Last Updated and Effective Date: 2022-12-15
Our privacy practices are subject to the applicable laws of the places in which we do business, so we have added region-specific terms that only apply to customers located in certain geographic regions, or as required by applicable laws.
- Scope of this Notice
- Personal Data We Collect and How We Use It
•Personal Information You Give Use
•Personal Information We Derive Through Your Use of Our Services
•Personal Information We Collect From Third Parties
- What We Do With Your Personal Information
- Our Legal Grounds for Processing Your Personal Information
- Our Sharing of Your Personal Information
- Data Retention
- Data Security
- International Data Transfers
- Your Privacy Preferences
- Your Privacy Rights and Choices
- Children’s Data
- Jurisdiction-Specific Privacy Disclosures
- Changes to this Notice
- Contact us
- Scope of This Notice
- Create and maintain an account with Medieval Times.
- Sign up for our promotional emails.
- Attend a virtual event, webinar, or otherwise engage with our interactive or pre-recorded content.
- Make a purchase or other transaction with us.
- Subscribe to or engage with our newsletters or other electronic communications.
- Interact with our social media pages.
- Click on our ads posted on third party sites.
- Communicate with our service representatives or features (including via chat functions, email, text, or phone).
- Third-Party Sites. Websites, apps, videos (embedded or direct links), or other content (each a “Linked Site”) to which we link that are not operated by us. Linked Sites have their own personal information collection and use practices, and we are not responsible those practices. We encourage you to read each Linked Site’s privacy disclosures to understand how your personal information is processed.
- Workforce Members and Candidates. Our processing of the personal information of job applicants/candidates and workforce members is not governed by his policy. That processing is described in our Candidate Privacy Notice.
- Non-Personal Information. Our processing of information that cannot be linked to an identifiable or identified individual. We may process this data for any legitimate business purpose.
- Personal Data We Collect and How We Use It
The personal information we collect about you depends on the nature and context of your interaction with Medieval Times and our Services. It may also depend on various choices you make about how to use the Services we offer, the functionality and features you choose or enable, your location, the devices you us to interact with our services, and applicable law. The following describes the personal information we collect about you and the way we collect it.
- Personal Information You Give to Us
We collect the following categories personal information you provide to us, including the following:
- Your Personal Details. For example, your first and last name, email address, phone number, physical address, job titles, and other contact information you provide.
- Account and Other Identifiers. For example, a username, screen name, handle, account ID, assigned user ID, customer number, or similar identifier that can be used to identify and user or account.
- Government Identification. Some of our locations allow for the purchase of alcohol. Medieval Times requires government-issued photo ID in order to purchase alcohol. Your ID may be reviewed, swiped, or scanned in order to verify your age and identity.
- Image and Likeness. While attending our events, you may be photographed or recorded via video and/or audio. We do not attempt to connect images or likeness with other personal information except under exceptional circumstances. By visiting our castle and attending our events, you agree that we may collect your image and likeness via video, audio, or photograph and use it for marketing and advertising purposes.
- User Content. For example, emails and text messages, photos, videos, audio recordings, customer support communications, comments/feedback, and any other content submitted by you.
- Survey data. We may contact some individuals to request participation in a survey or other general research. If you choose to take part in these, you may provide personal information, in or along with your survey responses, or in any other feedback or comments you give us.
- Contests, sweepstakes, and prize drawings data. If you take part in a contest, sweepstakes, or prize drawing, then you may provide personal information, feedback, or comments to enter, or as part of the contest, sweepstakes, or prize drawing.
- Messages and email data. We collect information about you when you send, receive, open, read or otherwise engage with messages, email, or other communications in connection with our Services, including whether you have opened or acted on those communications.
- Social Media Content. For example, interactions with our social media pages and content you post on them.
- Other Personal Information You Provide. If you provide us personal information other than that described above, we will collect it and use it for the purposes for which you provide it or other consistent purposes.
- Inferences. In certain instances, we may infer personal information about you based on the information you have provided to us or that we have collected about you.
- Chat Modules. We may collect certain categories of personal information from you when you use our interactive chat module. By interacting with the chat box, you consent to our collection practices and understand and acknowledge that we may use this data to communicate with you about our products and services.
- Payment processing information. For example, the form of payment, payment card number and details, bank account number, payment service provider, and other payment information you provide.
- Demographic information. For example, information that reveals your racial or ethnic origin, religious or philosophical beliefs, union membership, political opinions, or sex life or sexual orientation.
