Skip to Content
Marriott Bonvoy

MARRIOTT DATA PRIVACY FRAMEWORK GUEST PRIVACY STATEMENT

Print Page

 

LAST UPDATED: April 2, 2025

 

Marriott International, Inc. and the U.S. affiliates listed at the end of this Statement (“Marriott U.S.”) have created this Data Privacy Framework Privacy Statement to help you learn about how we handle Guest Personal Data that we receive from the European Economic Area (the “EEA”), the United Kingdom (U.K.), Gibraltar, and Switzerland under the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the U.K. Extension to the EU-U.S. DPF (which includes Gibraltar, hereinafter referred to as “the U.K.”),  and the Swiss-U.S. Data Privacy Framework (collectively “DPF”). This DPF Privacy Statement supplements the Marriott Group Global Privacy Statement. Unless specifically defined differently in this Statement, the capitalized terms in this DPF Privacy Statement have the same meaning as in the Marriott Group Global Privacy Statement.

 

Marriott U.S. has certified to the U.S. Department of Commerce that it adheres to the DPF Principles with regard to the processing of Personal Data received from the EEA, the U.K., Gibraltar, and Switzerland in reliance on the DPF. More information about the DPF, including the list of certified organizations, can be found at https://www.dataprivacyframework.gov/↗.

Personal Data Received From the EEA, the U.K., and Switzerland

 

Marriott U.S. may receive Personal Data from entities in the EEA, the U.K., and Switzerland such as:

 

General Identifying Information
Including full name, postal address, e-mail address, telephone number, social media account ID, profile photo and other data made publicly available, or data made available by linking your social media and loyalty accounts, or other similar identifiers.

 

Demographic Information and Important Dates
Including gender, language preferences, nationality, birthdays, anniversaries, or special occasions.

 

Government-Issued Identification
Including passport, visa, or other government-issued identification (and the Personal Data contained therein).

 

Financial Information
Including credit, debit, or other payment data.

 

Loyalty Program Information
Including membership or loyalty program data, co-branded payment cards information, and travel partner program affiliations.

 

Travel Information
Including prior guest stays or interactions (including interactions via our chat functionalities), goods and services purchased, special service and amenity requests, travel itinerary, tour group information, activity data, or employer details (for business-related bookings).

 

Claims Information
Including insurance information, emergency contacts, complaints, or employment details (for worker’s compensation claims).

 

In more limited circumstances, we may also collect:

 

  • Data about family members and companions (including names, and ages of children);
  • Biometric data; and
  • Images, videos, and audio data via: (a) recordings of your voice (such as when we record customer service calls for quality assurance); (b) security cameras located in public areas, such as hallways and lobbies, in our properties; and (c) body-worn cameras carried by our loss prevention officers and other security personnel.

 

We may also collect information about your “Preferences” that you provide to us or that we learn about you during your stay, in order to make your current and future stays and experience with us more enjoyable. These include your “Interests and Passions”, such as whether you are a golf or spa enthusiast and what type of other activities you prefer to take part in when staying with us; your “Food and Beverage” Preferences, which may include your health restrictions or personal needs so that we can provide for your wellbeing; and your “Room and Stay” Preferences, which include room options, amenities and any likes and dislikes so that we can improve the Services. Other Preferences may also include details about who you usually travel with, their relationship to you, special dates such as anniversaries and birthdays, and your marital status.
 
Back to top

Use of Personal Data

 

Any Personal Data sent to us may be used by Marriott U.S. and its Service Providers for the purposes indicated in the Marriott Group Global Privacy Statement. If we intend to use your Personal Data for a purpose that is materially different from these purposes or if we intend to disclose it to a third party (a non-agent) not previously disclosed, we will notify you and offer you the opportunity to opt-out of such uses and/or disclosures where it involves Personal Data or opt-in where Sensitive Personal Data are involved.

