DerbySoft Privacy Policy

DerbySoft (including DerbySoft (Hong Kong) Limited, its subsidiaries and affiliates) respects your privacy. In this Privacy Policy, we will share with you the types of Personal Information we gather and how we may use that information.

For the purposes of this Privacy Policy, “Personal Information” means any information, including, without limitation, first names and last names, telephone numbers, addresses, financial information and email addresses, that by itself or in connection with other information we collect allows us or anyone to identify you.

This Privacy Policy applies to Personal Information you provide to us through any means including, without limitation, through our Site, via e-mail, and over the telephone. Any reference to our “Site” includes the DerbySoft website, any mobile applications and other software we may offer now or in the future, and any reference to our “Services” includes our Site and other information, product or service offered by us.

This Privacy Policy does not apply to third-party information, including personal information, processed by DerbySoft through DerbySoft systems and services on behalf of our customers, such as rate and availability information or booking information, which is to be processed in accordance with the terms and conditions agreed to by DerbySoft and the customer for whom it is being processed.

DerbySoft reserves the right to change or modify this Privacy Policy from time to time. When a revision is made we will revise the “last updated” date on this page. Your use of our Services will be subject to the most current version of this Privacy Policy posted on our Site at the time of your use. We recommend that you check our Site from time to time to inform yourself of any changes in this Privacy Policy or any of our other policies.

We may make additional features, functionality, offers, activities or events available to you subject to additional or different privacy rules that we disclose in connection with those opportunities.

Cross-Border Data Transmission

DerbySoft is headquartered in Dallas, Texas, and our primary data storage and processing facilities are in the United States of America (“USA”). If you are accessing the Services from another country, please note that all data we collect will be transmitted outside of your country and into the USA, where it will reside and be processed. In addition, we may process or store your data in countries beyond your country and the USA. By continuing to access this Site, or by providing your Personal Information, you explicitly consent to have your data so processed and stored.

Information We May Collect Automatically

Information about your computer. When you visit our Site, we may automatically receive and store certain types of information, such as the name of the domain and host from which you access the Internet; the IP address of the computer you are using and the browser and operating system you are using; the date and time you access our Site; the Internet address of the website from which you linked to our Site; any search terms you used to find our Site; the device identifiers and mobile and network information, and your actions on our Site. We may retain this information to assist us in analyzing the behavior of visitors to our Site, to resolve problems with our network and, in general, to administer our Site.

We may use cookies or similar programs, such as web beacons or web bugs, to collect the information described above, including tracking your device’s browsing habits on our Site. We may also use cookies to maintain session information you provide to us, so that when you leave our Site and return, our Site will recognize your device. A “cookie” is a small text file that is sent to your computer to collect information about your activities on our Site. The cookie transmits this information back to the applicable Site each time your browser requests a page from our Site. “Web beacons” are small pieces of code placed on websites used to collect advertising metrics, such as counting page views, promotion views, or advertising responses. We may also use cookies or web beacons to measure aggregate web statistics, including the number of monthly visitors, number of repeat visitors, most popular webpages and other information. We may allow our third-party service providers to use cookies for the same purposes that we can and we may otherwise allow third-parties to use cookies as set out in this Privacy Policy.

You always have a choice with regard to cookies. You can modify your browser preferences to allow you to accept or reject all cookies or to notify you when a cookie is set. However, because information we obtain may be combined, we may still be able to identify your web browser, computer or mobile device when you access our Services even if you disable cookies. If you choose to reject all cookies, you may be unable to use certain areas of our Site. Please consult your browser instructions for information on how to modify your choices about cookies. Finally, you may delete any existing cookies manually from the hard drive of your device. For more information about cookies, please visit

Log Data
Our web servers may also collect “log data.” Log data provides aggregate information about the number of visits to different pages on our Site. We use log data for troubleshooting purposes and to track which pages people visit in order to improve our Site. We do not link log data collected to Personal Information. Third-party vendors may also collect aggregate log data independently from us.

