Port and Sava Cyberpolicy and Privacy Policy

Loading

Port and Sava- Privacy Policy

Updated: August 1, 2024

This privacy notice (the “Privacy Notice”) applies to our websites, mobile applications, and other offline or online and mobile services that link to or post this Privacy Notice (collectively, the “Services”), and explains how we collect, use, and disclose information through the Services.

It is our policy to comply with applicable privacy laws and data protection laws, and so our privacy practices may vary depending on where you live. Please see the region-specific disclosures and applicable supplemental notices for more information relevant to data collected in certain regions and by individual member clubs.

By using the Services, you acknowledge that you have read and understood the terms of this Privacy Notice. Please note that this Privacy Notice does not apply to information collected in employment or job applicant contexts.

Please also note that in some instances, we may direct you to a site or page that is operated by one of our partners or use framing techniques to serve you content from partners while preserving the look and feel of our website. Even though the page where you provide information may have the look and feel of the Services, a different privacy policy may govern that information collection by such partners.

1. Information Collection

Information Provided by You

We may collect some or all of the following types of information, some of which may be considered sensitive information, including when you register with us, use our Services, sign up for events, contests or sweepstakes, participate in surveys, create a profile, access various content or features, submit comments or content, use a send-to-a-friend feature, attend events, or directly contact us with questions or feedback:

  • Identifiers, such as contact information, such as name, e-mail address, postal address, telephone number, and date of birth;
  • Other unique identifiers, such as a username or password, and, where appropriate, other identifiers such as Social Security Numbers and government-issued identifiers. For example, we may need to collect these identifiers to award you certain types of prizes under relevant laws;
  • Demographic information, which may include gender, race, ethnicity, and sexual orientation, and other protected classifications under relevant state or federal law;
  • Financial and commercial information, such as credit card or other payment information and records of products or services purchased;
  • Real-time geolocation information, which may include precise geolocation information;
  • Communications and marketing preferences;
  • Favorite team and inferences about you and your personal preferences;
  • Audio, electronic, or visual information, such as photographs that you provide to us;
  • Biometric information, such as when you elect to use biometric authentication at stadiums that offer this functionality for entry or other relevant functionality governed by this Privacy Notice. Where required by law, we collect this information pursuant to your consent and may provide additional notice about relevant data handling practices;
  • Information about your contacts, such as name and email address, when you share that information with us. If you authorize us to access your contacts, calendar, or photos, we may also collect that information to provide you with relevant functionality;
  • Search queries;
  • Comments and other information posted in our interactive online forums;
  • Professional and employment information;
  • Education information;
  • Information that could be considered health information, such as when you purchase accessible seating;
  • Correspondence, waivers or acceptances and other information that you send to us; and
  • Additional information as otherwise described to you in this Privacy Notice, at the point of collection, or pursuant to your consent.

If you decide not to provide this information, it may limit our ability to provide the Services or some of our content. Be aware that many legal documents and court filings may require these pieces of information.

Information We Collect Automatically

We also may collect internet and electronic network activity information, device identifiers, and information about your use of the Services automatically when you visit or use the Services, including:

  • Your Internet Protocol (“IP”) address, which is the number automatically assigned to your computer whenever you access the Internet and that can sometimes be used to derive your general geographic area;
  • Your Media Access Control (“MAC”) address, which is a unique identifier assigned to a network interface controller;
  • Your device type or mobile carrier;
  • Other unique identifiers, including mobile device identification numbers and advertising identifiers (e.g., IDFA);
  • Your browser type and operating system;
  • Sites and apps you visited before and after visiting, or while using, the Services;
  • Pages you view and links you click on within the Services;
  • Information collected through cookies, web beacons, Local Shared Objects, and other technologies, as described further below;
  • Information about your interactions with e-mail messages, such as the links clicked on and whether the messages were received, opened, or forwarded;
  • If you link your social media account to your Port and Sava account, information from those social media accounts in accordance with your settings on the social platform and their privacy policy;
  • App usage information, including how often you use our application, the events that occur within the application, usage, and performance data, and where the application was downloaded from;
  • Other Standard Server Log Information;
  • Standard Network Traffic Information, when you are connected to an event’s and/or event venue’s Wi-Fi network; and
  • We may also collect audio, electronic, or visual information from you automatically, such as information collected from video cameras and when we film or photograph you in a public location at a Port and SavaEvent, as described further.

