Privacy Policy — Musical Sojourns by EO Worldwide

PRIVACY POLICY
Updated: January 8, 2024

Our goal is to provide the best possible experience we can, both at the event and online through websites and any interactive features, including applications, widgets, blogs, social networks, social network "tabs," and other online or mobile offerings (which we collectively call the "Services"). Our Services are owned and/or operated, either directly or through our service providers and business partners or by EO Music Adventures Worldwide, LLC (we refer to EO Music Adventures as the "Company," "we," "our," or "us").

This Privacy Policy describes what data we collect online and offline and how we use, share, and secure that data. It also describes your choices regarding use, access, correction, and deletion of your personal data. Personal data is information, or a combination of different types of information, that could allow you to be identified.

We encourage you to review our Privacy Policy and click on the available links if you want additional information on a particular topic.

By providing us with your personal information or otherwise using our Services, you acknowledge that you have read, understood and agree to the terms of this Privacy Policy and our Terms of Service.

Data we collect

When you attend an event, register to attend an event, set up an account through one of our websites, request information about our Company, communicate with us, visit our websites, apply for employment with us, sign up for our promotions, contests, sweepstakes, or webinars or access our Services through various other methods, we collect data about you and those interactions.

Data we collect directly from you or other sources

We may collect the following categories of data either directly from you or from our business partners or third parties and in accordance with applicable law:

- Personal details (e.g., name, salutation, title, date of birth, place of birth, gender, photographs, and images)
- Contact details (e.g., email address, telephone number, mobile number, address, and emergency contact information)
- Health details (e.g., past medical history, temperature readings, test results, and vaccination history)
- Travel/vacation preference details (e.g., flight number, hotel booking, special occasion dates, special accommodations, loyalty program information, dietary preferences, travel companions, and family members)
- Your location and activities (e.g., CCTV footage of public areas)
- Government-issued documents (e.g., passports, alien resident cards, visas, residency permits, social security numbers, national and state identification numbers, driver’s licenses, and redress numbers)
- Details regarding your use of websites and applications (e.g., usernames, passwords, security answers, geolocation information, details regarding your interaction with websites, applications, and emails, such as whether you opened an email, which may permit us to recognize you across multiple devices, or to know if you watched the health and safety video or viewed certain content on our websites and applications)
- Financial details (e.g., credit card information, transactional history and purchases, amount paid for Services, bank information, income, and business information)
- Information available via public records and publicly available content on social media platforms
- Details regarding your interactions with our team members, including email communications

Data collected when you create an account with us, purchase our products, or use our Services may include data about yourself, those traveling or attending an event with you, and your emergency contacts. By providing us with the personal data of any third party, you confirm that you have the authority to do so on their behalf and have provided them with the information set forth in this Privacy Policy.

Please be aware that we will have photographers taking photographs and videographers recording video of our activities, events and concerts. If you would not like to be photographed, please let the photographers/videographers know and they would be happy to take reasonable steps to comply with your request. Please note that we are unable to guarantee that you will not be included in photographs on an incidental basis and if you decide to participate in any group photos.

Data we collect automatically

When you access websites or otherwise receive Services, and to the extent permissible under applicable law, we automatically collect some categories of data from you, including data collected using cookies, embedded scripts, and other tracking technologies (“Cookies and Tracking Technologies”), for website analytics to improve your online experience, analyze website usage, provide better security, and to personalize online and offline marketing. We do not respond to Do Not Track signals.

Special or sensitive categories of personal data

Some of the categories of data that we collect in connection with the provision of our Services or through the employment application process may constitute special categories of personal data (also known as sensitive personal data). In particular, we may collect personal data revealing racial or ethnic origin, religious, philosophical, or political beliefs, sexual orientation, or data concerning health, such as medical history or dietary restrictions, if in connection with our provision of Services or through the employment application process.

We collect this information when you choose to provide it to us or to a service provider or third party such as a travel agent or through the employment application process. We use this information to provide a service you request, such as medical care at an event (whether in person or through our telehealth services), or special dietary accommodations, or in connection with your application for employment.

