Stratwell Consulting Logo

Contact Us

Stratwell Consulting Logo
Stratwell Consulting Logo

Internal Privacy & Cookies Policy

Privacy & Cookies Policy

Effective Date: May 5, 2025

Last Updated: April 12, 2026

1. Introduction

Reliance Hospitality Global Ltd Co, together with its affiliated companies and subsidiaries (collectively, “Reliance Hospitality,” “RH,” “we,” “us,” or “our”), respects your privacy and is committed to protecting the personal information you share with us. References in this Policy to “Reliance Hospitality” or “RH” include Reliance Hospitality Global Ltd Co and each of its affiliates, subsidiaries, and operating divisions, including Destinations by Reliance and RH Media Productions.

This Privacy & Cookies Policy (the “Policy”) explains how we collect, use, disclose, and safeguard information when you access our Microsoft 365 tenant, the RH Connect SharePoint portal, our websites, and other digital services operated by Reliance Hospitality or any of its affiliated companies and subsidiaries (collectively, the “Services”).

This Policy applies to employees, contractors, clients, guest collaborators (including users granted access through Microsoft Entra B2B), vendors, and any other authorized users who sign in to or otherwise interact with our Services. By signing in, you acknowledge that you have read and understood the practices described in this Policy.

2. Who We Are

Reliance Hospitality Global Ltd Co is an owner-side hospitality consulting and project management firm headquartered in Phoenix, Arizona, with affiliated companies and subsidiaries operating across consulting, project management, owner advisory, outsourced accounting, group travel (Destinations by Reliance), and media production (RH Media Productions). For the purposes of this Policy, the data controller is:

  • Reliance Hospitality Global Ltd Co (on behalf of itself and its affiliated companies and subsidiaries) 20860 N. Tatum Blvd., Suite 300 Phoenix, AZ 85050, United States Website: reliancehospitality.com

3. Information We Collect

We collect information that is necessary to authenticate users, provide our Services, and meet our legal and contractual obligations. The categories below describe the types of information we may process.

3.1 Information You Provide Directly

  • Identity and contact data, such as your name, business email address, telephone number, job title, employer, and mailing address.

  • Account and authentication data, such as user IDs, passwords, multi-factor authentication tokens, and security questions.

  • Professional and engagement data, such as company affiliation, role within a client organization, project assignments, and information you share through forms, portals, or correspondence.

  • Communications data, including the content of emails, chat messages, meeting invitations, comments, and files you submit through our Services.

3.2 Information Collected Automatically

  • Sign-in and device data, such as IP address, device identifiers, operating system, browser type and version, time zone, and language preferences.

  • Microsoft 365 telemetry, such as sign-in timestamps, conditional access evaluations, multi-factor authentication events, and security alerts generated by Microsoft Entra ID.

  • Usage data, such as the pages, files, and features you access; SharePoint and Smartsheet activity within RH Connect; and time spent on specific resources.

  • Cookies and similar technologies, as further described in Section 8.

3.3 Information From Third Parties

  • Identity providers, including Microsoft Entra ID, where you authenticate using your organization’s credentials (single sign-on) or a guest account.

  • Service providers, such as our cloud infrastructure, communications, analytics, and project management vendors, who may share information necessary to deliver our Services.

  • Publicly available sources, such as professional directories, when used for business development or due diligence in connection with our consulting engagements.

4. How We Use Your Information

We use the information we collect for the following purposes:

  • To verify your identity and authenticate access to the Services through Microsoft 365, Microsoft Entra ID, and Microsoft Entra B2B guest access.

  • To deliver, operate, and maintain the Services, including the RH Connect SharePoint portal, embedded Smartsheet dashboards, and related collaboration tools.

  • To perform the consulting, project management, owner advisory, group travel, content, and accounting services we provide under our engagements.

  • To monitor, secure, and improve the Services, including detecting and preventing fraud, abuse, security incidents, and unauthorized access.

  • To communicate with you about your account, our engagements, scheduled maintenance, policy changes, and other administrative matters.

  • To comply with applicable laws, regulations, court orders, audits, and contractual obligations.

  • To enforce our terms, agreements, and acceptable use policies, and to establish, exercise, or defend legal claims.

5. Legal Bases for Processing

Where the General Data Protection Regulation (GDPR), the UK GDPR, or similar laws apply, we rely on one or more of the following legal bases to process your personal information:

  • Performance of a contract, when processing is necessary to provide the Services or fulfill an engagement with you or your organization.

  • Legitimate interests, such as securing our systems, preventing fraud, managing client relationships, and operating our business, provided those interests are not overridden by your rights.

  • Legal obligation, when processing is required to comply with applicable laws or regulations.

  • Consent, where required, including for certain cookies, marketing communications, or other limited-purpose processing. You may withdraw consent at any time without affecting the lawfulness of prior processing.

6. How We Share Information

We do not sell your personal information. We share information only as described below:

  • Within the Reliance Hospitality group, including among Reliance Hospitality Global Ltd Co and its affiliated companies, subsidiaries, and operating divisions (such as Destinations by Reliance and RH Media Productions), where doing so supports the purposes described in this Policy.