Information We Collect from Other Sources

In addition to information we receive from you and collect automatically, we may receive information about you from other sources, such as your friends, social networks, publicly available sources, data brokers, advertising partners, and our business partners and sponsors, including to facilitate co-branded programs. We may combine this data with information we already have about you, including to create inferences about you and your personal preferences.

2. Use of Information

We may use information that we collect about you for a variety of purposes, including to:

  • Provide you with products, promotions, services, newsletters, and information you request and respond to correspondence that we receive from you, including, where relevant, to facilitate your purchases (e.g., to process returns or streamline the checkout process);
  • Contact you about your account or relationship with us;
  • Customize and personalize your experience on the Services and to better serve you with offers and content that we think may be of interest to you, such as by providing you with targeted advertising both on and off the Services.
  • Communicate with you about products, services, contests, and events that we think might be of interest to you, and otherwise send you promotional material or special offers on our behalf or on behalf of our marketing partners, their respective affiliates or subsidiaries, and other third parties. We will obtain your consent to send such communications to the extent required by law;
  • Maintain or administer the Services (e.g., to maintain the security and integrity of the Services), perform business analyses, create aggregated or anonymized information that no longer identifies you and therefore is no longer subject to this Privacy Notice, or for other internal purposes to improve the quality of our business, the Services, and other products and services we offer, such as internal administrative purposes or to manage our relationships;
  • Publish stories, comments, photos, and other information posted in our interactive online features;
  • In the case of location information, for example, to determine your market location for purposes of administering broadcast restrictions for events, to validate your location to geo-gate certain features or information, to locate a place that you may be searching for in your area, for determining teams and offers in which you may have an interest and providing you with information or relevant advertising based on where you are located.
  • In the case of Social Security Numbers, for example, for tax purposes when administering prizes to certain contest winners;
  • Protect the health and safety of our guests, personnel, and the public;
  • Court Filings
  • As otherwise described to you in this Privacy Notice, at the point of collection, or pursuant to your consent.

3. Disclosure of Information

We may disclose each of the categories of personal information described above with others for the purposes described above, including as follows:

Authorized Third Parties and Service Providers: We may disclose your information to third-party vendors and service providers that perform certain functions or services on our behalf (such as to host the Services, fulfill orders, provide products and services, manage databases, perform analyses, process credit card payments, provide customer service, or send communications for us).

Within the Port and Sava Family: We may disclose your information to all members of the Port and Sava.

Administrative or Legal Process: We may be required to release this information for court or governmental filings in the course of the representation..

Other Parties With Your Consent: We may disclose information to third parties or the public when you consent to such sharing.

4. Cookies and Similar Technologies

We, service providers acting on our behalf and third parties, such as advertising partners, use cookies and similar technologies such as beacons, tags, HTML5 local storage, and scripts, to collect information from your browser or device. By using the Services, you acknowledge the use of cookies and similar technologies on the Services, although we have certain cookie-related choices described below and, where required by law, we seek your additional consent for certain categories of cookies.

The following types of cookies and similar technologies are used on our Services:

  • Strictly necessary cookies and technologies: These are necessary for the Services to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for Services, such as setting your privacy preferences, logging in, or filling in forms. You can set your browser to block or alert you about certain of these cookies, but some parts of the Services will not then work.
  • Functional cookies and technologies: These enable the Services to provide enhanced functionality and personalization. They may be set by us or by third party providers whose services we have added to our pages. If you disable functional cookies, then some or all of these services may not function properly.
  • Performance cookies and technologies: These allow us to count visits and traffic sources so we can measure and improve the performance of our Services. They help us to know which pages are the most and least popular and see how visitors move around the Services. If you disable performance cookies we will not know when you have visited our Services, and will not be able to monitor its performance.
  • Targeting cookies: We partner with third party advertisers to serve and display advertising on the Services and elsewhere online across different sites and services. As described directly below under Section 5, Interest-Based Advertising, these partners may use cookies and other similar technologies to collect information about your activities across different websites and services to build a profile of your interests and provide you with relevant advertising. This is typically done based on uniquely identifying your browser and internet device. If you disable targeting cookies, you will experience less targeted advertising.

