Effective April, 2009
OpenTable, Inc., along with its subsidiaries or affiliated companies ("OpenTable"), is committed to safeguarding your privacy and
upholding the highest levels of information security. To that end, the company adheres to the
strictest consumer privacy guidelines and uses state-of-the-art security
technology to protect any information you provide to and through OpenTable's
websites, which include www.opentable.com, www.opentable.co.uk, www.opentable.jp, and any other sites
owned or operated by OpenTable (hereinafter referred to collectively as the "OpenTable
Websites").
About the OpenTable Network
Each of the restaurants listed on the OpenTable Websites has adopted OpenTable’s proprietary Electronic Reservation System (“the
OpenTable System”) to replace their traditional pen-and-paper reservation books. The OpenTable Websites interact with restaurants’
OpenTable Systems to find available tables, to secure, change or cancel online reservations, and to confirm that reservations were
honored. While an individual restaurant’s table inventory is accessible to the OpenTable Websites to perform these functions, other diner
information that may be stored by that restaurant (for example, credit card numbers or reminders about diner preferences) is not
accessible to the OpenTable Websites. Similarly, the OpenTable Websites pass pertinent information to the OpenTable System in individual
restaurants as required to secure or cancel online reservations, for example. However, individual restaurants cannot access any
information from the OpenTable Websites. In some instances a restaurant may operate its own website and collect a myriad of diner/user
information directly as part of the online reservation process. In those cases, only the information passed directly to the OpenTable
Website to complete the transaction is stored by the OpenTable Website (e.g. diner name, phone and email address).
An online reservation may also be made through a restaurant’s website or via an OpenTable affiliate’s web link. Similarly,
your personal information is passed through from these sites onto the OpenTable System. If you choose to make a reservation through these
channels, you may not be entitled to receive dining points or other benefits as you would as a Registered User through the OpenTable
Website.
This document describes how OpenTable Website user information is collected, stored, used and, in specific instances, shared
with restaurants via their OpenTable System.
Information you will be asked to provide when using the OpenTable Websites:
There are two ways you can make restaurant reservations
online using the OpenTable Websites.
Unregistered Users:
As an Unregistered
User, you will be asked to provide a name and a telephone number in order
to complete the reservation, as you usually would be when making a reservation
over the phone. In addition, you
will be asked to provide an email address to which OpenTable will send automated service
messages pertaining to your reservation. OpenTable will use this email address
for no other purpose unless you have consented to receive marketing communications
from either OpenTable or from restaurants at which you've made online
reservations. Unregistered Users cannot earn OpenTable Dining Rewards points or
save their dining preferences for future visits.
Registered Users:
If you choose to
register with OpenTable (become a Registered User) in order to take
advantage of OpenTable's Dining Rewards program and other benefits, you will be
asked to provide a name, a telephone number, an email address, a password of
your choice and your primary dining city. You may choose not to receive marketing communications from OpenTable or
from the restaurant at which you've made an online reservation, other than
automated service messages pertaining to your reservation.
Registered OpenTable
users may automatically receive "VIP" status if they honor twelve or more
reservations made through the OpenTable Websites during the current or previous
calendar year. OpenTable VIP users
are identified as VIPs to restaurants with which they make reservations using
OpenTable so that restaurants may reward these frequent diners with special
services if they so choose. Restaurants cannot access the dining histories of
OpenTable VIP users other than diners' histories in their specific restaurant
or restaurant group.
For select restaurants and/or holidays, a valid credit
card number may be required to secure a reservation through the OpenTable
Websites. All such credit card transactions are either fully encrypted by OpenTable and certified
by Verisign ® or processed by a trusted third party. In either case
the credit card information will be shared with the restaurant at which the reservation is being
made, just as would occur with a phone reservation requiring credit card
information. OpenTable does not
record or store the credit card information, except for the last four digits of
your credit card which are only used for descriptive purposes. In addition, the third party credit card processor
is prohibited from using this information for any purpose other than processing the credit card.
OpenTable may offer OpenTable dining gift certificates
for sale on its site. A credit card
number may be required for these purchases. All such credit card transactions are
fully encrypted and certified by Verisign. The credit card number is passed directly
to the merchant bank for processing and is not stored by either OpenTable or
the e-commerce site.
