Privacy Policy

1. WHAT INFORMATION DO WE COLLECT?

Personal information you disclose to us

In Short: We collect personal information that you provide to us.

We collect personal information that you voluntarily provide to us when you register on the Services, express an interest in obtaining information about us or our products and Services, when you participate in activities on the Services, or otherwise when you contact us.

Personal Information Provided by You. The personal information that we collect depends on the context of your interactions with us and the Services, the choices you make, and the products and features you use. The personal information we collect may include the following:

• names
• phone numbers
• email addresses
• mailing addresses
• job titles
• usernames
• passwords
• contact preferences
• contact or authentication data
• billing addresses
• debit/credit card numbers
• private equity portfolio positions

Sensitive Information. When necessary, with your consent or as otherwise permitted by applicable law, we process the following categories of sensitive information:

• financial data
• genetic data
• credit worthiness data

All personal information that you provide to us must be true, complete, and accurate, and you must notify us of any changes to such personal information.

We may collect , in particular, one or more of the following categories of personal information about you when you when you  use our Website or our App

Information automatically collected

In Short: Some information — such as your Internet Protocol (IP) address and/or browser and device characteristics — is collected automatically when you visit our Services.

We automatically collect certain information when you visit, use, or navigate the Services. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Services, and other technical information. This information is primarily needed to maintain the security and operation of our Services, and for our internal analytics and reporting purposes.

Cookie Notice:

Like many businesses, we also collect information through cookies and similar technologies.

The information we collect includes:

• Log and Usage Data. Log and usage data is service-related, diagnostic, usage, and performance information our servers automatically collect when you access or use our Services and which we record in log files. Depending on how you interact with us, this log data may include your IP address, device information, browser type, and settings and information about your activity in the Services (such as the date/time stamps associated with your usage, pages and files viewed, searches, and other actions you take such as which features you use), device event information (such as system activity, error reports (sometimes called “crash dumps”), and hardware settings).
• Device Data. We collect device data such as information about your computer, phone, tablet, or other device you use to access the Services. Depending on the device used, this device data may include information such as your IP address (or proxy server), device and application identification numbers, location, browser type, hardware model, Internet service provider and/or mobile carrier, operating system, and system configuration information.
• Location Data. We collect location data such as information about your device’s location, which can be either precise or imprecise. How much information we collect depends on the type and settings of the device you use to access the Services. For example, we may use GPS and other technologies to collect geolocation data that tells us your current location (based on your IP address). You can opt out of allowing us to collect this information either by refusing access to the information or by disabling your Location setting on your device. However, if you choose to opt out, you may not be able to use certain aspects of the Services.

2. HOW DO WE PROCESS YOUR INFORMATION?

In Short: We process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law. We may also process your information for other purposes with your consent.

We process your personal information for a variety of reasons, depending on how you interact with our Services, including:

• To facilitate account creation and authentication and otherwise manage user accounts. We may process your information so you can create and log in to your account, as well as keep your account in working order.
• To deliver and facilitate delivery of services to the user. We may process your information to provide you with the requested service.
• To respond to user inquiries/offer support to users. We may process your information to respond to your inquiries and solve any potential issues you might have with the requested service.
• To protect our Services. We may process your information as part of our efforts to keep our Services safe and secure, including fraud monitoring and prevention.
• To evaluate and improve our Services, products, marketing, and your experience. We may process your information when we believe it is necessary to identify usage trends, determine the effectiveness of our promotional campaigns, and to evaluate and improve our Services, products, marketing, and your experience.
• To identify usage trends. We may process information about how you use our Services to better understand how they are being used so we can improve them.
• To comply with our legal obligations. We may process your information to comply with our legal obligations, respond to legal requests, and exercise, establish, or defend our legal rights.

3. WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR INFORMATION?

In Short: We only process your personal information when we believe it is necessary and we have a valid legal reason (i.e., legal basis) to do so under applicable law, like with your consent, to comply with laws, to provide you with services to enter into or fulfill our contractual obligations, to protect your rights, or to fulfill our legitimate business interests.

If you are located in Canada:

We may process your personal information with your express consent (e.g., when you voluntarily provide data) or implied consent (e.g., when processing is necessary to fulfill a service you’ve requested). You may withdraw consent at any time by [contacting us/using our tools].

In exceptional cases, we may process your information without consent as permitted by Canadian law, including:

• To investigate fraud, breaches of agreements, or violations of Canadian or provincial laws;
• To comply with court orders, subpoenas, or lawful requests for information;
• To protect individuals from financial abuse, harm, or where collection is clearly in their interests (e.g., emergencies);
• For business transactions under applicable provincial laws (e.g., mergers, acquisitions);
• To identify injured, ill, or deceased persons and communicate with next of kin;
• If the information is publicly available and its use aligns with regulatory requirements;
• For journalistic, artistic, or literary purposes;
• To assess, process, or settle insurance claims using witness statements;
• When produced in the course of employment, business, or professional activities and used consistently with its original purpose.

