Who we are
Our website address is: https://abovebookings.com.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
WHAT INFORMATION DO WE COLLECT?
Personal information you disclose to us:
We collect personal information that you provide to us such as name, address, contact information, passwords and security data, and payment information.
We collect personal information that you voluntarily provide to us whether when registering for use of the Services, expressing an interest in obtaining information about us or our products and services, when participating in activities on the Services, or otherwise contacting us.
The personal information that we collect depends on the context of your interactions with us and the Services, the choices you make and the products and features you use. The personal information we collect can include the following:
- Publicly Available Personal Information. We may collect first name, last name, current business address and phone numbers; business email; business phone numbers; social media; and other similar data.
- Personal Information Provided by You. We may collect information about your usage of the Services; data collected from surveys; purchase history; financial information (credit card number, purchase history, invoices); and other similar data.
- Payment Data. We collect data necessary to process your payment if you make purchases, such as your payment instrument number (such as a credit card number), and the security code associated with your payment instrument. All payment data is stored by Stripe.com. You may find their privacy policy link(s) here: https://stripe.com/privacy.
All personal information that you provide to us must be true, complete and accurate, and you must notify us of any changes to such personal information.
Information automatically collected:
Some information – such as IP address and/or browser and device characteristics – is collected automatically when you visit our Services.
We automatically collect certain information when you visit, use, or navigate the Services. Such information does not independently reveal your specific identity but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Services and other technical information, and when combined with the information you provide to us (such as password or account details) may allow us to identify you. This information is primarily needed to maintain the security and operation of our Services, and for our internal analytics and reporting purposes. Like many businesses, we also collect information through cookies and similar technologies.
DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?
We may use cookies and similar tracking technologies (like web beacons and pixels) to access or store information.
IS YOUR INFORMATION TRANSFERRED INTERNATIONALLY?
We may transfer, store, and process your information in countries other than your own.
Our servers are located in United States. If you are accessing our Services from outside United States, please be aware that your information may be transferred to, stored, and processed by us in our facilities and by those third parties with whom we may share your personal information, in United States, and other countries.
If you are a resident in the European Economic Area, then these countries may not have data protection or other laws as comprehensive as those in your country. We will however take reasonable measures to protect your personal information in accordance with this privacy policy and applicable law.
HOW LONG DO WE KEEP YOUR INFORMATION?
We keep your information for as long as necessary to fulfill the purposes outlined in this privacy policy unless otherwise required by law.
We will only keep your personal information for as long as it is necessary for the purposes set out in this privacy policy, unless a longer retention period is required or permitted by law (such as tax, accounting or other legal requirements).
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
HOW DO WE KEEP YOUR INFORMATION SAFE?
We aim to protect your personal information through a system of organizational and technical security measures.
We have implemented appropriate technical and organizational security measures designed to protect the security of any personal information we process. However, please note that we cannot guarantee that the internet itself is 100% secure. Although we will do our best to protect your personal information, transmission of personal information to and from our Services is at your own risk. You should only access the services within a secure environment.
Dedicated card technology
Stripe encrypts sensitive data both in transit and at rest. Stripe’s infrastructure for storing, decrypting, and transmitting primary account numbers (PANs), such as credit card numbers, runs in a separate hosting infrastructure, and doesn’t share any credentials with the rest of our services. A dedicated team manages our CDV in an isolated Amazon Web Services (AWS) environment that’s separate from the rest of Stripe’s infrastructure. Access to this separate environment is restricted to a small number of specially trained engineers and access is reviewed quarterly.
All card numbers are encrypted at rest with AES-256. Decryption keys are stored on separate machines. We tokenize PANs internally, isolating raw numbers from the rest of our infrastructure. None of Stripe’s internal servers and daemons can obtain plain text card numbers but can request that cards are sent to a service provider on a static allowlist. Stripe’s infrastructure for storing, decrypting, and transmitting card numbers runs in a separate hosting environment, and doesn’t share any credentials with Stripe’s primary services including our API and website. It’s not just PANs that are tokenized this way; we treat other sensitive data, like bank account information, in a similar way.