Your Privacy Rights Effective Date: EFFECTIVE JANUARY 1, 2023

Our Privacy Policy

Thank you for visiting our website! This policy explains how we collect, use, and disclose the personal information of our users and guests as well as your choices regarding your personal information.

This policy has been adopted by and applies to all of the related legal entities that manage and operate the Bahia Resort Hotel, The Catamaran Resort Hotel & Spa, The Lodge at Torrey Pines, and their direct and indirect subsidiaries and affiliates (collectively referred to as “Evans Hotels,” “our,” “us,” or “we”). When we refer to “our Website,” we mean any of the following Evans Hotels websites: EvansHotels.com, BahiaHotel.com, CatamaranResort.com, or LodgeTorreyPines.com. Our Website contains links to other websites operated by third parties. When you access any such website, use of information you provide will be governed by the privacy policy of the operator of the site you are visiting. Evans Hotels is not responsible for the privacy practices or policies of such third-party websites.

Categories and Sources of Personal Information

Personal Information You Share with Us

Personal information is data that, among other things, identifies, describes, or could reasonably be linked to a specific individual. We collect personal information, in accordance with law, that is required or relevant for the transaction or interaction at issue, which may include: name, gender, physical address, telephone number, email address, credit or debit card information and photo identification, employer details, important dates you share with us such as birthdays or anniversaries, and other guest preferences or relationship information. We may for a short time, for security or legal purposes only, retain still or video footage via security cameras located in certain public areas in our properties, such as hallways and lobbies.

You may share the data in the foregoing paragraph at various touchpoints during your guest journey with us. For example, we collect information when you make a reservation, register as a guest, purchase a product from our online gift shop, participate in a marketing promotion such as a sweepstakes, subscribe to our newsletters, submit an inquiry, register for an event, request a service, respond to a survey, interact on social media, or otherwise communicate or engage with us electronically, telephonically, or in-person.

Personal Information Shared by Others

Others may also provide us with personal information on your behalf for the purpose of making a purchase or securing a reservation. This information typically includes your name, and sometimes address, email address, phone number, any guest preferences and, in limited circumstances, may include the number and names of any traveling companions. For example, your travel agent or an online travel agency such as Expedia may provide us with your contact information for purposes of securing a guest room reservation at our property at your request, or information about your travel itinerary or tour group. Similarly, a third-party service or application, such as Open Table, may provide us with your contact information if you have made a reservation to dine with us using their application. We may also collect information about you if you make content and information publicly available on social media such as profile information.

Other Data that Generally Does Not Reveal Specific Identity

The information we (or our third party service providers) may collect also includes information that typically does not directly relate to an individual, such as the name of your domain and host, Internet Protocol address, type of browser and operating system used, device information, location information, date and time of Website visit, browsing behavior, email open rates, and information used to recognize a computer upon login to an account or use of the shopping cart. This information is collected through the use of tracking technologies such as cookies, web beacons, and other similar technologies.

Cookies Statement

Required Cookies

Required Cookies are necessary for the Site to work, and enable you to navigate the Site and use its features, such as accessing secure areas of the Site. Without these cookies, services that you have requested, such as making a hotel reservation online, cannot be provided. Required Cookies may not be disabled, and do not gather information about you that could be used for marketing purposes.

Functional Cookies

These cookies allow us to analyze your use of the site to evaluate and improve our performance. They may also be used to provide a better customer experience on this site, such as by remembering your log-in details, saving what is in your shopping cart, or providing us information about how our site is used.

Advertising Cookies

These cookies are used to show ads that are more relevant to you. We may share this information with advertisers or use it to better understand your interests. For example, Advertising Cookies may be used to share data so that the ads you see are more relevant to you, allow you to share certain pages with social networks, or allow you to post comments on our site. Advertising Cookies also include Social Plug-In Cookies. Social Plug-In Cookies are used to share content from the Site with members and non-members of social media networks such as Facebook, Twitter, YouTube and Pinterest. These Cookies are usually set by the social networking provider, enabling such sharing to be smooth and seamless.

Duration

The length of time a cookie will stay on your device depends on whether it is a “persistent” or “session” cookie. Session cookies only stay on your device until you stop browsing. Persistent cookies stay on your device until they expire or are deleted.