To disable optional cookies (cookies other than those categorized as strictly necessary above), please utilize the Cookie Settings of the applicable website or navigate to Privacy Settings in applicable apps.

You also may be able to reject cookies and similar technologies through your browser settings. If you reject cookies through your browser settings, you may still use our Services, but your ability to use certain features may be limited.

5. Interest-Based Advertising

We contract with third party advertisers, as well as analytics and measurement partners, to serve and display advertising on the Services and elsewhere online across different sites and services.

These partners may use cookies and similar technologies on the Services and elsewhere online to collect and share information about your activities across different websites, mobile applications, and services to provide you with relevant advertising (“Interest-Based Advertising” or “IBA”). For example, we may conduct analysis on your behavior in order to provide you with Interest-Based Advertising both on and off the Services. “We may also disclose non cookie-based information for advertising purposes, including for Interest-Based Advertising. For example, we may disclose information to social networking platforms, so that they may send tailored communications on our behalf via their platforms. To serve and display advertising relevant to your location, where permitted by law and depending on the Services you use, the Services may also track your device’s precise geolocation by responding to beacons or inaudible signals sent to your device’s microphone. This is typically done based on uniquely identifying your browser and internet device.

Opting Out of IBA

You can opt out of receiving some type of ads and third-party collection of data for IBA from your device across unaffiliated services by managing your preferences at https://youradchoices.com/control.

– You can also manage third-party cookies that collect data from NFL-affiliated websites and mobile applications for Interest-Based Advertising by setting your preferences on the website, mobile application, or other service via “Privacy Settings” or “Cookie Settings.”

Geolocation Data for IBA

We may disclose your geolocation information, including precise geolocation information, to service providers that perform certain functions or services on our behalf and to third parties so that they may provide you with geographically relevant advertising.

If you wish to stop the further collection of your geolocation information for IBA, please opt-out using your device settings, as noted below:

Opt-out or Withdraw Consent for Precise Geolocation Data for IBA

To opt out of the tracking of your device geolocation and/or precise geolocation data, please visit your device settings. Turning off access to geolocation and precise geolocation data may disable or interfere with certain functionality or services.

For Android users, please see the following link for instructions on how to opt-out of or withdraw consent to geolocation data collection from your settings https://support.google.com/accounts/answer/6179507?hl=en.

For iOS users, please see the following link for instructions on how to opt-out of or withdraw consent to geolocation data collection from your settings https://support.apple.com/en-us/HT207092

6. Social Networking

Port and Sava does post information videos and blogs on social media. We do not discuss or post about specific clients. You can use third-party social networking services to share information about your experience on our Services with your friends and followers on those social networking services. These social networking services may be able to collect information about you, including your activity on our Services. These third-party social networking services also may notify your friends, both on our Services and on the social networking services themselves, that you are a user of our Services or about your use of our Services, in accordance with applicable law and their own privacy policies. If you choose to access or make use of third-party social networking services, we may receive information about you that you have made available to those social networking services, including information about your contacts on those social networking services. Your interactions with those social networking services are governed by the privacy policy of the company providing the relevant service.

7. Links to Other Websites

The Services may contain links to other websites or online services that are operated and maintained by third parties and that are not under our control or maintained by us. Such links do not constitute an endorsement by us of those other websites, the content displayed therein, or the persons or entities associated therewith. This Privacy Notice does not apply to this third-party content. We encourage you to review the privacy policies of these third-party websites or services.

8. Data Security and Data Integrity

The security and confidentiality of your personal information is very important to Port and Sava . We have implemented technical and organizational safeguards designed to appropriately protect your personal information against accidental, unauthorized, or unlawful access, use, loss, destruction, or damage. Still, no system can be guaranteed to be 100% secure.

As a result, while we strive to protect your information and privacy, we cannot guarantee or warrant the security of any information you disclose or transmit to the Services and cannot be responsible for the theft, destruction, or inadvertent disclosure of your information.

9. Data Transfers

When we transfer your personal information to third parties as described in this Privacy Notice, some of these parties may be located in countries other than your own, such as the United States, whose privacy and data protection laws may not be equivalent to those in your country of residence. When we transfer your personal information to other countries, we apply appropriate safeguards, to protect your information in accordance with applicable laws. While we strive to protect your information and privacy, we cannot guarantee or warrant the security of any information you disclose or transmit to the Services and cannot be responsible for the theft, destruction, or inadvertent disclosure of your information.

