Privacy & Security
City Pass, Inc. ("CityPASS"), is committed to protecting the privacy of our customers and users of our Website. We have therefore created this policy statement (the "Policy") to explain our privacy practices and procedures.
We believe that you should know what information we may collect from you, as well as understand how we use and protect that information. This includes what you tell us about yourself, what we may learn from your use of our website, what we learn by having you as a customer, and the choices you give us about what marketing materials you want us to send you. This notice also tells you about your privacy rights and how the law protects you.
CityPASS will revise and update this Policy as we change practices within citypass.com. You should refer back to this page for the latest information.
This Policy applies to the CityPASS Website, which is intended for the use of persons residing in countries that CityPASS markets its products, and for the order and delivery of CityPASS products.
Our Purposes for Collecting and Processing Personal Information and its Uses
General Uses and Disclosures. We use and share the information we collect from users for the purposes described below. To perform the following tasks, when necessary, we will obtain your consent before using your data for these purposes. If you withhold consent, access to some functions and portions of our web site may be limited.
- Providing Services to our Customers. If you are a CityPASS customer, we will use your information to support our delivery of products and services to you.
- Improving our Services. We use your information to enhance our understanding of our users’ preferences and improve our services.
- Disclosures we make to Service Providers. We share your information with third-party service providers that assist us with hosting and maintaining the CityPASS Website, processing payment card information, analyzing online activity on our Website, marketing our services, and managing our daily business operations, delivery of products and services, or use of your CityPASS products. We share only the minimum amount of personal information with these service providers that they need to perform their tasks.
- Compliance with Legal Obligations. We will share your information with law enforcement, government officials, regulatory agencies, or other parties when we are required to do so by applicable law. We will also disclose your information to comply with a judicial proceeding, court order, subpoena, or legal process.
- In an Emergency. In emergency situations to protect our customer’s vital interests we will use or share your information when doing so is necessary to protect an interest that is essential for an individual’s life.
- Our Legitimate Interests. We will use and disclose your information when necessary for CityPASS’s legitimate interests, as long as such interests are not overridden by our users’ interests, rights, and freedoms with respect to their personal information.
Our Legal Basis for Processing Personal Information
Data protection laws allow us to collect, use and retain your personal information if we have a proper reason to do so. These reasons include:
- When you consent to it,
- To fulfill a contractual relationship with you, such as fulfilling your order,
- When it is permissible under applicable privacy laws,
- When we have a legal duty to do so, or
- When it is in our legitimate interest.
Our legitimate interests include, ensuring that fraudulent transactions are not placed through our Website, to protect against security breaches, to process financial information, to further discuss your interest in future events, discounts and programs, to track the use of our Website and services, to protect CityPASS and others from claims by third-parties and for business transfers, as discussed below.
Details About Our Collection and Use of Personal Information
The Information We Collect
CityPASS collects a variety of personally identifiable information about customers and visitors to our Website in order to ensure order delivery and provide unique offers. We collect different types of information from users.
Personal Information means any personally identifiable information relating to an identified or identifiable natural person. When we use the term "personally identifiable information," we mean information that is directly associated with, or could be used to identify, a specific person or to determine preferences, interests, behavior, location or movement to create or use in a personal profile. Examples of information we may collect includes a name, address, telephone/cell number, email address, internet protocol address (IP address), mobile device identifier, or information about activities directly linked to that person which would permit the physical or online tracking or contacting of that person.
When We Collect Personal Information
Information you give us at checkout: We will collect personal information you give us when you purchase from our Website. Depending on the product purchased, you may provide some or all of the following personal information, your name, billing address, telephone number, email address, travel dates, names of ticket holders, preferences, and/or credit card number.
Blog/ Newsletter Subscription: If you chose to subscribe to our newsletter we only collect your email address. We do not share subscriber’s email addresses with third parties.
Our Use of Personally Identifiable Information
Our Internal Use: CityPASS collects personally identifiable customer information for the purpose of shipping CityPASS products to you and/or to contact you directly regarding your order. We also use email addresses on an opt-in basis to provide users with information they have subscribed to.
Our Customer Surveys: Periodically, you may be able to participate in our surveys to help us improve our site and products. Any personally identifiable information that we may collect from you in a survey will ONLY be used internally by CityPASS. And unless otherwise explained in the instructions for a particular customer survey, any personally identifiable information you provide to us for purposes of that survey will be used in accordance with this Policy.
Potential Future Disclosure of Personally Identifiable Information
Business Transfers: Information about our users and customers, including personally identifiable information, may be disclosed as part of any merger, acquisition, or sale of company assets. It may also be disclosed in the unlikely event of an insolvency, bankruptcy, or receivership in which case personally identifiable information would be transferred as one of the business assets of CityPASS.
