Sept. 20, 2021
1. What is Personal Information?
“Personal information” is information that can be associated with a specific person and could be used to identify that specific person, whether directly from that data or when combined with data and other information that Baja Pass has or is likely to have access to. We do not consider personal information to include anonymized or aggregated clickstream data (such as hardware, OS, and browser information) as it cannot be used to identify a specific person.
2. The Personal Information We Collect & Where We Get It
We collect personal information when you perform the following: sign into our website, register or update a member profile, submit a survey, contact member support, or submit a suggestion form. In some cases, elements of your profile information are verified through a single-sign-on workflow using existing external account credentials or via a data file provided, which we use to validate that you are eligible to participate in the program.
To populate your member profile, we always collect your first and last name, local region (e.g., city/state), and email address. In cases where we must fulfill a physical membership card, we also need your mailing address and phone number.
When visiting our website or using our mobile app, the IP address of your device and other clickstream data (such as hardware, OS, and browser information) are collected in our temporary system logs. When using our mobile app, we collect the geolocation (if location permissions are enabled) and a unique notification identifier for your device.
3. How We Use the Information We Collect
We use your personal information in combination with the local region (e.g., city/state) in your member profile to provide you with a personalized experience. Based on the email preferences you configure, we will use your personal information to send you emails, information about Baja Pass, or other promotional materials related to your membership. Independent of your email preference settings, we may occasionally send notices or messages of a transactional or relationship nature (e.g., receipts or renewal notices).
We use your device geolocation, the publicly available geolocation associated with your IP address, and/or the local region (e.g., city/state) in your member profile to display localized content when you are browsing our website.
We use the unique notification identifier for your device(s) in order to deliver “push” notifications targeted to the device(s) associated with your membership. The settings that control these notifications are managed on your device; they are not managed as a part of your member profile. You may choose not to receive (or to stop receiving) notifications by disabling the notification permission on your device.
If you have questions about location and notification settings, please contact your device's mobile service provider or manufacturer to learn how to adjust your settings.
We use web forms throughout our website for customer comments and suggestions. Any information we collect from emails or web forms is used for the purpose of responding to your questions or comments. We may also retain your comments to improve our site and program or review and discard the information.
When you contact Baja Pass, we keep a record of your communication to help answer questions and resolve any issues you might encounter. These communication records are associated with your member profile in order to facilitate and optimize our support of your membership.
If you are a consumer in the European Union, we will only process your personal information when we have a legal basis to do so. When we do process your personal information, we will do so with your consent or because the processing is necessary: for the performance of a contract with you; to comply with our legal obligations; to pursue our legitimate interests, or to establish or defend a legal claim.
4. Personal Information We Share & Why
Baja Pass does not provide any personal information to third parties for their own direct marketing purposes. Additionally, we will not disclose your personal information to a third party unless:
It is a request from the entity through whom you obtained your membership (for example, the person who purchased your card as a gift)
With your explicit consent
To comply with our legal requirements
We may use non-identifying and aggregate information to better design our website and to share with advertisers and internet analytical companies. For example, we may tell an advertiser that a certain number of individuals visited a specific page on our website, but we would not disclose any personal information to a third party that could be used to identify individuals.
We may also transmit and store your personal information with third-party service providers (or “data processors”), such as our cloud computing provider, as part of the IT infrastructure necessary to provide our services to you. Unless we tell you differently, they do not have any right to use your personal information beyond what is necessary to assist us. Baja Pass and our service providers are located in the United States and Mexico, and any information we collect about you or that you provide will be processed and stored within the United States and Mexico.
5. Cookies and Third Party Websites
When you access our website, we place small data files called "cookies" on your computer to support the functionality of the features available within our website. Our cookies are used to:
Enable automatic sign-in. If you check the “Remember Me” checkbox at sign-in, you won’t be prompted to sign in again (for up to 6 months) using the same browser. Your membership identifiers are stored in a cookie.
Maintain your session context. For example, if you’re scrolling a list of restaurants and need to step away for an hour-long meeting, you can pick up where you left off without having to start over from the home page. Your session context is stored in a cookie until you exit your browser.
We encode our cookies so that only we can interpret or access the information stored in them. You are free to block or delete our cookies, but doing so may interfere with how you interact with our website.
You can learn more about cookies at the following sites:
6. Your Choices & Rights
Where you have given us your consent to use your personal information, you can withdraw it by doing the following:
To stop receiving our email marketing, you can change your email preferences within your member profile, follow the unsubscribe instructions in any emails we send to you, or contact us, and we will do it for you.
To opt out of sharing your device geolocation or receiving push notifications, you may update your device's location or notification permission settings.
You also have rights over how your personal information is used, including:
The right to object to our processing of your data. You may contact us when you wish to no longer participate in the Baja Passport program, and we will remove your data from our systems. Email your request to firstname.lastname@example.org.
The right to request that your information be erased or restricted from further use. We will delete your personal information upon request unless there is a legal obligation to retain it. If there is a legal obligation, we will notify you. Any personal information stored in backups will be restricted upon your request, such that it is never recovered and will delete following the backup retention period (not to exceed 1 year). Email your request to email@example.com.
The right to request a copy of the information we hold about you. You are entitled to receive any personal data you have provided to us in a structured, commonly used, and machine-readable format. We will provide your data electronically in an easily readable and transferrable format appropriate to the data (such as a comma separate file, a spreadsheet, or similar). Please email firstname.lastname@example.org, and we can assist you with this request.
The right to correct, amend or update the information you have given us. You can log into your member profile and update your information.
We will respond to any request we receive via email under this section within 30 days.
8. Security and Retention of Your Personal Information
Unfortunately, the transmission of information via the internet is not completely secure. Once we have received your information, we will use procedures and security features to prevent unauthorized access. We do this by employing safeguards like firewalls, data encryption, physical access controls to our servers, and other access controls. No safeguards, including the highest data encryption, can ensure perfect security, although we will do our best. As such, we cannot expressly warrant the security of any information that you transmit to us; you do so at your own risk.
We will retain your personal information for 3 years following the expiration of your membership or last activity, whichever occurs last. For members in our Baja Pass Program, we retain your personal information for 10 years following the expiration date of your membership or for 10 years following the expiration of your gift purchaser’s membership (in cases where your membership was provided as a gift), whichever occurs last. We retain your personal data for members with unassigned gift cards until all your gift inventory has been assigned. When we no longer need your information, we dispose of it in a secure manner according to our data retention and deletion policies.
9. Personal Information of Children
Our websites are not directed toward children under 18 years of age. We do not knowingly collect information from children under 18. If you are under 18, please do not use our websites or submit any personal information to us. Please email us at email@example.com if you believe we have collected personal information from a child.
10. International Transfer of Data
Any data you provide to Baja Pass will be stored on secure servers in the United States or México.
Some entities in Cabo Hospitality LLC, with whom we share your data, and our service providers, who have access to your personal data, are located outside the US. For example, we may also share your personal data overseas if we receive a legal or regulatory request from a foreign law enforcement body.
We will always take steps to ensure that any international transfer of information is carefully managed to protect your rights and interests; in particular, we will either:
Only transfer your personal data to countries that are recognized as providing an adequate level of legal protection in accordance with data protection legislation; or
Ensure that transfers outside the US are subject to appropriate legal safeguards.
11. Updates & Interpretation
Any heading, caption, or section title contained herein and any explanation or summary are provided only for convenience and in no way define or explain any section or provision hereof or legally bind any of us in any way.
12. Contacting Us