The privacy and security of your information is very important to us. Whether you are visiting our website, using our app, booking a room, or are a member of one of our loyalty programs, we want you to trust the way that we manage your information and to keep you informed about how we use that information.
We have prepared this Privacy Statement to explain more about who we are, how we collect and manage your information (whether through our website, mobile apps and other IHG® Hotels & Resorts-branded digital channels (e.g., our branded IHG Connect WiFi), our social media pages, or offline) and the choices you have about how we use your information. Specific additional rights may apply if required by applicable law. For example, please view our additional disclosures directed to residents of the United States and California and the UK and European Economic Area (EEA) and Nevada and the People’s Republic of China (Excluding for The purposes of this statement Hong Kong Sar, Macau Sar and Taiwan) (“PRC”) and Brazil in this Privacy Statement.
This Privacy Statement is issued by the InterContinental Hotels Group of Companies (collectively referred to as "IHG”, “IHG® Hotels & Resorts”, "we”, "us” or "our” in this Privacy Statement), which includes the direct and indirect subsidiaries of InterContinental Hotels Group PLC and covers information that we collect and use in the course of our business. When we mention "IHG", “IHG® Hotels & Resorts”, "we", "us", or "our", we are referring to the relevant company in the InterContinental Hotels Group that processes your personal information. Your information may also be collected and used by IHG® Hotels & Resorts-branded hotels. In most cases, these hotels are independently owned, and their use of your information is covered by their own privacy notices, not this one. If you would like to learn more about IHG and our relationship with our IHG® Hotels & Resorts-branded hotels, click below.
We collect personal information directly from you, about you from other persons/entities/online channels, and automatically as you use our website, mobile application or other IHG-branded digital channels, and through certain offerings or services available at IHG-branded properties (such as IHG Connect WI-FI). We provide more detail in the sections below. In particular, we collect and use information about you if you (or someone on your behalf) makes a reservation to stay at an IHG-branded hotel or property offered through IHG reservations, participate in one of our loyalty programs such as IHG® One Rewards, or interact with us through our corporate site, mobile app or other IHG-branded digital channels. You do not have to provide us with your personal information in order to use our website or mobile app; in some cases, however, we may not be able to provide services to you without your personal information (for example, we would not be able to complete a requested booking or enroll you in our rewards program). To learn more about how we collect, use and disclose your information, and how you can opt out, please click the relevant section below.
We are committed to collecting and using your information in accordance with applicable data protection laws.
We collect, use and disclose your information where we have an appropriate legal basis to do this.
This may be because:
If you would like to find out more about the legal basis for which we process personal information please contact us (details found in the How to contact us section). If you have provided your consent to our processing of your information you can withdraw this consent at any time by contacting the IHG Privacy Office (details found in the How to contact us section).
As we operate via a global network of corporate offices, reservation and service centers, data centers and hotels, it may be necessary to transfer your information, for example, information collected in connection with making a reservation or stay at an IHG-branded hotel, joining one of our loyalty programs or interacting with us through our corporate site, websites, emails or our other digital channels to a country outside of the country where it was originally collected or outside of your country of residence or nationality. The information that you provide us during the course of a reservation or through the provision of any other services may be transferred to any of our IHG-owned or affiliated entities and hotels around the world for the purposes of carrying out or facilitating these services. It will also be necessary to transfer this information to other entities, including, without limitation, our IHG-branded hotels, partners and our service providers.
Where we transfer information which originates in the European Union ("EU") or the United Kingdom (“UK”) or in Brazil to a country outside of the EU or UK or Brazil, we will take steps to make sure such transfer is carefully managed to protect your privacy rights:
When we otherwise transfer personal information between jurisdictions, we will take such steps as required by local law in an effort to ensure that such transfer is managed to protect your privacy rights.
We and our service providers use cookies, pixels, web beacons, tracking tools and other similar technologies on our websites, mobile applications and in other areas of our business to collect information and provide you with the services that you have requested or participate in and to provide targeted advertising. Subject to local consent requirements, we may use this and other information we collect, such as a hashed email address, to help us and our service providers identify other devices that you use (e.g., a mobile phone, tablet, other computer, etc.). If you are using our mobile applications and have consented to sharing your location information with us, this information might be collected through GPS to enable us to provide certain personalized services to you such as recommendation of hotels nearby, customized offers and promotions. Your location preferences can be set or modified at the device level or through modifying your settings with the relevant social media platform. This information also includes personally identifiable information that you provide when you join one of our loyalty programs to enable us to verify your membership. We, and our service providers, also may use the cross-device tracking and other information we learn about you to serve targeted advertising on your devices. We also use the information that we collect to improve our products and services as well as your experience when visiting our websites and using our mobile applications. If you are using these third-party functions, you are also protected by the privacy policies of these third parties. For more information on these subjects, please click the relevant section below.