10. Data Retention

We will retain your information for as long as reasonably necessary and subject to New York laws, which currently requires 7 years for lawyers and for the purposes set out above, considering criteria such as applicable rules on statute of limitations, any legal requirements to retain your personal information in light of compliance obligations, any relevant litigation or regulatory investigations and to enable Port and Savato defend or bring potential legal claims, the sensitivity of the relevant information, and the duration of your use of the Services.

11. Data Subject Rights

Certain states in the United States and other international jurisdictions grant certain rights with respect to personal information. Depending on where you reside and in accordance with applicable law, you may be afforded the following rights:

  1. Access to your personal information in a portable format, or other information about our data processing practices.
  2. To delete the personal information Port and Savahas collected about you.
  3. To correct inaccurate personal information we have collected about you.
  4. To object to or request the restriction of processing of your personal information.
  5. To withdraw your consent.

If you would like to object to, or request the restriction of, processing of your personal information, withdraw your consent, or if you are otherwise not able to submit a request via the portal above, you can contact Port and Sava .

You may also be afforded, depending on where you reside and in accordance with applicable law, certain rights relating to the collection, use, and disclosure of your sensitive personal information.

  • Where applicable, you may exercise the right to limit certain uses and disclosures of your sensitive personal information by contacting Port and Sava .
  • Where applicable, you may also withdraw your consent with respect to your sensitive personal information by contacting Port and Sava .

Please note that we may still maintain, use, and disclose your sensitive personal information for certain purposes, such as to provide you with services that you have requested, protect the safety and security of services, and comply with our legal obligations.

We will not discriminate against you for exercising your rights and choices, although some of the functionality and features available to you may change or no longer be available to you. We may verify certain types of requests by requesting information sufficient to confirm your identity. Authorized agents may exercise rights on your behalf using the same mechanisms described herein, but we may request evidence that you have provided such agent with power of attorney or that the agent otherwise has valid authority to submit requests to exercise rights on your behalf.

We reserve the right to deny requests as allowed by applicable law, such as where we have a reasonable belief that the request is fraudulent, where your identity cannot be confirmed, or where Port and Savamust retain your information consistent with applicable law.

12. Changes To This Privacy Notice

We may update this Privacy Notice, including any supplemental privacy disclosures, to reflect changes to our information practices. If we make any material changes, we will notify you by email or by means of a notice on the Services prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.

14. Contact Us

If you have any questions about this Privacy Notice or the privacy practices of the Services, please contact us at (516) 352-2999 or at the following address:

Port and Sava 303 Merrick Road, Suite 212, Lynbrook, New York 11653

Port & Sava, Cyber Security

A.) PURPOSE

 i)         Our Firm’s cyber security policy outlines our guidelines and provisions for preserving the security of our data and technology infrastructure.

ii)         In today’s world more and more of our business is conducted online, it is vast and growing. The more we rely on technology to collect, store, and manage information, the more vulnerable we become to severe security breaches. A cyber-attack does not only directly threaten our Firm’s confidential data, it may ruin the relationships with clients, and cause severe legal jeopardy to them and our company’s reputation.

B.) SCOPE

i)          This policy applies to all our employees, agents, contractors, remote or onsite, and anyone who has permanent or temporary access to our systems and hardware.

C.) POLICY ELEMENTS

i)          The Firm has outlined security measures that may help mitigate cyber security risks.

(a)        Confidential Data:

(i) Confidential data is information for which unauthorized use, access, disclosure, acquisition, modification, loss, or deletion could result in severe damage to the Firm, partners, affiliates, and clients. Common examples are:

(a) Unpublished financial information;

(b) Credit Card Numbers;

(c) Data of customers/partners/vendors;

(d) Human resources records; and

(e) Patents, formulas, or new technologies.

(ii)Data security is the responsibility of all employees and agents

(b)       Protect personal and Firm devices

(i)        Employees should only access Firm’s emails and systems on Firm issued devices. Employees also should not use Firm’s devices and equipment to access personal emails, or accounts.