- Precise Geolocation. You may choose to grant our Services permission to access your device’s precise geolocation, which we may use to confirm your address and help us operate or personalize our Services, including by tagging posts, providing information on or adding information to a map, and helping us show you more relevant content or ads.
- Personal Information We Derive Through Your Use of Our Services
We permit third parties to use tracking technologies on our websites for analytics and advertising, including to help manage and display advertisements, to tailor advertisements to your interests, and provide metrics on advertising effectiveness. The third parties use their technology to provide advertising about products and services tailored to your interests which may appear either on our websites or on other websites.
The information we collect using these technologies includes:
- Device and Browser Identifiers. For example, an assigned user ID, IP address, or similar identifier that can be used to identify your device.
- Coarse Location Information. A general approximation of your location that is not based on global position system (GPS) information.
- Browsing and Search History. Information about the content you view and searches you make on our Site(s).
- Website Log and Usage Data. Information related to our pages you viewed, the services and features you used or interacted with, your browser type and details about any links or communications with which you interacted.
- Advertising Metrics. Information about the advertisements you have viewed on our Website.
Because the “Do Not Track” browser-based standard signal has yet to gain widespread acceptance, our Website(s) currently does not respond to those signals.
- Personal Information We Collect From Others
We mostly collect personal information directly from you or based on your interaction with our Site. However, we also may collect personal information from third-party sources. These include our Business Services Providers, Marketing and Advertising Providers, government entities, our Medieval Times affiliates, social media platforms, and other users of our Services.
Even if you are not a registered user of our Services, your information might still be collected. Some users may choose to share information about their contacts, including their name, email address, phone number, or other information. User may also post or comment with personal information about other users on social media.
- What We Do with Your Personal Information
We may use your personal information for a variety of reasons. Depending on how you interact with our Services, these include using personal information:
- Delivering Our Products and Services to you and to provide the related customer support, communication, and security.
- Policy Enforcement, including enforcing our terms of service, acceptable use policies, anti-spam policies, and other similar policies.
- Advertising & Marketing to send advertisements and marketing material via physical and electronic mail relating to product specials and other promotional events or offers, perform marketing research and data analytics, and perform similar activities.
- Contextual and Behavioral Targeting to provide contextual customization of ads shown as part of an interaction with our website or application, using tracking technologies like cookies and pixels.
- Counting Ad Impressions & Website Interactions to audit interactions with our websites, applications, or advertisements, count ad impressions to unique visitors, verify position and quality of ad impressions, and perform similar activities.
- Customer Service to provide customer service, maintain and service products and accounts, provide training for quality assurance purposes, and perform similar activities.
- Fraud Prevention to detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, and to prosecute those responsible for that activity.
- Processing Transactions to process or fulfill orders and transactions, verify customer information, process payments, confirm eligibility promotional benefits, and perform similar activities.
- Public Health and Safety to conduct screening or temperature checks for COVID-19 symptoms or similar screening activities related to public health and safety.
- Defending Against Claims & Litigation to defend against or respond to potential or actual claims and litigation.
- Our Legal Grounds for Processing Your Personal Information
When we process personal information about you to comply with legal requirements or to perform our obligations under a contract with you or with our customer through whom you use our offerings, failure to provide such information may prevent or delay our fulfillment of these obligations.
To the extent required by applicable law, we will collect your personal data with your consent, where required, and in accordance with our legitimate need to provide our Services.
Medieval Times may be required by some jurisdictions to rely on one or more legal bases to collect, use, share, and otherwise process the information we have about you. We describe these legal bases and some accompanying examples in more detail below.
- Performing our Agreement. Medieval Times processes your information as is necessary to perform our contract with you, the Terms of Service. For example:
- If you are located outside of the United States, we transfer your information to the United States to provide our Services.
- Your Consent. Medieval Times processes certain information based on your consent, which you may revoke at any time. For example:
- Where you choose a method of verification to confirm your address, we do so in accordance with your consent.
- If you decide to use location services in the context of Medieval Times, we collect and process such location information based on your consent.
- We rely on your consent to tailor ads based on your activity and information on other websites and partner data, such as inferred interests.
- We will send you marketing communications where you have consented to receiving such communications in accordance with applicable law.
- Legal Obligation. Medieval Times may process your information to comply with a legal obligation, a court order, or to exercise and defend legal claims. For example:
- We may preserve and disclose your information if it is necessary to respond, based on applicable law, to a valid legal request (e.g., a subpoena, search warrant, court order, or other binding request from government or law enforcement).
- We may retain and process your information where it is necessary for compliance with applicable tax laws.
