GSR Sites. Non-personal information may include personally identifiable information that has been de-identified, or in other words, rendered anonymous. Non-personal information also may be aggregated with non-personal information about others.

We and our service providers may collect this information through various means, including: (a) directly from you when you provide it to us, for example, via forms that you fill out on GSR Sites, through emails and other communications and information that you submit via GSR Sites, and through your other activities on GSR Sites; (b) automatically as you navigate through and interact with GSR Sites, including via cookies, pixels, beacons, and other tracking technologies; and (c) from third parties, including without limitation our service providers.

1. Information You Provide

The information we and our service providers collect may include the following types of information that you provide:

• Information you provide when you register for GSR Sites, make a purchase, participate in a service or offering made available on GSR Sites, submit a request for information, or make a reservation, including without limitation your contact information (such as your name, address, email address, phone numbers), your company name, and title and address, your screen name or username, and your payment information (such as your credit card details, bank and bank account routing information, or other information);
• Your demographic information, such as your age, gender, marital status, number of children, and nationality;
• Your travel-related information, such as your frequent flyer number, airlines, rental car providers, passport information, and travel history;
• Information relating to your reservations, visit or stay at our Venues, including the Venues you have visited, your arrival and departure dates, special requests made, spa and dining reservations, your guest preferences, vehicles you may bring to the Venues, and your transactions and purchases;
• Certain sensitive health information that you choose to share with us (such as allergy information or other health conditions that impact your guest preferences or special requests when visiting one of our Venues);
• Details about events or meetings that you plan with us, such as the date of the event, the guest list, and information about the guests at your event;
• Information you provide to sign up for our loyalty/rewards program (“Club Grand”) – such as your name, email address, physical address, mobile phone number, gender, zip code, birth date, social media handles, and social blogs – and information needed to administer Club Grand;
• Certain personal and sensitive information that you may provide online in connection with casino credit applications and gaming-related aspects and benefits of Club Grand, including without limitation your social security number, certain financial information (including your bank and bank account information, your annual income, and other personal financial information), employment information and history, other credit information, and a copy of or the information from official government identification documents, including without limitation, a driver’s license, passport or non-resident alien identification card for identity verification purposes;
• Information that you share in response to surveys and other market research;
• Information that you post to public areas on GSR Sites, that you include in an email, general comment, or recommendation posted on or sent through on GSR Sites, as well as records and copies of that correspondence (including email addresses);
• If you choose to log into GSR Sites through social sign ins (such as Facebook Connect), information collected from your social media account consistent with your settings within the applicable social media service, such as photos, name, gender, contact information, and other information;
• Resumes and applications for employment at the Venues, including any personal and sensitive information that you provide therein;
• Your communications preferences; and
• Other personal information that you choose to provide to us.

Whether you provide this information is your choice; however, please bear in mind that in many instances personal information is required for you to participate in a particular activity, for us to provide a certain service or benefit to you, or for you to gain access to certain features, services or content on GSR Sites. If you elect not to provide us with certain personal information, you may not be able to participate in a particular activity, realize a benefit we may offer, or gain access to certain content, functionalities or services.

2. Automatically-Collected Information

When you visit and as you navigate through and interact with GSR Sites, we, our service providers and third parties may automatically collect information about your visits to GSR Sites, your equipment, and your browsing action and patterns and your activities on GSR Sites. This information may include, but is not limited to:

• Details of your visits to GSR Sites and the resources that you access, such as traffic data, location data, logs and other communication data, the third-party website or application from which your visit originated, clickstream data, the search terms you use on GSR Sites, your movement within and interaction with GSR Sites, including what pages you look at, and the time, date, and duration of your visit to GSR Sites.
• Information about your computer or devices and Internet connection, such as your IP address, your general geographic location, your computer or device type and its capabilities and features, the operating system or platform you are using, your browser type, and your Internet Service Provider.
• Information about traffic patterns, number of visits to certain pages, visits from other websites or to third-party websites linked to GSR Sites, and visitors’ use of particular services and interest in services, information or features of GSR Sites.

Automatically-collected information often is statistical data that does not contain personal information. We may share such aggregated data with third parties collectively and in an anonymous way. Automatically-collected information may contain personal information, however, or we or our service providers may maintain it or associate it with personal information collected in other ways or received from third parties. Such information will be treated as personal information and used and shared as disclosed in this Policy.