What is a cookie: A “cookie” is a small text file that is placed onto an Internet user’s web browser or device and is used to remember as well as obtain information about that party. You might be assigned a cookie when visiting our websites or when using our mobile applications or other digital channels. In some instances, where permitted under the applicable law, cookies may also be used for the purposes of certain email campaigns.
What types of cookies we use and how we use them: We use three primary types of cookies, which include:
To learn more about cookies and how they are used, please visit: http://www.allaboutcookies.org/.
Cookies: As described above, we use a number of service providers to help us manage, carry out and improve our advertising. These parties set cookies at our direction to help us collect information and provide you with advertisements that we believe would be relevant for you. In some instances, these parties may also assist us by providing certain statistical and analytics information in relation to our marketing practices. We also may disclose information collected through cookies (and other tracking technologies) with third parties to use for their own analytics and marketing purposes. These third parties may serve targeted advertising to you about IHG and non-IHG branded hotels. The scope of information shared may include information collected through cookies, such as your IP address/device ID, and information about the search that you performed on our website (e.g., you were looking for a hotel in New York City), but would not include your name or IHG® One Rewards information.
Managing cookies and opting out: You can change your cookie preferences in our Cookie preferences tool, which is also available from the Privacy and Cookies Center. You can choose to visit our web sites without cookies, but in some cases certain services, features and functionality may not be available. To visit without cookies, you can configure your browser to reject all cookies or notify you when a cookie is set. Each browser is different, so check the "Help" menu of your browser to learn how to change your cookie preferences. To manage Flash cookies, please see Flash Player Help.
In relation to cookies placed by our service providers, we participate in the Self-Regulatory Program for Online Behavioral Advertising managed by the Digital Advertising Alliance (“DAA”). As part of this commitment, IHG has agreed to comply with the standards and guidelines promulgated by the DAA. For more information regarding targeted advertisements and/or to opt out of automatic collection for these purposes, please visit http://www.aboutads.info/choices/ or http://www.networkadvertising.org/managing/opt_out.asp. Within the EU, UK and Canada the local DAA organizations operate a similar "ad choices" scheme: see http://www.youronlinechoices.com (UK/Europe) and http://youradchoices.ca/ (Canada). If you opt-out of these targeted advertising cookies, your opt-out will be specific to the web browser or mobile device from which you accessed the opt-out. If you use multiple devices or browsers, you will need to opt out each browser or device that you use.
Other technologies: Other technologies such as pixels and web beacons may also be used on our websites, mobile applications, in email messages and in other areas of our business. These technologies are used to improve our products and services as well as our marketing efforts. We use pixels in our emails to help us determine the success of our advertising campaigns, such as to give us insight into whether you opened, deleted, or forwarded an email, or clicked on a link contained in the email.
Targeted advertising: We and our service providers may serve targeted advertisements through the use of first-party or third-party cookies, pixels and web beacons when you visit our website, use our mobile applications, or visit websites owned by other entities. In some instances, these cookies may be persistent cookies. As described in the Using our websites, mobile applications and other technology section above, we and our service providers may also use cookie and other information to try to identify other devices and web browsers that you may use so we and our service providers may serve targeted advertisements to those devices. We do this to provide you with advertising that we believe may be relevant for you as well as improve our own products and services, including the functionality and performance of our websites and mobile applications. To learn more about opting out of certain types of targeted advertising, please see the Managing cookies and opting out section above.
Do-Not-Track: Currently, our systems do not recognize browser “do-not-track” signals. You may, however, disable certain tracking as discussed in this section (e.g., by disabling cookies); you also may opt-out of targeted advertising by following the instructions at the DAA and the Network Advertising Initiative websites.
When you use the IHG Connect WI-FI service (IHG Connect), we may collect and process certain additional information.
We use personal information only for the purposes described in this Privacy Statement, except if otherwise disclosed to you at the time the data is collected or otherwise authorized by law or by you. We use the personal information that we collect through IHG Connect:
Our goal is to create a personalized and customized experience for you when you stay at an IHG-branded property. In order to determine appropriate advertising and to customize your experience, as described in the section above in relation to cookies, we have relationships with companies such as Google and Facebook which enable us to serve targeted advertising. In addition to the activities described under the heading Targeted Advertising above, we also match Facebook and Google users across sites and devices which enables us to better understand your interests. We use this information to enable us to tailor our marketing communications to you so we can make sure we tell you about things which are most likely to be of interest to you. You have options about how we disclose your information; please log into the preference center at any time to view and exercise your choices. In addition, certain U.S. state residents may have the option of clicking on the Do Not Sell or Share My Personal Information link, which would eliminate the disclosure that might constitute a "sale"/"share" under applicable law.
We are committed to protecting the confidentiality and security of the information that you provide to us. To do this, technical, physical and organizational security measures are put in place to protect against any unauthorized access, disclosure, damage or loss of your information. The collection, transmission and storage of information can never be guaranteed to be completely secure, however, we take steps to ensure that appropriate security safeguards are in place to protect your information.