- Vital Interests. Medieval Times may process your information in certain circumstances when it is necessary to protect your vital interests, or those of others. For example:
- We may need to process your information in order to protect your life or safety or the lives or safety of others, or otherwise prevent physical injury or other harm to any person or the general public.
- We may preserve or share your information with law enforcement and related authorities where we have a good faith belief that it is required in the context of an imminent threat.
- We may share your personal data with disaster relief agencies, first responders and other individuals to facilitate disaster or emergency response efforts.
- Legitimate Interests. We may process your information where it is necessary for the purposes of Medieval Times or a third party’s legitimate interest. We process your information in furtherance of the following legitimate interests:
- Providing, improving, and developing our Services. We use your information to provide our Services, including any personalized services, and to understand and improve our business and our user relationships.
- Providing ads, and measurement and analytics services. We use your information to provide personalized ads both on and off the Site and to measure and analyze the success of those ads to provide accurate and reliable reporting to our advertisers. We do so as necessary to pursue our legitimate interests of marketing and monetizing our Services.
- Sending marketing communications. We rely on our legitimate interests in marketing and promoting our Services to use your contact information and send you marketing communications in accordance with applicable law, except where applicable law requires that we rely on your consent to send such communications.
- Sharing information for legal and safety reasons. Where required for legal and safety reasons, we may disclose information to law enforcement and related agencies and authorities in furtherance of the legitimate interests described further below.
- Our Sharing of Your Personal Information
We may share your personal information with the following:
Business Services Providers. These are those persons or entities with whom we have a relationship to provide business operations services and support to Company. These providers may include the following:
- IT Operations Providers. These include cloud computing service providers, internet service providers, data backup and security providers, functionality and infrastructure providers, and similar service providers.
- Operations Providers. These include service provider with whom we partner to provide day-to-day business operations, including payment processors, security vendors, business software service providers, hospitality service providers, banks, facilities management providers.
- Professional Advisors. These include lawyers, accountants, consultants, security professionals, and other similar parties when disclosure is reasonably necessary to comply with our legal and contractual obligations, prevent or respond to fraud or abuse, defend ourselves against attacks, or protect the rights, property, and safety of us, our customers, and the public.
Marketing and Advertising Providers. These include advertising, direct marketing, and lead generation providers, affiliate marketing program providers, retargeting platforms, data brokers, ad networks, marketing consultants, and similar services providers.
Affiliates. Our affiliates include Medieval Times USA, Inc., and any subsidiaries, joint venturers, or other companies that we control or that are under common control with us.
Legally Required Parties/Governmental Entities. Persons to whom we are required by law to provide information, such as pursuant to a subpoena or a court order.
Reorganization. Persons involved in the consideration, negotiation, completion of a business transaction, including the sale, merger, consolidation, acquisition, change in control, transfer of substantial assets, bankruptcy, or reorganization, and any subsequent integration.
Authorized Disclosures: To any party when authorized by the individual to whom it pertains to share it.
- Data Retention
We will retain your personal information only for so long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information; the potential risk of harm from unauthorized use or disclosure of your personal information; the purposes for which we process your personal information and whether we can achieve those purposes through other means; and the applicable legal requirements. In some circumstances, you may ask us to delete your information. Additionally, we may anonymize your personal information (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
- Data Security
We have implemented and maintain reasonable security procedures and practices, appropriate to the nature of the information, to protect your personal information from unauthorized access, destruction, use, modification, or disclosure. However, no security measure is perfect, so we cannot guarantee the security of your personal information. Data protection laws vary among countries, with some providing more protection than others. Regardless of where your information is processed, we apply common protections described in this policy. These protections align with well-known standards such as ISO 27001:2017 and others.
- International Data Transfers
We are located and operate in the United States. By submitting personal information to us, you understand that we may transfer your personal information to country foreign to you, including the United States, for processing. The laws that apply to the use and protection of personal information in the United States, or other countries or jurisdictions in which we transfer or process personal information, may be different from the laws and protections in your country. These transfers may include transfers to our service providers located in foreign jurisdictions. Whenever we engage a service provider, we require that its privacy and security standards adhere our requirements and applicable privacy laws.
- Your Privacy Preferences
You can control the collection and use of personal information for some of our processing activities. This includes:
- Adjusting Communication Preferences
Emails From Medieval Time: The Site presents you with the option to provide your email address and other personal information in order to opt in to receive email communications, including promotional emails. If you wish to no longer receive email communications, you can click on the “unsubscribe” link located at the bottom of the email, email Medieval Times at email@example.com to let us know, and we will remove you as soon as possible. Opting out of marketing or newsletter emails will not opt-you out of all emails—we may need to send you transactional or similar emails related to your Medieval Times purchases, legal or contractual updates, or similar topics. You are not able to opt-out of these emails.
