privacy policy
Effective Date: April 24, 2023
Mountain Capital Partners (MCP) owns and manages a collection of ski resorts and mountain bike parks in Arizona, Colorado, Nevada, New Mexico, Oregon, Texas and Utah (collectively, “MCP Resorts”). This Privacy Policy describes how MCP and our affiliates (collectively, “we” and “us”) collect, use and share your Personal Information (as defined below) when you visit any MCP Resorts website or use an online or mobile application where this Privacy Policy is referenced (our “Sites”). This Privacy Policy also applies to the Personal Information we collect when you visit any of our resorts, retail locations, rental locations, lodging, events sponsored in whole or in part by MCP Resorts (collectively, our “Locations”).
MCP reserves the right, at any time, to modify this Privacy Policy. If we make revisions that change the way we collect, use, or share your Personal Information, we will post those changes in this Privacy Policy. You should review this Privacy Policy periodically so that you keep up to date on our most current policies and practices. We will note the date of the latest version at the beginning of this Privacy Policy.
TYPES OF PERSONAL INFORMATION WE COLLECT
When we use the term “Personal Information” we mean information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a natural person or household, such as a real name, postal address, e-mail address, telephone number, payment information, pass or lift ticket ID number, profile photographs and location information. Information that is de-identified, aggregated, or anonymized will not be considered Personal Information. Publicly available information that is made available from federal, state, or local government records, also may not be Personal Information.
When visiting our Sites, interacting with us (e.g., filling in a webform, over the phone, by email) or providing information at any of our Locations, we may – depending on the activities you sign up for or participate in – collect the following types of Personal Information:
- Identification data (e.g., first name, last name, postal address, phone number, email address, height, weight, birthdate, skier type);
- Payment details or methods and transaction information (e.g., when you purchase lift tickets, event passes, or goods, or book accommodations online);
- Location data (e.g., the location where you stay or ski, the location of an event at one of our Locations that you attend, location data sent by your device, the runs that you ski or ride, or the ski lifts that you ride);
- Connection (e.g., IP address) and device information (e.g. device type and operating system);
- Data regarding your use of our Sites (e.g., date and time of visits, viewing information, pages viewed, keystroke activity, time spent on pages, scroll activity, click/touch information, content you provide, such as through email or messages, and mouse movements);
- Information relating to your preferences and activities (e.g., vertical distance by day; calories burned; time spent skiing or riding; individuals with whom you form groups for skiing or riding, as reflected in your use of our applications; frequency with which you use or visit various facilities, services, programs, or Locations; events attended;
- Details of ski-related accidents and other incidents;
- An assessment of your skiing/riding ability;
- Photographs and video of you at our Locations or that you otherwise submit; and
- Demographic information (e.g. household information, number of children, age ranges, gender).
Personal Information may be collected directly from you (e.g., when you fill out a webform on one of our Sites or a paper form at one of our Locations). Other sources enable us to obtain the Personal Information about you such as when:
HOW WE COLLECT PERSONAL INFORMATION
Most Personal Information is collected directly from you (e.g., when you fill out a webform on one of our Sites or a paper form at one of our Locations). Other sources enable us to obtain the Personal Information about you such as when:
- a third party provides information about you (e.g., someone orders a gift card online and wants to send it directly to you, he/she must provide us with your name and address; and travel agents or other business partners with whom we have joint marketing or service providing arrangements with, such as Expedia);
- your electronic communications devices, such as smartphones, tablets, or computers, automatically submit information about you;
- technology implemented at our Locations provides us with information (e.g., when your ski pass is scanned at a chairlift);
- we are provided information from other business partners;
- you are at one of our Locations, and we take photographs or videos of you; and
- such information is available from public sources.
In addition to the above, we may combine information you have provided to us on our Sites with information you have provided to us offline, including information you have provided to us at one of our Locations, and we may store this information together in your customer profile. For example, we may combine data automatically collected when you use your season ski pass, attend an event, rent equipment at one of our Locations, or otherwise visit one of our Locations, or data you provide to us when you stay at one of our hotels or resorts, with your customer profile. This enables us to provide the best experience possible when you visit our Locations.