If you are located in the European Economic Area (EEA) or UK:

We process your personal information under the General Data Protection Regulation (GDPR) when:

• You have given consent for specific purposes;
• Processing is necessary to fulfill a contract with you (e.g., providing services you requested);
• Processing is required to comply with a legal obligation;
• Processing is necessary to protect your vital interests or those of another person (e.g., emergencies);
• Processing is in our legitimate interests (e.g., improving services, fraud prevention), provided these interests do not override your rights.

If you are located in the United States:

We process your personal information in compliance with applicable federal and state privacy laws, including:

• The California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) for California residents;
• The Virginia Consumer Data Protection Act (VCDPA) for Virginia residents;
• Other state-specific laws (e.g., Colorado Privacy Act, Connecticut Data Privacy Act).
• Depending on your state, our legal basis may include your consent, contractual necessity, or legitimate business interests. We do not “sell” or “share” personal information as defined under the CCPA/CPRA.

4. WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?

In Short: We may share information in specific situations described in this section and/or with the following third parties. We do not sell your personal information.

We may need to share your personal information in the following situations:

• Business Transfers. We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
• Affiliates. We may share your information with our affiliates, in which case we will require those affiliates to honor this privacy notice. Affiliates include our parent company and any subsidiaries, joint venture partners, or other companies that we control or that are under common control with us.
• Our business partners, including our partners within the LiVNG network (if you use your account with them to sign up or sign in with us); professional advisers, including lawyers, bankers, auditors and insurers who provide consultancy, banking, legal, insurance and accounting services.
• We share your personal information with trusted third parties only as necessary to provide our Services, including:

• IT and cybersecurity providers to ensure secure operation of our apps and websites;
• CRM platforms to manage customer communications;
• Payment processors and reservation systems to fulfill bookings;
• Marketing partners to deliver personalized offers and analyze engagement;
• Legal authorities when required by law.

All third parties are contractually prohibited from using your information for their own purposes and must protect it in accordance with this policy and applicable laws, including Quebec’s Law 25. Quebec residents may contact us at [privacy@1livng.com ] for details about specific third parties.

• Legal & Regulatory Authorities, including government or other law enforcement agencies, in connection with the investigation of unlawful activities or for other legal reasons (this may include your location information).

5. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?

In Short: We may use cookies and other tracking technologies to collect and store your information.

We may use cookies and similar tracking technologies (like web beacons and pixels) to access or store information. Specific information about how we use such technologies and how you can refuse certain cookies is set out in our Cookie Notice. (Paragraph 1)

6. HOW LONG DO WE KEEP YOUR INFORMATION?

In Short: We keep your information for as long as necessary to fulfill the purposes outlined in this privacy notice unless otherwise required by law.

We will only keep your personal information for as long as it is necessary for the purposes set out in this privacy notice, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements). No purpose in this notice will require us keeping your personal information for longer than the period of time in which users have an account with us.

When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize such information, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

7. HOW DO WE KEEP YOUR INFORMATION SAFE?

In Short: We aim to protect your personal information through a system of organizational and technical security measures.

1LiVNG relies on our authorized technology partners, Hospiria (for property management systems) and Alliants (for guest experience platforms), to implement technical and organizational security measures designed to protect the personal information processed through their systems. These partners are responsible for safeguards such as encryption, access controls, and regular security audits.

While we require these partners to maintain industry-standard security practices under our contractual agreements, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure. We cannot guarantee that unauthorized third parties (e.g., hackers, cybercriminals) will not defeat these security measures or improperly collect, access, steal, or modify your information.

Transmission of personal information to and from our Services is at your own risk. You should only access the Services within a secure environment.

8. DO WE COLLECT INFORMATION FROM MINORS?

In Short: We do not knowingly collect data from or market to children under 18 years of age.

We do not knowingly solicit data from or market to children under 18 years of age. By using the Services, you represent that you are at least 18 or that you are the parent or guardian of such a minor and consent to such minor dependent’s use of the Services. If we learn that personal information from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any data we may have collected from children under age 18, please contact us at privacy@1living.com

9. WHAT ARE YOUR PRIVACY RIGHTS?

In Short: Depending on your location, you may have rights to access, correct, delete, or restrict the use of your personal information. You may also update or terminate your account at any time.

• Your Rights by region Summary

• Region-Specific Rights

If You Are in Canada:

• • Access: Request a copy of the personal information we hold about you.
  • Correction: Update or correct inaccurate data.
  • Withdraw Consent: Revoke consent for processing (where applicable).
  • Deletion: Request deletion of your data, subject to legal exceptions (e.g., fraud prevention).
  • Portability (Quebec only): Obtain your data in a structured, machine-readable format.
  • Challenge Compliance (Quebec only): File a complaint with Quebec’s Commission d’accès à l’information (CAI) .