3. Cookies and Other Tracking Technologies

We, our service providers and other third parties may place “cookies” on GSR Sites to collect certain information. A “cookie” or “browser cookie” is a small data text file that can be stored on your computer’s hard drive or other device, if your web browser or device settings permit. Certain features of GSR Sites also may use local stored objects (or Flash Cookies) to collect and store information, including information about your preferences and navigation to, from, and on GSR Sites. Flash cookies are not managed by the same browser settings as are used for browser cookies. Cookies may allow us and our service providers, for example, to customize your experience and make your visit to GSR Sites easier (for example, recognizing when you return, remembering your viewing preferences, enabling social sign ins, facilitating social sharing, and, if you are a registered user, remembering your password), measure activity on GSR Sites, track conversions, target ads, and provide analytics. While some cookies are deleted when you close your browser, others remain even after you close your browsing session.

We, our service providers and other third parties also may use pixel tags, web beacons or clear gifs, which are tiny files with a unique identifier, similar in function to cookies, that are placed in the code of a web page or an email. These technologies might be used, for example, to allow us and our service providers to track conversions, to send emails to you in a format you can read, to count users who have visited GSR Sites, seen our ads, opened our emails or clicked on any links in our emails, to inform us what content and advertising is effective, to optimize GSR Sites and its content, to reduce or eliminate messages sent to customers, to enhance usability of GSR Sites, to provide you ads and other promotions and content that may be of interest to you, and to collect other information about you and your visit when you use GSR Sites. In addition, when you click on a link in an email, we or our service providers may record the individual response to allow us to customize our offerings to you.

We and our service providers may analyze the information derived from cookies, pixels and other technologies and match or combine that information with data provided by you or another party. We engage various service providers who may use unique identifiers, cookies, pixels, beacons, and other technologies to provide analytics and to deliver you advertisements and content that may be of interest to you. For more information about interest-based advertising, click here to go to the “Interest-Based Advertising” section below, and for more information about analytics and our vendors, click here to go to the “Analytics” section below. To the extent that our service providers are using pixels, cookies, beacons, or other tracking technologies, we do not control the use of those technologies or the resulting information, and we are not responsible for the policies of those companies.

We do not engage in the collection of personally identifiable information about your online activities over time and across third party websites or online services. Accordingly, we do not currently process or comply with any web browser’s “do not track” signal or other mechanisms that provide consumers with the ability to exercise choice regarding the collection of personally identifiable information about your online activities over time and across third party websites. Further, we have not knowingly authorized any third parties to collect personally identifiable information about your online activities over time and across different websites when you use GSR Sites. Nonetheless, such third party companies (e.g., companies providing features or functionality on GSR Sites) may collect and use non-personal information during your visits to GSR Sites in order to provide advertisements on other partner or third party sites about goods and services likely to be of greater interest to you. These companies typically use a cookie or a third party web beacon to collect such information. Most web browsers are initially set to accept cookies. If you prefer, you can set your web browser to refuse cookies (except Flash cookies). You may also delete a cookie manually from your hard drive through your internet browser or other programs. Please keep in mind, however, that you may not be able to access the full functionality of GSR Sites if cookies are disabled.

B. How We Use Your Information

We may use and combine non-personal information (including aggregated information) for any lawful purpose. In addition, we and our service providers may use personal information collected from or about you as described in this Policy for the purposes disclosed to you or as otherwise permitted or required by law, including:

