Privacy Policy
Privacy Policy
Managing your preferences and information
We want to ensure that you have the necessary tools at your disposal to control the information that you provide to us, including how we communicate with you. It is also important that you contact us to update your information if any of it is inaccurate or changes. Please click the relevant section below to learn more about how to control how we communicate with you and how to update, modify and delete your information. EU Data Subjects, please see also the EU-specific section Californians, please see also the CA-specific section.
Request to have your information removed, by filling out the CCPA form here: hotelinsd.com/ccpa.
Managing your information
Links to Other Sites
Our websites and applications contain links to websites that are maintained and/or controlled by non-affiliated parties. In some instances these websites may be co-branded and display our logos or other trademarks. You can always tell whether you are on one of our websites by checking the uniform record locator ("URL”) on the page that you are visiting. We encourage you to review the privacy policies of these websites as their privacy practices may differ from ours.
Children
Our websites are not intended for children and we do not intentionally solicit or collect personal information from individuals under the age of 18. If we are notified or otherwise discover that a minor’s personal information has been improperly collected, we will take all commercially reasonable steps to delete that information. In limited instances, we may have a campaign or program targeted toward children. In these instances, details on the information practices will be presented within the terms and conditions of the program or campaign.
Retaining your information in our systems
We generally only keep your information for as long as is reasonably required for the reasons explained in this privacy policy. In some cases we keep transactional records (which may include your information) for longer periods if necessary to meet legal, regulatory, tax or accounting needs. We will also retain information if we reasonably believe there is a prospect of litigation.
We maintain a data retention policy which we apply to the records we hold.
How to contact us
For any questions or concerns regarding this Privacy Statement or our data privacy practices, please contact us:
- By email: privacyoffice@ihg.com
- By post: InterContinental Hotels Group, Attn: Privacy Office, Three Ravinia Drive, Atlanta, Georgia 30346
InterContinental Hotels Group, Attn: Privacy Office, Broadwater Park, Denham, UB9 5HR, United Kingdom, - By phone: 1-770-604-8347
- By fax: 1-770-604-5275
You may also contact our Data Protection Officer by emailing privacyoffice@ihg.com.
To the extent permitted under the local law, you may also use the above contact details to request access to, correct, or (in certain circumstances) delete, any of your personal information that is held by IHG, or, where we have relied upon your consent to process your personal information, to withdraw your consent to such processing of your personal information. These requests will be reviewed and processed in line with the local law.
You also may have a right under the local law to lodge a complaint with us or with your local data protection supervisory authority at any time. However, we ask that you please try to resolve any issues with us first before referring your complaint to the supervisory authority.
Additional Information for California and EU/EEA
EU DATA SUBJECTS RIGHTS UNDER EU DATA PROTECTION LAWS
EU data subjects have legal rights under EU data protection laws in relation to your personal information. Click on the links below to learn more about each right you may have. To exercise any of your rights please use the forms available in our Privacy and Cookie Center or contact our Data Protection Officer by emailing privacyoffice@ihg.com.
- To access personal information
You can ask us to confirm whether or not we have and are using your personal information and for a copy of your information. - To correct / erase personal information
You can ask us to correct any information about you which is incorrect. We will be happy to rectify such information but would need to verify the accuracy of the information first.
You can ask us to erase your information if you think we no longer need to use it for the purpose we collected it from you. You can also ask us to erase your information if you have either withdrawn your consent to us using your information (if we originally asked for your consent to use your information), or exercised your right to object to further legitimate use of your information, or where we have used it unlawfully or where we are subject to a legal obligation to erase your personal information.
We may not always be able to comply with your request, for example where we need to keep using your information to comply with our legal obligation or where we need to use your information to establish, exercise or defend legal claims. - To restrict how we use personal information
You can ask us to restrict our use of your information in certain circumstances, for example: - where you think the information is inaccurate and we need to verify it;
- where our use of your information is not lawful but you do not want us to erase it;
- where the information is no longer required for the purposes for which it was collected but we need it to establish, exercise or defend legal claims; or
- where you have objected to our use of your personal information but we still need to verify if we have overriding grounds to use it.
We can continue to use your information following a request for restriction where we have your consent to use it; or we need to use it to establish, exercise or defend legal claims, or we need to use it to protect the rights of another individual or a company. - To object to how we use your information
You can object to any use of your information which we have justified on the basis of our legitimate interest, if you believe your fundamental rights and freedoms to data protection outweigh our legitimate interest in using the information. If you raise an objection, we may continue to use your information if we can demonstrate that we have compelling legitimate interests to use the information.
