The privacy and security of your information is very important to us. Whether you are accessing information, submitting request to book a room or are a member of one of our loyalty programmes, we want you to trust that the information that you have provided to us is being properly managed and protected. We have prepared this Privacy Statement to explain more about who we are and how we collect and manage your information.
Information we collect and how we use and share it
We collect and use personal information if you make a booking through our reservation system. We generally collect this information directly from you, but in some cases we may collect your information from other sources. In these cases we always ask members to make sure anyone they refer is happy for their personal information to be passed to us, and to direct friends to read this privacy policy if they want to find out more about how we use their information. We also collect information through our third party service providers' use of technologies such as pixels, web beacons, tracking tools and similar technologies. You do not have to provide us with your information although in some cases, if you do not, it may mean that you are unable to use our services. For example, we may be unable to complete any booking you may wish to make, or you may be unable to participate in our loyalty programmes.
To learn more about how we collect, use and share your information, please click the relevant section below.
We will also share your information with other third parties in circumstances, such as:
There are other times when we collect and use personal information, for example if you choose to participate in one of our competitions or sweepstakes, sign up to receive our newsletters or other special offers and promotions, download one of our mobile applications or participate in one of our other services. In these instances, we will collect information from you for running and administering the respective competition, sweepstakes or service that you have elected to participate in. The information collected may include personal details such as your name and address as well as certain demographic information. In each case, we will collect, use and secure your information in a manner consistent with the general principles set out in this Privacy Statement unless we tell you otherwise.
We also collect information from you when you browse our website, use our mobile applications or participate in certain services hotel. In these instances, information such as your country information, internet protocol (“IP”) address, media access control address and other characteristics about your system or device may be automatically collected. This information is collected for functional purposes as well as to improve your experience when using these services. This information may also be used for aggregated trend and statistical analysis, and for showing you more relevant advertisements and messages.
The legal basis for processing your personal data: We are committed to collecting and using your information in accordance with applicable data protection laws.
We will only collect, use and share your information where we are satisfied that we have an appropriate legal basis to do this. This may be because:
If you would like to find out more about the legal basis for which we process personal information, please contact our office. If you have provided your consent to our processing of your information you can withdraw this consent at any time by contacting the our office.
Data transfer
As we operate via a global network of vendors, reservation and service centres, data centres and hotels, it may be necessary to transfer your information to a country outside of the country where it was originally collected or outside of your country of residence or nationality. The information that you provide us during the course of a reservation or through the provision of any other services may be transferred to any of our website or affiliated entities and hotels around the world for the purposes of carrying out or facilitating these services. It will also be necessary to transfer this information to third parties, including, without limitation, our Franchisees, partners and third-party service providers.
Using our websites, mobile applications and other technology
We and our third-party service providers use cookies, pixels, web beacons, tracking tools and other similar technologies on our websites, mobile applications and in other areas of our business to collect information and provide you with the services that you have requested or participate in and to provide targeted advertising. Subject to local consent requirements, we may use this and other information we collect, such as a hashed email address, to help us and our third-party service providers identify other devices that you use (e.g., a mobile phone, tablet, other computer, etc.). We, and our third party service providers, also may use the cross-device tracking and other information we learn about you to serve targeted advertising on your devices. We also use the information that we collect to improve our products and services as well as your experience when visiting our websites and using our mobile applications. For more information on these subjects, please click the relevant section below.
Cookies and other tracking technologies
What is a cookie: A “cookie” is a small text file that is placed onto an Internet user’s web browser or device and is used to remember as well as obtain information about that party. You might be assigned a cookie when visiting our websites or when using our mobile applications. In some instances, where permitted under the applicable law, cookies may also be used for the purposes of certain email campaigns.
What types of cookies we use and how we use them: We use three primary types of cookies, which include:
How we use the information we collect
We use personal information only for the purposes described in this Policy, except if otherwise disclosed to you at the time the data is collected or further authorized by law or by you.
We use the personal information that we collect through this website to operate, maintain, enhance and provide all features of the service, to provide services and information that you request, to respond to comments and questions and to provide support to users.
We use the personal information that we collect through this website to understand and analyze the usage trends and preferences of our users, to improve the website service.
How we secure your information
We are committed to protecting the confidentiality and security of the information that you provide to us. To do this, technical, physical and organisational security measures are put in place to protect against any unauthorised access, disclosure, damage or loss of your information. The collection, transmission and storage of information can never be guaranteed to be completely secure, however, we take steps to ensure that appropriate security safeguards are in place to protect your information.