• To provide, track, and process the services, purchases and transactions that you request, including facilitating hotel accommodation, spa, dining, and entertainment reservations;
• To process enrollments and applications, including casino credit applications as well as registration in, the administration of, and the award and redemption of benefits under the Club Grand program;
• To accommodate your preferences, to personalize and enhance your experience and the services provided to you at the Venues, and to improve the Venues and our services;
• To validate your identity, to verify communications from you, and to respond to your emails, submissions, questions, comments, requests for information, and complaints and to provide customer service;
• To manage, store and enhance guest data and preferences;
• To send you important notices, such as communications about purchases, programs you have joined, and changes to our terms, conditions and policies;
• To conduct customer satisfaction, market research or quality assurance surveys;
• To conduct market research and to develop new Venues and services;
• To conduct and administer sweepstakes, prize draws and other contests;
• To record gaming-related activity;
• For marketing purposes, including without limitation interest-based advertising, other targeted promotions, sending you other promotional materials, and notifying you about special promotions, offers, events or opportunities;
• To send you marketing communications about the products and services offered by our property owners, marketing partners and other third parties, including without limitation offers regarding residential sales opportunities;
• To cross-reference, supplement and combine with other information that we or our service providers have acquired about you or may acquire about you through other sources, except where prohibited by applicable law or regulation (if any non-personal information is combined with personal information, the combined information will be treated as personal information pursuant to this Policy for as long as it remains combined);
• To monitor, track, and analyze usage and trends of Sites, to personalize and improve GSR Sites, and to increase the functionality of GSR Sites;
• To send you confirmations, updates, security alerts, and support and administrative messages and otherwise facilitate your use of, and our administration and operation of, GSR Sites;
• To protect the security or integrity of GSR Sites, the Venues and business;
• To prevent fraud and other prohibited or illegal activities, to investigate and resolve disputes and problems, and to otherwise comply with applicable laws and regulations;
• To enforce our Terms of Use and other contractual obligations; and
• For any other purpose that is disclosed to you at the point of collection of the personal information, for any purpose for which you provide your prior consent, in other ways naturally associated with the circumstances in which you provided the personal information, and for any other lawful purpose.

Every computer and device that is connected to the Internet is assigned an Internet Protocol (IP) address. When visitors request pages from GSR Sites, our servers typically log their IP addresses. While we generally collect IP addresses for purposes of system administration, for optimization of GSR Sites, Sites security assessments, to report non-personal aggregate information to others, to track the use of GSR Sites, and to get a sense of where GSR Sites visitors are located, we reserve the right to use your IP address to personalize content on GSR Sites and to identify you and to share that information as described in the “How We Share Your Information” section below.

C. How We Share Your Information

We may share non-personal information with any third parties for any lawful purpose. Unless otherwise prohibited by law, we may disclose personal information collected from or about you as described in this Policy to the following types of third parties and for the following purposes:

• Affiliated Companies: We may share your information with our parents, subsidiaries, affiliated companies, and other controlled affiliates (including casinos, hotels, restaurants and other business ventures that are licensed, owned, operated, and/or managed by us or our parents, subsidiaries, affiliated companies and other companies under common control), who may use personal information for any of the purposes disclosed in or consistent with the terms of this Policy (including without limitation those identified in the “How We Use Your Information” section above);
• Property Partners: We may share your information with owners of Venues that we manage but do not own, owners and operators of licensed Venues, and owners and operators of certain residential properties associated with or located in proximity to various Venues (as well as the respective designees of any of the foregoing), who may use personal information to provide you with services at or relating to the Venues, to provide you marketing information relating to real estate and other opportunities, and for any of the other purposes disclosed in or consistent with the terms of this Policy (including without limitation those identified in the “How We Use Your Information” section above).
• Marketing Partners: We may share your personally identifiable information with our co-promotional partners and other business partners with whom we have marketing or other relationships for joint marketing purposes or such partners’ own marketing purposes.
• Service Providers: We may share your information with our service providers who assist us by performing core services (such as reservations, hosting, billing, fulfillment, data storage, security, processing credit card payments, customer service, credit reporting, property management, customer relationship management, “know-your-customer,” accounting, auditing, processing insurance claims, investigating accident reports, administering sweepstakes, surveys, email and mailing services, and delivering packages) related to the operation of the Venues, the provision of services at the Venues, the operation of GSR Sites, the processing and fulfillment of reservations or product orders, and/or by making certain functionality of GSR Sites available to our users.
• Transactions: In the event of a sale, merger, consolidation, change in control, transfer of substantial assets, bankruptcy, reorganization, or liquidation, we may transfer, sell, or assign to third parties information concerning your relationship with us, including, without limitation, personally identifiable information collected from or about you provide, and other information concerning your relationship with us. Any successor may use your information for the same purposes set forth in this Policy.
• Legal: We reserve the right to use IP addresses to identify you and, where permitted or required by law or applicable regulation, we will provide any information about or relating to you, including any personally identifiable information about you, to third parties without your consent if we reasonably believe that such action is necessary to: (a) comply with a court order, subpoena or other legal or regulatory requirements; (b) otherwise fulfill a government request for information; (c) protect or defend our legal rights or property, our Venues, GSR Sites, or other guests and online users; (d) respond to claims that any posting or other content of GSR Sites violates the rights of third parties, including without limitation providing information necessary to satisfy the notice and counter-notice procedures pursuant to the Digital Millennium Copyright Act; (e) in an emergency, to protect the health and safety of the users of GSR Sites or the general public; or (f) enforce compliance with our Terms of Use or other contracts.
• To fulfill the purpose for which you provide it.
• With your consent.