(ii)        This is vital as ignoring these protocols can introduce security risk to Firm and personal data. We advise our employees to keep both their personal and Frim-issued equipment and devices secure.

            (C)       Here is how:

                        (i)        Use strong (numbers, letters, and symbols) passwords on all devices;

(ii)       Avoid opening email attachments or clicking links;

(iii)      Be suspicious of clickbait titles (e.g. offering prizes, advice);

(iv)      Choose and upgrade a complete antivirus software;

(v)       Never leave devices exposed or unattended;

(vi)      Do not give out personal information on the phone or through email or text;

(vii)      Install security updates of browsers and systems monthly or as soon as updates are available;

(viii)    Log into Firm accounts and systems through secure and private networks only; and

ix)        When you use a shared computer or a business’s Wi-Fi connection, you do not know how secure the network really is. Use your own device and secured network instead.

D) MANAGE PASSWORDS PROPERLY

i)          Passwords are the first line of defense against numerous internet attacks of the Firm’s data infrastructure; hence password leaks are dangerous. Passwords should be “SS,” secure and secret. Here are some tips to make and keep them that way:

(a)        Choose passwords with at least eight (8) characters (including capital and lower-case letters, numbers, and symbols). Make your password a nonsense phrase. Long passwords are good; long passwords that include random words and phrases are better;

(b)        Remember passwords instead of writing them down. If employees need to store a list of their passwords or a password hint sheet on their computer in a document file, name the file something random;

(c)        Do not reuse passwords

(d)       Exchange credentials only when necessary. When exchanging them in-person is not possible, use the phone and only if the other person is recognized and verified; and

(e)        Change their passwords every thirty days.

E)        TRANSFER DATA SECURELY

 i)         Transferring data introduces security risk. Employees must:

ii)         Avoid transferring sensitive data, if information must be transferred it must first be encrypted by manager or IT specialist.

 iii)      confidential data must only be shared over the Firm network/ system and not over public Wi-Fi or private connection.

iv)        Ensure that the recipients of the data are properly authorized people or organizations and have adequate security policies.

v)         Store data in a shared drive that only authorized persons can access.

vi)        Report scams, privacy breaches and hacking attempts

vii)       Employees must report seeming attacks, suspicious emails, or phishing attempts as soon as possible to our specialists. Our specialist must investigate promptly, resolve the issue, and send a companywide alert when necessary.

F)         ADDITIONAL MEASURES

i)          To mitigate the possibility of security breaches, here are some additional defenses:

(a)        Lock screens and devices when leaving desks;

(b)       Report stolen or damaged equipment as soon as possible to HR;

(c)        Change all account passwords when a device is stolen or compromised;

(d)       Report a perceived threat or possible security weakness in company systems;

(e)        Do not download suspicious, unauthorized, or illegal software on company equipment;

(f)        Avoid accessing suspicious websites; and

(g)       We also expect our employees to comply with our social media policy;

ii)         Firm Network Administrators should:

(a)        Install Firm approved firewalls, anti-malware software and access authentication systems;

(b)       Arrange for security training for all employees;

(c)        Inform employees regularly about new scam emails or viruses and ways to combat them;

(d)       Investigate security breaches thoroughly; and

(e)        Follow this policies provisions as other employees do.

G)        REMOTE EMPLOYEES

i)          Remote employees are also obligated to follow all aspects of this security policy as they also will be using Firm’s systems, equipment, and confidential data; and

ii)         Remote employees can request that a Network Administrator test the security of their home network.

H)        DISCIPLINARY ACTION

i)          All employees will pass security training, as we expect all employees to follow this policy. Should an employee disregard this policy and cause security breaches they will be subject to disciplinary action:

(a)        First-time, unintentional security breach: We may issue a verbal warning and up to termination base on the severity of the breach; and

(b)       Intentional, repeated, or large-scale breaches (which cause severe financial or other damage): We will invoke more severe disciplinary action up to lawsuit or arrest. We will examine each incident on a case-by-case basis.

  1. TAKE DATA SECURITY SERIOUSLY
  1. We are all responsible for the security of the data we use. Our clients, partners, employees, and contractors should know that their data is safe. The only way to gain their trust is to proactively protect our systems and databases. We can all contribute to this by being vigilant with our cyber security.