Use and Sharing of Personal Information

We do not sell, trade, or rent your personal information to others. We may share personal information outside of Evans Hotels with third parties who complete transactions or perform services on our behalf. Such service providers are required to keep personal information confidential and are prohibited from using it other than to carry out their services. We (or in some cases our third party service providers) may use your personal information in connection with any of the following:

Our business transactions with you, including without limitation:

  • To complete and fulfill your purchases or requests for services, such as making your reservation, payment processing, order fulfillment, or information technology provision
  • To enter into or perform a contract with you
  • To send administrative information to you, such as information about an event that you are attending

Our legitimate business interests, including without limitation:

  • To personalize your experience by presenting offers tailored to you
  • To allow you to participate in sweepstakes, contests, or promotions (each of which may have separate rules, terms, and conditions)
  • To perform audits, fraud monitoring and prevention, credit or debit card authenticity and limit verification, or data analysis; monitor usage trends to improve our services; and determine the effectiveness of our promotional campaigns
  • Subject to your marketing preferences and consent, to deliver email newsletters about our properties, special events, or promotions

Pursuant to any consent you may have provided

You have the right to decline to provide your consent and, if provided, to withdraw your consent at any time. As necessary or appropriate for legal reasons, including without limitation:

  • To comply with legal process
  • To respond to requests from public and government authorities
  • To effectuate a sale, merger, acquisition, or similar transaction affecting the relevant portion of our business
  • To protect our operations, rights, privacy, safety, or property, or that of third parties
  • To allow us to pursue available remedies or limit damages that we or third parties may sustain

We may also share aggregated or de-identified information, which cannot reasonably be linked to you or any other individual guest or user.

In addition to the foregoing business purposes for collecting personal information, which we further describe in our Notice to Consumers who are California residents we collect personal information from our employees and our job applicants for additional reasons that are more specifically described in our Notice to Employees and Notice to Job Applicants.

Do Not Track Signals and Third Party Analytics and Services

Some browsers offer a “Do Not Track” (“DNT”) option whereby users can indicate their preference regarding online tracking and cross-site tracking. While you may enable the DNT setting on your browser, we do not change our practices in response to a DNT signal.

We may also engage third party service providers to serve our advertisements to you or to provide analytics services to us (such as Google Analytics) to help us improve our Website and services and understand how users are using our Website. This information may be used by us and these third parties to analyze and track data, determine the popularity of certain content, deliver our advertising to you, and better understand your online activity. These third party service providers may use cookies and other tracking technology from their own servers which will be able to track website visitors throughout our Website and through other sites that use those services. Similarly, third parties who have content embedded on our Website (such as the social features) may also utilize similar tracking technology. This policy does not apply to, and we are not responsible for, third party cookies, web beacons, or other tracking technologies. You can learn about Google’s practices by going to https://policies.google.com/technologies/partner-sites and opt out by downloading the Google Analytics opt out browser add-on at https://tools.google.com/dlpage/gaoptout.

We are not responsible for the data collection, use, disclosure, or security policies or practices of other organizations, such as Facebook, Apple, Google, Microsoft, or any other app developer, social media platform, operating system provider, or device manufacturer, including with respect to personal information disclosed to those organizations through our social media pages.

Security

Although collection, transmission, and storage of information can never be guaranteed to be completely secure, Evans Hotels implements and maintains reasonable security procedures and practices, including administrative, technical, and physical safeguards, to protect personal information about you from loss, theft, misuse, unauthorized access, and disclosure.

Specific Privacy Rights for California Residents

This portion of the Privacy Policy supplements the general privacy policy above, and applies solely to all visitors, users, and others who reside in the State of California, including without limitation our employees and our job applicants (collectively, “Residents”). We adopt this notice to comply with the California Consumer Privacy Act (“CCPA”) and any terms defined in the CCPA have the same meaning when used in this Policy.

Information We Collect.

In particular, we have collected the following categories of personal information from Residents within the past 12 months:

 