Tracking Images
We may use tracking images (such as GIFs), which are small image files that we may embed into our emails and newsletters, to learn whether you opened or forwarded them or clicked on any of the content. This information tells us about the effectiveness of our emails and newsletters and helps us ensure that we’re delivering information that you find interesting.

Some web browsers may transmit “Do-Not-Track” signals to websites with which the browser communicates, Section 22575 of the California Business & Professions Code requires website and online service operators to disclose whether they honor web browsers. Because there is not yet an accepted standard for how to respond to browser Do-Not-Track signals, we do not currently respond to them. Other parties may collect Personal Information about your online activities over time and across different web sites when you visit our Site, for example by using cookies on our Site. We have no access to or control over other parties’ Personal Information collection practices, even those with which DerbySoft may have an affiliation. You should carefully review the privacy policy and terms of any website you visit. For more information about Do Not Track, please visit

Information You May Provide to Us

Generally, we may require you to provide certain Personal Information in order to access or use certain functions, products or services on our Site or otherwise provided as part of our Services, such as requesting information about our products or requesting that your event be added to our event calendar. We may collect Personal Information from you offline, such as when you visit us at a convention, visit our offices or request information over the phone. You can choose not to provide such Personal Information, in which case you may not be able to access or use such functions, products or services.

If you submit any Personal Information relating to other people to us or to our service providers in connection with the Services, you represent that you have the authority to do so and to permit us to use the information in accordance with this Privacy Policy.

By Email
If you choose to email DerbySoft, we may retain your email addresses and copies of your email(s)— including whatever content is in such emails— either separately or in the same database. Also, we (or our third-party providers) may use tools to help prevent and block “spam” e- mail, viruses and other harmful or unwanted communications and programs that may be attached to or in the text of e-mails. These tools may automatically scan your e-mails, file attachments and other files and communications to help us protect you and DerbySoft against these harmful or unwanted communications and programs.

How We Use and Share Your Personal Information

Generally, we may use Personal Information that you provide to us to provide you (or your company) the Services that you have requested, and as otherwise described in this Privacy Policy. We will share Personal Information as needed to fulfill your request, as discussed below.

We may use Personal Information for our internal business purposes that include, but are not limited to, improving our Services, to comply with our own legal obligations, and communicating with you about our Services and other offerings that we believe may be of interest to you, changes to this Privacy Policy, and other topics related to our business.

We may use financial information or payment method you provide to process payment for any purchases, subscriptions or sales made on our Site or through the Services, to protect against or identify possible fraudulent transactions, and otherwise as needed to manage our business.

DerbySoft Entities
We may share your Personal Information with our affiliated entities, e.g. any corporate subsidiaries or affiliates.

Third-Party Service Providers
We may use third-party service providers to perform services on our behalf, including: payment processing, technology services, analytics, marketing, mailing and emailing.

We may use Google Analytics to help analyze how users use our Site, and we may use other third-party service providers to perform similar functions. Google Analytics uses cookies and other technologies to collect information such as how often users visit our Site, what pages they visit, and what other sites they used prior to coming to our Site. We use the information we get from Google Analytics only to improve our Site and Service. From our Site, Google Analytics collects only the IP address assigned to you on the date you visit our Site, rather than your name or other personally identifying information. Although Google Analytics plants a persistent Cookie on your web browser to identify you as a unique user the next time you visit our Site, the Cookie cannot be used by anyone but Google. Google’s ability to use and share information collected by Google Analytics about your visits to our Site is restricted by the Google Analytics Terms of Use and the Google Privacy Policy at

Site Host
Our Site, and therefore the information we collect in connection with it, is hosted by our technology service provider and stored on a third-party server. Therefore, our technology service provider technically has access to your Personal Information and other information; however, we control their actual access to this information by agreement, and they are not permitted to access it, unless we permit them to do so. We will only permit them to access your Personal Information as necessary to repair, maintain, host or improve our Site, and they will never be permitted to contact you as a result of this access.

Legal Process
We may disclose any information, including Personal Information, about you in response to a subpoena or similar investigative demand, a court order, or a request for cooperation from a law enforcement or other government agency; to establish or exercise our legal rights; to defend against legal claims; or as otherwise required by law. In such cases, we may raise or waive any legal objection or right available to us, in our sole discretion.