WHY WE COLLECT AND USE PERSONAL INFORMATION
We use your Personal Information for the following purposes, all of which relate to the relationship between you and us, and the services we provide:
- to provide you or the person of your choice with the services and/or products you requested (e.g., passes, reservations);
- to perform transactions, in particular, to check your identity or the identity of the person you designated, as well as for billing and shipping purposes; and
- to provide you and/or the person you designated with after-sale support in case you encounter any difficulties following your transaction with us.
We also may process your Personal Information for the purposes listed below, which are necessary for us to pursue our legitimate interests and provide you with quality services and products:
- for security and fraud prevention purposes as well as for protecting our rights, pursuing available remedies and enforcing our Terms and Conditions;
- to administer our systems, debug, and improve the performance and accessibility of our Sites and Locations;
- to monitor and optimize the use of our facilities (e.g., when you scan your pass and ride one of our chairlifts, we use such information for monitoring the use of our chairlifts; improvement of facilities based on the number of attendees at events);
- to better understand your use of our products, services, programs, and events; and
- to improve our Sites, Locations and, more generally, our products, services, programs, and events.
In addition, we may also process your Personal Information:
- to provide you with marketing communications, recommendations and special offers regarding our products and services, as well as products and services of third parties which might be of interest to you; and
- to combine your data and implement profiling activities in order to better understand your needs, expectations and preferences and provide you with personalized content and targeted advertising accordingly.
We may also use and disclose your Personal Information for secondary purposes closely related to the purposes above, in circumstances where you would reasonably expect such use or disclosure to occur.
WITH WHOM WE SHARE PERSONAL INFORMATION
Under limited circumstances we may disclose the Personal Information we collect to third parties for all or part of the above-mentioned purposes. Examples of those circumstances are described below, along with some of the steps we take to limit the manner in which your Personal Information is used.
SERVICE PROVIDERS.
We may share your Personal Information with companies that provide support services to us (such as credit card processors, mailing houses, web hosts, application developers, event co-sponsors, concessionaires, or providers of online reservation services) or that help us market our products and services (such as email or text messaging vendors[BHFS4] ). These companies may need Personal Information about you in order to perform their functions. These companies are only authorized to use the Personal Information we share with them for the purpose of delivering the service we work with them to provide. In addition, we only disclose the Personal Information they need to provide the specific service or function.
SKI PASS PARTNERS.
MCP Resorts sometimes enters into contractual relationships with other resorts that we do not own. We enter those relationships so that our customers can access skiing or other resort services at those resorts. To facilitate those services we may share Personal Information about you with the other resort company so that they can provide the service and validate your ski pass and identity. We share Personal Information pursuant to written contracts with the partner resorts and limit the Personal Information to what is needed for the specific purpose.
WITH OTHER RESORTS’ ENTITIES.
In order to provide you with services and operate our business, including in connection with the uses disclosed above, Personal Information we collect may be shared, consistent with this Privacy Policy, with subsidiaries of MCP Resorts, including current or future parents, affiliates, subsidiaries, and entities sharing common ownership with MCP Resorts. All of the MCP Resorts entities are bound to this Privacy Policy.
IN CONNECTION WITH EVENTS SPONSORED IN WHOLE OR IN PART BY MCP RESORTS.
MCP Resorts may at times co-sponsor an event with business partners. We may share your Personal Information with those business partners to help us market or improve our products and services. We only disclose the Personal Information they need to provide help to us with that marketing or improvement. In addition, we share that Personal Information pursuant to written contracts with the business partners, limit the use of the information to the purpose for which it was shared, and limit the Personal Information to what is needed for the specific purpose, including providing aggregated or de-identified data when possible.
IN CONNECTION WITH CORPORATE EVENTS.
In the event of a merger, reorganization, acquisition, joint venture, assignment, spin-off, transfer, or sale or disposition of all or any portion of our business, including in connection with any bankruptcy or similar proceedings, we may transfer any and all Personal Information to the relevant third party. Your Personal Information would remain subject to this Privacy Policy.
IN SPECIAL CIRCUMSTANCES.
In certain special cases, we may disclose your Personal Information when we have reason to believe that disclosing this Personal Information is necessary to identify or contact you, or to provide you with emergency medical services, or bring legal action against someone who may be causing injury to you, MCP Resorts or someone else. We may disclose your Personal Information to a person who is seeking the Personal Information as your agent. We may disclose your Personal Information when we believe the law requires it, in response to any demand by law enforcement authorities in connection with a criminal investigation, in response to civil or administrative authorities in connection with a pending civil case, governmental authorities or administrative investigation, or in connection with an investigation conducted by MCP Resorts.
