PRIVACY CENTER

Last Updated: May 4, 2020

MARRIOTT GROUP GLOBAL PRIVACY STATEMENT

The Marriott Group (PDF) values you as our guest and recognizes that privacy is important to you. We want you to be familiar with how we collect, use, and disclose your Personal and Other Data (collectively, “Data”).

Privacy Preferences

At Marriott, we respect your privacy and want to provide you with the options, information, and choices below to express your preferences: what and how much you share with us and when and how you hear from us.

Open

We want to learn what is relevant to you and ensure you have a personalized experience. As described in more detail in our Global Privacy Statement, we use digital tools like cookies and tags on our webpages. Cookies also help us provide, protect and improve our services. To adjust your preferences, please visit our Tracking Preferences page.

Open

We want to engage with you in a way that is valuable to you, including how often you want to hear from us. To set your preferences, please sign in to your loyalty account profile and select Communication Preferences. To unsubscribe, use the link at the bottom of any of our communications to you. NOTE: Even if you choose to opt out of communications, we will continue to send you transactional messages about your reservations or stays, including pre-arrival, confirmation and guest satisfaction surveys.

Open

Notice for California and Nevada Residents: To update your data sharing preferences under the California Consumer Privacy Act (CAL. CIV. CODE § 1798.135 (a)(1)) or the Nevada Privacy Law (NRS Ch. 603A, Sec. 2(2)), please:

1. Submit your preferences.

2. Visit our Tracking Preferences page.

Read the Marriott Group California Consumer Privacy Statement.

Open

If you would like to request to access, change, delete, or restrict the use or object to the processing of your Personal Data that you have previously provided to us, or if you would like to receive an electronic copy of your Personal Data for purposes of transmitting it to another company (to the extent these rights are provided to you by law), please complete this form Opens in a new browser. If you have any questions about the form or our process, feel free to contact us at privacy@marriott.com, or by mail at:

Marriott International, Inc.
Global Compliance, Privacy
10400 Fernwood Road
Bethesda, MD 20817
United States of America

EEA Contact Information:
Marriott Hotels Limited
Global Compliance
Barnard’s Inn
86 Fetter Lane
London EC4A 1EN
United Kingdom

For your protection, we only fulfill requests for the personal data associated with the email address and/or loyalty account number that you identify in your request, and we may need to verify your identity before fulfilling certain requests. When permitted by law, we may charge an appropriate fee to cover the costs of responding to your request.

Marriott acknowledges and respects our guests’ privacy and we will try to comply with your request as soon as reasonably practicable and consistent with applicable law.

DATA COVERED BY THIS PRIVACY STATEMENT

This Privacy Statement describes the privacy practices of the Marriott Group for data that we collect:

  • through websites operated by us from which you are accessing this Privacy Statement, including Marriott.com and other websites owned or controlled by the Marriott Group (collectively, the Websites);
  • through the software applications made available by us for use on or through computers and mobile devices (the Apps);
  • through our social media pages that we control from which you are accessing this Privacy Statement (collectively, our Social Media Pages);
  • through email messages that we send you that link to this Privacy Statement and through your communications with us online or in person;
  • from third parties such as Authorized Licensees, Strategic Business Partners, Owners and Franchisees, and Other Sources, such as public databases, marketing partners, and other third parties.
  • when you visit or stay as a guest at one of our properties, or at homes and villas offered on the Homes and Villas by Marriott International platform (Homes and Villas), or through other offline interactions (collectively, Property Visits and Offline Interactions).

Collectively, we refer to the Websites, the Apps and our Social Media Pages, as the “Online Services” and, together with the Property Visits and Offline Interactions, the “Services.” By using the Services, you agree to the terms and conditions of this Privacy Statement.

Back to top

THE DATA WE COLLECT

At touchpoints throughout your guest journey, we collect Personal Data in accordance with law, and to serve you better. Personal Data is information that may identify you as an individual or relate to you as an identifiable individual, such as:

  •  Name
  •  Gender
  •  Postal address
  •  Telephone number
  •  Email address
  •  Credit and debit card number or other payment data
  •  Language preference
  •  Date and place of birth
  •  Nationality, passport, visa or other government-issued identification data
  •  Important dates, such as birthdays, anniversaries and special occasions
  •  Membership or loyalty program data (including co-branded payment cards, travel partner program affiliations)
  •  Employer details
  •  Travel itinerary, tour group, or activity data
  •  Prior guest stays or interactions, goods and services purchased, special service and amenity requests
  •  Social media account ID, profile photo and other data publicly available, or data made available by linking your social media and loyalty accounts

In more limited circumstances, we may also collect:

  • Data about family members and companions, such as names and ages of children
  • Biometric data
  • Financial information
  • Images and video and audio data via: (a) security cameras located in public areas, such as hallways and lobbies, in our properties; and (b) body-worn cameras carried by our loss prevention officers and other security personnel

We may also collect information about your Preferences that we use to make your current and future stays and experience with us more enjoyable, including information about your interests and other relevant information about you that we learn about during your stay. This may also include any likes and dislikes about our services that you tell us about so that we can improve our services, and specific dietary or health restrictions to ensure your wellbeing. We may also collect your “Personal Preferences,” that may include details of your special anniversaries (such as your birthday or wedding anniversary), what type of activities you prefer to take part in when staying with us, and your hobbies. Personal Preferences may also include details about who you usually travel with, their relationship to you, and your marital status.