We want to ensure that you have the necessary tools at your disposal to control the information that you provide to us, including how we communicate with you. It is also important that you contact us to update your information if any of it is inaccurate or changes. Please click the relevant section below to learn more about how to control how we communicate with you and how to update, modify and delete your information. EU and UK Data Subjects, please see also the EU and UK-specific section. U.S. residents, please see also the U.S.-specific section. Californians, please see also the CA-specific section. Data Subjects located in Brazil, please see also the Brazil-specific section. Data Subjects located in PRC, please see also the PRC-specific section.
Our websites and applications contain links to websites that are maintained and/or controlled by non-affiliated parties. In some instances these websites may be co-branded and display our logos or other trademarks. You can always tell whether you are on one of our websites by checking the uniform record locator ("URL”) on the page that you are visiting. We encourage you to review the privacy policies of these websites as their privacy practices may differ from ours.
Our websites are not intended for children and we do not intentionally solicit or collect personal information from individuals under the age of 18. If we are notified or otherwise discover that a minor’s personal information has been improperly collected, we will take all commercially reasonable steps to delete that information. In limited instances, we may have a campaign or program targeted toward children. In these instances, details on the information practices will be presented within the terms and conditions of the program or campaign.
We generally only keep your information for as long as is reasonably required for the purposes explained in this privacy policy. In some cases we keep transactional records (which may include your information) for longer periods if necessary to meet legal, regulatory, tax or accounting needs. We will also retain information if we reasonably believe there is a prospect of litigation.
We maintain a data retention policy which we apply to the records we hold.
For any questions or concerns regarding this Privacy Statement or our data privacy practices, please contact us:
InterContinental Hotels Group
Attn: Privacy Office
Windsor Dials 1
Arthur Road
Windsor
Berkshire, SL4 1RS, United Kingdom
GDPR main establishment in the EU:
InterContinental Hotels Group
Attn: Privacy Office
Thurn-und-Taxis-Platz 6
60313 Frankfurt am Main
Germany
You may also contact our Data Protection Officer by emailing [email protected].
To the extent permitted under the local law, you may also use the above contact details to request access to, correct, or (in certain circumstances) delete, any of your personal information that is held by IHG, or, where we have relied upon your consent to process your personal information, to withdraw your consent to such processing of your personal information. These requests will be reviewed and processed in line with the local law.
You also may have a right under the local law to lodge a complaint with us or with your local data protection supervisory authority at any time. However, we ask that you please try to resolve any issues with us first before referring your complaint to the supervisory authority.
In the EU, IHG’s GDPR lead supervisory authority is the Hessen supervisory authority that can be contacted at:
Der Hessische Beauftragte für Datenschutz und Informationsfreiheit (The Commissioner for Data Protection and Freedom of Information of Hesse)
Gustav-Stresemann-Ring 1
65189 Wiesbaden
Germany
EU and UK data subjects have legal rights under EU and UK data protection laws in relation to your personal information. Click on the links below to learn more about each right you may have. To exercise any of your rights please use the forms available in our Privacy and Cookie Center or contact our Data Protection Officer by emailing [email protected].
We may ask you for proof of identity when making a request to exercise any of these rights. We do this to make sure that we only disclose information where we know we are dealing with the right individual. We will not ask for a fee, unless we think your request is unfounded, repetitive or excessive. Where a fee is necessary, we will inform you before proceeding with your request.
We aim to respond to all valid requests within one month. It may however take us longer if the request is particularly complicated or you have made several requests. We will let you know if we think a response will take longer than one month. To help us respond more quickly, we may ask you to provide more detail about what you want to receive or are concerned about.
We may not always be able to do what you have asked, for example if it would impact the duty of confidentiality we owe to others, or if we are otherwise legally entitled to deal with the request in a different way.
Certain U.S. states including Virginia grant consumers certain rights and impose restrictions on particular business practices. This section should be read in conjunction with the information provided in the rest of this Privacy Statement, and the rights under this section will apply to you to the extent the law permits and as and when these laws go into effect.
How We Use and Disclose Information We Collect About You
The categories of personal information we collect about U.S. consumers can be found in the Information we collect and how we use and disclose it section. Please note our data collection practices set forth below are not different than those described above; rather, applicable U.S. law specifies that we must address how these categories are processed in further detail. This section should therefore be read in conjunction with the further information provided in the rest of this Privacy Statement.
Please note that the definition of sale differs across states. Given this, when we use the term “sale,” we mean “the exchange of personal data for monetary consideration” in Virginia.
Under certain state laws, the manner in which we use cookies may constitute a “sale.” You may have the right to opt-out of the sale of personal information depending on how your state defines “sale.”
Consumer Rights
Do Not Sell or Share My Personal Information. Consumers in Virginia have the right to opt-out of our sale of their personal information. We do not knowingly collect personal information about consumers that are younger than 18 years nor do we have actual knowledge that we sell personal information about consumers that we know are younger than 18 years old.