We will not disclose the amount of your specific gaming winnings or gaming losses to any third party unless required by applicable law or regulation. For more information about how to opt out of receiving future promotional information from us or our affiliated companies, refer to the “Your Choices and Access” section below.

D. Your Data Protection Rights Under General Data Protection Regulation (GDPR)

If you are a resident of the European Economic Area (EEA), you have certain data protection rights. GSR aims to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data.

If you wish to be informed what Personal Data we hold about you and if you want it to be removed from our systems, please contact us by following the procedure describe in the “Contact Us” section, below.

In certain circumstances, you have the following data protection rights:

• The right to access, update or to delete the information we have on you. Whenever made possible, you can access, update or request deletion of your Personal Data directly within your account settings section. If you are unable to perform these actions yourself, please contact us to assist you.
• The right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete.
• The right to object. You have the right to object to our processing of your Personal Data.
• The right of restriction. You have the right to request that we restrict the processing of your personal information.
• The right to data portability. You have the right to be provided with a copy of the information we have on you in a structured, machine-readable and commonly used format.
• The right to withdraw consent. You also have the right to withdraw your consent at any time where GSR relied on your consent to process your personal information.

Please note that we may ask you to verify your identity before responding to such requests. You have the right to complain to a Data Protection Authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority in EEA.

GSR’s compliance with GDPR is voluntarily. GSR does not consent or submit to the jurisdiction of the European Union for any purpose or matter of any kind or waive any rights or defenses in law or equity with respect thereto.

E. Legal Basis for Processing Personal Data Under General Data Protection Regulation (GDPR)

If you are from the EEA, GSR’s legal basis for collecting and using the personal information described in this Privacy Policy depends on the Personal Data we collect and the specific context in which we collect it.

MEI-GSR Holdings, LLC may process your Personal Data because:

• We need to perform a contract with you
• You have given us permission to do so
• The processing is in our legitimate interests and it’s not overridden by your rights
• To comply with the law

F. How We Respond to Do Not Track Signals

Some web browsers may give you the ability to enable a “do not track” setting that is an HTTP header field indicating your preferences regarding tracking or cross-site user tracking. This is different from disabling certain forms of tracking by declining cookies in your browser settings, as browsers with the “do not track” setting enabled still have the ability to accept cookies. GSR Sites do not recognize web browser “do not track” signals at this time. We may work with third parties that use tracking technologies on GSR Sites, including in order to serve tailored advertisements on our behalf and on behalf of other advertisers across the Internet. These companies may collect information about your activity on GSR Sites and other websites over time, as well as your interaction with our advertising and other communications, and use this information to determine which ads you see on third-party websites and applications.

G. Interest-Based Advertising

We may allow third parties to collect information about your online activities on GSR Sites through unique identifiers, cookies, pixels, beacons and other technologies. These third parties include advertising networks that may use unique identifiers, cookies, pixels, beacons, and other technologies to track and collect information about your interests when you visit GSR Sites and other websites or view or interact with one of the advertisements they place on various websites or mobile platforms. The information gathered by these third parties is used to make predictions about your characteristics, interests or preferences and to display advertisements on GSR Sites and across the Internet tailored to your apparent interests. We use remarketing services to show you our ads as you browse other websites around the Internet. The remarketing services deliver our ads through advertising display networks, which includes the sites of trusted publishers. Third-party vendors use cookies to serve ads based on your past visits to GSR Sites. Please keep in mind that even if you opt out of receiving ads tailored to your apparent interests, you will continue to see ads from online advertising networks. However, those networks will not be able to apply any of your apparent ad preferences and the ads that you see therefore may be less relevant to your interests.

H. Analytics

We engage service providers to provide analytics data for the purposes of understanding and optimizing web usage, for business and market research purposes, measuring conversion tracking, and measuring the effectiveness of our content and online advertising campaigns. These service providers may use cookies alone or in conjunction with unique identifiers, pixels, beacons and other tracking technologies to collect information about you when you use GSR Sites.

