Privacy Policy

Privacy Policy

Hospitality Hook Up Effective Date: May 19, 2026 Last Updated: May 19, 2026

Version 1.0 – Comprehensive Privacy Policy for the Hospitality Hook Up Platform

Introduction and Scope
Definitions and Interpretation
Information We Collect 3.1 Personal Information Provided Directly by Users 3.2 Information Collected Automatically 3.3 Information from Third Parties and Public Sources 3.4 Information Specific to Job Seekers, Employers, and Resource Participants
How We Use Your Information
Legal Bases for Processing (GDPR and Equivalent)
How We Share and Disclose Your Information
Cookies, Tracking Technologies, and Online Advertising
Data Retention and Deletion
Data Security Measures
Your Rights and Choices
International Data Transfers and Cross-Border Processing
Children’s Privacy and Age Restrictions
Third-Party Links, Services, and Integrations
Changes to This Privacy Policy
Governing Law, Dispute Resolution, and Class Action Waiver
Contact Information and Data Protection Officer

1. Introduction and Scope

Welcome to Hospitality Hook Up (“Hospitality Hook Up,” “Company,” “we,” “us,” or “our”), a Florida-based technology platform operating primarily at https://hospitalityhookup.com/ and through associated WordPress plugins, mobile experiences, APIs, and integrated services (collectively, the “Platform” or “Services”). Hospitality Hook Up provides an AI-powered marketplace connecting job seekers with restaurant, bar, hospitality, and food-service opportunities in Southwest Florida and beyond, while also facilitating business-to-business resources including equipment buy/sell marketplaces, restaurant leasing opportunities, investor matching, industry forums, tips, and professional networking.

This Privacy Policy (“Policy”) constitutes a legally binding agreement that governs the collection, processing, use, storage, sharing, disclosure, and protection of Personal Information (as defined herein) when you visit, register for, access, or otherwise use the Platform, whether as a Job Seeker, Employer, Vendor, Investor, Forum Participant, Visitor, or in any other capacity. It applies to all interactions with the Platform, including but not limited to job searches, resume uploads and AI-enhanced profiling, map-based location services, one-tap or Express Interest applications, employer registrations and job postings, resource listings, forum contributions, notifications, and any future features.

This Policy is crafted in the spirit of, and with reference to, the privacy practices of leading job board and professional networking platforms such as Indeed, ZipRecruiter, and LinkedIn. It incorporates industry-standard mechanisms for resume parsing, candidate-employer matching, proactive interest signaling (even when positions are not actively posted), location-based recommendations, and aggregated marketplace insights, while implementing robust safeguards tailored to the hospitality sector’s unique data sensitivities (e.g., certifications for food handling and alcohol service, shift availability, and physical location data in high-turnover service industries).

By accessing or using the Platform, you acknowledge that you have read, understood, and agree to this Policy in its entirety. If you do not agree, you must immediately cease use of the Platform. Continued use following any update constitutes acceptance of the revised Policy. This document supersedes all prior privacy notices or statements.

Hospitality Hook Up is committed to transparency, accountability, and compliance with all applicable federal, state, and international privacy and data protection laws, including but not limited to the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), the Florida Information Protection Act of 2014, the General Data Protection Regulation (GDPR) and UK GDPR where applicable, the Children’s Online Privacy Protection Act (COPPA), and other relevant statutes. We do not “sell” Personal Information as that term is defined under the CCPA, nor do we engage in cross-context behavioral advertising without providing clear opt-out mechanisms.

This Policy is structured hierarchically with headings from H1 to H6 for clarity, accessibility, and compliance with web standards suitable for WordPress implementation. It is intentionally comprehensive and legalistic to provide maximum protection to Hospitality Hook Up while affording Users meaningful control over their data.

2. Definitions and Interpretation

For the purposes of this Policy, the following terms shall have the meanings set forth below. Terms not defined herein shall be interpreted in accordance with their ordinary meaning under applicable law or, where applicable, the definitions contained in the CCPA, GDPR, or other governing statutes. Headings are for convenience only and shall not affect interpretation. The singular includes the plural and vice versa; references to “including” mean “including without limitation.”

“Affiliate” means any entity that directly or indirectly controls, is controlled by, or is under common control with Hospitality Hook Up, where “control” means ownership of more than fifty percent (50%) of voting securities or equivalent voting interest.

“Aggregate Information” or “Aggregated Data” means information that relates to a group or category of individuals from which individual identities have been removed and that cannot reasonably be used to identify any specific individual, household, or device.