Emergencies, Fraud Prevention and Rights Enforcement
We may also use or disclose information, including Personal Information, about you when we believe disclosure is appropriate in connection with efforts to investigate, prevent, report or take other action regarding illegal activity, suspected fraud or other wrongdoing; to protect and defend the rights, property or safety of our company, our users, our employees, or others; to comply with applicable law or cooperate with law enforcement; or to enforce our website terms and conditions or other agreements or policies.

Corporate Reorganization
We may disclose your Personal Information to a third-party in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings).

Otherwise With Your Permission
We may use or disclose Personal Information as you may otherwise request or agree.

Social Media and Links to Third-Party Websites

Social Media
Our Site may contain plug-ins and other features that integrate third-party social media platforms into our Site. You will be able to activate them manually. If you do so, the third-parties who operate these platforms may be able to identify you, they may be able to determine how you use this website and they may link and store this information with your social media profile. Please consult the data protection policies of these social media platforms to understand what they will be doing with your personal data. If you activate these plug-ins and other features, you will be doing so at your own risk.

Third-Party Websites
Our Site may contain links to other parties’ websites. This Privacy Policy, and our responsibility, is limited to our own collection practices. We do not have any control over such third-party websites and are not responsible for their privacy policies or practices. In addition, we cannot ensure the content of the websites maintained by these third-parties, even if accessible using a link from our websites. We urge you to read the privacy and security policies of any external websites before providing any Personal Information while accessing those websites.

Storage of Data

DerbySoft stores Personal Information for as long as reasonably necessary to fulfill the purposes described in this Privacy Policy, as we determine is necessary for our business records, and as required under applicable law.

Protection of Your Data

While we cannot guarantee the security of anyone’s data (including our own), we understand the importance of data security and therefore take reasonable measures to protect your Personal Information in an effort to prevent loss, misuse and unauthorized access, disclosure, alteration and destruction.

Commercial Electronic Message Consent

By providing your email address to DerbySoft through our Site or otherwise, you affirmatively and expressly consent to receiving commercial emails from DerbySoft. DerbySoft may send you commercial emails in order to deliver a newsletter, to provide you with more information about our Services, and to provide you with updates, special offers, and other information, including but not limited to Site updates. You may unsubscribe from these commercial emails at any time by clicking on the “unsubscribe” link included in any email or by contacting DerbySoft via email at


Our Site is not directed at children. Consistent with the Federal Children’s Online Privacy Protection Act of 1998 (COPPA), DerbySoft will not knowingly request or collect personally identifiable information from any child under age 13 without requiring parental consent. Any person who provides his or her Personal Information to use through our Site or the Services represents that he or she is older than 12 years of age.

Your California Privacy Rights

Effective January 1, 2005, under California Civil Code Section 1798.83, if an individual who is a California resident has provided Personal Information to a business in connection with a business relationship that is primarily for personal, family or household purposes, and if that business has within the immediately preceding calendar year disclosed such an individual’s Personal Information to a third-party and knows or should have known that such third-party used the information for its own direct marketing purposes, then that business is obligated to disclose in writing to such individual upon request, what Personal Information was shared and with whom it was shared.

Any request for a disclosure required under this California law should be sent to us via email at or via regular mail at:

DerbySoft (Hong Kong) Limited
Attn: Regulatory Department
14800 Landmark Blvd., Suite 640
Dallas, Texas 75254

Please note that under this law, we are neither required to respond to a customer’s request more than once in a calendar year nor are we required to respond to any request that is not sent to the email or mailing address designated above.

Corrections and Updates

If you want to view, delete or modify your Personal Information, you may do so by sending an email to Please note that we may be required to keep certain information and not delete it (or to keep this information for a certain time, in which case we will comply with your deletion request only after we have fulfilled such requirements). When we delete any information, it will be deleted from the active database, but may remain in our archives.

You may also choose to opt-out of receiving future newsletters or any other email communications from DerbySoft by following the unsubscribe instructions included in email communications, or by contacting DerbySoft via email as provided above.