I. Public Forums

We may offer chat rooms, blogs, message boards, bulletin boards, or similar public forums where you and other users of GSR Sites can communicate. Unless otherwise required by applicable law or regulation, the protections described in this Policy do not apply to information (including personal information) that you post to these public forums. We may use personally identifiable and non-personal information about you to identify you with a posting in a public forum. Any information you share in a public forum is public information and may be seen or collected by anyone, including third parties that do not adhere to our Policy. We are not responsible for events arising from the distribution of any information you choose to publicly post or share through GSR Sites.

J. Wireless Marketing Services

We may provide you with the opportunity on GSR Sites to register for special promotions, services, news, programming, and information delivered via text messaging and other wireless devices such as mobile phones and, in the event we do so, you may be required to provide your express consent to receive such information as required by applicable law, either by registering on GSR Sites or via your wireless device (or both). To receive these communications, we may require you to consent again in a subsequent confirmation message. Such services and promotional opportunities may be provided by us or by our service providers or strategic partners. The information requested as part of the online registration process may include your wireless telephone number or email address, but only if specifically requested, and your carrier’s name. Additional information may be requested for specific services, programs, promotions, offers, and information, such as your preferences regarding goods or services, choices of music or artists, or other similar survey information. Depending on the promotion, we may also collect an email address or other contact information, and depending on the information collected, you may also be required to confirm your agreement to this Policy and the Terms of Use.

If you register for wireless marketing services, you understand and agree that you will be charged by your wireless carrier for all messages sent to you. Standard messaging rates will apply, unless noted otherwise. Under no circumstances will we be responsible for any wireless email or text messaging charges incurred by you or by a person that has access to a your wireless device, telephone number, or email address.

You understand, acknowledge and agree that we may, in our sole discretion and without liability to any user, terminate any offer of any specific wireless marketing service or all wireless marketing services at any time without advance notice. We may provide notice of terminations or changes in services on GSR Sites.

K. Children

GSR Sites are general audience sites, and the features, programs, promotions and other aspects of GSR Sites requiring the submission of personally identifiable information are not intended for anyone under 21 years of age. If you are under 21, you may not access, use or register on GSR Sites. We do not knowingly collect personally identifiable information from individuals under the age of 18. If you are a parent or guardian of an individual under the age of 18 and believe he or she has disclosed personally identifiable information to us without your permission, please contact us at privacy@grandsierraresort.com or otherwise as provided in the “Contact Us” section below. A parent or guardian of a child under the age of 18 may request deletion of such child’s personally identifiable information as well as prohibit the use thereof.

L. Security

We take reasonable steps to protect against the loss, misuse and alteration of the information under our control, including Secure Sockets Layer (SSL) technology to encrypt the transmission of non-public personally identifiable financial and transaction information over the Internet, provided you are using an SSL-enabled device. We also utilize other reasonable security measures such as firewalls, security patches, and anti-virus programs, to protect non-public personally identifiable information. Despite these efforts, please be advised that no security system or means of transmitting data over the Internet can be guaranteed to be entirely secure (including without limitation with respect to computer viruses, malicious software and hacker attacks), and we cannot and do not guarantee or warrant the security of any information you disclose or transmit to us via the Internet, and are not responsible for the theft, destruction, or inadvertent disclosure of your personally identifiable information. For your own privacy protection, we recommend that you do not include any non-public personal or sensitive personal information such as passwords, social security numbers, credit card details, or bank account information, in any emails that you send to us. We will not contact you by email or text message to ask for such information.

M. Other Websites/Links

GSR Sites may link to third-party websites that we do not control or maintain. Be aware that those third-party websites collect information and operate according to their own privacy practices. We are not responsible for the privacy practices employed by any third-party website. We encourage you to note when you leave GSR Sites and to read the privacy statements of all third-party websites to understand how they collect, use and disclose personal information before submitting any personally identifiable information to those websites.

N. Your Choices, Access and Opting Out

If you have registered on GSR Sites, or are a member of the Club Grand program, you can login to your account to change and/or request updates to certain information and preferences to keep such data accurate, complete and up-to-date. You also can contact us as described in the “Contact Us” section to update or correct certain personal information.