“AI Matching Engine” means Hospitality Hook Up’s proprietary or licensed machine learning and artificial intelligence systems that analyze User profiles, resumes, search behavior, location data, and historical placement outcomes to generate match scores, job recommendations, proactive outreach suggestions, and application facilitation.

“Automated Decision-Making” or “Profiling” means any form of automated processing of Personal Information to evaluate, analyze, or predict aspects concerning a natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements, including the AI Matching Engine outputs.

“Biometric Information” means an individual’s physiological, biological, or behavioral characteristics that can be used to establish individual identity, including but not limited to fingerprints, faceprints, voiceprints, iris or retina scans, keystroke patterns, gait patterns, and sleep, health, or exercise data that contain identifying information.

“Business Purpose” has the meaning set forth in the CCPA and includes any purpose that is reasonably necessary and proportionate to achieve the operational or notified purpose for which Personal Information was collected or processed.

“CCPA” means the California Consumer Privacy Act of 2018, as amended by the CPRA and any subsequent amendments or regulations.

“Commercial Purpose” has the meaning set forth in the CCPA and includes any purpose that is not a Business Purpose.

“Content” means any text, photographs, videos, audio, documents (including resumes in .pdf, .docx, or parsed .md format), job postings, forum posts, comments, reviews, ratings, equipment listings, investment pitches, or other materials uploaded, posted, transmitted, or displayed on the Platform by any User.

“Controller” or “Data Controller” means the entity that determines the purposes and means of the processing of Personal Data (Hospitality Hook Up for most processing activities).

“Cookie” or “Cookies” means small text files placed on your device by the Platform or third parties that enable recognition of your browser or device across visits and sessions.

“Cross-Context Behavioral Advertising” has the meaning set forth in the CPRA and refers to the targeting of advertising to a consumer based on the consumer’s Personal Information obtained from the consumer’s activity across businesses, distinctly-branded websites, applications, or services, other than the business or distinctly-branded website, application, or service with which the consumer intentionally interacts.

“Deidentified Information” means information that cannot reasonably be used to infer information about, or otherwise be linked to, a particular individual, household, or device, provided that Hospitality Hook Up (i) takes reasonable measures to ensure such information cannot be associated with an individual; (ii) publicly commits to maintain and use the information in deidentified form; and (iii) contractually obligates any recipients to maintain deidentification.

“Device Identifier” means any unique identifier associated with a device, including but not limited to advertising IDs (IDFA, GAID), MAC addresses, IMEI, or persistent cookies.

“Employer” or “Hiring Entity” means any restaurant, bar, hospitality venue, management company, or individual that registers on the Platform to post jobs, view candidate profiles, receive applications or Express Interest signals, or access resource features.

“Express Interest” or “Proactive Matching” means the feature allowing Job Seekers to signal availability or send resumes/profiles to restaurants even when no active job posting exists, and the corresponding employer-side visibility and notification tools.

“GDPR” means Regulation (EU) 2016/679 (General Data Protection Regulation) and, where applicable, the UK GDPR.

“Geolocation Data” means precise location information derived from GPS, Wi-Fi, cellular triangulation, IP address, or user-entered address, including latitude/longitude, city, zip code, or “within 20 miles” radius data used for map features and local job recommendations.

“Job Seeker” or “Candidate” means any individual who creates a profile, uploads a resume or .md smart profile, searches for or views jobs, applies to positions, uses the Express Interest feature, receives notifications, or otherwise engages with job-related Services.

“Legitimate Interest” means the interest of Hospitality Hook Up or a third party in processing Personal Data where such interest is not overridden by the interests or fundamental rights and freedoms of the data subject, as assessed under GDPR Article 6(1)(f) and related guidance.

“Personal Information” or “Personal Data” means any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual or household, as further detailed in Section 3, and includes all categories enumerated under CCPA § 1798.140(v) and GDPR Article 4(1).

“Platform” means the website, mobile applications, WordPress plugin(s), APIs, widgets, and any other digital properties owned or operated by Hospitality Hook Up.

“Processor” or “Service Provider” means any natural or legal person, public authority, agency, or other body that processes Personal Data on behalf of the Controller (e.g., WP Engine hosting, AI vendors, email/SMS providers, payment processors, analytics providers, mapping services).

“Profile” or “Smart Profile” means the AI-parsed and enhanced representation of a Job Seeker’s qualifications, skills, experience, certifications, availability, location preferences, and inferred attributes generated from resume uploads and platform activity.

“Pseudonymized Data” means Personal Data processed in such a manner that it can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and subject to technical and organizational measures.