If, while traveling with us or attending an event, you allege a personal injury or submit a claim after alleging a personal injury, we may collect personal data concerning the alleged incident, including healthcare information.

COVID-19 and global health data

For the health and safety of our guests and crew, we may process additional personal data during a pandemic or other global health crises. Prior to your event, you may be asked to undergo COVID-19 testing and provide us with proof of a negative result, disclose your vaccination status, and/or have your temperature taken.

How We Use Personal Data

We may use your personal data for the following purposes:

• Identify and authenticate you: We use your identification data to verify your identity when you access and use our Services and to ensure the security of your personal data. We do this to comply with our contractual obligations to you.
• Provide emergency and security services: We provide you with emergency and security services to protect your vital interests or based on our legitimate interest of providing the services needed in case of urgent emergency or security situations at one of our events.
• Provide you and your group with Services: We process your personal data to provide the Services you or your organization have requested. We do this to comply with our contractual obligations to you or your organization. For multi-guest bookings, we may allow all guests on the reservation to access and administer booking-related personal data of the guests on the same reservation in furtherance of our legitimate interest of allowing guests to conveniently administer their reservations.
• Advertise and market our Services: We may use your personal data, where permitted, to build a profile about you and place you into marketing segments to understand your preferences better and personalize the marketing messages we send to you. It is in our legitimate interest to provide more relevant and interesting advertising messages. We may contact you with marketing communications, and where necessary, we will obtain your consent before contacting you with such marketing communications.
• Communicate with you: We may use your personal data when we communicate with you. For example, if we are providing information about changes to our terms and conditions, in response to a question you submitted, or to notify you of changes to your event itinerary or important health and safety information. It is in our legitimate interest to provide you with appropriate responses, verify your contact information, provide you with medical testing results, and provide you with notices about our Services.
• Comply with our obligations under applicable laws: We may process your personal data to comply with applicable legal or regulatory requirements.
• Customize your experience and improve our Services: When you use the Services, we may use your personal data to improve your experience of the Services, such as by providing interactive or personalized elements on the Services and providing you with content, offerings, and experiences based on your interests. Where necessary, we will obtain your consent before using your personal data in this way. We frequently seek to improve our Services to provide you with a better experience, and we may collect data about how you are using our Services to do so. We use this data to understand what content on our Services interests you, make the booking process more convenient, fix operational issues with our Services, and maintain the safety and security of our Services.
• Exercise our rights: We may use your personal data to exercise our legal rights where it is necessary to do so, for example to detect, prevent, and respond to legal claims, intellectual property infringement claims, or violations of law or our terms and conditions.
• Prevent fraud and comply with legal obligations: We may process your personal data to prevent fraud and comply with our legal obligations. For example, to carry out fraud prevention checks, which include building fraud-related profiles, making decisions on that basis by fraud prevention experts.
• Protect the health and safety of guests and crew: We may process your personal data to protect the health and safety of all individuals at our events. For example, we may check your information against a publicly available criminal record database and our internal records to protect the safety of our guests and crew or use your personal data, including your health data, to protect against the spread of communicable diseases.
• Evaluate you for potential employment: We may process your personal data if you apply for a position as a team member with us, including by verifying any entitlements, monitoring equal opportunity employment, performing medical screenings (in some cases), and by making inquiries into any criminal and/or credit history based on our legitimate interests, to the extent necessary, and where permitted under applicable laws and regulations.
• Customer Testimonials: We may publish guest testimonials on our mailings, brochures, websites, and social media pages. Prior to publishing the testimonial, we obtain guests’ consent to publish their names, usernames, photos, videos, event, and travel destinations along with their testimonial, as applicable. If you wish to update or delete your testimonial, you can contact us via the methods described under “How to Contact Us.”