In addition, you can set your web browser to refuse browser cookies (but not Flash cookies). Please keep in mind, however, that you may not be able to access the full functionality of GSR Sites if cookies are disabled.

In certain instances, we may provide you with the option to set your preferences for receiving email communications from us; that is, you can agree to receive some communications but not others. At any time, you also may opt-out of receiving future commercial emails from us by following the “Unsubscribe” instructions contained in any commercial emails that you receive from us. You also may contact us as described in the “Contact Us” section if you want to opt-out from receiving future commercial correspondence, including marketing emails, from us. We will respond to your request and, if applicable and appropriate, make the requested change in our active databases within a reasonable timeframe. Please remember that we may not be able to fulfill certain requests while allowing you access to certain benefits and features. Even if you unsubscribe from our marketing communications, you may continue to receive certain communications from us, such as transactional, customer service or other relationship messages, messages about your account and profile, and emails in response to communications or requests for information that we receive from you. Please also note that we may not be able to remove your personal information from the databases of third parties to whom we already provided your personal information as of the date of your opt-out request.

Information and preference data that is not displayed via GSR Sites is available upon request by contacting us at privacy@grandsierraresort.comwiththe subject heading “Information Request.” In your request, please provide your full name, city and state of residence, any email address/addresses that may be associated with your information in order for us to effectively and completely retrieve the correct data.

O. Your California Privacy Rights

California Civil Code Section 1798.83 permits residents of the State of California to request from certain businesses with whom the California resident has an established business relationship a list of all third parties to which the business, during the immediately preceding calendar year, has disclosed certain personally identifiable information for direct marketing purposes. We are only required to respond to a customer request once during any calendar year. To make such a request you should send an email to privacy@grandsierraresort.com with the subject heading “California Privacy Rights.” In your request, please attest to the fact that you are a California resident and provide a current California address for our response. Please be aware that not all information sharing is covered by the California privacy rights requirements and only information on covered sharing will be included in our response. We reserve our right not to respond to requests submitted to addresses other than the addresses specified in this paragraph.

P. Transfer of Data

Your information, including Personal Data, may be transferred to – and maintained on – computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.

If you are located outside United States and choose to provide information to us, please note that we transfer the data, including Personal Data, to United States and process it there.

Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer. MEI-GSR Holdings, LLC will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.

Q. Disclosure Of Data

Business TransactionIf MEI-GSR Holdings, LLC is involved in a merger, acquisition or asset sale, your Personal Data may be transferred. We will provide notice before your Personal Data is transferred and becomes subject to a different Privacy Policy.Disclosure for Law EnforcementUnder certain circumstances, MEI-GSR Holdings, LLC may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).Legal RequirementsMEI-GSR Holdings, LLC may disclose your Personal Data in the good faith belief that such action is necessary to: 
– To comply with a legal obligation 
– To protect and defend the rights or property of Celebrity Talent International, LLC 
– To prevent or investigate possible wrongdoing in connection with the Service 
– To protect the personal safety of users of the Service or the public 
– To protect against legal liability

R. Security Of Data

The security of your data is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.

S. “Do Not Track” Signals

We do not support Do Not Track (“DNT”). Do Not Track is a preference you can set in your web browser to inform websites that you do not want to be tracked. You can enable or disable Do Not Track by visiting the Preferences or Settings page of your web browser.

T. Links To Other Sites

Our Service may contain links to other sites that are not operated by us. If you click on a third party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit.

We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.

U. Service Providers

We may employ third party companies and individuals to facilitate our Service (“Service Providers”), to provide the Service on our behalf, to perform Service-related services or to assist us in analyzing how our Service is used.

These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

V. Contact Us

If you have any questions, comments or concerns about this Policy, or if you would like to exercise the choices discussed above, please contact us (a) by email at privacy@grandsierraresort.com, or (b) by postal mail at Grand Sierra Resort, 2500 E 2nd St, Reno, NV 89595, Attn: Digital Marketing – PRIVACY.

W. Changes to This Policy

We may change or update this Policy in the future. You can identify the date that this Policy was last updated by looking at the date at the top of this Policy. Any revisions to this Policy will take effect upon posting to GSR Sites. GSR does not directly notify you of any changes to this Policy. We encourage you to regularly review the current version of this Policy on GSR Sites. Use of GSR Sites following posted changes constitutes your acceptance of the revised Policy then in effect.

• About GSR
• Careers
• Contact Us