You can also require us to stop using your data for direct marketing purposes. - To ask us to transfer your information to another organization
You can ask us to provide your personal information to you in a structured, commonly used, machine-readable format, or you can ask to have it transferred directly to another data controller (e.g. another company).
You may only exercise this right where we use your information in order to perform a contract with you, or where we asked for your consent to use your information. This right does not apply to any information which we hold or process that is not held in digital form. - Right to obtain a copy of personal information safeguards used for transfers outside your jurisdiction
You can ask to obtain a copy of, or reference to, the safeguards under which your personal information is transferred outside of the European Union.
We may redact data transfer agreements to protect commercial terms.
We may ask you for proof of identity when making a request to exercise any of these rights. We do this to make sure that we only disclose information where we know we are dealing with the right individual. We will not ask for a fee, unless we think your request is unfounded, repetitive or excessive. Where a fee is necessary, we will inform you before proceeding with your request.
We aim to respond to all valid requests within one month. It may however take us longer if the request is particularly complicated or you have made several requests. We will let you know if we think a response will take longer than one month. To help us respond more quickly, we may ask you to provide more detail about what you want to receive or are concerned about.
We may not always be able to do what you have asked, for example if it would impact the duty of confidentiality we owe to others, or if we are otherwise legally entitled to deal with the request in a different way.
ADDITIONAL INFORMATION FOR CALIFORNIA CONSUMERS
Under the California Consumer Privacy Act (“CCPA”), we are required to notify California consumers about our collection, use, and disclosure of their personal information (whether collected through this website or offline). In this section of our Privacy Statement, and in accordance with the CCPA, “personal information” includes any information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household, including the categories identified in the table below to the extent they identify, relate to, describe, are capable of being associated with, or could be reasonably linked, directly or indirectly, with a particular consumer or household. CCPA Form: hotelinsd.com/ccpa
This Privacy Statement does not apply to applicants for positions with IHG.
Categories of Personal Information that We Collect, Disclose, and Sell
Below we identify the categories of personal information that we collect about California consumers and households, the purposes for which we use each category, and whether we disclose or sell information within each category. Please note our data collection practices set forth below are not different than those described above; rather, the CCPA specifies particular categories of data that we must address, and, in this section, we aim to describe some of the information already provided above in accordance with the categories as outlined by the CCPA. This section should therefore be read in conjunction with the further information provided in the rest of this Privacy Statement.
Please note that the CCPA defines the term “sale” very broadly to include any exchange of data for consideration of any kind, not simply selling your data for monetary compensation.
Identifiers and Similar Data:
Collection.
We collect:
- Identifiers: your real name, alias, postal address, unique identifier (e.g., your IHG Rewards number if you choose to enroll in the program), IP address (if you access our websites), email address or other similar identifiers.
- Signature, physical characteristics, telephone number, financial information (e.g., payment information for your reservation). We typically do not collect medical information from our guests absent an emergency situation or specific request (which typically would be information provided to us by IHG-branded hotels and not information that we collect directly from you).
- Commercial information, including products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
- Internet or other electronic network activity information, including browsing history, search history, and information regarding a consumer’s interaction with an Internet Web site, application, or advertisement.
Sources: We collect the information directly from you, from other persons/entities making a reservation on your behalf (e.g., travel agent, a member of your travel party, someone making the booking on your behalf), from IHG-branded hotels (that are independently owned and operated). In limited circumstances, we may obtain this information from carefully selected travel partners, including airlines and rental car agencies. With regard to the internet or other electronic information, we collect that information automatically as you use our Site and services.
Purposes of Collection: The primary purpose of our collection and use of this information is to fulfil your reservations and enhance and personalize your experience with us. In particular, we use your information to fulfil your reservation, manage your IHG Rewards account, direct marketing to you (in connection with your preferences), targeted and personalized advertising to you, and as otherwise required by applicable law.
Disclosure: We disclose this information for business purposes, including at your direction, to IHG-branded properties (e.g., if you make a reservation through our central reservation department, then we share that information with the applicable property so that they can fulfil your request). We also share certain of your information to our carefully selected partners, including airlines and rental car agencies, for the purpose of personalizing your stay; for example, if we know that you are arriving early in the morning, we may seek to offer you an early check-in.
Sale: We use third party targeted advertising companies that collect certain information about you through website cookies (and similar technologies designed for mobile applications). These third parties may collect information about you that they then aggregate with data collected about you through cookies placed on other websites/mobile apps. Under the CCPA, this type of sharing of information could be deemed a “sale”. We also disclose your information to carefully selected marketing partners through a central marketing/analytics company. We direct which entities may have access to your information and the scope of information to which they may access. This type of disclosure only occurs in limited markets and California consumers may opt-out at any time through our communications portal and by clicking on the Do Not Sell link on our website/in the mobile app.