Category Examples Collected
Identifiers A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver's license number, passport number, or other similar identifiers. We collect certain information from this category from consumers, employees, and job applicants. For details, see our: Notice to Consumer Notice to Employee Notice to Job Applicant
Personal information categories listed in the California Customer A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories. We collect certain information from this category from consumers and employees. For details, see our: Notice to Consumer Notice to Employee Notice to Job Applicant
Records statute (Cal. Civ. Code § 1798.80(e)). employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories. Notice to Employee Notice to Job Applicant
Protected classification characteristics under California or federal law. Age (40 years or older), race, citizenship, marital status, medical condition, physical or mental disability, sex (including gender, pregnancy or childbirth and related medical conditions), veteran or military status. Protected classification characteristics under California or federal law. Age (40 years or older), race, citizenship, marital status, medical condition, physical or mental disability, sex (including gender, pregnancy or childbirth and related medical conditions), veteran or military status. We collect certain information from this category from consumers and employees. For details, see our: Notice to Consumer Notice to Employee
Commercial Information Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. We collect certain information from this category from consumers. See our Notice to Consumer for details.
Biometric Information Encrypted biometric finger information. Certain employees use their finger to verify identity when clocking in or out at a timeclock in order to increase security and minimize fraud. See our Notice to Employee for details.
Internet or other similar network activity Browsing history, search history, information on interaction with a website, application, or advertisement. We collect certain information from this category from consumers and employees. For details, see our: Notice to Consumer Notice to Employee
Geolocation data; Physical location or movements. Geolocation data Physical location or movements. We collect information from this category from consumers and employees. For details, see our: Notice to Consumer Notice to Employee
Sensory data Audio, electronic, video or other visual information. Sensory data Audio, electronic, video or other visual information. We collect certain information from this category from consumers and employees. For details, see our: Notice to Consumer Notice to Employee Notice to Job Applicant
Professional or employment-related information. Current or past job history or performance evaluations. We collect certain information from this category from employees and job applicants. For details, see our: Notice to Employee Notice to Job Applicant
Non-public education information (per 20 U.S.C. Section 1232g, 34 C.F.R. Part 99). Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. We do not collect this information
Inferences drawn from other personal information. Inferences drawn from other personal information. Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. We collect certain information from this category from consumers and employees, but we do not infer any characteristics based on Sensitive Personal Information. For details, see our: Notice to Consumer Notice to Employee We collect certain information from this category from consumers and employees, but we do not infer any characteristics based on Sensitive Personal Information. For details, see our: Notice to Consumer Notice to Employee

 

Please note that, under the CCPA, personal information does not include publicly available information from government records, deidentified or aggregated consumer information, or other information specifically excluded from the CCPA’s scope.

We obtain the categories of personal information listed above from you (for example, from forms your complete or products or services your purchase), also from others, as described above in the “Sources of Information” section of this policy.

Use or Sharing of Personal Information.

We may use or disclose the personal information we collect from Residents for one or more of the approved business purposes listed in the Use and Sharing of Personal Information section, above.

Residents’ Rights and Choices under the CCPA.

The Right to Know and Data Portability. Residents have the right to request that we disclose certain information about our collection and use of their personal information over the past 12 months (the "right to know"). Once we receive such a request and confirm a Resident’s identity (see Exercising Your Rights to Know, Delete, or Correct, below), we will disclose:

  • The categories of personal information we collected about the Resident.
  • The categories of sources for such personal information.
  • The business purpose for collecting or selling that personal information
  • Our business or commercial purpose for collecting that personal information.
  • The categories of third parties with whom we share that personal information.
  • If we disclosed the Resident’s personal information for a business purpose, a list of such disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained..
  • The specific pieces of personal information we collected about the Resident (aka a “data portability request”).

The Right to Delete. Residents have the right to request that we delete any of the personal information that we have collected from them and retained, subject to certain exceptions (the "right to delete"). Once we receive such a request and confirm the identity of the Resident (see Exercising Your Rights to Know, Delete, or Correct, below), we will review it to see if an exception allowing us to retain the information applies. We may deny the deletion request if retaining the information is necessary for us or our service provider(s) to achieve the approved business purposes listed above in the Use and Sharing of Personal Information section, above. We will delete or deidentify personal information not subject to one of these exceptions from our records and will direct our service providers to take similar action.

The Right to Correct. Residents also have the right to request that we correct inaccurate personal information that we maintain about them, subject to certain exceptions (the "right to correct"). Once we receive such a request and confirm the identity of the Resident (see Exercising Your Rights to Know, Delete, or Correct, below), we will review it; take into account the nature of the personal information, the purposes for which we process it; and use commercially reasonable efforts to correct any inaccurate personal information.

Exercising a Resident’s Right to Know, Delete, or Correct.

To exercise the right to know, delete, or correct described above (“CCPA Rights”), Residents may, up to two times during any 12-month period, submit a verifiable consumer request by either: (1) calling 1-866-335-2192; or (2) emailing privacy@evanshotels.com. Only a Resident, or a person registered with the California Secretary of State to act on their behalf, may make a verifiable consumer request related to their CCPA Rights. A Resident may also make a verifiable consumer request on behalf of their minor child. A verifiable consumer request must: (1) provide sufficient information that allows us to reasonably verify that the requestor is the person about whom we collected personal information (or their authorized representative); and (2) describe the request with sufficient detail that allows us to properly understand, evaluate, and respond to it. We cannot provide personal information if we cannot verify that the consumer making the request is the Resident about whom information was collected (or their authorized representative).

