PLEASE READ THIS PRIVACY DISCLOSURE CAREFULLY BEFORE USING THIS SITE
Location of Servers
The Site is hosted on servers located in the United States of America and is intended for use by individuals and entities who are United States residents. YOU EXPRESSLY ACKNOWLEDGE AND CONSENT THAT YOUR DATA MAY BE TRANSFERRED TO VARIOUS LOCATIONS AND THIRD-PARTY PROVIDERS, AND MAY BE MAINTAINED AND PROCESSED ON COMPUTERS LOCATED OUTSIDE OF YOUR STATE, PROVINCE, COUNTRY, OR OTHER GOVERNMENTAL JURISDICTION WHERE THE PRIVACY LAWS MAY NOT BE AS PROTECTIVE AS THOSE IN YOUR JURISDICTION.
What We Collect and How We Use It
You may visit our Site without expressly submitting any information that can be used to identify you (“Personal Information”). However, if you wish to register as a participant in the Program, you will be required to submit Personal Information as further set forth below.
Information We Collect
If you register in the Program, the Personal Information we collect may include your name, email, mailing address, phone number, and other information requested on the registration page. We will also collect the primary account number for the eligible credit and/or debit card(s) that you use to enroll in the Program (“Linked Card”). We do not collect your Linked Card’s expiration date or card security code. The primary account number is the 14, 15, or 16 digit number that appears on the front of your Linked Card (“Linked Card Number”). We need the Linked Card Number to monitor your Linked Card activity for transactions with participating merchants (“Participating Merchants”) that are eligible for Program rewards. Accordingly, you are authorizing us to obtain and receive information about your Linked Card transactions with Participating Merchants from a payment card network (“Payment Card Network”) such as American Express®, Mastercard®, Visa®, Discover®, or a payment card processor.
We may also collect Personal Information about you from Rewards Partner or a bank issuing a credit card on Rewards Partner’s behalf that automatically enrolls you in the Program as a benefit (collectively, “Rewards Partner Information”). If you are automatically enrolled with Rewards Network by Rewards Partner, Rewards Network will only receive, maintain and use the Rewards Partner Information that Rewards Network needs to operate the Program.
You may need to create a user name and password for your Program account with us. We may assign you a unique identification number so that we may more easily identify you and your transactions.
You have the option to also provide us with the month and day of special dates (e.g., birthday, anniversary), dining preferences, and information regarding your personal accounts and/or profiles on third-party social networking sites such as Facebook® and Twitter®, as further described below.
We or Rewards Partner (or a non-affiliated third-party supplier, vendor, or contractor on our behalf or on behalf of the Rewards Partner) use your Personal Information only to operate the Program, including to send you emails, mailings, or other forms of communications (that may be real-time) that relate to the Program, Participating Merchants.
Linked Card Information and Transaction Information
We will know when you conduct a transaction with a Participating Merchant. We will collect information about that transaction, including a unique Program identification number, the date and time of your transaction, the amount of your transaction, the name and location of the Participating Merchant, and the Linked Card used for that transaction. We receive this information from Payment Card Networks. We may provide all or a portion of the information collected to a Rewards Partner or a Rewards Partner’s non-affiliated third-party suppliers, vendors, or contractors so that we and/or Rewards Partner can facilitate and administer the Program. You may receive real-time notification about the sharing of your transaction data. We may also use your transaction information to generate internal financial reporting and analysis regarding our business and for external reporting of anonymized data to market our business and the Program to third parties, including potential Participating Merchants and potential rewards partners.
We use the transaction data that we receive to match your transactions at Participating Merchants with available rewards and otherwise for Program rewards administration. In some cases, a Participating Merchant’s payment card processor may experience a lag time (approximately 24 hours) between when a credit and/or debit card is linked to a Program account and when the payment card processor is able to identify and provide us with the dining transaction data associated with that Linked Card. If you believe that you are eligible for rewards for dining at a Participating Merchant, and those rewards have not registered in your Program account within 10 days of the dine, please contact the Program’s Member Services at (800) 555-5116. We reserve the right to require that you provide a receipt from the Participating Merchant or documents reasonably required by us to evidence an eligible transaction in order to receive your reward.
By enrolling in and participating in the Program, you are authorizing us and Participating Merchants, Payment Card Networks, and payment card processors to obtain, provide, and use transaction information related to your purchases (such as date, time and amount) at Participating Merchants in order to calculate rewards, redeem rewards, and facilitate and make the Program available. You also authorize us to, in our reasonable discretion, collect location data using your device to provide you with recommendations based on your location and past dining activity, analyze your general dining patterns and stores that you visit, and also aggregate this data to help understand general Program member patterns and trends, which we may share with third parties with our discretion.