To exercise your opt-out rights, please visit our Do Not Sell or Share My Personal Information page. You may also submit a do not sell or share request by clicking on the link in the footer of this website, or by contacting the Privacy Office. If you use an authorized agent to submit a do not sell or share request, we will ask your agent to provide information to demonstrate the agent has your authorized consent to submit a request. Proof of authorization evidenced by your signed permission should be submitted to [email protected]. We may also ask you to provide information to verify your identity directly with us.
Requests for Copy, Deletion and Right to Know. Subject to certain exceptions, consumers in certain US states including Virginia have the right to make the following requests, at no charge.
Deletion: the right to request deletion of their personal information that we have collected about you, subject to certain exemptions. To submit a request to delete, please fill out the form here.
Copy: the right to request a copy of the specific pieces of personal information that we have collected about them. To submit a request for a copy of the specific pieces of personal information we have collected about you, please fill out the form here.
Right to Know (Collection): where we have collected their personal information, the right to request that we disclose certain information about how we have handled their personal information, including: the categories of personal information collected; categories of sources of personal information; business and/or commercial purposes for collecting and selling their personal information; and the categories of third parties/with whom we have disclosed or shared their personal information. To submit a request to know (collection), please fill out the form here.
Right to Know (Disclosure and Sale): where we have sold or disclosed for a business purpose their personal information, the right to request that we disclose certain information about how we have handled their personal information, including: the categories of personal information collected; categories of third parties to whom the consumer’s personal information has been sold and the specific categories of personal information sold to each category of third party; categories of third parties to whom personal information has been disclosed; and the categories personal information that we have disclosed or shared with a third party for a business purpose. To submit a request to know (disclosure and sale), please fill out the form here.
Right to Correct: Residents of Virginia may request that we correct inaccurate personal information that we maintain about you. Upon receipt of a verifiable request to correct inaccurate personal information, we will take into account the nature of the personal information and the purposes for which we process it. We may require documentation from you in order to process your request where we have reliable documentation showing the accuracy of the information. To submit a request to correct, please contact the Privacy Office.
Submitting Requests. You can exercise your rights by visiting our Privacy and Cookie Center or by contacting us at 1 877 424 2449 (toll free). We will respond to your requests within 45 days, unless additional time is needed, in which case we will let you know.
When you submit your request, we will take steps to attempt to verify your identity. We will seek to match the information in your request to the personal information we maintain about you. As part of our verification process, we may ask you to submit additional information. Please understand that, depending on the type of request you submit, to protect the privacy and security of your personal information, we will only complete your request where we are satisfied that we have verified your identity to a reasonable degree of certainty.
Authorized Agents. Consumers may designate an authorized agent to exercise their rights as applicable. If you use an authorized agent to submit a request, we will ask your agent to provide information to demonstrate the agent has your authorized consent to submit a request. Proof of authorization evidenced by your signed permission should be submitted to [email protected]. We may also ask you to provide information to verify your identity directly with us.
Appeal. If you are a Virginia resident, and you would like to submit an appeal about our decision to your request regarding your personal information, you may contact us at [email protected]. We respond to all appeal requests as soon as we reasonably can and no later than legally required.
Under the California Consumer Privacy Act (“CCPA”), we are required to notify California consumers about our collection, use, disclosure, and retention of their personal information (whether collected through this website or offline). To view our retention policy, please see the Retaining your information in our systems section. In this section of our Privacy Statement, and in accordance with the CCPA, “personal information” includes any information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household, including the categories identified in the table below to the extent they identify, relate to, describe, are capable of being associated with, or could be reasonably linked, directly or indirectly, with a particular consumer or household.
This Privacy Statement applies as laws permit, or as these rights apply to you.
Categories of Personal Information that We Collect, Disclose, and Sell
Below we identify the categories of personal information that we collect about California consumers and households, the purposes for which we use each category, and whether we disclose or sell information within each category. Please note our data collection practices set forth below are not different than those described above; rather, the CCPA specifies particular categories of data that we must address, and, in this section, we aim to describe some of the information already provided above in accordance with the categories as outlined by the CCPA. This section should therefore be read in conjunction with the further information provided in the rest of this Privacy Statement.
Please note that the CCPA defines the term “sale” very broadly to include any exchange of data for consideration of any kind, not simply selling your data for monetary compensation.
Identifiers and Similar Data:
Collection. We collect:
Sources: We collect the information directly from you, from other persons/entities making a reservation on your behalf (e.g., travel agent, a member of your travel party, someone making the booking on your behalf), from IHG-branded hotels (that are independently owned and operated). In limited circumstances, we may obtain this information from carefully selected travel partners, including airlines and rental car agencies. With regard to internet or other electronic information, we collect that information automatically as you use our Site and services.