TEXT MESSAGE SERVICES
If you opt in to the MCP SMS service by providing MCP Resorts your mobile number, we will use that number to send you text messages. Our SMS service provides updates, alerts, and information, promotions, specials, and other marketing offers from MCP Resorts via text messages through your wireless provider to the mobile number you provided.
Text messages may be sent using an automatic telephone dialing system or other technology. Your consent to receive autodialed marketing text messages is not required as a condition of purchasing any goods or services. Message frequency varies. Text the single keyword command STOP in response to any message to cancel at any time. You’ll receive a one-time opt-out confirmation text message. For SMS service support or assistance, text HELP to in response to any message.
We do not charge for SMS services, but you are responsible for all charges and fees associated with text messaging imposed by your wireless provider. Message and data rates may apply.
The wireless carriers supported by our SMS service are not liable for delayed or undelivered messages.
You agree to indemnify, defend, and hold us harmless from any third-party claims, liability, damages or costs arising from your use of the Service or from you providing us with a phone number that is not your own.
To the extent permitted by applicable law, you agree that we will not be liable for failed, delayed, or misdirected delivery of any information sent through the Service, any errors in such information, and/or any action you may or may not take in reliance on the information or Service.
COOKIES AND TECHNOLOGY; THIRD-PARTY ADVERTISERS
COOKIES.
Many sites use “cookies,” which are small text files that reside on your computer to identify you as a unique user. We may use cookies on our Sites to allow us to, among other things, measure activity and to personalize your experience. For instance, cookies may enable us to remember your viewing preferences without requiring you to re-type a username and password. Cookies may also allow us to track your status or progress when requesting services or information. If you choose, you can set your browser to reject cookies or you can manually delete individual or all of the cookies on your computer by following your browser’s help file directions. However, if your browser is set to reject cookies or you manually delete cookies, you may have some trouble accessing and using some of the pages and features that are currently on our Sites, or that we may put on our Sites in the future.
WEB BEACONS.
A web beacon is an electronic file on a web page that allows us to count and recognize users who have visited that page. Among other things, a web beacon can be used in HTML-formatted email to determine responses to our communications and measure their effectiveness. For instance, if you get an email from us and click on a link in that email to go to our Sites. You can generally avoid web beacons in email by turning off HTML display and displaying only the text portion of your email.
WEB SERVER LOGS.
Web server logs are records of activity created by the computer that delivers the webpages you request to your browser. For example, a web server log may record the search term you entered or the link you clicked to bring you the webpage. The web server log also may record Personal Information about your browser, such as your IP address and the cookies set on your web browser by the server.
THIRD-PARTY ADVERTISING.
In addition, we may use third-party advertising companies to customize the advertisements you see on our Sites, on other websites, or on your mobile or other devices. These companies may use cookies, web beacons, or other technologies to collect information about your use of our Sites and other websites and applications, including in particular your IP address, web browser, mobile network information, pages viewed, time spent on pages or in applications, and links clicked. We may use this Personal Information to analyze data, determine the popularity of certain content, deliver advertising and content targeted to your interests, and better understand your online activity.
GOOGLE ANALYTICS.
Our Sites use Google Analytics, a web analytics service provided by Google, Inc. (“Google”), to better assist us in understanding how our Sites are used. Google Analytics will place cookies on your computer that will generate information that we select about your use of our Sites, including your computer’s IP address. That information will be transmitted to and stored by Google. The information will be used for the purpose of evaluating consumer use of our Sites, compiling reports on our Sites’ activity for our use, and providing other services relating our Sites’ activity and usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. You may refuse the use of cookies by selecting the appropriate settings on your browser. Please note that by doing so, you may not be able to use the full functionality of our Sites. The use of cookies by Google Analytics is covered by Google’s Privacy Policy, available at https://policies.google.com/privacy.
MORE INFORMATION.
You may wish to visit www.aboutcookies.org or http://www.youronlinechoices.com/ to learn more about cookies and how to manage the advertisement cookies placed on your devices.
LINKS TO THIRD-PARTY WEBSITES
Our Sites contain direct links to sites offered by third parties (e.g. co-branded event sites, or websites belonging to business partners). Those third-party sites are not covered by this Privacy Policy.