Response Timing and Format.

We will confirm receipt of a Resident’s request within ten business days and endeavor to substantively respond to a verifiable consumer request within 45 days of its receipt. If we require more time (up to another 45 days), we will inform the Resident of the reason and extension period in writing. We will deliver our written response by mail or electronically, at the Resident’s option.

Any disclosures we provide will only cover the 12-month period preceding our receipt of the request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide personal information that is readily useable and should allow transmission of information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to a verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will state why we made that decision and provide a cost estimate before completing the request.

Non-Discrimination Policy 

We will not discriminate against Residents who exercise their CCPA Rights. Specifically, unless permitted by the CCPA, we will not:

  • Deny such Residents goods or services
  • Charge them different prices or rates
  • Provide them with a different level or quality of goods or services
  • Suggest or threaten any of the foregoing

Use and Disclosure of Sensitive Personal Information. To the extent that any of the categories of personal information mentioned in this Policy are “sensitive personal information” under the CCPA, please be aware that such information is never collected or processed with the purpose of inferring characteristics about a Resident and is therefore treated as personal information for purposes of California law.

Additional Rights under California Law

In addition to CCPA Rights, California Civil Code § 1798.83 permits California residents to request information regarding disclosure of their personal information by us to third parties for the third parties’ direct marketing purposes within the previous calendar year. Although Evans Hotels does not disclose personal information to third parties for their direct marketing purposes, California residents may submit a verifiable consumer request pursuant to Section 1798.83 by either: (1) calling 1-866-335-2192; or (2) emailing privacy@evanshotels.com.

Users in the European Economic Area

Privacy Rights

The EU General Data Protection Regulation 2016/279 (“GDPR”) provides EU data subjects with certain rights related to the processing of their personal data, including, in certain circumstances, the right to: request access to personal information; request correction of inaccurate or incomplete personal information; request that personal information be erased; object to the processing of personal information, including for direct marketing purposes; request that the processing of personal information be restricted; request receipt of personal information in order to transfer it to another data controller; withdraw consent to use of personal information. You may exercise any of the above rights by writing to us at the address at the end of this policy. You have a right to lodge a complaint with your local data protection supervisory authority at any time. However, we ask that you please try to resolve any issues with us first before referring your complaint to the supervisory authority.

Legal Basis

We are committed to collecting and using your information in accordance with applicable data protection laws. We only collect, use, or share your information where we are satisfied that we have an appropriate legal basis to do so. This may be because: you have provided us with consent; our use of the information is necessary to perform our contract with you; use of the information is necessary to meet our responsibilities to regulators, tax officials, or otherwise meet our legal responsibilities; or use of the information is in our legitimate business interests.

Retention

Unless we have deleted your information in accord with your request pursuant to this policy, we will retain your information for so long as reasonably needed in connection with our relationship to you (for example, to address inquiries regarding past or future reservations), or as required by law. The criteria used to determine our retention periods includes the length and manner of our relationship with you, and whether there is a legal obligation to which we are subject (for example, certain laws may require that we keep records of your transactions for a certain amount of time).

A Note to Non-EU International Users

Please be aware that information we collect will be transferred to, processed, and stored in the United States, which has data protection laws that may differ from those of the country in which you are located. Your personal information may be subject to access requests from U.S. governments, courts, or law enforcement, under U.S. law. By using our Website or providing us with any information, you consent to this transfer, processing, and storage of your information in the U.S., and also consent to the application of U.S. federal and California state law in all matters concerning the Website and this policy.

Changes to Privacy Policy

We may update this policy to reflect changes in our information practices, and may apply any changes to information previously collected, as permitted by law. If we make changes, we will notify you by revising the Effective Date of the policy above and in some cases we may provide you with more prominent notice (such as adding a statement to our homepage). We encourage you to periodically review the policy to stay informed about our information practices and the ways you can help protect your privacy.

Contact Information

If you would like to contact us for any reason regarding our privacy practices, please call 1-866-335-2192, email privacy@evanshotels.com, or write to:

Evans Hotels
Attn: Legal Department, Privacy

998 W. Mission Bay Drive
San Diego, CA 92109