For certain qualifying purchases, you may be required to complete the survey in order to earn rewards.
All reviews, surveys, comments, feedback, and other information about your dining experiences, Participating Merchants, or participation in the Program that you choose to disclose, submit, or convey via the Site (which we refer to collectively as "Comments") may be reprinted, used, displayed, redistributed, shared, transmitted, excerpted, modified, and/or disseminated (in whole or in part) by us. Your Comments must comply with our Review Guidelines. We reserve the right to remove any Comments that are inappropriate.
Your provision of Comments to us constitutes a nonexclusive, royalty-free, perpetual, irrevocable, and fully sub-licensable right to use, reproduce, modify, adapt, publish, translate, create derivative works from, distribute, and display such Comments throughout the world in any media.
You warrant that: (i) any use of Comments by us will not violate any right of any third party; and (ii) any Comments are not libelous, unlawful, or obscene.
Personal Information We Utilize for Contests, Giveaways, Sweepstakes, and Other Promotions
Linked Card Updates
We collect IP address information from any visitor to the Site. We log IP addresses for system administrative purposes only. IP addresses are not used for identification. This information helps us determine how often different areas of the Site are visited. We do not link IP addresses to any information that is personally identifiable.
Usage Information and Session Data
When you visit the Site or click on a link in an e-mail from one of our Participating Merchants, we may collect usage information ("Session Data"). Session Data may include browser type and version, time zone setting, browser plug-in types and versions, operating system, platform, and what Participating Merchants you look at. We may use Session Data for a variety of reasons, including to better understand things like how the Site is navigated, how many visitors arrive at and look at specific pages, and the length and frequency of stays at our Site. We disclose such Session Data to our Participating Merchants to provide proof of attribution metrics.
We may have the ability to collect location data and provide you with push notifications based on your location and past dining activity. We utilize location information to provide you with more relevant location-based restaurant choices, track your general dining patterns and stores that you visit, and also aggregate this data to help understand general Program member patterns and trends, which we may share with third parties in our discretion. You are agreeing that we can collect and use your location data and can continue to do so until you turn off your location settings.
Your device may allow you to disable the collection of location data and push notifications by accessing your device’s application or notification settings. If you do not want us to have access to your location, you may change your location settings. You are agreeing that we can continue to collect location data until you turn off data collection in your device. We have no responsibility or liability for the functions of location settings within any device.
- Session cookies track the user's progression through the Site and session data for a single visit. These cookies enable us to follow the user as they progress from one page to another. Your session cookies expire at the end of your browser session. In addition, if you leave your browser open for a prolonged period, they are set to automatically expire.
- Persistent cookies are stored on your device between browser sessions, allowing us to remember you and your preferences on the Site. We may use a persistent cookie to remember such information as your user name, name, preferred dining area, favorite restaurants, and Session Data.
Most Internet browsers automatically accept cookies. However, you can instruct your browser to stop accepting cookies or prompt you before accepting a cookie from the sites you visit.
We use Google Analytics in order to analyze traffic and performance related to the Site. To learn how Google uses data when you use our Site, visit www.google.com/policies/privacy/partners/.
Disclosure of Personal Information
We or Rewards Partner may disclose information that we may have, identifiable or not, as necessary for defending and bringing legal actions; if required by a government authority or legal process; when we or Rewards Partner believe disclosure is necessary or appropriate to prevent physical harm or financial loss or in connection with an investigation or prosecution of suspected or actual illegal activity; or in the good faith belief that disclosure is otherwise necessary or advisable.
Disclosure of Anonymized Information
We may share anonymized information about you that is not reasonably identifiable to you with our affiliates, rewards partners, Participating Merchants, and other third parties in our discretion. Such information could be used, for example, to provide us with statistical or other analysis and to market our business, the Program or both. This information is de-identified and cannot reasonably be used to identify you personally. This information is most often aggregated demographic and statistical information (such as information derived from use of our Site or your participation in any Program) and information submitted in connection with restaurant reviews or surveys that you submit to us.
Transfer of Personal Information
Social Network Plugins
Third Party Sites
Choices for Email and Marketing Communications
You may opt out of receiving Program emails from us. However, doing so will affect your eligibility for all or some Program benefits. You may not opt out of receiving administrative emails related to your account except by terminating your Program participation.