Users outside of the United States should understand that
all information shared during the registration and reservation processes is
sent to and stored on secure servers that are located in the United
States. The United States has data
protection laws that may not be consistent with those of other countries. If
OpenTable transfers your information outside of your host country, OpenTable
will take steps to ensure that your privacy rights continue to be protected.
What information is accessible to restaurants:
When you make a restaurant reservation using the OpenTable
Websites, your name and telephone number are provided to that restaurant, just
as would occur if you were making a reservation over the phone. Your email
address is not provided to that restaurant unless you specifically indicate that
you are interested in receiving emails from that restaurant. You also have the
option of providing special preferences or comments regarding your reservation,
which OpenTable will pass on to that restaurant.
OpenTable will only share the information specified above
with the restaurant at which you have made reservations using the OpenTable
Websites. Restaurants cannot use their OpenTable System to access information
pertaining to diners or dining histories from other restaurants, with the
exception that restaurants under the same corporate ownership may elect to
share diner information between restaurant properties.
Restaurants may receive summary reports of feedback from recent diners. If you provide comments about a
restaurant (via the Dining Feedback Form, described below) these will be shared with that restaurant anonymously. However
there is the potential that a restaurant may associate a particular feedback
with your dining reservation. You may choose not to be anonymous while submitting your comments if you specify your identity or provide
contact information such as an email address for the restaurant to use in response to your feedback.
Email from OpenTable:
OpenTable sends
automated service messages pertaining to upcoming or recent restaurant
reservations, such as confirmations, reminders, and/or invitations to provide
diner feedback. While you cannot unsubscribe from all service messages, you may
select not to receive future diner feedback invitation emails by following the "unsubscribe" instructions provided.
Where you have consented to receive marketing
communications from OpenTable, you may from time to time receive communications
relating to special offers and/or OpenTable dining recommendations. You may
unsubscribe from the OpenTable email list at any time by following the
directions provided in the email communications, by replying to the marketing
communications with "Unsubscribe" in the subject line, or by visiting your
Profile page and choosing to opt out from receiving marketing communications.
Email from restaurants:
You may also consent to receive marketing
communications from the restaurant at which you've made a reservation.
OpenTable plays no role in the content, frequency, timing or unsubscription
process of any restaurant's marketing communications. If you would like to unsubscribe from a
restaurant's marketing communications, please contact the appropriate
restaurant directly.
Purposes of use of your personal information:
OpenTable may use your personal information for the following
purposes:
-
to secure your reservation at the OpenTable restaurant you've selected, by
providing your name and contact phone number to that restaurant,
-
to provide you with dining gift certificates and other products and services of the
OpenTable Websites,
-
to provide you with information about the services of the OpenTable Websites,
-
to provide services which Registered Users are entitled to under applicable terms
and conditions,
-
to produce aggregate statistical data for the improvement of services offered by
the OpenTable Websites,
-
to provide you with restaurant recommendations based on your dining history,
-
for any other purposes related to those above.
Viewing your profile and changing your personal information:
Once a Registered User logs on to the OpenTable Websites,
that user can view his or her personal information stored by OpenTable by
clicking on the "My Profile" link at the top of the page. In addition
to being able to view your recent OpenTable reservation history and Dining Feedback submissions, every user may also view and change the
following personal information: name, email
address, password, phone number, primary dining city, birthday (if it has been
provided by the user), address (if it has been provided by the user), special
requests that should be forwarded to restaurants when making reservations (if
they have been provided by the user), and whether that user would like to
receive marketing communications from OpenTable. A user may also be eligible to provide and share restaurant notes and feedback for some
past reservations that have been honored. The user at any time may contact
OpenTable to request that all personal information be deactivated.
Cookies, web beacons
and logging:
Log-in areas on the OpenTable Websites require that your
browser accept cookies. A cookie is
a small amount of information that is sent from a web server to your browser
and stored on your computer's hard drive. OpenTable uses cookies to verify that you are properly signed in, to display
information for your primary dining location, and to highlight your pending
reservations, for example. OpenTable may also use cookies from time to time to
measure your response to new aspects of the websites and/or emails in an effort
to continually improve customer service and website usability.
