Privacy Policy

1. Introduction

A2 Management & Holdings, LLC d.b.a. WelcomeSign ("WelcomeSign," "we," "us," or "our") respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our digital welcome screen platform and related services (collectively, the "Service").

By accessing or using the Service, you agree to this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access the Service.

WelcomeSign is a service provided by A2 Management & Holdings, LLC, a company incorporated in the State of South Carolina, United States.

2. Information We Collect

We collect several types of information from and about users of our Service:

2.1 Information You Provide to Us

• Account Information: When you register for an account, we collect your name, email address, phone number, and password.
• Property Information: Details about your vacation rental properties, including addresses, property descriptions, WiFi credentials, and amenities.
• Payment Information: When you subscribe to our paid services, we collect payment information through our third-party payment processor, Stripe. We do not store your complete credit card number on our servers.
• Communications: When you contact us, we collect the content of your messages along with your contact information.
• Content: Any content you upload to the Service, including images, text, and guidebook information.

2.2 Guest Information from Property Management Systems

If you connect a property management system (PMS) to WelcomeSign, we may receive the following guest information to personalize welcome screens:

• Guest names
• Phone numbers
• Email addresses
• Booking dates and reservation details

This information is used solely to display personalized welcome messages on your property's TV devices and is handled according to this Privacy Policy.

2.3 Device Information

When you register and use TV devices with our Service, we automatically collect:

• Device IP address
• Device serial number
• Device make and model
• Timestamps and heartbeat data (indicating when the app is active)
• Platform type (e.g., Roku, Fire TV, Apple TV)

2.4 Automatically Collected Information

When you access the Service through a web browser, we may automatically collect:

• Browser type and version
• Operating system
• Access times and dates
• Pages viewed
• Referring URL

3. How We Use Your Information

We use the information we collect for various purposes, including to:

• Provide and maintain the Service: Display personalized welcome screens, manage your properties and devices, and process bookings.
• Process transactions: Process payments, send receipts, and manage subscriptions.
• Communicate with you: Send service-related announcements, respond to inquiries, and provide customer support.
• Improve the Service: Analyze usage patterns to improve features, fix bugs, and develop new functionalities.
• Ensure security: Monitor for fraudulent activity, protect against unauthorized access, and enforce our terms of service.
• Comply with legal obligations: Respond to lawful requests from public authorities and comply with applicable laws.
• Personalize user experience: Customize content based on your preferences and property settings.

4. Legal Basis for Processing

We process your personal information based on the following legal grounds:

• Contract Performance: Processing necessary to fulfill our contract with you (e.g., providing the Service you subscribed to).
• Legitimate Interests: Processing necessary for our legitimate business interests (e.g., improving the Service, ensuring security), provided these interests do not override your rights.
• Legal Compliance: Processing necessary to comply with our legal obligations.
• Consent: Where you have given us explicit consent to process your information for specific purposes.

5. Information Sharing and Disclosure

We do not sell your personal information. However, we may share your information in the following circumstances:

5.1 Service Providers

We share information with third-party vendors who perform services on our behalf, including:

• Payment processing (Stripe)
• Cloud hosting and storage (Amazon Web Services)
• Email delivery services
• Customer support platforms

5.2 Integration Partners

When you enable integrations with third-party services (such as property management systems, tour booking platforms, or local service providers), we may share necessary information with these partners to facilitate the integration. Each integration will be disclosed to you before activation, and you may choose which integrations to enable.

5.3 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., court orders, subpoenas, or government agencies).

5.4 Business Transfers

If WelcomeSign is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control.

5.5 Protection of Rights

We may disclose information to protect the rights, property, or safety of WelcomeSign, our users, or others.

6. Payment Processing

6.1 Information Collected by Stripe

When you make a payment through our Service, Stripe collects and processes:

• Credit or debit card number
• Card expiration date
• Card security code (CVV/CVC)
• Billing address
• Name on card

6.2 Information We Receive from Stripe

We receive limited information from Stripe to manage your subscription:

• Last four digits of your card
• Card brand (e.g., Visa, Mastercard)
• Card expiration date
• Billing address
• Payment status and transaction history

6.3 PCI Compliance

Stripe is certified as a PCI Level 1 Service Provider, the most stringent level of certification available in the payments industry. We do not store complete credit card numbers on our servers.

6.4 Stripe's Privacy Policy

For more information about how Stripe handles your payment information, please review Stripe's Privacy Policy.

7. Cookies and Tracking Technologies

7.1 What Are Cookies

Cookies are small text files stored on your device when you visit a website. They help websites remember your preferences and improve your experience.

7.2 How We Use Cookies

Currently, we use cookies only for essential purposes:

• Authentication Cookies: These cookies are necessary to identify you when you log in to your account and maintain your session while you use the Service. Without these cookies, you would not be able to access your account.

7.3 Types of Cookies We May Use in the Future

We may implement additional cookies in the future, including:

• Analytics Cookies: To understand how users interact with the Service
• Preference Cookies: To remember your settings and preferences
• Marketing Cookies: To deliver relevant advertisements

This Privacy Policy will be updated before implementing any additional tracking technologies.

7.4 Managing Cookies

Most web browsers allow you to control cookies through their settings. However, if you disable authentication cookies, you will not be able to log in to your WelcomeSign account.

7.5 Do Not Track Signals

Some browsers have a "Do Not Track" feature. We currently do not respond to Do Not Track signals because we do not track users across third-party websites.

8. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements.

8.1 Active Accounts

We retain your account information for as long as your account is active or as needed to provide you with the Service.