“Sale” or “Sell” has the meaning set forth in CCPA § 1798.140(ad) and does not include disclosures to Service Providers, Affiliates, or for Business Purposes; Hospitality Hook Up does not Sell Personal Information.

“Sensitive Personal Information” or “Sensitive Data” includes Social Security numbers, driver’s license numbers, passport numbers, financial account numbers, precise geolocation, racial or ethnic origin, religious or philosophical beliefs, trade union membership, genetic data, biometric data for identification purposes, data concerning health or sex life/orientation, and any other category designated as sensitive under applicable law.

“Service Provider” has the meaning set forth in CCPA § 1798.140(ag) and GDPR (Processor).

“Share” or “Sharing” has the meaning set forth in the CPRA and includes any disclosure, dissemination, making available, or otherwise communicating Personal Information to a third party for cross-context behavioral advertising or other purposes, whether or not for monetary or other valuable consideration.

“Third-Party Services” means any website, application, service, or network operated by a party other than Hospitality Hook Up that is linked to, integrated with, or accessible via the Platform (e.g., Google Maps, payment gateways, social login providers, external ATS systems, equipment marketplaces, investor networks).

“User” means any Job Seeker, Employer, Vendor, Investor, Forum Participant, or registered individual.

“Visitor” means any individual who accesses or browses the Platform without creating an account or logging in.

“Web Beacon” or “Pixel” means a small graphic image or code embedded in a web page or email that allows tracking of user behavior, such as whether an email was opened or a page was visited.

3. Information We Collect

3.1 Personal Information Provided Directly by Users

When you register, create a profile, upload content, apply for jobs, post resources, or communicate via the Platform, you voluntarily provide Personal Information. This includes, without limitation:

Identity and Contact Data: Full legal name, preferred name or alias, email address(es), telephone number(s) (mobile, home, work), physical mailing address (including street, city, state, zip code, and country), date of birth or age range (for age verification and legal compliance in alcohol-service roles), gender (optional, for diversity analytics where permitted), profile photograph or avatar, and links to professional social media profiles (LinkedIn, Instagram, etc.).
Authentication and Account Data: Username, password (stored only in hashed, salted form using industry-standard algorithms such as bcrypt or Argon2), security questions and answers (hashed), two-factor authentication codes or app-generated tokens, and account recovery information.
Professional and Employment Data (Job Seekers): Complete work history (employer names, job titles, dates of employment, responsibilities, achievements, reasons for leaving); education history (institutions, degrees, certifications, graduation dates); skills inventory (hard skills such as POS systems, knife skills, mixology, inventory management, food safety protocols; soft skills such as customer service, teamwork, conflict resolution); languages spoken and proficiency levels; professional licenses and certifications (ServSafe, TIPS alcohol server, CPR/first aid, etc.); salary or wage expectations and history; availability (full-time, part-time, seasonal, shift preferences, days/hours); willingness to relocate or commute distance; references (names, titles, contact information, relationship); and any other information contained in uploaded resumes, cover letters, or .md smart profiles.
Location and Geospatial Data: Entered address or zip code for “jobs near you” functionality; precise or approximate geolocation derived from device GPS (with consent), IP address geolocation, or Wi-Fi positioning for map rendering, radius-based searches (e.g., “within 20 miles”), and local restaurant pinning; commute preferences and transportation method.
Application and Interest Data: Job applications submitted (including answers to screening questions, cover letters, availability confirmations); Express Interest signals (timestamp, target restaurant(s), notes or messages, match score at time of interest); saved jobs, search queries, viewed listings, and application status updates.
Resource and Marketplace Data (Employers, Vendors, Investors): Company or business legal name, DBA, EIN or tax ID (for verification and anti-fraud), business address and contact details, business license or permit numbers (especially alcohol and food-service permits), descriptions of equipment for sale/lease, pricing, photos, condition reports; investment opportunity details (pitch decks, financial summaries, revenue projections, ownership structure – subject to additional consent and verification layers); forum posts, comments, and ratings.
Payment and Financial Data: For premium employer features, resource listings, or transactions: billing name and address, credit/debit card details (processed solely by PCI-DSS compliant third-party processors such as Stripe; we do not store full card numbers), bank account information for payouts (if applicable), transaction history, and tax information.
Communications and Support Data: Messages sent to other Users or Hospitality Hook Up support; help tickets; feedback, surveys, and testimonials; recorded calls or chats (with notice and consent where required).
Sensitive Categories (with heightened protections and consent where legally required): Criminal background or conviction history (only if voluntarily disclosed or required for specific roles and processed via verified third-party screeners); health or disability information (voluntary, for accommodation requests under ADA); union membership or labor organizing activity (if disclosed in forums or profiles); precise geolocation when used for real-time features; and any other data you choose to provide that falls under Sensitive Personal Information definitions.