Purposes of Collection: The primary purpose of our collection and use of this information is to fulfil your reservations and enhance and personalize your experience with us. In particular, we use your information to fulfil your reservation, manage your IHG® One Rewards account, direct marketing to you (in connection with your preferences), targeted and personalized advertising to you, and as otherwise required by applicable law.
Disclosure: We disclose this information for business purposes, including at your direction, to IHG-branded properties (e.g., if you make a reservation through our central reservation department, then we disclose that information with the applicable property so that they can fulfil your request). We also disclose certain of your information to our carefully selected partners, including airlines and rental car agencies, for the purpose of personalizing your stay; for example, if we know that you are arriving early in the morning, we may seek to offer you an early check-in. If you use our WiFi services at IHG-branded properties, we disclose certain unique identifiers like your device’s MAC address with our internet service providers to provide WiFi to you.
Sale and/or share: We use third party targeted advertising companies that collect certain information about you through website cookies (and similar technologies designed for mobile applications). These third parties may collect information about you that they then aggregate with data collected about you through cookies placed on other websites/mobile apps. Under the CCPA, this type of sharing of information could be deemed a “sale”. We also disclose your information to carefully selected marketing partners, advertising technology vendors and social media platforms through a central marketing/analytics company. We direct which entities may have access to your information and the scope of information to which they may access. This type of disclosure only occurs in limited markets and California consumers may opt-out at any time through our communications portal and by clicking on the Do Not Sell or Share My Personal Information link on our website/in the mobile app.
Protected Classifications/Audio/Visual Data:
Collection: We do not request information about protected classifications under California law such as race, sex, age, religion, national origin, disability, citizenship information, or genetic information. Nonetheless, we may capture information related to these categories in the following circumstances, by way of example only: IHG corporate offices and certain IHG-branded hotels use closed circuit television for security purposes, and, the recordings may capture such information by virtue of the recording. We do not obtain recordings from the IHG-branded properties absent a unique situation (e.g., concern for security at a particular property). You have the option of providing your age range when you sign up for IHG® One Rewards, but we do not require you to disclose that information. You have the option of requesting an accessible room.
Sources: We collect the information directly from you, from other persons/entities making a reservation on your behalf (e.g., travel agent, a member of your travel party, someone making the booking on your behalf), from IHG-branded hotels (that are independently owned and operated). In limited circumstances, we may obtain this information from carefully selected travel partners, including airlines and rental car agencies.
Purposes of Collection: The primary purpose of our collection and use of this information is to enhance and personalize your stay with us, in particular, to provide you with the specific room type requested. We may use video surveillance for security purposes and to protect their rights and interests as well as the rights and interests of other guests.
Disclosure: We disclose any information about special requests for business purposes, including at your direction, to IHG-branded properties (e.g., if you make a reservation through our central reservation department, then we disclose that information with the applicable property so that they can fulfil your request). If we obtain CCTV footage, we do not disclose such data except as necessary to protect our rights and interests and the rights and interests of other persons.
Sale and/or Share: We do not sell this information.
Biometric and Geolocation Information:
Information Collected: In an effort to enhance your stay with us and to provide for a faster and easier check-in process, we may offer certain services on property such as check-in and/or room entry through the use of biometric identifiers at a limited number of IHG-branded properties. Any interested guest must affirmatively opt-into the program; Where IHG is providing these services we will provide information about the specific biometrics collected through the program and the use and disclosure of those identifiers so that you can choose whether you would like to participate in any particular program. With your consent, we collect your geolocation information through our mobile application and our website or from internet service providers through certain services we offer on property such as IHG Connect (WiFi). We use this information for analytics purposes (e.g., to determine the general area where our guests may access our services from), to personalize your experience (e.g., suggest hotels of interest), and, in certain limited markets, to provide special offers based on your location.
Sources: We collect biometric information and geolocation information directly from you and automatically as you use devices designed to collect biometric information or, in the case of geolocation information, your own device.
Purposes of Collection: The primary purpose of our collection and use of this information is to enhance and personalize your stay with us. In particular, we use your information to create a faster check-in and/or room entry experience. With regard to geolocation information, we also seek to offer you relevant offers based on your location, where permitted.
Disclosure: Where this service is offered, we may disclose your biometric information to service providers that assist us in validating your identity. We may make available your biometric identifier to the IHG-branded property where you are staying for the purposes of that particular stay.
Sale and/or Share: We do not sell your biometric information.
Inferences
We may draw (or use service providers to draw) inferences from any of the information identified above to create or enhance a profile about a consumer reflecting the consumer’s preferences and tendencies (e.g., what types of properties the consumer prefers, how frequently the consumer travels, etc.). We may purchase aggregated and deidentified data and append such data to your profile (e.g., based on your age range) to assist us in determining relevant marketing opportunities.
Sources: We draw inferences based on the data collection described in this Notice, and from information received from data brokers.
Purposes of Collection: We use inferences to enhance your overall experience with IHG. For example, we may use inferences to identify and to offer relevant marketing opportunities.