If you submit any Personal Data about other people to us or our Service Providers (e.g., if you make a reservation for another individual), you represent that you have the authority to do so and you permit us to use the data in accordance with this Privacy Statement.

Back to top

COOKIES AND OTHER DATA

We may also collect “Other Data” that generally do not reveal your specific identity or do not directly relate to an individual. To the extent Other Data reveal your specific identity or relate to an individual, we will treat Other Data as Personal Data. Other Data include:

  • Your browser or device. We collect certain data through your browser or automatically through your device, such as your Media Access Control (MAC) address, computer type (Windows or Macintosh), screen resolution, operating system name and version, device manufacturer and model, language, internet browser type and version and the name and version of the Online Services (such as the Apps) you are using. We use this data to ensure that the Online Services function properly.
  • Your use of the Apps. We collect certain data when you download and use an App, such as App usage data, the date and time the App on your device accesses our servers, and what data and files have been downloaded to the App based on your device number. We use this data to ensure that the Online Services function properly. Our Apps may contain software development kits (SDKs) from third parties which may collect and transmit Other Data to enable various features in the App. We may also collect mobile device advertising identifiers to enhance and personalize your experience and deliver relevant products, content or ads to show you on our Website, Apps, or external advertising.
    • Changing Your App Preferences for Collecting Mobile Device Advertising Identifiers. You can set your preferences in our Bonvoy™ Mobile App by logging into the app, going to the “Account” section of the app, select the settings button (circle gear icon) in the lower right-hand corner of the Account section, select your “Communication Preferences” and then, “Offers from our Partners.” In addition, you can reset advertising identifiers or disable them within your mobile device’s privacy settings.
    • Optional App Features. Our Apps may contain optional features made available to developers by the device’s operating system. To improve your experience we may require your permission for the use of your device’s location, camera, or other functions (e.g. using your device’s camera to capture your credit card information). You may choose not to allow the use of such functions, in which case the App features relying on such functions may not be available to you. Go to your device’s settings to manage these permissions.
  • Cookies. We collect certain data from cookies, which are pieces of data stored directly on the computer or mobile device that you are using. Cookies allow us to collect data such as browser type, time spent on the Online Services, pages visited, referring URL, language preferences, and other aggregated traffic data. We use functional cookies to obtain the data for security purposes, to facilitate navigation, to display content more effectively, to collect statistical data, to personalize your experience while using the Online Services and to recognize your computer to assist your use of the Online Services. We also gather statistical cookie data about use of the Online Services to continually improve design and functionality, understand how they are used, and assist us with resolving questions. Advertising cookies further allow us to select which advertisements or offers are most likely to appeal to you and display them while you are using the Online Services. We also use them to send marketing emails, and to track responses to online advertisements and marketing emails. You can learn more about cookies at: http://www.allaboutcookies.org/manage-cookies/index.html Open in a new browser tab.
    • Opting Out of Cookies:
      • You can choose whether to accept cookies by changing the settings on your browser or by managing your tracking preferences by clicking on “Tracking Preferences” located at the bottom of our home page. If, however, you do not accept cookies, you may experience some inconvenience in your use of the Online Services. For example, we will not be able to recognize your computer, and you will need to log in every time you visit. You also will not receive advertising or other offers from us that are relevant to your interests and needs. At this time, we do not respond to browser “Do-Not-Track” signals.
    • Third Party Advertising: We may use third-party advertising companies to serve advertisements regarding goods and services that may interest you when you access and use the Online Services, other websites, or online services. To serve such advertisements, these companies place or recognize a unique cookie on your browser (including through use of pixel tags). If you would like more information about this practice, and to learn about your choices in connection with it, please visit http://www.networkadvertising.org/managing/opt_out.asp Open in a new browser tab and http://www.aboutads.info/ Open in a new browser tab.
  • Pixel Tags and other similar technologies. We collect data from pixel tags (also known as web beacons and clear GIFs), which are used with some Online Services to, among other things, track the actions of users of the Online Services (including email recipients), measure the success of our marketing campaigns, and compile statistics about usage of the Online Services.
  • Analytics. We collect data through Google Analytics and Adobe Analytics, which use cookies and technologies to collect and analyze data about use of the Services. These services collect data regarding the use of other websites, apps and online resources. You can learn about Google’s practices by going to www.google.com/policies/privacy/‌partners/ Open in a new browser tab and opt out by downloading the Google Analytics opt out browser add-on, available at https://tools.google.com/dlpage/gaoptout Open in a new browser tab. You can learn more about Adobe and opt out by visiting http://www.adobe.com/privacy/opt-out.html Open in a new browser tab.
  • Adobe Flash technology (such as Flash Local Shared Objects (“Flash LSOs”)) and other similar technologies. We collect data through Flash LSOs and other technologies on some Websites to, among other things, collect and store data about your use of the Online Services. If you do not want Flash LSOs stored on your computer, you can adjust the settings of your Flash player to block Flash LSO storage using the tools contained in the Website Storage Settings Panel Open in a new browser tab at http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager07.html Open in a new browser tab. You can also control Flash LSOs by going to the Global Storage Settings Panel Open in a new browser tab at http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager03.html Open in a new browser tab and following the instructions (which include instructions that explain, for example, how to delete existing Flash LSOs (referred to as “information” on the Macromedia site), how to prevent Flash LSOs from being placed on your computer without you being asked, and (for Flash Player 8 and later) how to block Flash LSOs that are not being delivered by the operator of the page you are on at the time). Please note that setting the Flash Player to restrict or limit acceptance of Flash LSOs may reduce or impede the functionality of some Flash applications, including those used with the Online Services. For more information, please refer to https://helpx.adobe.com/flash-player/kb/disable-local-shared-objects-flash.html Open in a new browser tab.
  • Your IP Address. We collect your IP address, a number that is automatically assigned to the computer that you are using by your Internet Service Provider (ISP). An IP address is identified and logged automatically in our server log files when a user accesses the Online Services, along with the time of the visit and the pages that were visited. We use IP addresses to calculate usage levels, diagnose server problems and administer the Online Services. We also may derive your approximate location from your IP address.
  • Aggregated Data. We may aggregate data that we collected and this aggregated data will not personally identify you or any other user.
  • Location-Based Services: We may collect the precise physical location of your device by using satellite, cell phone tower, WiFi signals, or other technologies. We will collect this data if you opt-in through the App or other program (either during your initial login or later) to improve special offers and to enable location-driven capabilities on your mobile device. If you have opted-in to share your location, the App or other program will continue to collect location data based on how you chose to share the data.
    • Location Opt-Out: The user can specify via the device’s operating system to always share location, only when the App is in use, or never. If you choose only when the App is in use, we will have access to the data until you log off or close the application or if you use your phone’s or other device’s settings to disable location capabilities for the Bonvoy™ App or other program.