You represent and warrant that all information you provide is accurate, complete, and current, that you have all necessary rights and consents to submit such information (including from references or former employers), and that providing it does not violate any third-party rights or applicable law.

3.2 Information Collected Automatically

Through the use of Cookies, pixels, SDKs, server logs, and similar technologies (detailed in Section 7), we automatically collect:

Device and Technical Data: Device type and model, operating system and version, browser type and version, screen resolution, language settings, time zone, IP address (which may reveal approximate location), device identifiers (advertising ID, UUID), carrier or network information, battery level, and installed fonts or plugins (for fraud detection).
Usage and Behavioral Data: Pages and features accessed, time spent on pages, scroll depth, clicks, hovers, search queries entered, jobs viewed or saved, applications started/completed/abandoned, map interactions (zoom, pan, pin clicks), notification preferences and engagement rates, A/B test variants served, error logs, and crash reports.
Location Data (Automatic): IP-based geolocation, device GPS (when location services are enabled and consent granted), Wi-Fi SSID or BSSID for indoor positioning, and derived commute or “home/work” patterns inferred for recommendation accuracy.
Performance and Diagnostic Data: Load times, API response latencies, feature adoption rates, and aggregated engagement metrics used to improve the AI Matching Engine and Platform stability.

This data is used for security (fraud, bot detection, rate limiting), personalization (showing relevant local jobs and resources), analytics, product improvement, and advertising measurement. We may combine automatically collected data with information you provide or that we obtain from third parties.

3.3 Information from Third Parties and Public Sources

We may obtain information about you from:

Social Login and Integration Providers: Google, Apple, Facebook/Meta, or LinkedIn (with your explicit consent during signup) – name, email, profile photo, and basic profile data.
Employer or Partner Submissions: When an Employer uploads candidate information, refers you, or integrates their ATS with our Platform (via API or manual import), we receive the data they provide.
Publicly Available Sources: Professional directories, public records, news articles, court filings (limited and only as necessary for verification or legal compliance), or aggregated industry datasets (e.g., average wages in Southwest Florida hospitality from BLS or similar).
Service Providers and Analytics Partners: Google Analytics (IP anonymization where possible), Meta Pixel, or similar for attribution and retargeting; background screening vendors (if you consent to a check); payment processors for transaction verification.
Marketing and Lead Partners: Co-branded campaigns or affiliate referrals where you have opted in or where permissible under law.

We do not purchase or scrape bulk personal data from data brokers for direct marketing without transparency and consent mechanisms.

3.4 Information Specific to Job Seekers, Employers, and Resource Participants

Job Seekers: In addition to the above, we collect and generate inferred attributes via the AI Matching Engine (e.g., “strong customer service profile based on prior roles,” “bartender with craft cocktail experience,” “reliable closer for late-night shifts”) derived from your activity and profile. Match scores (0–100) are calculated and may be shared with Employers who have active or potential openings. Express Interest data includes your explicit signals to non-hiring restaurants, stored for future matching and employer outreach.

Employers: We collect business verification data, job posting details (title, description, requirements, compensation range, benefits, schedule, location), application volume and quality metrics, hiring outcomes (if self-reported or tracked), and usage of candidate search/filter tools. Payment and subscription data for any premium employer tools.

Resource Participants: For buy/sell/lease/invest features – listing details, pricing history, negotiation messages (if facilitated), transaction completion status, and feedback ratings. Investor profiles may include accreditation status (self-certified or verified), investment criteria, and portfolio preferences.

All such data is processed to deliver the core Services, improve matching accuracy, prevent fraud (e.g., fake job postings or spam applications), and generate anonymized industry insights (e.g., “hospitality wage trends in Cape Coral, FL – Q2 2026”).

4. How We Use Your Information

Hospitality Hook Up processes Personal Information for the following Business and Commercial Purposes (non-exhaustive):

Core Service Delivery and Matching

Creating, maintaining, and enhancing User accounts and Smart Profiles.
Parsing resumes into structured, searchable .md formats and enriching them with AI-inferred skills, certifications, and experience summaries.
Operating the AI Matching Engine to recommend jobs, calculate match scores, suggest “Express Interest” targets, and notify Users of relevant openings (including those not yet publicly posted).
Facilitating applications: auto-populating forms, submitting to employer email/ATS integrations, tracking status, and enabling one-tap applies.
Rendering interactive maps, radius searches, and location-based alerts.
Delivering job alerts, push notifications, SMS, and email communications (frequency controllable in settings).
Moderating forums, processing resource listings/transactions, and matching investors with opportunities.