We reserve the right to verify the identity of any person making a request to opt-out, delete or modify Personal Information provided, however, that we will have no liability of any kind resulting from false or erroneous requests or any change or deletion made by us for any reason.

Contact, Questions or Complaints

We take your privacy seriously and invite you to contact us at the address below with any questions or concerns you may have regarding this Privacy Policy or our collection, storage and use of your Personal Information:

DerbySoft (Hong Kong) Limited
Attn: Regulatory Department
14800 Landmark Blvd., Suite 640
Dallas, Texas 75254

Terms Applicable to Data from EU Member Countries

If we collect Personal Information from EU residents in a manner subject to the General Data Protection Regulation then, in addition to the above, the following terms shall also apply to our collection, use and retention of that information:

Basis for Collection
As set out above, we collect and process Personal Information for which you have given your express consent at the time of collection. For example, we collect Personal Information when you elect to participate in one of our promotions. We also collect and process Personal Information in order to improve our services, to deliver services and perform obligations under contracts we have with you or your company, and to comply with our own legal obligations.

Sensitive Data
We do not collect sensitive data, for example, biometric data, health data or data revealing racial or ethnic origin from visitors to our Site.

Onward Transfer
Except as otherwise provided in this Privacy Policy, we only disclose Personal Information to third-parties who reasonably need to have access to it for the purpose of the transaction or activity for which it was originally collected or to provide services to or perform tasks on our behalf or under our instruction. All such third-parties must agree to use such Personal Information we provide to them only for the purposes for which we have engaged them and they must either: (a) comply with the EU-US Privacy Shield Principles or another mechanism permitted by the applicable EU & Swiss data protection law(s) for transfers and processing of Personal Information; or (b) agree to provide adequate protections for the Personal Information that are no less protective than those set out in this Privacy Policy. Where we have knowledge that an entity to whom we have provided Personal Information is using or disclosing Personal Information in a manner contrary to this Privacy Policy, we will take reasonable and appropriate steps to prevent, remediate or stop the use or disclosure.

Authorized Transfer
We also may disclose Personal Information for other purposes or to other third-parties when you have consented to or requested such disclosure. Please be aware that we will disclose Personal Information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. We are not liable for appropriate onward transfers of Personal Information to third parties.

Data Processors
We may retain third-parties to process or analyze Personal Information we collect from our Site. For example, our Site may be maintained or hosted by a third-party service provider, a promotion may be administered by a sales promotion agency and/or products may be fulfilled by a wholesaler. These suppliers and other third-parties who provide services for us are contractually obligated not to use Personal Information about you except as we authorize.

We may analyze Personal Information we have collected about you to create a profile of your interests and preferences so that we can contact you with information that is relevant to you. We may make use of additional information about you when it is available from external sources to help us do this effectively. We may also use Personal Information about you to detect and reduce fraud and credit risk.

Your Rights
Your rights include: (a) a right to withdraw your consent to the processing of Personal Information about you to which you have previously given consent; (b) a right to object to processing of Personal Information about you for the purpose of direct marketing; and (c) a right to have Personal Information about you corrected or removed.

If you request to have Personal Information removed, we may retain some of your Personal Information as necessary for the purposes of our legitimate business interests or in furtherance of public interests in accordance with applicable law. Any Personal Information you have shared publicly with others may continue to be publicly visible on our Site.

You also have the right to obtain a copy of the Personal Information we have about you, although we reserve the right to charge a reasonable fee for this depending on the nature and frequency of your request(s) and our cost to provide the information.

Questions and Complaints
If you have questions or complaints regarding this Privacy Policy or our handing of Personal Information about you, please contact We will promptly investigate and attempt to resolve complaints and disputes in a manner that complies with the principles described in this Privacy Policy.

Enforcement and Disputes
In addition to the above, you may complain to your home data protection authority and can invoke binding arbitration for some residual claims not resolved by other redress mechanisms. Contact details for the EU data protection authorities can be found at

Updated: July 2020

Report security or privacy issues that affect
Derbysoft products or web servers.