If you do not wish to receive email communications from us, you can unsubscribe from the link in the email you received, change your selections within the Account Information section, or indicate your preferences within a direct communication to us. You may also email us if you wish to unsubscribe, but for your security, please do not send credit and/or debit card information via email.
Do Not Track
Because there is not an industry or legal standard for recognizing or honoring Do Not Track (“DNT”) signals, we do not respond to them at this time.
Retention and Disposal of Information
We retain your information as long as we determine it is required for the operation of our business and Program, and to meet legal, regulatory, and other requirements.
We take reasonable steps to ensure that information is disposed of securely when we no longer require such data.
We take commercially reasonable steps to maintain physical, electronic, and procedural safeguards to protect your information. These safeguards may include data encryption, access authorization, firewalls, and physical access control to our data centers. We use industry-standard encryption technologies when transferring and receiving identifiable information. We maintain PCI DSS compliance. You can find our listing on the Visa Global Registry of Service Providers.
We maintain a Service Organization Control (SOC) 3 report. This assessment of our security practices enables you and your stakeholders to validate that we have obtained independent auditor assurance, which attests to our alignment with the American Institute of Certified Public Accountants (AICPA) Security Trust Principles. We may elect in the future to assess our security practices through a standard other than SOC, and we will in any case maintain and routinely test our controls related to the security, integrity, confidentiality, and privacy of the information we collect, store, and process.
Securing Your Personal Information
Rewards Network and the Program will never ask you for personal information, including financial information, via unsolicited telephone calls, emails, postal mailers, or fax transmissions.
Specifically, Rewards Network and the Program will never send you unsolicited requests for the following types of Personal Information: (i) username or password; (ii) email address; (iii) social security number; (iv) credit and/or debit card number; (v) credit card expiration date or card security code; (vi) bank account numbers; or (vii) names of your family members. This list is provided for illustrative purposes only and is not intended to include all categories of information that may be the subject of an unsolicited request for Personal Information.
Any request for personal information of this nature in a conversation not initiated by you should be considered suspicious, even if the communication includes Rewards Network or the Program logos, links to websites that look “like” the Program, or a request for you to take immediate action, such as verifying your account information. Unsolicited communications of this type are often fraudulent “phishing” communications, and could be an attempt to acquire your sensitive personal information for malicious reasons.
Payment Card Industry Data Security Standard
In order to protect your Personal Information, Rewards Network complies with the security standards (PCI DSS) required by the PCI Security Standards Council.
The Council was founded in 2006 by five prominent payment brands — including American Express®, Discover Financial Services®, JCB International®, Mastercard®, and Visa, Inc.®. This global forum is responsible for the development, management, education, and awareness of security standards for credit and debit cards.
PCI DSS applies to all entities involved in payment card processing. This includes retailers where consumer purchases are made, payment card processors, credit card issuers, and service providers. Rewards Network continually reviews its payment card security practices to ensure that those practices satisfy the requirements of the most current version of the PCI DSS compliance standards.
If you suspect that you have received a phishing or other type of fraudulent communication, you should not: (i) click on any links in the offending email; (ii) open any attachments related to the communication; (iii) call any telephone numbers provided in the communication; or (iv) follow instructions contained in the communication. If the phishing or other fraudulent communication purports to be associated with the Program, you should report the communication to Rewards Network by sending an email to firstname.lastname@example.org. You should attach the unsolicited communication to your email report. If you received the communication by postal mail, rather than by email, you should photograph any mailer, letter, and envelope received and attach those materials to the email report that you send to Rewards Network.
Reviewing or Changing Your Information
You can contact us (by email, telephone, or postal mail) to request access and/or modify any information that we have for you, or otherwise modify your preferences pertaining to our marketing communications. To review, change, or update your information:
- Online: When the Program Site is available, sign in to your account and click on the "Profile" link to change your Personal Information or modify your communication preferences.
- By postal mail: Please include your email address and mail your request to us at Rewards Network Establishment Services Inc., 2 N. Riverside Plaza, Suite 200, Chicago, IL 60606, Attn: Member Services.
- By phone: Members may contact MileagePlus Dining Member Services toll-free at (800) 555-5116.
- By email: email@example.com.
To protect your privacy and security, we will take commercially reasonable steps to verify your identity before making corrections or granting access to your information.
Information Security Management Group
The following person serves as the contact for the ISMG:
2 N. Riverside Plaza
Chicago, IL 60606
Cancellation and Terminating your Account