Personalization and Improvement

Tailoring the user interface, search results, and recommendations based on past behavior, location, and profile attributes.
A/B testing new features and optimizing conversion funnels (e.g., application completion rates).
Training and refining the AI Matching Engine and resume parser on aggregated, deidentified, or pseudonymized datasets (never using identifiable data for external model training without explicit consent).
Analyzing platform usage to identify trends (e.g., high-demand roles in Southwest Florida bars during tourist season) and improve product-market fit.

Marketing, Advertising, and Communications

Sending transactional emails (application confirmations, password resets) and promotional communications about new features, job market reports, or partner offers (opt-out available at any time).
Retargeting and lookalike audience creation using hashed or pseudonymized data with advertising partners (subject to your ad choices and CCPA opt-out rights).
Measuring campaign effectiveness and attributing conversions.

Security, Fraud Prevention, and Legal Compliance

Detecting, preventing, and responding to fraud, spam, abuse, fake profiles, or malicious activity (e.g., multiple applications from the same device to the same employer).
Enforcing our Terms of Service, investigating violations, and protecting the rights, property, or safety of Hospitality Hook Up, Users, or the public.
Complying with legal obligations (subpoenas, court orders, tax reporting, employment law recordkeeping).
Responding to law enforcement or regulatory requests in accordance with applicable law.
Conducting internal audits, risk assessments, and due diligence for business transactions (mergers, acquisitions, financing).

Analytics and Research

Generating anonymized or aggregated reports on hospitality labor market dynamics, placement success rates, wage benchmarks, and resource marketplace activity for internal use or licensed sharing with industry associations, academic researchers, or government agencies (under strict deidentification protocols).
Supporting diversity, equity, and inclusion analytics (on an opt-in, aggregated basis only).

Other Purposes

Any additional purpose disclosed to you at the time of collection or for which you provide consent.
Archival and backup purposes necessary for service continuity and disaster recovery.

We will not use Personal Information for purposes materially different from those disclosed in this Policy without providing notice and obtaining consent where required by law.

5. Legal Bases for Processing (GDPR and Equivalent)

Where the GDPR or equivalent laws apply (e.g., for EU/UK/EEA/Swiss residents or when we target such individuals), we rely on one or more of the following lawful bases:

Performance of a Contract (GDPR Art. 6(1)(b)): Processing necessary to provide the Services you request (account creation, job matching, application facilitation, transaction processing).
Legitimate Interests (GDPR Art. 6(1)(f)): Our legitimate interests in improving the Platform, preventing fraud, personalizing experiences, developing the AI Matching Engine, marketing our Services, and protecting our business and Users, balanced against your rights and freedoms (assessed via Legitimate Interest Assessments). You may object at any time.
Consent (GDPR Art. 6(1)(a)): For optional features (marketing emails beyond transactional, precise location tracking, sensitive data processing, or international transfers relying on consent). Consent is freely given, specific, informed, and withdrawable at any time via account settings or by contacting us.
Legal Obligation (GDPR Art. 6(1)(c)): Compliance with employment, tax, anti-money laundering, or other statutory requirements.
Vital Interests (GDPR Art. 6(1)(d)): In rare emergencies involving life or health.

For Sensitive Personal Data under GDPR, we rely on explicit consent, substantial public interest, or other applicable exceptions (e.g., employment law obligations for background checks in licensed hospitality roles).

Under the CCPA/CPRA, we process Personal Information for the Business Purposes described above and do not Sell or Share for Cross-Context Behavioral Advertising without providing the required “Do Not Sell or Share My Personal Information” link and honoring opt-out signals (including the Global Privacy Control).

6. How We Share and Disclose Your Information

We share Personal Information only as necessary and in accordance with this Policy. We do not sell Personal Information for monetary consideration in the traditional sense. Categories of recipients include:

6.1 Employers and Hiring Entities When you apply, Express Interest, or are recommended via the AI Matching Engine, we share your Smart Profile, resume (or parsed excerpts), contact information, match score, availability, and application responses with the relevant Employer(s). Employers may download, print, or integrate this data into their own ATS or records. You control visibility settings to the extent available (e.g., anonymous browsing mode if offered in future updates). Employers are independent Controllers for any further processing they perform; their privacy practices govern their use.