  • With service providers and processors who perform services on our behalf, including Microsoft (Microsoft 365, Entra ID, SharePoint), Smartsheet, and other vendors that support hosting, security, analytics, communications, and project delivery.

  • With clients, partners, and authorized collaborators, where doing so is necessary to deliver the engagement for which your information was provided.

  • With professional advisors, such as attorneys, auditors, accountants, and insurers, where reasonably necessary.

  • With government, regulatory, or law enforcement authorities, where required by law or to protect our legal rights, the rights of others, or the security of the Services.

  • In connection with a corporate transaction, such as a merger, acquisition, financing, reorganization, or sale of assets, in which case information may be transferred subject to customary confidentiality protections.

7. Data Retention

We retain personal information for as long as necessary to fulfill the purposes described in this Policy, to comply with our legal, tax, accounting, and contractual obligations, and to resolve disputes or enforce our agreements. Retention periods vary based on the type of information and the engagement. When information is no longer needed, we will delete, anonymize, or securely archive it consistent with our internal data retention schedules.

8. Cookies and Similar Technologies

We and our service providers, including Microsoft, use cookies and similar technologies (such as pixels, web beacons, local storage, and session tokens) on our sign-in pages, websites, and within authenticated portions of the Services.

8.1 What Are Cookies?

A cookie is a small text file stored on your device when you visit a website or sign in to an application. Cookies allow the site or application to remember your actions and preferences over a period of time.

8.2 Categories of Cookies We Use

  • Strictly necessary cookies. Required to authenticate you, maintain your session, enforce security (including multi-factor authentication and conditional access), load-balance traffic, and remember your sign-in selections. These cookies cannot be disabled without breaking core functionality.

  • Functional cookies. Used to remember preferences such as language, time zone, and display settings so the Services work the way you expect on return visits.

  • Analytics and performance cookies. Help us understand how the Services are used so we can improve performance, troubleshoot issues, and enhance user experience. These may include cookies set by Microsoft within the Microsoft 365 environment.

  • Security cookies. Used to detect suspicious activity, prevent fraudulent sign-ins, and protect against unauthorized access.

We do not use cookies for advertising or cross-site behavioral tracking on our authenticated sign-in surfaces.

8.3 Managing Cookies

Most browsers allow you to control cookies through their settings, including blocking or deleting them. Please note that disabling strictly necessary cookies will prevent you from signing in to or using the Services. For additional information about how Microsoft uses cookies on sign-in pages and within Microsoft 365, please refer to the Microsoft Privacy Statement at privacy.microsoft.com.

9. Data Security

We implement administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, disclosure, alteration, and destruction. Measures include encryption in transit and at rest where appropriate, identity and access management through Microsoft Entra ID, multi-factor authentication, conditional access policies, role-based permissions, logging and monitoring, and employee training. No method of transmission or storage is completely secure, however, and we cannot guarantee absolute security.

10. International Data Transfers

Reliance Hospitality Global Ltd Co is based in the United States. If you access the Services from outside the United States, your information may be transferred to, stored in, and processed in the United States or other countries where our affiliated companies, subsidiaries, or service providers operate, which may not provide the same level of data protection as your jurisdiction. Where required by law, we implement appropriate safeguards, such as standard contractual clauses, to protect international transfers.

11. Your Privacy Rights

Depending on where you live, you may have certain rights regarding your personal information, including:

  • The right to access the personal information we hold about you.

  • The right to request correction of inaccurate or incomplete information.

  • The right to request deletion of your personal information, subject to applicable exceptions.

  • The right to object to or restrict certain processing activities.

  • The right to data portability, where applicable.

  • The right to withdraw consent, where processing is based on consent.

  • The right to lodge a complaint with a supervisory authority in your jurisdiction.

To exercise any of these rights, please contact us using the information in Section 14. We may need to verify your identity before responding. If your information was provided to us by a client (for example, as part of a consulting engagement), we may direct your request to that client as the data controller.

12. U.S. State Privacy Rights

Residents of certain U.S. states, including California, Colorado, Connecticut, Texas, Utah, and Virginia, may have additional rights under applicable state privacy laws, such as the right to know, access, correct, delete, and opt out of certain processing activities. We do not sell personal information and do not share personal information for cross-context behavioral advertising. To submit a verifiable consumer request, please contact us using the details in Section 14.

13. Children’s Privacy

The Services are intended for business and professional use and are not directed to children under the age of 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us so we can delete it.

14. Contact Us

If you have questions, comments, or requests regarding this Policy or our privacy practices, please contact us:

  • Reliance Hospitality Global Ltd Co Attn: Privacy Inquiries 20860 N. Tatum Blvd., Suite 300 Phoenix, AZ 85050, United States Email: privacy@reliancehospitality.com Website: reliancehospitality.com

15. Changes to This Policy

We may update this Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we do, we will revise the “Last Updated” date at the top of this Policy.

If changes are material, we will provide additional notice, such as through the sign-in page, an in-product banner, or direct communication where appropriate. Your continued use of the Services after the effective date of any update constitutes acceptance of the revised Policy.

Go to the Homepage