If You Are in the European Economic Area (EEA) or UK:

• • Access: Confirm whether and how we process your data.
  • Rectification: Correct inaccuracies.
  • Erasure (“Right to Be Forgotten”): Delete your data under specific conditions.
  • Restriction: Limit processing during disputes.
  • Portability: Receive your data in a transferable format.
  • Object: Opt out of processing based on legitimate interests, direct marketing, or profiling.
  • Withdraw Consent: Revoke consent at any time (does not affect prior lawful processing).
  • Complain: Lodge a grievance with your national data protection authority (e.g., Ireland’s DPC, UK’s ICO).

If You Are in Switzerland:

• • Exercise rights similar to GDPR (access, correction, deletion).
  • Complaint to the Federal Data Protection and Information Commissioner (FDPIC) .

If You Are in the United States:

California (CCPA/CPRA):

• • Know: Disclose categories and specific pieces of personal information collected.
  • Delete: Request deletion (with exceptions for legal compliance).
  • Correct: Rectify inaccurate data.
  • Opt-Out of Sale/Sharing: Direct us not to “sell” or “share” your data (as defined under CCPA).
  • Limit Sensitive Data Use: Restrict use of sensitive information (e.g., precise geolocation).
  • Non-Discrimination: Not be penalized for exercising rights.
  • Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA):
  • Access, delete, correct, and opt out of targeted advertising or profiling.

Other Regions: Contact us to learn about rights under local laws.

• Exercising Your Rights
  
  • Submit a Request: Email: privacy@1LiVNG.com
  • Verification: We may require proof of identity (e.g., government ID, account verification) to process requests.
  • Response Time: We aim to respond within 30 days (or within legally required timeframes for your region).

Note: Withdrawing consent does not affect the lawfulness of processing before withdrawal. We may continue processing data under other legal bases (e.g., contractual necessity, legal obligations).

• Managing Your Account
  
  • Review or Update Information: Log in to your account settings.
  • Terminate Your Account: Request deletion via privacy@1LiVNG.com .We will deactivate or delete your account from active databases but may retain limited information to prevent fraud, comply with legal obligations, or enforce agreements.

• Cookies and Tracking Technologies

• • Adjust Preferences: Most browsers allow you to remove/reject cookies. Visit your browser settings to modify preferences.
  • Opt Out of Interest-Based Advertising: Use tools like the Digital Advertising Alliance (DAA) or adjust settings in our app/website.
  • Impact: Disabling cookies may affect functionality (e.g., saved preferences, login sessions)

• Complaints

If you believe we are unlawfully processing your data:

EEA/UK: Contact your national data protection authority .

Switzerland: Contact the FDPIC .

Quebec: Contact the CAI .

U.S.: File a complaint with your state attorney general (e.g., California DOJ ).

HOW TO CONTACT US

For questions, requests, or complaints:

Email: privacy@1LiVNG.com

10. CONTROLS FOR DO-NOT-TRACK FEATURES

Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track (“DNT”) feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. At this stage no uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this privacy notice.

11. HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?

Based on the applicable laws of your country, you may have the right to request access to the personal information we collect from you, change that information, or delete it. To request to review, update, or delete your personal information, please fill out and submit a data subject access request.

on file, or we may contact you through a communication method (e.g., phone or email) that you have previously provided to us. We may also use other verification methods as the circumstances dictate.

We will only use personal information provided in your request to verify your identity or authority to make the request. To the extent possible, we will avoid requesting additional information from you for the purposes of verification. However, if we cannot verify your identity from the information already maintained by us, we may request that you provide additional information for the purposes of verifying your identity and for security or fraud-prevention purposes. We will delete such additionally provided information as soon as we finish verifying you.

Other privacy rights

• You may object to the processing of your personal information.
• You may request correction of your personal data if it is incorrect or no longer relevant, or ask to restrict the processing of the information.
• You can designate an authorized agent to make a request under the CCPA on your behalf. We may deny a request from an authorized agent that does not submit proof that they have been validly authorized to act on your behalf in accordance with the CCPA.
• You may request to opt out from future selling or sharing of your personal information to third parties. Upon receiving an opt-out request, we will act upon the request as soon as feasibly possible, but no later than fifteen (15) days from the date of the request submission.

To exercise these rights, you can contact us or by referring to the contact details at the bottom of this document. If you have a complaint about how we handle your data, we would like to hear from you.

12. DO WE MAKE UPDATES TO THIS NOTICE?

In Short: Yes, we will update this notice as necessary to stay compliant with relevant laws.

We may update this privacy notice from time to time. The updated version will be indicated by an updated “Revised” date and the updated version will be effective as soon as it is accessible. If we make material changes to this privacy notice, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this privacy notice frequently to be informed of how we are protecting your information.

13. HOW CAN YOU CONTACT US ABOUT THIS NOTICE?

If you have questions or comments about this notice, you may contact our Data Protection Officer (DPO)  by email at privacy@1livng.com