6.2 Service Providers and Processors We disclose to trusted vendors bound by confidentiality and data processing agreements (DPAs) that prohibit use beyond the specified services and require equivalent security:

Hosting and infrastructure (WP Engine and sub-processors).
AI and machine learning providers for resume parsing, matching algorithms, and content moderation.
Email, SMS, and push notification providers.
Payment processors (Stripe, etc.) – PCI-DSS compliant; card data tokenized and never stored by us.
Analytics and attribution (Google, Meta – with IP anonymization and consent where required).
Mapping and geolocation (Google Maps Platform).
Background screening or verification providers (only with your explicit consent).
Customer support and ticketing platforms.
Professional advisors (legal, accounting, insurance) under confidentiality obligations.

6.3 Affiliates We may share with current or future Affiliates for internal administrative, product development, or marketing purposes under common control and consistent with this Policy.

6.4 Legal and Safety Disclosures We may disclose Personal Information:

To comply with applicable law, regulation, legal process (subpoena, court order), or governmental request.
To enforce our Terms of Service or other agreements.
To detect, prevent, or address fraud, security, or technical issues.
To protect the rights, property, or safety of Hospitality Hook Up, our Users, the public, or others (including in response to emergencies).
In connection with any merger, acquisition, financing, reorganization, bankruptcy, or sale of assets – with notice to affected Users and successor entities bound by this Policy or equivalent.

6.5 Advertising and Marketing Partners We may share hashed or pseudonymized identifiers with advertising networks for retargeting or lookalike campaigns. You may opt out via account settings, the “Do Not Sell or Share” link, or browser signals (GPC). We do not share raw Sensitive Personal Information for advertising.

6.6 Public and Forum Disclosures Forum posts, comments, ratings, and certain resource listings are publicly visible by design. Job postings are public. You should not post information you wish to keep private.

6.7 With Your Consent or at Your Direction Any additional sharing for which you provide affirmative consent (e.g., sharing your profile with a specific investor network or exporting data to a third-party career service).

All recipients are contractually required to implement appropriate technical and organizational measures and to process data only for the purposes we specify. We conduct due diligence on vendors and monitor compliance.

7. Cookies, Tracking Technologies, and Online Advertising

The Platform uses Cookies, pixels (including Meta Pixel and Google tags), web beacons, local storage, and SDKs for the purposes described below. We categorize them as:

Strictly Necessary / Essential Cookies (always active): Session management, login persistence, security (CSRF protection, rate limiting), load balancing, and core functionality (map rendering, form submissions). These cannot be disabled without breaking the Platform.

Functional / Preference Cookies: Remember your location radius preference, job alert frequency, theme/dark mode, language, and saved searches.

Analytics and Performance Cookies: Google Analytics 4 (with IP anonymization and data retention controls), internal logging for feature usage, A/B testing, and error tracking. We use this to understand how Job Seekers interact with the map, application flow, and AI recommendations.

Advertising and Targeting Cookies/Pixels: Used to deliver relevant sponsored job listings or resource promotions, measure campaign performance, and create lookalike audiences. These may involve third parties (Google Ads, Meta). Hashed email or device IDs may be used for matching. You can opt out via the “Do Not Sell or Share My Personal Information” mechanism, cookie banner (where required), or Global Privacy Control signals. We honor GPC and similar signals.

Third-Party Cookies and SDKs: Embedded content (e.g., Google Maps) or login buttons may set their own cookies subject to the third party’s policy. We do not control these but disclose prominent ones.

You can manage Cookies via your browser settings (block, delete, or set preferences), our cookie banner/consent tool (for EU/UK users), or account-level controls. Note that blocking essential Cookies will impair functionality. We do not use Cookies for cross-device tracking beyond what is necessary for logged-in sessions without consent.

For more details on specific Cookies deployed, contact us or review the cookie table available in your account settings or upon request.

8. Data Retention and Deletion

We retain Personal Information only for as long as necessary to fulfill the purposes outlined in this Policy, comply with legal obligations, resolve disputes, enforce agreements, and protect against fraud or abuse.

Specific Retention Periods (subject to extension for legal holds):

Active User accounts and Profiles: Duration of account + 3 years post-deletion or last activity (to cover typical Florida statutes of limitations for employment-related claims, contract disputes, or wage claims).
Job applications, Express Interest records, and match data: 2–4 years depending on role type and legal requirements (e.g., EEOC recordkeeping).
Payment and transaction records: 7 years (tax and accounting requirements).
Forum posts and public Content: Indefinitely or until removed by User/moderator, subject to backup retention.
Server logs and technical data: 90 days to 1 year (security and debugging).
Marketing contact lists: Until opt-out or 3 years of inactivity.
Deidentified or Aggregated Data: Indefinitely for model improvement, research, and trend analysis.
Backups and archives: Up to 90 days (encrypted, access-controlled); deletion requests propagate to backups within technical limits.

