California Consumer Privacy Act Statement

Pursuant to the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act (collectively, the CCPA), the Marriott Group is providing the following additional details regarding the categories of Personal Data (also called “personal information” under the CCPA) about California residents that we collect, use, and disclose. This CCPA Statement supplements the Marriott Group Global Privacy Statement.

PERSONAL DATA WE COLLECT, DISCLOSE, SHARE, AND SELL

The following chart details categories of Personal Data about California residents we collect, as well as categories of Personal Data we have collected and disclosed for operational business purposes in the preceding 12 months. The chart also details the categories of Personal Data that we “sell” or “share” (as defined in the CCPA), including within the preceding 12 months.

For purposes of this CCPA Statement, “sold” or “sale” means the disclosure of Personal Data for monetary or other valuable consideration but does not include, for example, the transfer of Personal Data as an asset that is part of a merger, bankruptcy, or other disposition of all or any portion of our business. For the categories below, Marriott “sells” or “shares” the data solely for the purposes of Marketing and Promotion.

We may also disclose the above categories of Personal Data to a third party in the context of any reorganization, financing transaction, merger, sale, joint venture, partnership, assignment, transfer, or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings).

SOURCES OF PERSONAL DATA

Marriott acquires the Personal Data listed above directly from you, as well as from other sources, including through Online Services, Property Visits and Offline Interactions, Customer Care Centers, Owners and Franchisees, Homes and Villas Property Management Companies, Authorized Licensees, Strategic Business Partners, Internet Connected Devices, Public Databases, and Joint Marketing Partners (Capitalized terms in this paragraph as used throughout this CCPA Statement are further defined in the Marriott Group Global Privacy Statement).

USE OF PERSONAL DATA

Marriott collects, uses, sells, shares, or otherwise discloses the Personal Data listed above (apart from Sensitive Personal Data) to operate, manage, and maintain our business, to provide our products and services, for vendor management purposes, and to accomplish our business purposes and objectives, including, for example, using Personal Data to: develop, improve, and maintain our products and services; personalize, advertise, and market our products and services; conduct research, analytics, and data analysis; maintain our facilities and infrastructure; undertake quality and safety assurance measures; conduct risk and security control and monitoring; detect and prevent fraud; perform identity verification; perform accounting, audit, and other internal functions, such as internal investigations; comply with law, legal process, and internal policies; maintain records; and exercise and defend legal claims.

We may use Sensitive Personal Data for purposes of performing services for our business, providing goods or services as requested by you, ensuring security and integrity, fulfilling short-term transient uses, such as displaying first party, non-personalized advertising, order processing and fulfillment, servicing accounts, providing customer service, verifying customer information, processing payments, providing financing, and for activities relating to quality and safety control or product improvement.

We do not knowingly “sell” or “share” the Personal Data, including the Sensitive Personal Data, of individuals under the age of 16.

RETENTION PERIOD

We retain Personal Data for as long as needed or permitted in light of the purpose(s) for which it was collected.  The criteria used to determine our retention periods include:  

• The length of time we have an ongoing relationship with you and provide the Services to you (for example, for as long as you have an account with us or keep using the Services and for as long as necessary to satisfy the terms of the Bonvoy program) 

• Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them) 

• Whether retention is advisable considering our legal position (such as, for statutes of limitations, litigation or regulatory investigations)

CALIFORNIA INDIVIDUAL RIGHTS

Overview of California Individual Rights

If you are a California resident, you may make the following requests:

Request to Know. You may request that we disclose to you the following information: 

• The categories of Personal Data we collected about you and the categories of sources from which we collected such Personal Data;

• The specific pieces of Personal Data we collected about you;

• The business or commercial purpose for collecting, selling, or sharing (if applicable) Personal Data about you;

• The categories of Personal Data about you that we sold or “shared” and the categories of third parties to whom we sold or “shared” such Personal Data (if applicable); and

• The categories of Personal Data about you that we otherwise disclosed, and the categories of third parties with whom we disclosed such Personal Data (if applicable).

Request to Delete. You may request that we delete the Personal Data we collected from you.

Request to Correct. You may request that we correct inaccuracies in your Personal Data.

Request to Opt-Out of Sale and/or Sharing. You may request to opt-out of the “sale” and/or “sharing” (for cross-context behavioral advertising purposes) of your Personal Data.

How You Can Request to Know, Delete, Correct, or Opt-Out of Sale and/or Sharing of Your Personal Data

To make a Request to Know, Delete, or Correct, please contact us via this form or 1-800-218-9316. We may request information from you in order to verify your request, such as your name, email address, postal address, phone number, or loyalty number, and then use that information to match it with information we already have. We may also ask you for additional identifiers such as your date of birth or the last four digits of your credit card if we need additional information to verify your identity. We will respond to your request consistent with applicable law.

To make a Request to Opt-Out of Sale and/or Sharing, click here or call 1-800-218-9316.

You have the right to be free from unlawful discrimination for exercising your rights under the CCPA.

Authorized Agents: If you would like an authorized agent to submit a request on your behalf, the agent may do so by using the submission methods noted above. Upon receipt of a Request to Know, Delete, or Correct by an agent, Marriott will ask the California resident for written, signed permission that the agent has been authorized by the resident to act on their behalf. Once written authorization is provided, Marriott will open a request for the resident in the portal. Marriott will respond directly to the individual email address provided by the authorized agent regarding the fulfillment of the request, and not in a platform or portal.