Text Messages: You may opt out of automated text notifications any time by replying “STOP,” or any alternative keyword we have shared with you. You may still receive communications from Medieval Times regarding safety issues, such as messages related to your account, even if you have opted out.
- Blocking Cookies
Most web browsers automatically accept cookies by default, but you can alter how your browser responds to cookies by adjusting the settings. Information about managing cookies for popular web browsers can be found in the links below:
Many websites, including ours, employ Google Analytics. To opt out of Google Analytics data collection, follow these instructions from Google.
- Your Privacy Rights
Some jurisdictions provide covered individuals with specific privacy rights which can be exercised against covered entities. Depending on the jurisdiction, these rights may include the following:
- Access and Portability. The right to know (or confirm) what personal information a business has collected about you, and to receive a copy of it.
- Deletion/Restriction. The right to request that a business delete personal information it has collected from you or restrict how it is used, subject to certain exception.
- Correction/Rectification. The right to request correction of inaccurate personal information maintained by the business.
- Opt-Out of the Sale/Sharing of Your Personal Information. The right to opt-out of the sale of your personal information to third parties. The term “sale” varies by jurisdiction, but sometimes includes the right to opt-out of the use of personal information for targeted advertising purposes.
- Revoke Consent. Where consent is required for processing under applicable law, you may withdraw your consent to the processing of your information at any time.
- Object to Processing. Object, on grounds relating to your situation, to our processing of personal data concerning you which is (i) necessary for the performance of a task carried out in the public interest, (ii) carried out in the exercise of official authority vested in us, or (iii) processed by us on the basis of our legitimate interest. In this case, where applicable, we will no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
- Limitation/Restriction. The right to limit or restrict a business’s use or disclosure of certain personal information.
- Opt-out of Profiling/Automated Decision-Making: The right to opt- out of profiling in furtherance of decisions that produce legal or similarly significant effects concerning you.
- Non-Discrimination. The right not to be discriminated against for exercising any of the rights conferred at law.
- Complaints. The right to lodge a complaint with the appropriate governmental authority.
Medieval Times will honor the privacy rights afforded to individuals in accordance with applicable law and will not discriminate against individuals for exercising their privacy choices under the law.
Exercising Your Privacy Rights
You may make a request at any time to exercise your access, deletion, correction, and restriction rights listed above by using our Privacy Portal linked here: Privacy Portal or emailing us at firstname.lastname@example.org. We will respond to your request within a reasonable period (if properly submitted) and in accordance with applicable law. If we need more time to process and respond to your request, we will notify you of that fact along with the reason for the delay. If we decline to act regarding your request, we will inform you of our decision and the reason for it, and, if applicable, with instructions on how you may appeal our decision.
- Children’s Privacy
Our Services are not intended for persons under 16 years of age. We do not knowingly collect or process the personal information of individuals under the age of 16. If we learn that we have collected personal information from a child under age 16, we will delete that information as quickly as possible. If you believe that a child under 16 may have provided us their Personal Information, please contact us at email@example.com.
- Jurisdiction-Specific Privacy Disclosures
We are committed to openness and accountability with respect to how we handle your personal information pursuant to Canadian federal and provincial privacy laws (“Canadian Privacy Law”), including:
- The Personal Information Protection and Electronic Documents Act (PIPEDA)
- Alberta’s Personal Information Protection Act (Alberta PIPA)
- British Columbia’s Personal Information Protection Act (BC PIPA)
- Québec’s Act respecting the protection of personal information in the private sector (Québec Act).
Consent. Where you have provided your consent to the collection, use, and transfer of your personal information (whether orally, in writing, or electronically), you may have the legal right to withdraw your consent under certain circumstances. In addition to the methods described above with respect to your privacy choices, you may withdraw your consent by contacting us at firstname.lastname@example.org. Please note that if you withdraw your consent, we may not be able to provide you with a particular product or service. We will explain the impact to you at the time to help you with your decision.
Use of Your Personal Information. We will not collect, use, or disclose personal information except for the identified purposes identified above (See What We Do with Your Personal Information), unless we have received additional consent or the processing is authorized without consent. Where we engage service providers who utilize the personal information we provide to them, we ensure that an agreement is place the ensure compliance with applicable Canadian Privacy Law.
Exercising Your Canadian Privacy Rights. If you have an account with us, you may view and update your account information (as noted above) directly by logging into your account. To submit a request for access to information not contained within your account, or to challenge the accuracy or completeness of your personal information, you may submit a request to email@example.com. When submitting a request, we may require that you take additional steps to validate your identity or legal authority. We will begin processing your request once you have completed the verification process.
