Privacy policy

Privacy Policy

Last updated: 24 November, 2022.

You trust us with your personal data and we’re committed to keeping that trust. 

Please read our Privacy Policy that explains how we collect, use, share and protect your personal information.

All undefined and capitalized terms contained in this Privacy Policy shall have the meaning set forth in the Yayem Terms of Use.

1. HOW WE COLLECT YOUR PERSONAL INFORMATION
   
   

We collect your personal information when you interact with Yayem’s App and/or Website, such as when you create an account, apply for membership, visit one of our spaces or book an experience. 

We also collect information regarding your use of Yayem’s App and/or Website, to help us improve and optimise our services.

2. PERSONAL INFORMATION WE COLLECT FROM YOU

We collect personal information via Yayem’s app and/or website.  We collect and use different kinds of personal data: identity data, contact data, transaction data, technical data, profile data, usage data, user generated content. Data is provided in different ways:

• Membership application

• Membership onboarding

• Visiting our spaces

• Booking and paying for experiences

• Connecting with our concierge service

• Third Party Data (invitation of  Guest(s)s, referral of potential Members)

• Geolocation data, if you provide your consent to do this

3. USE OF YOUR PERSONAL INFORMATION

Yayem uses personal information for the following purposes:

• Site and mobile application

• Processing payments

• Marketing and communications

• Member support

• New product development

• Financial analysis and investor relations

• Safety and security
  
  

  4. LEGAL BASIS FOR THE COLLECTION OF YOUR INFORMATION

We will always collect personal information from you only where we either:

i) have your consent to do so;

ii) need the personal information to perform a contract with you (such as payment processing and experience delivery);

iii)need to collect your data for our legitimate interests (for instance to improve our services, or to ensure the safety and security of our members, partners and employees);

iv) need to use your information to comply with any legal obligation or regulatory requirement to which we are subject.

5. SHARING YOUR PERSONAL INFORMATION 

   
   

We may disclose your personal data to any partner or provider that makes available an experience you book or use through our Site, or to third parties who provide data processing services to us (such as Stripe, SendGrid, Twilio, AWS, Airtable or Braze).

6. PROCESSING YOUR PAYMENTS

We use Stripe, a third party payment processor, to monetize experience booked with us to collect your monthly/quarterly/annual membership. We do not store card details on our server. Credit and debit card payments are processed by Stripe on their secure payments server and all card details are fully encrypted and stored by them. Your payment will be processed by Stripe, who collect, use and process your information, including payment information, in accordance with their privacy policies. You can access their privacy policy via the following link: https://stripe.com/gb/privacy

7. REFERRING MEMBERS AND INVITING FRIENDS

While using our Site we may be using service providers, who may collect, store and/or process third party data. We make reasonable efforts to engage with trusted partners that post a privacy policy governing their collection, processing and use of non-personal and personal information.

For instance, we use a third-party service provider, Twilio, Inc., when you refer a Member or invite a friend through our Site. This enables us to communicate with them through SMS. To learn more about Twilio's privacy practices and their international data transfer guidelines, please visit https://www.twilio.com/legal/privacy

8. INTERNATIONAL DATA TRANSFER

Information you submit to us is stored within the European Economic Area on our third-party hosting provider’s servers. This means that your personal data will be fully protected under the GDPR or to equivalent standards by law.

Our third-party hosting provider is Amazon Web Services. Their privacy policy is available here: https://aws.amazon.com/privacy/

Your personal data is or may be transferred outside the EEA in specific situations:

Application information is transferred to our CRM system where it will be matched against any existing information we hold for you. Our CRM provider is Braze. This may be stored outside the European Economic Area on our CRM provider’s servers in the United States. Their privacy policy is available here: https://www.braze.com/company/legal/privacy

Additional member data, from application to house check-ins, is also stored on custom databases built for CRM purposes. Our database provider is Airtable; they may transfer data outside the EEA, pursuant to appropriate safeguards adopted by the European Commission. Their privacy policy is available here: https://www.airtable.com/privacy 

Twilio adheres to the EU–U.S. Privacy Shield Framework for notice, choice, onward transfer, security, data integrity, access, and enforcement for such personal data. As required under the principles, when Twilio receives information under the Privacy Shield and then transfers it to a third-party service provider acting as an agent on Twilio’s behalf, Twilio has certain liability under the Privacy Shield if both (i) the agent processes the information in a manner inconsistent with the Privacy Shield and (ii) Twilio is responsible for the event giving rise to the damage.

Stripe’s services in Europe are provided by a Stripe affiliate—Stripe Payments Europe Limited (“Stripe Payments Europe”) - an entity located in Ireland. In providing Stripe Services, Stripe Payments Europe transfers personal data to Stripe, Inc. in the US.

9. RETENTION OF YOUR PERSONAL INFORMATION

We will retain your personal information as long as needed to fulfill the purposes explained in Section 3 above, where we have an legitimate interest or for a period specifically required by applicable regulations or laws. 

When determining the relevant retention periods, we will take into account:

• our contractual obligations and rights in relation to the information involved;

• legal obligation(s) under applicable law to retain data for a certain period of time;

• statute of limitations under applicable law(s);

• our legitimate interests 

• (potential) disputes; and

• guidelines issued by relevant data protection authorities.

We will securely delete your personal information where we no longer require it for the purposes collected.

10. YOUR RIGHTS 

You have the following data protection rights:

• access or request a copy or your information

• update or delete your personal information

• restrict or stop the processing of information

• opt-out of marketing communications

• where we have asked for your consent, withdraw this consent at any time

• complain to your data protection authority

• any other rights, as provided by applicable legislation

11. Changes to our Privacy Policy

We may update our Privacy Policy from time to time. If we make significant changes, we will notify you in advance of the changes through Yayem’s app or other means, such as email. We encourage you to periodically review our Privacy Policy for the latest information.

Use of our services after an update amounts to consent to the updated Privacy Policy to the extent permitted by law.

Contact details

If you have any questions or concerns about our Privacy Policy or how we use your personal information more generally, you can contact us at admin@yayem.co