CHANGES TO THIS CCPA STATEMENT

We may change or update this CCPA Statement from time to time.  When we do, we will post the revised CCPA Statement on this page with a new “Last Updated” date. 

PRIVACY RIGHTS REQUEST METRICS

Between January 1 and December 31, 2021, Marriott received the following requests from consumers identifying themselves as California residents:

NOTICE OF FINANCIAL INCENTIVE

The CCPA’s implementing regulations define a “financial incentive” as a program, benefit, or other offering “related to the collection, deletion, or sale of personal information.” Marriott International offers guests the opportunity to participate in the Marriott Bonvoy Loyalty Program (the “Program”), which may provide benefits, including discounted rates on stays, as well as the opportunity to earn points that can be redeemed for discounted or free stays or other items, to those who choose to join. Those benefits are described along with other material terms and conditions here. Our collection of members’ Personal Information (including name, zip code, email address, and other Personal Information as described above under “Information We Collect”) allows Marriott to operate the Program and provide membership benefits. Marriott uses the Personal Information of Program members, including their stay details, to both award and redeem points. Otherwise, the types of Personal Information that we collect from Program members are generally similar to the types of Personal Information that we collect from individuals who are not Program members. The amount of Personal Information that we collect from a member or non-member may vary and is dependent on the level of interactions and engagement that the member or non-member has with Marriott.

Marriott seeks to ensure that both members and non-members have a memorable and enjoyable experience when staying at a Marriott hotel. For this reason, in connection with a hotel stay, Marriott may collect information from both members and non-members related to their personal preferences, as described in the section titled “The Data We Collect” in the Marriott Group Global Privacy Statement. Program members have the ability to organize their Personal Information and preferences as part of their Program profile. For example, a Program profile may include address, phone, month and day of birth, and gender, as well as room options, stay preferences, and communication preferences. 

Marriott may also collect Personal Information about Program members through its Partner Programs, as defined in Marriott’s Loyalty Program Terms & Conditions, as well as through Linked Accounts, such as with airline frequent flyer programs or retail or cruise partners, as explained in the Marriott Group Global Privacy Statement. When a Program member engages with a Partner Program or has a Linked Account, Marriott receives information necessary to facilitate point redemptions or earnings.

Marriott "sells," as the term is defined under the CCPA, Personal Information of both Program members and non-members to Marriott Vacations Worldwide (MVW) and to third party marketing partners for the purposes of online advertising, as disclosed above in this California Consumer Privacy Act Statement. Marriott also “sells” the Personal Information of Program members (but not non-members) to its co-branded credit card partners for purposes of marketing. The categories of Personal Information sold to these third parties are disclosed in Marriott’s California Consumer Privacy Act Statement, above, under the section titled "Category of Personal Information Sold."

When a Program member purchases a timeshare property from MVW, Marriott receives information from MVW so that the MVW Owners can receive various program benefits, including Elite Status Upgrades, Elite Night Credits for their timeshare stays, and the ability to convert their timeshare interest into Program points. In addition, Personal Information received from Marriott’s credit card partners may include information for servicing and facilitating the Program member’s point earnings through use of the credit card. Marriott may also receive the member’s category level spend (e.g., how much the member spent on groceries) and information that may assist in presenting relevant ads to our members and non-members.     

If you are a California resident and opted out of our “sale” of your Personal Information before you joined the Program, you will need to opt out again once you are a member, if you do not wish for Marriott to “sell” your Personal Information. To do so, click on “Your Privacy Rights” or call 1-800-218-9316.

We estimate the value of a member’s Personal Information to Marriott International, solely for purposes of the CCPA and pursuant to the valuation options mandated by the CCPA regulations, to be on average approximately $0.42 per consumer in 2021. This estimate is not specific to any individual consumer and varies per consumer. We have based this good-faith estimate on the value that arises from our commercial relationships and the collection and retention of the Personal Information of consumers who have voluntarily signed up and chosen to remain in the Program. The value of Program benefits to members varies significantly as individual members take advantage of Program benefits to varying degrees.

You may join the Program on our website, at a participating property, or through another enrollment channel in line with the Bonvoy Program Terms & Conditions.

Members who are California residents may exercise their CCPA rights (i.e., the rights to know, to request deletion, and to opt out of the sale of Personal Information) without any effect on their membership status or eligibility to receive rewards, and Program members who exercise their privacy rights under the CCPA receive the same benefits as members who do not. A member may also choose not to receive marketing updates or offers at any time without any effect on their membership status or eligibility to receive Program benefits.

You may cancel your membership at any time by notifying Member Support at:

Marriott Guest Services
910 West Legacy Center Way, Suite 100
Midvale, UT 84047

Or by fax to: 1-801-468-4033.
Or by visiting: How Can I Cancel My Marriott Bonvoy® Account

CONTACT US

If you have questions or concerns about this Privacy Statement, you may contact us at privacy@marriott.com, or by mail:

Marriott International, Inc.
Global Compliance, Privacy
7750 Wisconsin Avenue
Bethesda, MD 20814