 

Back to top

Disclosures to Affiliates and Third Parties

 

As more fully described in the Marriott Group Global Privacy Statement, Personal Data may be disclosed to the following:

 

  • Marriott Group
  • Franchisees
  • Owners
  • Owners of hotels associated with Design Hotels
  • Homes and Villas Property Management Companies 
  • Authorized Licensees
    • Select Authorized Licensees
  • On-Property and/or Travel Partners 
  • Linked Accounts & Travel Insurance
  • Advertising Partners
  • eFolio Program
  • Service Providers

 

 

Back to top

Disclosures to Service Providers

 

We sometimes contract with other companies and individuals to perform functions or services on our behalf such as spas and restaurants within our hotels, website hosting, data analysis, payment processing, order fulfillment, information technology and related infrastructure provision, customer service, email delivery, auditing, and other services. They may have access to Personal Data needed to perform their functions but are restricted from using the Personal Data for purposes other than providing services for us or to us. Marriott U.S. requires that its Service Providers that have access to Personal Data received from the EEA, the U.K., and Switzerland provide the same level of protection as required by the DPF Principles. We are responsible for ensuring that our Service Providers process the Personal Data in a manner consistent with our obligations under the DPF Principles.

 

Back to top

Data Security

 

We use reasonable physical, electronic, and administrative safeguards to protect your Personal Data from loss, misuse and unauthorized access, disclosure, alteration, and destruction, taking into account the nature of the Personal Data and the risks involved in processing that information.

 

Back to top

Data Integrity and Purpose Limitation

 

We limit the collection and use of Personal Data to the information that is relevant for the purposes of processing and will not process Personal Data in a way that is incompatible with the purposes for which the information has been collected or subsequently authorized by you. We take reasonable steps to ensure the Personal Data are reliable for their intended use, accurate, complete, and current to the extent necessary for the purposes for which we use the Personal Data.

 

Back to top

Access to Personal Data
 

You can ask to review, correct, or delete Personal Data that we maintain about you by filling out this form↗ on Marriott.com or by contacting us at MarriottDPO@marriott.com.

 

Back to top

Data Privacy Framework Enforcement and Dispute Resolution

 

If you have any questions or concerns, please write to us at the address listed below. We will investigate and attempt to resolve complaints and disputes regarding use and disclosure of Personal Data in accordance with the DPF Principles.

 

If we are unable to resolve your complaints or disputes, you may contact JAMS DPF Dispute Resolution↗, an alternative dispute resolution provider based in the U.S., and they will investigate and assist you, free of charge, in resolving your complaint.

 

As further explained in the DPF Program Principles↗, a binding arbitration option will also be made available to you in order to address residual complaints not resolved by any other means. Marriott U.S. is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).

 

Back to top

Disclosures Required By Law

 

We may need to disclose Personal Data in response to lawful requests by public authorities for law enforcement or national security reasons or when such action is necessary to comply with a judicial proceeding or court order, or when otherwise required by law.

 

Back to top

Contact Information

 

If you have any questions regarding this Data Privacy Framework Privacy Statement, please contact us by email at privacy@marriott.com, or please write to the following address:

 

Marriott International, Inc.
Global Compliance, Privacy
7750 Wisconsin Avenue
Bethesda, MD 20814
United States of America

 

Back to top

Privacy Statement Changes

 

This Statement may be changed from time to time, consistent with the requirements of the DPF Program. You can determine when this Policy was last revised by referring to the "LAST UPDATED" legend at the top of this page. Any changes to our Statement will become effective upon our posting of the revised Statement on the Site.

 

Back to top

Marriott U.S. entities covered by this Statement

 

Marriott International Administrative Services, Inc.
Marriott Rewards, Inc.
Marriott Payment Services, LLC

 

Back to top
Marriott Bonvoy App

It's all right here with the Marriott Bonvoy™ App

It's all right here with the Marriott Bonvoy™ App

Opens a new window

© 1996 – 2026 Marriott International, Inc. All rights reserved. Marriott Proprietary Information

English
Careers Opens a new window Terms of Use Program Terms & Conditions Privacy Center Digital Accessibility Sustainability in the Supply Chain Site Map Hotel Site Map Help Opens a new window