Back to top

HOW AND WHERE WE COLLECT YOUR DATA

This Privacy Statement describes the privacy practices of the Marriott Group for Personal and Other Data that we collect through the following:

  • Online Services. We collect Personal or Other Data when you interact with our Oneline Services, by performing such actions as, but not limited to, browsing, making a reservation, purchasing goods and services from our Websites or Apps, communicating with us, or otherwise connecting with us or post to social media pages, or signing up for a newsletter or participating in a survey, contest or promotional offer.
  • Property Visits and Offline Interactions. We collect Personal Data when you visit our properties, Homes and Villas, or use on-property services and outlets, such as restaurants, concierge services, health clubs, child care services, and spas. We also collect Personal Data when you attend promotional events that we host, sponsor, or in which we participate, or when you provide your Personal Data to facilitate an event.
  • Customer Care Centers. We collect Personal Data when you make a reservation over the phone, communicate with us by email, fax or via online chat services or contact customer service. These communications may be recorded for purposes of quality assurance and training.
  • Owners and Franchisees. We collect Personal Data from Owners of Marriott Group branded properties that we manage. We also collect Personal Data from Franchisees of Marriott Group branded properties that are independently owned and operated under a franchise agreement with us. Owners and Franchisees are independent from the Marriott Group.
  • Homes and Villas Property Management Companies. We collect Personal Data from companies and their service providers who manage Homes and Villas properties, your booking of Homes and Villas, and provide additional support to you during your stay at Homes and Villas (“Homes and Villas Property Management Companies”). Homes and Villas Property Management Companies are independent from the Marriott Group.
  • Authorized Licensees. We collect Personal Data from companies when we enter into a license or similar agreement to sell goods and services under a Marriott Group brand (“Authorized Licensees”). Examples of Authorized Licensees include our time share partners, Marriott Vacations Worldwide Corporation and Vistana Signature Experiences, Inc. Examples of other Authorized Licensees include Cruise Yacht Optco Ltd. d/b/a The Ritz-Carlton Yacht Collection, developers of Marriott Group branded real estate, and co-branded credit card partners. Authorized Licensees are independent from the Marriott Group.
  • Strategic Business Partners. We collect Personal Data from companies with whom we partner to provide you with goods, services, or offers based upon your experiences at our properties or Homes and Villas, or that we believe will be of interest to you (“Strategic Business Partners”). Examples of Strategic Business Partners include on-property outlets, travel and tour partners, time share partners, rental car providers, and travel booking platforms. Strategic Business Partners are independent from the Marriott Group.
  • Other Sources. We collect Personal Data from other sources, such as public databases, joint marketing partners, and other third parties.
  • Internet-Connected Devices. We collect Personal and Other Data from internet-connected devices available in our properties. For example,when you connect a device to the hotel’s internet, or a smart home assistant may be available for your use to tailor your accommodations and experience.