Please be aware that a cookie cannot spread computer viruses, retrieve any
other data from your hard drive, or capture your email address.
You can erase or block cookies from your computer if you
wish to do so (your internet browser help screen or manual will thoroughly
explain this process), but certain OpenTable services, as well as parts of the
website, may not work correctly or will not work at all if your browser is set
not to accept cookies.
Web pages may contain electronic images (called a "single-pixel GIF" or "web beacon") that are used to count
users who have visited that page, or to access certain cookies.
How OpenTable uses
your personal information:
OpenTable will never sell, rent, loan or otherwise
distribute any of your personal information (including but not limited to your
name, email address, phone number or any other identifiable information about
you) to any third party without your prior expressed written consent, although
OpenTable will pass certain information on to restaurants at which you make
reservations, only as described above.
OpenTable does use aggregate data (based partly on IP
addresses of website visitors) collected through its website to analyze website
usability, system performance and usage trends. While this data, in its aggregate form
only, may be shared with third parties with whom OpenTable works to analyze it,
the data will only be shared under the strictest terms of confidentiality and
will never contain any personally identifiable information pertaining to any
user of the OpenTable Websites.
Specifically, through an association with a company named Omniture, Inc. ("Omniture"),
OpenTable may use web beacons and the SiteCatalyst Analytics auditing software to track
page views and entry and exit points to and from OpenTable Websites. Omniture may place and analyze the
cookies on your internet browser to help determine the effectiveness of OpenTable
advertising and marketing campaigns. Again, the data collected will only be
used in an aggregate form and will not contain any personally identifiable
information, and only OpenTable and Omniture will have access to this
aggregate data. Omniture is legally bound to OpenTable under strict
confidentiality provisions and will never share any of this data with any third
party or use this information for any other purpose not described herein. You
may choose to opt-out of Omniture's analysis of your browsing behavior on
the OpenTable Websites. To learn more about Omniture, the SiteCatalyst Analytics
software or to exercise your opt-out choices, please visit: http://www.omniture.com/en/company/acquisitions/visualsciences/privacy/policy
In addition, through an association with a company named
Epsilon, OpenTable uses web beacons
and cookies to monitor behavior with respect to email sent by OpenTable to
Registered Users who have opted to receive email from OpenTable. Again, the data collected will only be
used in an aggregate form, and only OpenTable and Epsilon will have
access to this data. Epsilon is legally bound to OpenTable under
strict confidentiality provisions and will never share any of this data with
any third party. You may also choose to opt out of Epsilon's data analysis. To learn more about Epsilon and how
to exercise your
opt-out rights, please visit: http://www.epsilon.com/Privacy-Policy/p24-l1
If you choose to provide feedback on your dining
experience by completing a Dining Feedback Form, any feedback
you provide may be shared with other diners to enhance information
on the OpenTable Websites and/or with restaurants to let restaurants know how they are doing. Your
feedback will not be publicized in a way that is attributable to you by name, email
address, or any other identifiable form unless you choose to provide that information within the Dining Feedback Form itself, use
functions that enable you to send your Dining Feedback Form to others, or make the information public on any portions of your
registered-user Profile. However, there is the potential that a restaurant may associate a
particular feedback with your dining reservation.
Notwithstanding anything to the contrary in this privacy
policy, OpenTable may be required to disclose user and personal information in
response to inquiries by formal law enforcement, or in cases permitted by the
United State's CAN-SPAM Act of 2003 (CAN-SPAM), the European Union's Safe
Harbor Provisions ("Safe Harbor"), Japan's Personal Information Protection Act
("PIPA"), or other related privacy laws and regulations.
How restaurants may
use your personal information:
Restaurants in the
OpenTable network primarily use diner information provided through the
OpenTable Websites to secure the desired reservations. Additionally, as noted
above, if the user has given permission to a restaurant to send email to that
user's address, the restaurant may then contact the diner with special
announcements or offers. If permission is not given, the user's email address
will not be passed on to the restaurant.
