Privacy Policy

We respect your privacy and are committed to protecting the personal and business information you share with us.

Scope of this Privacy Policy

This Privacy Policy applies to:

  • Vendors and suppliers using the Metro InHouse Vendor Portal
  • Property managers and hotel representatives
  • Visitors to our website
  • Individuals contacting our support team
  • Users interacting with our Services

This Privacy Policy does not apply to third-party websites, products, or services that may be linked from our platform.

Information We Collect

We collect information directly from you, automatically through your use of our Services, and from third-party sources where permitted by law.

A. Information You Provide

When registering or using the Vendor Portal, you may provide:

Business Information

  • Company name
  • Business address
  • Business registration information
  • Tax identification information (when required)
  • Business licenses
  • Service categories
  • Company website
  • Years in business

Contact Information

  • Full name
  • Email address
  • Phone number
  • Job title
  • Mailing address

Account Information

  • Username
  • Password (encrypted)
  • Security preferences
  • Login credentials

Vendor Profile Information

You may voluntarily provide:

  • Company description
  • Certifications
  • Insurance information
  • Service areas
  • Product catalogs
  • Pricing information
  • Company logo
  • Supporting documents

Bid Information

When submitting bids, we collect information including:

  • Bid amount
  • Pricing details
  • Proposed completion dates
  • Notes and comments
  • Attachments
  • Supporting documentation

B. Information Collected Automatically

When you use our Services, we automatically collect certain technical information, including:

  • IP address
  • Browser type
  • Operating system
  • Device information
  • Internet service provider
  • Session information
  • Login timestamps
  • Pages visited
  • Referral URLs
  • Device identifiers
  • Crash reports
  • Performance data

C. Cookies and Similar Technologies

We use cookies and similar technologies to:

  • Authenticate users
  • Maintain secure sessions
  • Remember user preferences
  • Improve website performance
  • Analyze usage trends
  • Prevent fraudulent activity

Users may configure their browsers to reject cookies; however, certain features of the Services may not function properly.

How We Use Your Information

We use your information for legitimate business purposes, including to:

  • Create and manage vendor accounts
  • Verify business identities
  • Process registrations
  • Enable bid submissions
  • Match vendors with hotel requests
  • Facilitate communication between vendors and property managers
  • Improve platform functionality
  • Provide customer support
  • Detect fraud
  • Maintain platform security
  • Monitor system performance
  • Conduct analytics
  • Respond to legal requests
  • Comply with applicable laws and regulations

How We Share Information

We do not sell your personal information.

We may share your information under the following circumstances.

A. With Property Managers

Information necessary for evaluating bids may be shared with authorized property managers, including:

  • Company information
  • Contact information
  • Submitted bids
  • Supporting documents
  • Vendor qualifications
  • Certifications

B. Service Providers

We may share information with trusted third-party providers who assist us with:

  • Cloud hosting
  • Customer support
  • Email delivery
  • Payment processing (if applicable)
  • Security monitoring
  • Analytics
  • Infrastructure management

These providers are contractually obligated to protect your information.

C. Legal Requirements

We may disclose information if required to:

  • Comply with applicable law
  • Respond to court orders
  • Respond to lawful government requests
  • Protect our legal rights
  • Prevent fraud
  • Protect users and public safety

D. Business Transfers

In the event of a merger, acquisition, financing, bankruptcy, or sale of assets, user information may be transferred as part of the transaction, subject to applicable law.

Data Retention

We retain information only as long as reasonably necessary to:

  • Provide our Services
  • Maintain business records
  • Resolve disputes
  • Enforce agreements
  • Meet legal obligations
  • Prevent fraud

Retention periods vary depending on the type of information and applicable legal requirements. When information is no longer required, it will be securely deleted or anonymized.

Data Security

We implement reasonable administrative, technical, and physical safeguards designed to protect your information, including:

  • Encryption of sensitive data in transit
  • Secure password storage using industry-standard hashing
  • Role-based access controls
  • Multi-factor authentication where applicable
  • Firewall protection
  • Continuous security monitoring
  • Routine vulnerability assessments
  • Backup procedures
  • Logging and audit trails

Despite our efforts, no system can guarantee absolute security. Users are responsible for maintaining the confidentiality of their account credentials.

Your Rights and Choices

Depending on your jurisdiction, you may have the right to:

  • Access your personal information
  • Correct inaccurate information
  • Update account details
  • Request deletion of certain information
  • Request restrictions on processing
  • Object to certain uses
  • Withdraw consent where applicable
  • Request a copy of your information where legally required

Requests may be submitted through our support team. We may verify your identity before fulfilling requests.

Account Responsibilities

You are responsible for:

  • Maintaining accurate account information
  • Protecting your password
  • Restricting unauthorized access
  • Promptly notifying us of suspected unauthorized use
  • Updating your information when changes occur

Third-Party Services

Our Services may integrate with third-party platforms, including:

  • Email providers
  • Mapping services
  • Cloud hosting providers
  • Authentication providers
  • Analytics platforms

We are not responsible for the privacy practices of third-party services. Users should review the privacy policies of those providers separately.

International Data Transfers

Our Services are intended primarily for users within the United States. If you access our Services from outside the United States, your information may be transferred to and processed in the United States, where privacy laws may differ from those in your jurisdiction.

By using our Services, you consent to such transfers where permitted by law.

Children's Privacy

Our Services are intended solely for businesses and individuals who are at least eighteen (18) years of age. We do not knowingly collect personal information from children under the age of 13 in accordance with the Children's Online Privacy Protection Act (COPPA).

If we become aware that information from a child has been collected inadvertently, we will take reasonable steps to delete it promptly.

Arizona Residents

If you are a resident of Arizona, you may have rights under applicable Arizona laws concerning fraud prevention, identity protection, and consumer privacy.

Nothing in this Privacy Policy limits any rights available under applicable Arizona or federal law.

California Residents

If applicable, California residents may have additional privacy rights under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA).

Eligible requests may include:

  • Right to know
  • Right to delete
  • Right to correct
  • Right to opt out of certain data sharing
  • Right to non-discrimination

Where required by law, we will honor verified consumer requests.

Do Not Track Signals

Our Services currently do not respond to browser "Do Not Track" signals because there is no universally accepted industry standard for doing so.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When material changes are made, we will revise the Effective Date and may provide additional notice through the Services or by email where appropriate.

Continued use of the Services after changes become effective constitutes acceptance of the updated Privacy Policy.

Governing Law

This Privacy Policy shall be governed by and interpreted in accordance with the laws of the State of Arizona, without regard to its conflict of law principles, and applicable federal laws of the United States.

This Privacy Policy is intended to explain our information handling practices and does not create contractual rights beyond those required by applicable law. Users are encouraged to review this policy periodically for updates.

Questions about your privacy?

Reach out to our team for anything related to this Privacy Policy or how we handle your data.