Protected Classifications/Audio/Visual Data:
Collection: We do not request information about protected classifications under California law such as race, sex, age, religion, national origin, disability, citizenship information, or genetic information. Nonetheless, we may capture information related to these categories in the following circumstances, by way of example only: IHG corporate offices and certain IHG-branded hotels use closed circuit television for security purposes, and, the recordings may capture such information by virtue of the recording. We do not obtain recordings from the IHG-branded properties absent a unique situation (e.g., concern for security at a particular property). You have the option of providing your age range when you sign up for IHG rewards, but we do not require you to disclose that information. You have the option of requesting an accessible room.
Sources: We collect the information directly from you, from other persons/entities making a reservation on your behalf (e.g., travel agent, a member of your travel party, someone making the booking on your behalf), from IHG-branded hotels (that are independently owned and operated). In limited circumstances, we may obtain this information from carefully selected travel partners, including airlines and rental car agencies.
Purposes of Collection: The primary purpose of our collection and use of this information is to enhance and personalize your stay with us, in particular, to provide you with the specific room type requested. We may use video surveillance for security purposes and to protect their rights and interests as well as the rights and interests of other guests.
Disclosure: We disclose any information about special requests for business purposes, including at your direction, to IHG-branded properties (e.g., if you make a reservation through our central reservation department, then we share that information with the applicable property so that they can fulfil your request). If we obtain CCTV footage, we do not disclose such data except as necessary to protect our rights and interests and the rights and interests of other persons.
Sale: We do not sell this information.
Biometric and Geolocation Information:
Information Collected: In an effort to enhance your stay with us and to provide for a faster and easier check-in process, we may offer certain services on property such as check-in and/or room entry through the use of biometric identifiers at a limited number of IHG-branded properties. Any interested guest must affirmatively opt-into the program; Where IHG is providing these services we will provide information about the specific biometrics collected through the program and the use and disclosure of those identifiers so that you can choose whether you would like to participate in any particular program. With your consent, we collect your geolocation information through our mobile application and our website or through certain services we offer on property such as IHG Connect (WiFi). We use this information for analytics purposes (e.g., to determine the general area where our guests may access our services from), to personalize your experience (e.g., suggest hotels of interest), and, in certain limited markets, to provide special offers based on your location.
Sources: We collect biometric information and geolocation information directly from you and automatically as you use devices designed to collect biometric information or, in the case of geolocation information, your own device.
Purposes of Collection: The primary purpose of our collection and use of this information is to enhance and personalize your stay with us. In particular, we use your information to create a faster check-in and/or room entry experience. With regard to geolocation information, we also seek to offer you relevant offers based on your location, where permitted.
Disclosure: Where this service is offered, we may disclose your biometric information to service providers that assist us in validating your identity. We may make available your biometric identifier to the IHG-branded property where you are staying for the purposes of that particular stay.
Sale: We do not sell your biometric information.
Inferences
We may draw (or use service providers to draw) inferences from any of the information identified above to create or enhance a profile about a consumer reflecting the consumer’s preferences and tendencies (e.g., what types of properties the consumer prefers, how frequently the consumer travels, etc.). We may purchase aggregated and deidentified data and append such data to your profile (e.g., based on your age range) to assist us in determining relevant marketing opportunities.
Sources: We draw inferences based on the data collection described in this Notice.
Purposes of Collection: We use inferences to enhance your overall experience with IHG. For example, we may use inferences to identify and to offer relevant marketing opportunities.
CALIFORNIA CONSUMER RIGHTS
California law grants consumers certain rights and imposes restrictions on particular business practices as set forth below. California consumers have the right to request that we disclose what personal information we collect, use, disclose, and sell about you.
Do-Not-Sell. California consumers have the right to opt-out of our sale of their personal information. We do not knowingly collect personal information about consumers that are younger than 18 years nor do we sell personal information about consumers that we know are younger than 18 years old. To exercise your opt-out rights, please visit our Do-Not-Sell page. You may also submit a do-not-sell request by clicking on the link in the footer of this website, or by contacting the Privacy Office. If you use an authorized agent to submit a do-not-sell request, we will ask your agent to provide information to demonstrate the agent has your authorized consent to submit a request. Proof of authorization via a sworn statement under oath, should be submitted to PrivacyOffice@ihg.com. For alternative methods of proving authority to submit a request, please contact the Privacy Office. We may also ask you to provide information to verify your identity directly with us.