8.2 Account Deletion

When you request account deletion, we will delete your personal data immediately from our active systems. However:

• Backups: Our automated backup systems retain data for up to 90 days. Your data may remain in backups created before your deletion request during this period.
• Legal Requirements: We may retain certain information as required by law (e.g., tax records, invoices) even after account deletion.

8.3 Guest Information

Guest information received from property management systems is retained only for the duration of the associated booking and a reasonable period thereafter (typically 30 days) to support your operations.

9. Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit using TLS/SSL
• Encryption of sensitive data at rest
• Regular security assessments and updates
• Access controls limiting employee access to personal data
• Secure cloud infrastructure (AWS)

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

10. Your Privacy Rights

Depending on your location, you may have certain rights regarding your personal information:

• Access: Request a copy of the personal information we hold about you.
• Correction: Request correction of inaccurate or incomplete information.
• Deletion: Request deletion of your personal information, subject to certain exceptions.
• Portability: Request a copy of your data in a structured, machine-readable format.
• Objection: Object to certain processing of your personal information.
• Restriction: Request restriction of processing in certain circumstances.

To exercise these rights, please contact us using the information provided in the "Contact Us" section below.

11. California Privacy Rights (CCPA)

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):

11.1 Right to Know

You have the right to request that we disclose:

• The categories of personal information we have collected about you
• The categories of sources from which the personal information is collected
• The business or commercial purpose for collecting the personal information
• The categories of third parties with whom we share personal information
• The specific pieces of personal information we have collected about you

11.2 Right to Delete

You have the right to request that we delete your personal information, subject to certain exceptions provided by law.

11.3 Right to Correct

You have the right to request correction of inaccurate personal information.

11.4 Right to Opt-Out of Sale or Sharing

While we do not sell personal information, we may share information with integration partners when you enable specific integrations. This sharing is for operational purposes to provide the Service you requested, not for monetary or other valuable consideration.

11.5 Right to Limit Use of Sensitive Personal Information

We do not use sensitive personal information for purposes other than those permitted under the CCPA.

11.6 Right to Non-Discrimination

We will not discriminate against you for exercising any of your CCPA rights.

11.7 Categories of Personal Information Collected

In the preceding 12 months, we have collected the following categories of personal information:

• Identifiers: Name, email address, phone number, IP address, device identifiers
• Commercial Information: Subscription history, payment records
• Internet Activity: Browsing history within our Service, device heartbeat data
• Geolocation Data: Property addresses
• Professional Information: Property management and business information

11.8 How to Submit a Request

To submit a request to know, delete, or correct your personal information, please contact us at:

• Email: welcomesign@linsday.net

We will verify your identity before processing your request. You may designate an authorized agent to make a request on your behalf.

11.9 Financial Incentives

We do not offer financial incentives for the collection of personal information.

11.10 Shine the Light Law

California's "Shine the Light" law permits California residents to request information about disclosure of personal information to third parties for direct marketing purposes. We do not disclose personal information to third parties for their direct marketing purposes.

12. European Privacy Rights (GDPR)

While our Service is currently available only in the United States, we recognize the importance of GDPR principles and are committed to providing strong privacy protections for all users.

12.1 GDPR Rights

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland and use our Service, you have the following rights under the General Data Protection Regulation (GDPR):

• Right of Access: Obtain confirmation of whether we process your personal data and receive a copy of that data.
• Right to Rectification: Request correction of inaccurate personal data.
• Right to Erasure: Request deletion of your personal data under certain circumstances.
• Right to Restriction: Request restriction of processing under certain circumstances.
• Right to Data Portability: Receive your personal data in a structured, commonly used format.
• Right to Object: Object to processing based on legitimate interests or for direct marketing.
• Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent.
• Right to Lodge a Complaint: Lodge a complaint with a supervisory authority.

12.2 Data Controller

A2 Management & Holdings, LLC d.b.a. WelcomeSign is the data controller for the personal information we collect and process.

12.3 International Transfers

Your personal data may be transferred to and processed in the United States, where our servers are located. By using the Service, you consent to this transfer.

13. Children's Privacy

The WelcomeSign web application and management platform are intended for users who are 18 years of age or older. We do not knowingly collect personal information from children under 18 through our web application.

The TV display application may be viewed by individuals of any age as it displays property information and welcome screens. The TV application does not collect personal information from viewers.

If we learn that we have collected personal information from a child under 18 without parental consent, we will delete that information as quickly as possible. If you believe we might have information from a child under 18, please contact us at welcomesign@linsday.net.

14. International Data Transfers

WelcomeSign is based in the United States and our Service is currently available only to users in the United States. All data is stored on servers located in the United States through Amazon Web Services (AWS).

If you access the Service from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States where our servers are located and our central database is operated.

15. Third-Party Links and Services

The Service may contain links to third-party websites, services, or applications that are not operated by us. This Privacy Policy does not apply to those third-party services. We encourage you to review the privacy policies of any third-party services you access through our Service.

We are not responsible for the privacy practices or content of these third-party services.

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any material changes by:

• Posting the new Privacy Policy on this page
• Updating the "Last Updated" date at the top of this Privacy Policy
• Sending you an email notification for significant changes

We encourage you to review this Privacy Policy periodically for any changes. Your continued use of the Service after any modifications to the Privacy Policy will constitute your acknowledgment of the modifications and your consent to abide by the modified Privacy Policy.

17. Contact Us

If you have any questions about this Privacy Policy, our data practices, or would like to exercise your privacy rights, please contact us:

This Privacy Policy was last updated on November 20, 2025.