Managing your preferences and information
We want to ensure that you have the necessary tools at your disposal to control the information that you provide to us, including how we communicate with you. It is also important that you contact us to update your information if any of it is inaccurate or changes. Please click the relevant section below to learn more about how to control how we communicate with you and how to update, modify and delete your information.
Children
Our websites are not intended for children and we do not intentionally solicit or collect personal information from individuals under the age of 18. If we are notified or otherwise discover that a minor’s personal information has been improperly collected, we will take all commercially reasonable steps to delete that information. In limited instances, we may have a campaign or programme targeted towards children. In these instances details on the information practices will be presented within the terms and conditions of the programme or campaign.
Retaining your information in our systems
We generally only keep your information for as long as is reasonably required for the reasons explained in this privacy policy. In some cases we keep transactional records (which may include your information) for longer periods if necessary to meet legal, regulatory, tax or accounting needs. We will also retain information if we reasonably believe there is a prospect of litigation.
We maintain a data retention policy which we apply to the records we hold.
How to contact us
For any questions or concerns regarding this Privacy Statement or our data privacy practices, please call our office.
Changes to this Privacy Statement
In some instances, we may have to change, modify or amend this Privacy Statement in order to comply with the evolving regulatory environment or the needs of our business. Subject to any applicable legal requirements to provide additional notice, any changes to this Privacy Statement will be communicated through our websites and mobile applications. You are encouraged to revisit our privacy policy and legal section to review updated policy.
You have legal rights under EU data protection laws in relation to your personal information. Click on the links below to learn more about each right you may have. To exercise any of your rights please contact our Data Protection Officer by calling our office.
To access personal information
You can ask us to confirm whether or not we have and are using your personal information and for a copy of your information.
To correct / erase personal information
You can ask us to correct any information about you which is incorrect. We will be happy to rectify such information but would need to verify the accuracy of the information first.
You can ask us to erase your information if you think we no longer need to use it for the purpose we collected it from you. You can also ask us to erase your information if you have either withdrawn your consent to us using your information (if we originally asked for your consent to use your information), or exercised your right to object to further legitimate use of your information, or where we have used it unlawfully or where we are subject to a legal obligation to erase your personal information.
We may not always be able to comply with your request, for example where we need to keep using your information to comply with our legal obligation or where we need to use your information to establish, exercise or defend legal claims.
To restrict how we use personal information
You can ask us to restrict our use of your information in certain circumstances, for example:
We can continue to use your information following a request for restriction where we have your consent to use it; or we need to use it to establish, exercise or defend legal claims, or we need to use it to protect the rights of another individual or a company.
To object to how we use your information
You can object to any use of your information which we have justified on the basis of our legitimate interest, if you believe your fundamental rights and freedoms to data protection outweigh our legitimate interest in using the information. If you raise an objection, we may continue to use your information if we can demonstrate that we have compelling legitimate interests to use the information.
You can also require us to stop using your data for direct marketing purposes.
To ask us to transfer your information to another organisation
You can ask us to provide your personal information to you in a structured, commonly used, machine-readable format, or you can ask to have it transferred directly to another data controller (e.g. another company).
You may only exercise this right where we use your information in order to perform a contract with you, or where we asked for your consent to use your information. This right does not apply to any information which we hold or process that is not held in digital form.
Right to obtain a copy of personal information safeguards used for transfers outside your jurisdiction
You can ask to obtain a copy of, or reference to, the safeguards under which your personal information is transferred outside of the European Union.
We may redact data transfer agreements to protect commercial terms.
We may ask you for proof of identity when making a request to exercise any of these rights. We do this to make sure that we only disclose information where we know we are dealing with the right individual.
We will not ask for a fee, unless we think your request is unfounded, repetitive or excessive. Where a fee is necessary, we will inform you before proceeding with your request.
We aim to respond to all valid requests within one month. It may however take us longer if the request is particularly complicated or you have made several requests. We will let you know if we think a response will take longer than one month. To help us respond more quickly, we may ask you to provide more detail about what you want to receive or are concerned about.
We may not always be able to do what you have asked, for example if it would impact the duty of confidentiality we owe to others, or if we are otherwise legally entitled to deal with the request in a different way.