Some of the sites may give you the option of sharing your thoughts, Personal Information, or biking, skiing and snowboarding experiences automatically on their platforms. If you choose to share information with a third-party site such as Twitter or Facebook, or a third-party service such as Apple Health, the information you choose to share is not subject to this Privacy Policy. You should review the privacy policies of those sites or services to make an informed decision about whether to share your information. Further, you should review your account settings on those sites to ensure that you are comfortable sharing your information with the audience chosen in that account.
CHILDREN
We do not knowingly collect Personal Information on our Sites from children under the age of 13 without the prior consent of the child’s parent or guardian. If you believe that a child under age 13 (or other age applicable in a different jurisdiction) has provided Personal Information to us without the consent of a parent or guardian, please notify us at [email protected] as soon as possible so their data may be deleted.
CALIFORNIA RESIDENT PRIVACY RIGHTS
Under the California Consumer Privacy Act (“CCPA”), California residents have certain rights regarding the Personal Information that businesses have about them. This includes the right to request access or deletion of your Personal Information, as well as the right to direct a business to stop selling your Personal Information.
RIGHT TO NOTICE
You have the right to be properly notified of the following:
- Personal Information We Collect: Please review the section of this Privacy Policy titled “Types of Personal Information We Collect” for more information about the Personal Information we collected about you in the past 12 months.
- Why We Collect Personal Information: Please review the section of this Privacy Policy titled “Why Collect and Use Personal Information” for more information on why we collect Personal Information about you in the past 12 months.
- How We Collect Personal Information: Please review the section of this Privacy Policy titled “How We Collect Information” for more information on how we collect Personal Information about you in the past 12 months.
- With Whom We Share Your Personal Information: Please review the section of this Privacy Policy titled “With Whom We Share Personal Information” for more information on how we share Personal Information about you in the past 12 months.
RIGHT TO ACCESS YOUR INFORMATION
You have the right to request the following covering the 12 months preceding your request:
- The specific pieces of Personal Information we have collected about you
- The categories of Personal Information that we have collected about you
- The categories of sources from which we collected the Personal Information
- The purpose for collecting or selling the Personal Information
- The categories of Personal Information that we have disclosed about you, the purpose for disclosing such Personal Information and the categories of third parties with whom we disclosed such Personal Information
- The categories of Personal Information that we have sold about you, as well as the categories of third parties to whom we sold such Personal Information
RIGHT TO DELETION
You have the right to request that we delete any Personal Information about you that we have collected from you. Please note that there are exceptions where we do not have to fulfill a request to delete Personal Information, such as when the deletion of Personal Information would create problems with the completion of a transaction or compliance with a legal obligation.
RIGHT TO NON-DISCRIMINATION
We will not discriminate against you (e.g., through denying goods or services, or providing a different level or quality of goods or services) for exercising any of the rights afforded to you.
RIGHT TO OPT-OUT OF SALE
While we do not sell Personal Information in exchange for any monetary consideration, we do share Personal Information for other benefits that could be deemed a “sale,” as defined by the CCPA (Cal. Civ. Code 1798.140(t)(1)). We support the CCPA and wish to provide you with control over how your Personal Information is collected and shared. You have the right to direct us to not sell your Personal Information. If you would like to exercise your right to request opt-out of sale, please click here.
We do not knowingly sell the Personal Information of minors under 16 years of age without affirmative authorization.
Please note that we may still use aggregated and de-identified Personal Information that does not identify you or any individual; we may also retain Personal Information as needed in order to comply with legal obligations, enforce agreements, and resolve disputes.
See form, attached below. CCPA regulations require that the right to opt out of a Sale include an online form. However, the specific functionality of the form is not specified, and the simplest implementation is a page that generates an email with content from a simple form. Many companies find it expedient to combine this with a form for other requests.
How to Exercise Your Rights: To exercise your rights described above, please submit a verifiable consumer request to us by calling us at 970-382-2890 or by emailing us at [email protected] or contacting us through our MCP Privacy Request form.