How We Share Personal Data

We may share any of the categories of personal data described above with third parties under the following circumstances, as permitted under applicable laws and regulations:

• Service providers and business partners: We may share your personal data with our service providers and other businesses that perform marketing services and other business operations for us or with which we have joint or cooperative business arrangements. For example, we may work with service providers and other businesses like travel agents to organize and facilitate your travel, arrange hotel, flight, or transportation accommodations, process your payments, maintain guest records, analyze data, facilitate targeted marketing and other communications. Where appropriate, we authorize our service providers to use personal data only as necessary to provide the requested services.
• To protect our rights or the rights of a third party: We may share your personal data to identify, investigate, contact, or bring legal action against an individual who may be causing injury to or interference with our rights or property or the rights or property of a third person if we believe in good faith that disclosing this personal data is necessary or advisable. Personal data about you may also be shared with governmental and recognized law enforcement agencies to prevent and detect crime as well as to safeguard children and vulnerable adults.
• In the context of a transaction: We may share your personal data with potential transaction partners, service providers, advisors, and other third parties in connection with the consideration, negotiation, or completion of a corporate transaction in which we are acquired by or merged with another company or we sell or transfer all or a portion of our assets or business, to the extent permitted by applicable law. Should such a sale or transfer occur, we will use reasonable efforts to obligate the entity to which we transfer your personal data to use it in a manner that is consistent with this Privacy Policy.

Data Retention

We retain your personal data for as long as we have a relationship with you or in accordance with applicable law, and such relationship includes any request to receive marketing or other promotional materials from us. When deciding how long to keep your personal data after our relationship with you has ended, we take into account our legal obligations, including requirements of regulators and governmental agencies that have authority over us. We may also retain records to investigate or defend against potential legal claims.

Region-Specific Disclosures

California: California Civil Code Section 1798.83 gives California residents the right to request in writing from businesses with whom they have an established business relationship, (a) a list of the categories of personal data, such as name, email, and mailing address and the type of services provided to the customer, that a business has disclosed to third parties (including affiliates that are separate legal entities) during the immediately preceding calendar year for the third parties' direct marketing purposes and (b) the names and addresses of all such third parties. To request the above data, please write us at: EO Worldwide, Attn: Special Requests, 3945 NE Stanton St, Portland, OR 97212-2956. We will respond to such requests for data access within 30 days following receipt at the our mailing address stated above. Please note that we are only required to respond to each customer once per calendar year.

European Union, EEA, UK, and Brazil:

If you are located in the European Union, the EEA, the United Kingdom, or Brazil, you have certain rights regarding your personal data, subject to local data protection laws. These include the following rights: access your personal data, rectify the data we hold about you erase your personal data, restrict our use of your personal data, object to our use of your personal data, receive your personal data in a usable electronic format and transmit it to a third party (right to data portability), lodge a complaint with your local data protection authority.

If you would like to discuss or exercise these rights, please write us at: EO Worldwide, Attn: Special Requests, 3945 NE Stanton St, Portland, OR 97212-2956 (USA).

Third Parties We Don’t Own or Control

Our websites, applications, and social media sites include links to other websites or applications whose privacy practices may differ from our practices. If you submit personal data to any of those other website or applications, your information is governed by their privacy policies. We are not responsible for the privacy practices or the content of any websites or applications to which our websites, applications, and social media sites provide links. We encourage you to carefully read the privacy policy of any website or application you visit.

Social Media Features

Our websites include social media features, such as the Facebook "Like" button, and widgets, such as the "Share" button, or interactive mini-programs (the "Features"). Features are either hosted by a third party or hosted directly on our websites. Your interactions with these Features are governed by the privacy policy of the company providing it. These Features may collect your Internet protocol address or which page you are visiting on our websites and may set cookies to enable the Feature to function properly, as further described by those companies’ privacy policies.

International Data Transfers

We are headquartered in the United States but have global operations and affiliates. Accordingly, your personal data may be transferred to, stored, and processed in various countries, including those that are not regarded as ensuring an adequate level of protection for personal data under the laws in certain jurisdictions, such as the European Union, UK, Japan, and Israel.

Privacy Policy Updates

We may update this Privacy Policy from time to time without prior notice. You can determine when this Privacy Policy was last revised by checking the updated date. We encourage you to periodically review this Privacy Policy to ensure you understand our privacy practices.