Requests for Copy, Deletion and Right to Know. Subject to certain exceptions, California consumers have the right to make the following requests, at no charge, up to twice every 12 months. Please see Submitting Requests for instructions about how to exercise your rights:
Deletion: the right to request deletion of their personal information that we have collected about you, subject to certain exemptions.
Copy: the right to request a copy of the specific pieces of personal information that we have collected about them in the prior 12 months.
Right to Know (Collection): where we have collected their personal information, the right to request that we disclose certain information about how we have handled their personal information in the prior 12 months, including: the categories of personal information collected; categories of sources of personal information; business and/or commercial purposes for collecting and selling their personal information; and the categories of third parties/with whom we have disclosed or shared their personal information.
Right to Know (Disclosure and Sale): where we have sold or disclosed for a business purpose their personal information, the right to request that we disclose certain information about how we have handled their personal information in the prior 12 months, including: the categories of personal information collected; categories of third parties to whom the consumer’s personal information has been sold and the specific categories of personal information sold to each category of third party; categories of third parties to whom personal information has been disclosed; and the categories personal information that we have disclosed or shared with a third party for a business purpose.
Submitting Requests. From January 1, 2020 California consumers can make these requests by using the contact details provided in the “How to contact us section” above, submitting a request through the online form available on our website at https://www.hotelinsd.com/ccpa or by contacting us at 1 877 424 2449 (toll free). We will respond to your Copy, Delete and Right to Know requests within 45 days, unless additional time is needed, in which case we will let you know.
When you submit your request, we will take steps to attempt to verify your identity. We will seek to match the information in your request to the personal information we maintain about you. As part of our verification process, we may ask you to submit additional information, use identity verification services to assist us, or if you are an IHG® Rewards Club member, we may ask you to sign in to your account as part of our identity verification process. Please understand that, depending on the type of request you submit, to protect the privacy and security of your personal information, we will only complete your request where we are satisfied that we have verified your identity to a reasonable degree of certainty.
Authorized Agents. The CCPA allows California consumers to designate an authorized agent to exercise their rights under CCPA. If you use an authorized agent to submit a request, we will ask your agent to provide information to demonstrate the agent has your authorized consent to submit a request. Proof of authorization via a sworn statement under oath, should be submitted to PrivacyOffice@ihg.com. For alternative methods of proving an agent’s authority to submit a request, please contact the Privacy Office. We may also ask you to provide information to verify your identity directly with us.
Incentives and Discrimination.The CCPA prohibits discrimination against California consumers for exercising their rights under the CCPA and imposes requirements on any financial incentives offered to California consumers related to their personal information.
Discrimination: if consumers exercise their rights under CCPA, businesses may not discriminate against them including by denying or providing a different level or quality of goods or services or charging or suggesting that a business will charge different prices or rates or impose penalties, unless doing so is reasonably related to the value provided to the consumer by the consumer’s data.
Disclosure of Incentives: if businesses offer any financial incentives for the collection, sale or deletion of their personal information, consumers have the rights to be notified of any financial incentives offers and their material terms, as well as to not be opted into such offers without prior informed opt-in consent and to be able to opt-out of such offers at any time. Businesses may not offer unjust, unreasonable, coercive or usurious financial incentives. We currently do not offer incentives.
Your California Privacy Rights under California’s Shine-the-Light Law
Under California’s “Shine the Light” law (Cal. Civ. Code § 1798.83), California residents who provide us certain personal information are entitled to request and obtain from us, free of charge, information about the personal information (if any) we have shared with third parties for their own direct marketing use. Such requests may be made once per calendar year for information about any relevant third party sharing in the prior calendar year. If you are a California resident and would like to make such a request, please submit your request in writing to PrivacyOffice@IHG.com. In your request, please attest to the fact that you are a California resident and provide a current California address.
Contact Us
If you have questions about our privacy practices or would like to make a complaint, please contact us at PrivacyOffice@ihg.com.
This California privacy notice is effective from January 1, 2020 and was last updated on December 30, 2019.
Changes to this Privacy Statement
In some instances, we may have to change, modify or amend this Privacy Statement in order to comply with the evolving regulatory environment or the needs of our business. Subject to any applicable legal requirements to provide additional notice, any changes to this Privacy Statement will be communicated through our websites and mobile applications. However, if there will be changes made to the use of your personal information in a manner different from that stated at the time of collection we will take appropriate steps to notify you, such as by posting a notice on our website for 30 days prior to the changes taking effect or by emailing you. We will obtain your consent to such changes where required to do so by applicable law.
California Consumer Privacy Act