Retention of Personal Information
We retain personal information for a reasonable period of time necessary to fulfill our legal or regulatory obligations and for our legitimate business purposes. We retain the following categories of personal information for the following time frames:
Personal profile information you give to us: When you make a purchase on our web site or subscribe to our newsletter, we may maintain that information. If you unsubscribe from the newsletter, we will take steps to erase personal and other information, but we reserve our right to retain and access the data for so long as is required to complete the delivery of products and services purchased from CityPASS and to comply with applicable laws. CityPASS will review its records on an annual basis.
Our Secure Transmission of information
Security of the information regarding your order is very important to us. We use transport security with certificates signed by Verisign to protect the security of your online order information from being intercepted by anyone other than CityPASS. You may verify that we are a legitimate Verisign Secure Site by clicking on the Verisign Secured logo in the lower right corner of all checkout pages.
Once you enter the checkout page, your computer will begin communicating with our server in secure mode. You can tell that you are in secure mode by the following:
- In the web address shown in the address window at the top of your browser window, "http" will be replaced by "https".
- In most browsers, you will see a closed padlock to the right of the address window. You can click on the lock for more security information.
Our Use of "Cookies"
Your right to access, copy or erase your personal information
For qualifying citizens of the European Union (EU), this section provides details about your rights in relation to your ability to access and to transfer personal information.
For qualifying citizens in the EU, you may ask us to:
Provide access to all the personal information about you held by us. If you ask us to do so, we will provide you with a copy of this information. For the first request, we will provide an electronic copy of the data at no charge. For subsequent requests, or printed copies, we reserve the right to charge a reasonable fee taking into account the administrative costs of providing the information or taking the action requested. You can exercise your right of access to your personal information:
- By emailing us at email@example.com; or
- By writing to us at the address below.
- Correct or erase your personal information where appropriate. Please note, you may review and update or correct your user profile information by logging in, as applicable, to the relevant portions of your CityPASS account profile where such information may be updated or corrected;
- Restrict the processing of your personal information while we investigate your concern;
- You have a right to receive your information in a commonly used electronic format or ask us to move the data in that format to another provider where your request relates to the data that you gave us directly and where technically possible (data portability); and
- Withdraw your consent at any time when the processing relies upon consent. Provided, however, if processing of a purchase of products or services has been completed, then cancellation of the purchase shall be subject to the terms and conditions for the purchase at the time it was made. In other words, you are not permitted to withdraw your consent to process your information in an effort to rescind an otherwise non-refundable purchase.
For qualifying citizens in the EU, this section provides details about your rights in relation to your ability to access and to transfer personal information.
- In the event you ask us to erase your personal information, it is in our reasonable interest to maintain some of the information for a reasonable period of time to complete the processing of your order, the delivery of our services to you to verify that the transaction placed for you was not fraudulent, or to enable the use of your purchased products. We may also keep a log or a record sufficient to demonstrate that we sent your information to you or fulfilled your request to erase your data. The log or record is in our reasonable interest to document compliance with various privacy laws, rules and regulations.
- Further, in the event you ask us to erase your data, certain third-party software we use is not designed to entirely remove information from software or systems without impairing the software’s functionality. It is in our reasonable interest to maintain the integrity of our software and operating systems. If that is the case, we will take steps to erase your data by making your data unreadable, thereby rendering it anonymous and untraceable. For example, we may change all letters to hash marks (“#”) or other symbols and numbers to zeros (“0”) to effectively erase your information.
If you choose not to give personal information
You can choose not to give us personal information, but it may prevent us from providing our services to you. In this section we explain the effects this may have.
We may need to collect personal information to enter into or fulfill a contract we have with you.
If you choose not to give us your personal information, it may also mean that we cannot complete a purchase or deliver our products or services to you.
We sometimes ask for information that is useful, but not required by law to process your order. We will make this clear when we ask for it. You do not have to give us these extra details and it won't affect the products or services you have with us. For example, we may ask you if you wish to subscribe to our newsletter. You are not required to do so in order to obtain our products and services.
Children under the age of 13
CityPASS products and services are not targeted to and are not intended to attract children under the age of 13. Other than requesting name(s) for any CityPASS child products purchased, CityPASS does not knowingly solicit personal information from children under the age of 13. Should we learn or be notified that we have collected information from users under the age of 13, we will immediately erase such personal information.
Updating of Our Policy
CityPASS will revise or update this Policy if our practices change, as we change existing services, add new services, or develop better ways to inform you of services we think will interest you. You should refer back to this page for the latest information and the effective date of any changes.
If you have any questions, comments or concerns about this Policy, please firstname.lastname@example.org. Or you can write to us at:
Attn: Privacy Officer
27 Arrow Root Lane
Victor, Idaho 83455
US & Canada (toll free)
Direct: +1 (208) 787-4300
CityPASS is committed to the policies set forth in this Policy.
Effective Date: May 25, 2018
Read more at https://www.citypass.com/privacy