Disclosure: We may disclose your information to carefully selected marketing partners, advertising technology vendors and social media platforms to provide relevant offers to you.
Sale and/or Share: We may “share” your personal information with data brokers to better provide personalized service to you, as defined by the CCPA. We direct which entities may have access to your information and the scope of information to which they may access. This type of disclosure only occurs in limited markets and California consumers may opt-out at any time through our communications portal and by clicking on the Do Not Sell or Share My Personal Information link on our website/in the mobile app.
California law grants consumers certain rights and imposes restrictions on particular business practices as set forth below. California consumers have the right to request that we disclose what personal information we collect, use, disclose, and sell about you.
Do Not Sell or Share My Personal Information. California consumers have the right to opt-out of our sale of their personal information. We do not knowingly collect personal information about consumers that are younger than 18 years nor do we have actual knowledge that we sell personal information about consumers that we know are younger than 18 years old. To exercise your opt-out rights, please visit our Do Not Sell or Share My Personal Information page. You may also submit a Do Not Sell or Share My Personal Information request by clicking on the link in the footer of this website, or by contacting the Privacy Office. If you use an authorized agent to submit a do not sell or share request, we will ask your agent to provide information to demonstrate the agent has your authorized consent to submit a request. Proof of authorization evidenced by your signed permission should be submitted to [email protected]. We may also ask you to provide information to verify your identity directly with us.
You may also opt out of the “sale” or “sharing” of your Personal Data via “online tracking technologies,” such as pixels, web beacons, software developer kits, third party libraries, and cookies through an opt-out preference signal. To opt-out in this way, please download and use a browser supporting the Global Privacy Control (GPC) browser signal. If you choose to use the GPC signal, you will need to turn it on for each supported browser or browser extension you use.
IHG does not use your sensitive personal information to infer characteristics about you.
Requests for Copy, Deletion and Right to Know. Subject to certain exceptions, California consumers have the right to make the following requests, at no charge, up to twice every 12 months. Please see Submitting Requests for instructions about how to exercise your rights:
Deletion: the right to request deletion of their personal information that we have collected about you, subject to certain exemptions. To submit a request to delete, please fill out the form here.
Copy: the right to request a copy of the specific pieces of personal information that we have collected about them in the prior 12 months. To submit a request for a copy of the specific pieces of personal information we have collected about you, please fill out the form here.
Right to Know (Collection): where we have collected their personal information, the right to request that we disclose certain information about how we have handled their personal information in the prior 12 months, including: the categories of personal information collected; categories of sources of personal information; business and/or commercial purposes for collecting and selling their personal information; and the categories of third parties/with whom we have disclosed or shared their personal information. To submit a request to know (collection), please fill out the form here.
Right to Know (Disclosure and Sale): where we have sold or disclosed for a business purpose their personal information, the right to request that we disclose certain information about how we have handled their personal information in the prior 12 months, including: the categories of personal information collected; categories of third parties to whom the consumer’s personal information has been sold and the specific categories of personal information sold to each category of third party; categories of third parties to whom personal information has been disclosed; and the categories personal information that we have disclosed or shared with a third party for a business purpose. To submit a request to know (collection), please fill out the form here.
Right to Correct: California consumers have the right to request that we correct inaccurate personal information that we maintain about you. Upon receipt of a verifiable request to correct inaccurate personal information, we will take into account the nature of the personal information and the purposes for which we process it. We may require documentation from you in order to process your request where we have reliable documentation showing the accuracy of the information. To submit a request to correct, please contact the Privacy Office.
Submitting Requests. You can exercise your rights by visiting our Privacy and Cookie Center, by contacting us at 1 877 424 2449 (toll free). We will respond to your Copy, Delete, Right to Know, and Correct requests within 45 days, unless additional time is needed, in which case we will let you know.
When you submit your request, we will take steps to attempt to verify your identity. We will seek to match the information in your request to the personal information we maintain about you. As part of our verification process, we may ask you to submit additional information, use identity verification services to assist us, or if you are an IHG® One Rewards member, we may ask you to sign in to your account as part of our identity verification process. Please understand that, depending on the type of request you submit, to protect the privacy and security of your personal information, we will only complete your request where we are satisfied that we have verified your identity to a reasonable degree of certainty.
Authorized Agents. The CCPA allows California consumers to designate an authorized agent to exercise their rights under CCPA. If you use an authorized agent to submit a request, we will ask your agent to provide information to demonstrate the agent has your authorized consent to submit a request. Proof of authorization evidenced by your signed permission should be submitted to [email protected]. We may also ask you to provide information to verify your identity directly with us.
Incentives and Discrimination. The CCPA prohibits discrimination against California consumers for exercising their rights under the CCPA and imposes requirements on any financial incentives offered to California consumers related to their personal information.
Discrimination: if consumers exercise their rights under CCPA, businesses may not discriminate against them including by denying or providing a different level or quality of goods or services or charging or suggesting that a business will charge different prices or rates or impose penalties, unless doing so is reasonably related to the value provided to the consumer by the consumer’s data.