OpenTable restaurants want to provide you with the best possible service so that you will
visit them again. One way restaurants can distinguish themselves is by
recognizing returning diners and recalling their special preferences. For this
reason, a restaurant may use its OpenTable System to take note of your special
requests, allergies, special occasions or other pertinent information that will
help the restaurant serve you better during your next visit. If a restaurant
chooses to note your preferences, that information may be typed into its OpenTable
System manually just as a restaurant might write a note on an index card. This data belongs to the restaurant,
since it is a product of that restaurant's relationship with you. OpenTable does not access or use this
information, and it is not shared with any other OpenTable restaurant or third
party, other than, perhaps, a restaurant under the same ownership. OpenTable does create back-up copies of
all information stored on the OpenTable System for that restaurant, to assist
in the restoration process in the event of data loss.
As specified
previously, for select restaurants and/or holidays, you may be required to
provide valid credit card information that will be passed on to and handled by
the restaurants individually in order to secure the reservation. Please contact the restaurant(s)
directly for inquiries on how they will manage your credit card information.
The restaurants within OpenTable's network are separate businesses from OpenTable. While OpenTable
encourages them to comply with data protection requirements, OpenTable will not
be responsible if these restaurants fail to comply with respect to your
information. Any complaints or
inquiries regarding use of your information by an OpenTable restaurant, or
marketing communications from an OpenTable restaurant, should be addressed
directly to the restaurant in question.
Restaurants within
the OpenTable network may also have their own websites. OpenTable is not responsible for how
these restaurants may collect your personal information through their own
websites. Please contact the appropriate restaurant regarding its website's privacy policy (if applicable)
and how it will access or use your personal information.
How OpenTable
protects your registration information:
OpenTable uses a state-of-the-art multi-layer encryption
algorithm and makes its best efforts to ensure that all of your user
information is secure. In addition,
OpenTable stores all of your personal information on a secure server. OpenTable employs a staff that regularly
maintains the security of all personal information stored, and that continually
monitors and implements changes and improvements that become available in the
electronic data security industry.
Changes to OpenTable's privacy policy:
Any changes to OpenTable's privacy policy will always be
posted to this section of the website, along with the effective date of the new
policy. All users should check this
privacy policy page periodically to stay abreast of any such changes. OpenTable will never make changes
to its privacy policy that violate any applicable privacy laws, including CAN-SPAM,
Safe Harbor, PIPA, or other commercial privacy standards. For any material changes to the privacy policy (in situations where OpenTable
changes the manner in which we handle your personal information), we will notify you via email
or by placing a prominent notice on the homepage of our website.
Disclosure, correction, suspension of use of personal information:
If you wish to have OpenTable disclose to you the personal information held by OpenTable and the means
through which OpenTable obtained such information, or if you desire the
information's correction, suspension of use, or to be informed of the purpose
of use by OpenTable, please contact OpenTable. (Contact information is provided
in the "Contacting OpenTable" section below.) Upon receiving the request, OpenTable
shall meet such request pursuant to the provisions of each applicable privacy regulation
after it confirms that such request has been made by you personally.
Contacting OpenTable:
United States and Europe
For questions regarding how to access and change your
personal information visit http://www.opentable.com/ or contact customer support at 1-800-OPENTABLE.
For questions or opinions on OpenTable's privacy policy,
contact OpenTable via email at info@opentable.com or by mail at:
OpenTable, Attn: Legal Department, 799 Market Street 4th Floor, San
Francisco, CA 94103.
Japan
For questions regarding Privacy Policy and information regarding Personal Information Protection Statement, visit
http://www.opentable.jp/info/pipstatement.aspx.
Safe Harbor Program
OpenTable is a participant in the Safe Harbor program developed by the U.S. Department of Commerce and the European Union. We have
certified that we adhere to the Safe Harbor Privacy Principles agreed upon by the U.S. and the E.U. For more information about the Safe
Harbor and to view our certification, visit the U.S. Department of Commerce’s Safe Harbor Web site.
We self-certify compliance with
BBB Safe Harbor Privacy Dispute Resolution
OpenTable is a participant in the Council of Business Bureau's BBB Safe Harbor Privacy Dispute Program.
If you believe OpenTable has not satisfactorily addressed your data privacy concerns, you may contact the Council of
Business Bureau at www.bbb.org