Upon account deletion request (via settings or email), we will:

Promptly disable the account and hide profile from public/employer view.
Delete or irreversibly anonymize Personal Information within 30–45 days (subject to legal exceptions: ongoing investigations, legal obligations, fraud prevention, or where deletion would impair another User’s rights, e.g., an Employer’s record of a hire).
Provide confirmation and, where technically feasible, a machine-readable export of your data prior to deletion.

You may request earlier deletion subject to verification and legal limitations. Residual copies may exist in backups or logs for a limited period.

9. Data Security Measures

Hospitality Hook Up implements and maintains reasonable and appropriate technical, administrative, and physical safeguards designed to protect Personal Information against unauthorized access, use, alteration, disclosure, or destruction. These include, without limitation:

Encryption of data in transit (TLS 1.3 or higher) and at rest (AES-256 or equivalent).
Role-based access controls (RBAC), least-privilege principles, and multi-factor authentication for all internal systems and employee access.
Regular vulnerability scanning, penetration testing (annual or more frequent), and code reviews.
Secure development lifecycle (SDLC) practices and employee security awareness training.
Incident response plan with 72-hour (or faster) breach notification to affected Users and regulators as required by law (e.g., under Florida Statute § 501.171 or GDPR Article 33/34).
Vendor risk management program with contractual security and audit rights.
Physical security for any on-premises infrastructure (though primarily cloud-hosted via WP Engine with SOC 2, ISO 27001, and similar attestations where applicable).
Data loss prevention (DLP) tools and monitoring for anomalous activity.

No method of transmission or storage is 100% secure. We cannot guarantee absolute security and disclaim liability for breaches caused by factors beyond our reasonable control (force majeure, sophisticated nation-state attacks, User negligence such as weak passwords or public Wi-Fi use). In the event of a confirmed breach affecting your Personal Information, we will notify you and relevant authorities in accordance with applicable law.

10. Your Rights and Choices

You have significant rights regarding your Personal Information. Hospitality Hook Up provides mechanisms to exercise these rights without discrimination.

Under the CCPA/CPRA (California Residents and Similar State Laws):

Right to know what Personal Information we have collected, the categories, sources, purposes, and third parties with whom it is shared.
Right to access a copy of your Personal Information (portable format where feasible).
Right to delete Personal Information (with statutory exceptions).
Right to correct inaccurate Personal Information.
Right to opt-out of any “Sale” or “Sharing” (we do not Sell; opt-out of Sharing for cross-context advertising via “Do Not Sell or Share My Personal Information” link or GPC).
Right to limit use/disclosure of Sensitive Personal Information (we process only as necessary for Services or with consent).
Right to non-discrimination for exercising rights.

Under the GDPR (and Equivalent for EU/UK Residents):

Right of access and data portability.
Right to rectification.
Right to erasure (“right to be forgotten”).
Right to restriction of processing.
Right to object to processing (including profiling and direct marketing).
Right to withdraw consent at any time.
Right to lodge a complaint with a supervisory authority (e.g., your local DPA or the Florida Attorney General where applicable).

Additional Rights:

Opt-out of marketing communications (unsubscribe links in every email; account settings for notifications).
Manage Cookie preferences and ad targeting.
Download your data (profile, applications, activity history) in structured format.
Close/delete your account permanently.

How to Exercise Rights: Most rights can be exercised directly in your account dashboard (Profile > Privacy & Data > Manage My Data). For complex requests, email privacy@hospitalityhub.com or submit via the contact form with subject “Data Rights Request.” We will verify your identity (email confirmation, account login, or government ID for sensitive requests) and respond within the timeframes required by law (45 days for CCPA, extendable once; 30 days for GDPR, extendable by 60 days). We may charge a reasonable fee for manifestly unfounded or excessive requests. Authorized agents may submit requests with proof of authorization and your verified identity.

We honor Global Privacy Control (GPC) signals and other automated opt-out mechanisms where technically feasible.

11. International Data Transfers and Cross-Border Processing

Hospitality Hook Up is headquartered in Florida, United States. Personal Information may be transferred to, stored on, or processed in the United States or other countries where our Service Providers or Affiliates operate (e.g., cloud infrastructure in the EU, AI processing partners globally).