The IHG® One Rewards program (“Program”), which includes InterContinental® Ambassador and IHG® Business Rewards, is a loyalty program offered by Six Continents Hotels, Inc. and its subsidiaries and affiliates, all of which are referred to herein as IHG.
IHG® One Rewards program. IHG offers guests the opportunity to participate in the Program which may provide benefits, including free internet, as well as the opportunity to earn points that can be redeemed for discounted or free stays or other items, as described in the IHG® One Rewards member benefit chart to those who choose to join. These benefits may be considered to be financial incentives under the CCPA and are described along with other material terms and conditions here.
Information we collect. To join the Program, IHG collects at a minimum, your first name, last name, address, email address, country/region, city, and zip code.
IHG may also collect the following additional information from you during the course of your membership in the Program.
How we use the information. We use your information to operate and provide services in connection with our Program in accordance with our IHG® One Rewards Membership Terms and Conditions. We also use your information to improve our products and services. Where permitted by applicable law, or where we have your consent, we also may disclose your information with other parties, including our loyalty partners and others, to extend special offers about their own products and services to you.
This may include:
Who we disclose your information with: During the course of your participation in our loyalty programs, we disclose your information as follows:
We may also disclose your information in other circumstances, as fully described under “If you join one of our loyalty programs” in our Privacy Statement.
Our members can opt-out of sharing their personal information with our partners for offers and rewards through Communication Preferences in their accounts. Our California members can also opt-out of the sale of their personal information by using our Do Not Sell or Share My Personal Information link. If you opt-out, we will no longer disclose your information with our loyalty partners where such sharing could be construed as a “sale” under the CCPA.
Opt-in to IHG® One Rewards program. You may opt-in to our Program online, through the IHG website or mobile app, or when you book a reservation. You may also be offered to join the Program at the time of check-in.
Value of Consumer’s Data. Solely for the purposes of the CCPA and pursuant to the valuation methods listed in the CCPA regulations, a good faith estimate of the value of our consumers’ (members’) data (personal information) to IHG is US $0.36. This estimate is calculated by dividing the annual value of the revenue generated from the commercial relationships we have with our loyalty partners with respect to consumer data, by the number of US members in our Program. This estimate is not specific to any individual consumer. The actual value to the consumer of becoming a member of the Program may vary significantly as this will depend on an individual member’s engagement with the Program.
Withdraw from the IHG® One Rewards program. You have the right to withdraw from the Program at any time. You may do so by notifying IHG® One Rewards Customer Care Centre.
Under the CCPA, our California members have the right to delete their personal information. However, for the purposes of administering the Program benefits to you, IHG may not be able to delete all of your personal information as long as you are a member of the Program. To delete your account information, you would first have to withdraw from the Program.
Metrics on California Consumer Rights Handling
Metrics, such as the number of requests we received, complied with, denied, and the median or mean number of days within which we substantively responded to requests, where required for the previous calendar year, will be published here.
Your California Privacy Rights under California’s Shine-the-Light Law
Under California’s “Shine the Light” law (Cal. Civ. Code § 1798.83), California residents who provide us certain personal information are entitled to request and obtain from us, free of charge, information about the personal information (if any) we have shared with third parties for their own direct marketing use. Such requests may be made once per calendar year for information about any relevant third party sharing in the prior calendar year. If you are a California resident and would like to make such a request, please submit your request in writing to [email protected]. In your request, please attest to the fact that you are a California resident and provide a current California address.
Contact Us
If you have questions about our privacy practices, would like to make a complaint, or to request a printable version of this Privacy Statement, please contact us at [email protected]. This California privacy notice is effective from January 1, 2020 and was last updated on December 14, 2022.
Nevada privacy law grants residents of Nevada certain rights and imposes certain restrictions on particular business practices. To exercise your individual rights under the Nevada laws, please contact the Privacy Office.
If there is any inconsistency between the below and the above Privacy Statement, the following shall prevail in respect of the PRC.
Data controller
For the PRC, Intercontinental Hotel Groups (Shanghai) Co., Ltd., Registered office: 22nd Floor, Citigroup Tower, No. 33 Huayuanshiqiao Road, China (Shanghai) Pilot Free Trade Zone, is the data controller. For questions or concerns related to your personal information or related to the Privacy Statement, please contact [email protected].
Consent
We will obtain your consent (where applicable, separate consent) to collect, use, share, transfer (including but not limited to overseas transfer), disclose or otherwise process your personal information if and to the extent required by the applicable laws.
Sensitive personal information
Certain of the types of personal information described in this Privacy Statement are considered "sensitive" and, depending on your jurisdiction of work or residence and applicable law, additional rules will apply in respect of this personal information. References to personal information in this Privacy Statement shall be deemed to include reference to sensitive personal information (if any) where applicable.