We have put procedures in place to receive and respond to inquiries about our policies and practices relating to the handling of personal information. We will provide a response to any personal information request within the timeframe required by law. If we cannot substantively respond to your request in a timely manner, we will notify you and state the reason for the delay. Under certain circumstances, we may not be able to fulfill your request, such as when doing so would interfere with our regulatory or legal obligations, where we cannot verify your identity, or if your request involves disproportionate cost or effort. However, we will respond to your request within a reasonable time, as required by law, and provide an explanation.
Additional information about how to exercise your rights under Canadian Privacy Law can be found here:
Office of the Privacy Commissioner of Canada
Office of the Information and Privacy Commissioner of Alberta
Edmonton office: (780) 422-6860
Calgary office: (403) 297-2728
Office of the Information and Privacy Commissioner of British Columbia
Vancouver: (604) 660-2421
Elsewhere in BC: (800) 663-7867
Commission d’accès à l’information du Québec
•Members of the European Economic Area and the United Kingdom
You may lodge a complaint with a supervisory authority at any time if you are of the opinion that the processing of personal data relating to you violates applicable law. If the complaint relates to provisions of the EU and UK GDPR, you can lodge such complaint with a supervisory authority in the Member State of your place of residence, your place of work or the place of the alleged infringement. You may identify the applicable supervisory authority based on your location on the European Data Protection Board website. If the complaint relates to provisions of the UK GDPR, you can lodge such complaint with the Information Commissioner’s Office. For contact details of your local Data Protection Authority, please see: https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm
•U.S. State-Specific Privacy Rights
Residents of certain U.S. States have the rights indicated below as of the date in which the applicable laws granting such rights are effective, which are as follows:
California: January 1, 2023
Virginia: January 1, 2023
Colorado: July 1, 2023
Connecticut: July 1, 2023
Utah: December 31, 2023
|Access/Know||Request confirmation from us as to whether your personal information is being processed by Medieval Times and, if so, access to such personal information.||✓||✓||✓||✓||✓|
|Deletion||Request that your personal information be deleted (subject to some limitations).||✓||✓||✓||✓||✓|
|Portability||Request that Medieval Times provide a copy of the personal information concerning you that you have provided to us in a usable/readable format.||✓||✓||✓||✓||✓|
|Rectification/Correction||Request that Medieval Times correct any inaccurate personal data relating to you (subject to limitations).||✓||✓||✓||✓|
|Restriction on Sharing for Cross-Context Behavioral or Targeted Advertising (called “sharing” under California law)||Request that Medieval Times stop sharing of your personal information for purposes cross-contextual behavioral of targeted advertising purposes.||✓||✓||✓|
|Sales of Personal Information||Request that Medieval Times stop selling personal information about you to third parties.||✓||✓||✓|
|Restriction on Automated Decision-Making or Profiling||Request that Medieval Times stop using automated decision-making technology to evaluate you, create a profile of you, and make predictions about your future behavior.||✓||✓||✓|
|Limiting the Use and Disclosure of Sensitive Personal Information||Request that Medieval Times limit our use and disclosure of your “sensitive personal information,” as that term is defined in the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (CCPA), to the extent required by law.||✓|
|Right to Appeal||Appeal the denial of a privacy rights request under the relevant law||✓||✓||✓|
Medieval Times does not engage in automated decision making/profiling so no action is required to exercise this right under state law.
If you would like to opt-out of the sale or sharing of your personal information for cross-contextual behavioral or targeted advertising, please click the Do Not Sell or Share My Personal Information link.
You may make a request at any time to exercise your privacy rights under applicable law by emailing firstname.lastname@example.org. We will respond to your request withing 45 days of receipt (if properly submitted). If we need more time to process and respond to your request, we will notify you of that fact along with the reason for the delay. In all cases we will complete your request within 90 days from the date of our receipt of your properly submitted request. If we decline to act regarding your request, we will inform you of our decision and the reason for it, along with instructions on how you may appeal our decision.
If you are a resident of Nevada, you have the right to opt-out of the sale of certain personal information to third parties who intend to license or sell that personal information. Please note that we do not currently sell your personal information as sales are defined in Nevada Revised Statutes Chapter 603A.
- Changes to this Notice
- Contact Us
Medieval Times USA, Inc.
5020 Riverside Dr., Suite 400
Irving, TX 75039
Telephone: 1-888-935-6878 (WE-JOUST)