For transfers from the EEA, UK, or Switzerland, we rely on:

Adequacy decisions (where available).
Standard Contractual Clauses (SCCs) approved by the European Commission, together with supplementary measures (encryption, access controls, DPIAs).
Binding Corporate Rules or other approved mechanisms where applicable.
Consent, where required.

You acknowledge that U.S. laws may permit government access to data under certain circumstances (e.g., FISA, CLOUD Act) that differ from your home country’s protections. We will notify you of material changes to transfer mechanisms.

12. Children’s Privacy and Age Restrictions

The Platform is not directed to individuals under the age of 16 (or 13 in certain jurisdictions). Hospitality and food-service roles frequently involve legal age requirements (18+ for alcohol service in Florida and most states). We do not knowingly collect Personal Information from children under 13 (COPPA) or 16 (GDPR) without verifiable parental consent.

If we become aware that we have collected such data without consent, we will promptly delete it. Parents or guardians may contact us to request review or deletion. Job Seekers under 18 must have parental/guardian consent for account creation and certain features; we may require verification.

13. Third-Party Links, Services, and Integrations

The Platform contains links to third-party websites (restaurant career pages, equipment vendors, investor platforms, social media) and integrates with external services (Google Maps, payment processors, ATS APIs). These third parties have their own privacy policies and terms. Hospitality Hook Up is not responsible for their practices. When you leave the Platform or use integrated features, review the applicable third-party policy. Employer tracking pixels or ATS redirects are governed by the Employer’s privacy notice; you acknowledge Indeed-style employer-side collection may occur.

14. Changes to This Privacy Policy

We may update this Policy from time to time to reflect changes in our practices, technology, legal requirements, or business operations. Material changes (new data categories, new sharing partners, changes to rights, or significant AI use expansions) will be announced via prominent notice on the Platform, email to registered Users (where permitted), or banner for at least 30 days prior to effectiveness. The “Last Updated” date will be revised. Your continued use after the effective date constitutes acceptance. For material changes affecting EU users, we may seek renewed consent where required.

Previous versions will be archived and available upon request.

15. Governing Law, Dispute Resolution, and Class Action Waiver

This Policy and any dispute arising out of or relating to it or the Platform shall be governed by and construed in accordance with the laws of the State of Florida, United States of America, without regard to its conflict of laws principles.

Any dispute shall first be attempted to be resolved informally by contacting privacy@hospitalityhub.com. If unresolved within 30 days, disputes shall be submitted to binding arbitration administered by the American Arbitration Association (AAA) under its Commercial Arbitration Rules in Lee County, Florida (or virtually). The arbitration shall be conducted by a single arbitrator. Judgment on the award may be entered in any court of competent jurisdiction.

Class Action Waiver: You agree that any arbitration or proceeding shall be limited to the individual dispute between you and Hospitality Hook Up. You waive any right to participate in a class action, class arbitration, or other representative proceeding. This waiver is material to our agreement to provide the Services.

Notwithstanding the foregoing, either party may seek injunctive or other equitable relief in a court of competent jurisdiction for intellectual property or security matters. If any provision is held unenforceable, the remainder shall continue in full force.

16. Contact Information and Data Protection Officer

For questions, requests, complaints, or to exercise your rights under this Policy, please contact:

Hospitality Hook Up – Privacy Team Email: privacy@hospitalityhub.com Mailing Address: Hospitality Hook Up, Attn: Privacy Officer, [Cape Coral, Florida address – available upon verified request] Website Contact Form: https://hospitalityhookup.com/ (select “Privacy Request”)

If you are in the EEA, UK, or Switzerland and have concerns, you may also contact our designated representative or lodge a complaint with your local supervisory authority. For California residents, you may contact the California Privacy Protection Agency or Attorney General.

We will respond to all legitimate inquiries within the timeframes prescribed by law and strive to resolve concerns promptly and fairly.

Thank you for trusting Hospitality Hook Up with your professional journey in the hospitality industry.

We are committed to protecting your privacy while delivering exceptional job matching, career resources, and business networking tools for Southwest Florida’s vibrant restaurant and bar community. This Policy reflects our dedication to transparency, security, and compliance modeled on the highest standards in the job board sector.

If you have any questions or suggestions for improving this Policy, we welcome your feedback.

© 2026 Hospitality Hook Up. All Rights Reserved. This document is formatted for direct implementation as an H1–H6 structured article in WordPress or similar CMS. Word count: approximately 5,200 (excluding this notice).