“Sensitive personal information” as defined under PRC laws and regulations which we may collect and use for the purposes described in the above Privacy Statement may include information relating to:
Share and disclose your personal information with another controller
With your consent, we may share and disclose your personal information with another data controller as explained in the section “Information we collect and how we use and disclose it” in the Privacy Statement.
International data transfers
As IHG is a global hospitality group, for the purposes described in this Privacy Statement and in order to provide you with privileged and quality service worldwide, we may, with your separate consent (if required by applicable laws), transfer your personal information to IHG affiliated entities outside of mainland China, such as Six Continents Ltd (UK) (“IHG Foreign Affiliated Entity”), who will process your personal information for the purposes and in the manner as described in this Privacy Statement. IHG will take appropriate measures to ensure that cross-border data transfer and the processing of your personal information by IHG Foreign Affiliated Entities comply with the requirements of applicable laws and that such mechanisms are aimed at ensuring an adequate level of protection as regards your personal information under the applicable laws. If you wish to exercise your rights with respect to your personal information with any IHG Foreign Affiliated Entity, you can contact such entity through the means described in “How to Contact Us” section.
How we store and protect your personal information
We will store your personal information for as long as necessary to achieve the purposes described in this Privacy Statement and for as long as you use our services, and as otherwise required by applicable law. We take reasonable security measures to protect your personal information in accordance with industry standards and are committed to using various technologies and initiatives to protect your personal information from unauthorized access, use, modification, disclosure and damage, such as the use of encryption technology to protect your personal information. We will deal with personal information security incidents in accordance with applicable laws and regulations, and conduct training and dissemination of personal information protection to relevant personnel to enhance their awareness of the importance of personal information and responsibilities related to personal information protection.
SDKs and other similar software technologies made available by non-affiliated entities
Under the PRC laws, IHG is required to disclose SDKs. As a practical matter, the information described below is captured elsewhere in the privacy statement, including, in particular, in our description of IHG’s use of cookies. If you have any questions about which trackers listed in our cookie policies are SDKs, please contact the Privacy Office.
We use software known as software development kits (SDKs) and other similar technologies made available by non-affiliated entities on our mobile applications and mini programs to ensure their stable operation and to provide the services as described in this Privacy Statement. Please see our SDK list for more information about our integrated SDKs.
If you are using these features and plug-ins provided by non-affiliated entities, the privacy policies of these entities may also apply to you. Some of these entities may collect data from you for their use and processing and may obtain your consent prior to doing so. In any case, we recommend you read the privacy policies of these non-affiliated entities to understand how they collect and process your data before using their features and plug-ins.
Personalized marketing
In order to provide you with personalized advertising, we may collect your personal information.
You can turn off personalized advertising in our App in “Account”-“Personalized recommendations”. Once you turn off it, you will not receive any personalized advertising, including promotional offers and special offers.
Mobile device permissions
If you choose to use certain functions using our mobile app we will ask you for related permissions to use features on your mobile device to enable this.
When you add a payment method to book a hotel, we will ask you for camera permission if you choose to add payment information by scanning your payment card using the camera.
If you choose to add the booking to your calendar after the booking is made, we will ask you for calendar permission to help you add the booking to your calendar.
If you choose to use the voice search function when booking a hotel, we will ask you for microphone permission to allow dictation on your device to enable this.
If you choose to use the function to search for hotels near your location we will ask you for permission to access your location to enable this.
Your rights
In addition to the rights mentioned in the Privacy Statement, you have the following rights where permitted by the PRC data protection laws:
To exercise any of your rights above, you may also contact us by emailing [email protected] as well.
We aim to respond to all valid requests to exercise the above rights within 15 working days upon verifying your identity. To help us respond more quickly, we may ask you to provide more detail about your inquiry.
We may not always be able to do what you have asked, for example if it would impact the duty of confidentiality we owe to others, or if we are otherwise legally entitled to deal with the request in a different way.
Purchasing product vouchers through IHG WeChat Mini Program
When you purchase a product voucher through our IHG WeChat Mini Program, we will collect your WeChat OpenID, UnionID, membership number and purchase, redemption, and refund records. We process your information primarily to attribute your purchases to you, to show you the status of product redemptions or refunds status, and to notify you of necessary product information changes. You can check purchase, redemption, and refund records at any time. We will share your information with the hotel providing the product voucher to provide you with the services described in the product voucher. If you decline to provide such personal information, we will not be able to provide you with the abovementioned services.
In some instances, we may have to change, modify or amend this Privacy Statement in order to comply with the evolving regulatory environment or the needs of our business. Subject to any applicable legal requirements to provide additional notice, any changes to this Privacy Statement will be communicated through our websites and mobile applications. However, if there will be changes made to the use of your personal information in a manner different from that stated at the time of collection we will take appropriate steps to notify you, such as by posting a notice on our website for 30 days prior to the changes taking effect or by emailing you. We will obtain your consent to such changes where required to do so by applicable law.
Effective Date: March 2, 2023