Verifiable Consumer Requests: Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your Personal Information. You may only make a verifiable consumer request for access to your Personal Information twice within a 12-month period. The verifiable consumer request must: 1) Provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Information or an authorized representative of that person; and 2) Describe your request with sufficient detail that allows us to properly understand, evaluate and respond to it. We cannot respond to your request to exercise your access and/or deletion rights if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you. Making a verifiable consumer request does not require you to create an account with us. However, we do consider requests made through your password-protected account sufficiently verified when the request relates to Personal Information associated with that specific account. We will only use Personal Information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
We attempt to respond to a verifiable consumer request within 45 days after we receive it. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing within 45 days after we receive your initial request. If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. Any disclosures we provide will only cover the 12-month period prior to the date we receive the verifiable consumer request. The response we provide will also provide the reasons we cannot comply with a request, if applicable. For access requests, we will select a format to provide your Personal Information that is readily useable and should allow you to transmit the Personal Information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
Contact Information: In compliance with the CCPA, we commit to resolve complaints about your privacy and our collection or use of your Personal Information. California residents with inquiries or complaints regarding this Privacy Policy should first contact us at please submit your request by calling us at 970-382-2890 or by emailing us at [email protected] or through our MCP Privacy Request form.
Do Not Track (DNT): Our Sites do not respond to DNT signals. However, some third party websites do keep track of your browsing activities. If you are visiting such websites, you can set your preferences in your web browser to inform websites that you do not want to be tracked. You can enable or disable DNT by visiting the preferences or settings page of your web browser.
California’s Shine the Light law. California residents with an established business relationship with us can request information once a year about sharing their Personal Information with third parties for the third parties’ direct marketing purposes. If you would like to request more information under the California Shine the Light law, and if you are a California resident, you can contact us by calling us at 970-382-2890 or by emailing us at [email protected] or through our MCP Privacy Request form.
US-BASED ORGANIZATION
MCP is a US-based organization that is headquartered in the United States. Our data processing activities primarily occur in the United States. You acknowledge that any personal data we collect will be transferred to, processed, and stored in the United States. You further acknowledge that the United States has standards for the processing and storage of personal data that may not be equivalent to those in the country where you reside and/or are a citizen, and you consent to our collection, transfer, processing, and storage of your personal data in the United States.
EU USER’S RIGHTS WITH RESPECT TO PERSONAL INFORMATION
Depending on your local law, you may have certain rights with respect to your Personal Information, including the right to object to, restrict and/or withdraw your consent to the processing of your Personal Information, the right to access your Personal Information, and the ability to receive a machine-readable copy of your Personal Information. You may also have the right to ensure that we correct or delete any inaccurate or out of date Personal Information which we have about you.
If you believe that any Personal Information which we have about you is inaccurate or out of date and you would like us to correct or delete it, or you wish to exercise any other of your rights or have any questions or concerns about your Personal Information, please contact us at [email protected] or through our MCP Privacy Request form.
If you have a complaint about how we handle your Personal Information or respond to your request, you may be able to complain to your data protection authority. MCP asks that you kindly contact us first, so that we have an opportunity to resolve your complaint.
DATA SECURITY AND RETENTION
MCP Resorts has implemented physical, technological, and organizational safeguards and security measures designed to protect against the loss, misuse, or unauthorized access or disclosure of your Personal Information under our control. We also take measures to protect the Personal Information we disclose to third parties, for example by entering into contractual agreements stipulating the confidentiality of the Personal Information and the purposes for which it is to be used. Please be aware though that, despite our efforts, no security measures are perfect or impenetrable. You can help us by protecting and keeping your passwords safe at all times, and not using the same password for different applications or sites. You also can protect yourself and help us reduce the risk of fraud by promptly notifying us if you suspect that your credit card, other resort-specific payment product, user name, or password is lost, stolen or used without permission.
We will retain your Personal Information for the length of time needed to fulfill the purposes outlined in this Privacy Policy. Personal Information that is no longer required for those purposes will be destroyed or made irreversibly anonymous.
UPDATES TO THIS PRIVACY POLICY
We may change this Privacy Policy from time to time. We encourage you to periodically review this page for the latest information on our privacy practices. The “Effective Date” at the top of this Privacy Policy indicates when this Privacy Policy was last revised. Any changes will become effective when we post the revised Privacy Policy on our Sites. Your use of our Sites following these changes means that you accept the revised Privacy Policy.
HOW TO CONTACT US
If you have any questions or concerns regarding this Privacy Policy, or if you would like to access to, opt-out of, delete, or unsubscribe from our use of your Personal Information, you may reach us by email at: [email protected] or by telephone at (970) 382-2890 or by mail: PO Box 17000, Durango, CO 81301 or contacting us through our MCP Privacy Request form.