Back to top

WHY WE COLLECT YOUR DATA (LEGAL BASIS)

PURPOSEDESCRIPTION OF ACTIVITIES ASSOCIATED WITH PURPOSELEGAL BASES
Booking & Guest RegistrationThere are a number of activities associated with this purpose, such as: facilitating reservations and bookings of hotel accommodations and related services; engaging in pre‑arrival communications (logistics, changes, preferences, etc.); and processing payments and security deposits.

Performance of contract for the individual with the guest booking the room

Legitimate interests for the individual booking the room, for example, honoring his/her preferences, as well as for any individuals accompanying the primary guest (e.g., spouse, children, friends)

Legal obligations relating to financial transactions, such as the obligation to maintain books and records.

On-Site Reception & Stay ServicesThere are a number of activities associated with this purpose, such as: facilitating check-in and check-out; processing payments; providing consistent and personalized service and advice about the on-site services (based on past usage or expressed preferences); providing concierge, luggage storage, and parking services; making arrangements with third‑party providers on behalf of guests (such as coordinating tours and other sightseeing excursions; arranging taxi, shuttle, and chauffeur services; and facilitating reservations and bookings at restaurants and events); administering and facilitating access to WiFi, TV, and other connectivity services (including access to business center amenities, such as fax and photocopying services) and entertainment systems (such as PlayStations and music players); facilitating in-room dining (including taking into account any dietary or other health restrictions expressed by the guest); housekeeping services (including preferences for special pillows, duvets, and other amenities expressed by the guest) and dry-cleaning services; handling customer requests, inquiries, and complaints; and determining eligibility for age‑restricted goods and services (such as alcohol or in-room adult entertainment).

Performance of contract, such as processing payments

Legitimate interests, such as honoring the guest’s preferences (e.g., for a room near the elevator or on a top floor)

Consent, such as collecting information regarding dietary preferences that the guest chooses to provide

Legal obligations, such as collecting national ID numbers where legally required

Conferences & EventsThere are a number of activities associated with this purpose, such as: communicating with customers about conferences and other event planning (“Events”); facilitating reservation and bookings of Events; engaging in pre Event communications (logistics, accommodations, changes, etc.); preparing for and coordinating Events in accordance with customer instructions, expectations, and preferences; facilitating catering; communicating about billing and recovering amounts owed; processing payments and security deposits; performing credit checks; handling customer requests, inquiries, and complaints; and communicating with participants during Events.

Performance of contract, such as collecting information regarding a planned Event

Legitimate interests, such as responding to customer complaints or concerns relating to an Event

Legal obligations relating to financial transactions, such as the obligation to maintain books and records

Marriott Operations & General BusinessThere are a number of activities associated with this purpose, such as: administering customer-care services to facilitate and address inquiries, comments, and complaints about any of our services (such as in person, through phone lines, email, or on social media); handling security and fraud prevention; administering online services (including troubleshooting, data analysis, testing, system maintenance, support, reporting, and the hosting of data); monitoring and analyzing usage of services and using data analytics to improve services, marketing, programs, overall customer experience, gathering feedback, carrying out pilot programs for potential new services, and both developing new and improving existing services; and facilitating mergers, acquisitions, and other reorganizations and restructurings of our business (including prospective transactions).

Performance of contract, such as ensuring that online services are functioning so that individuals can make reservations or manage loyalty accounts

Legitimate interests, such as responding to customer complaints and concerns

Consent, such as for marketing programs

Legal obligations relating to financial transactions, such as the obligation to maintain books and records

Emergency & Incident ResponseThere are a number of activities associated with this purpose, such as: ensuring the security of on-site services; responding to, handling, and documenting on-site accidents and medical and other emergencies (including facilitating in‑house doctor services); actively monitoring properties to ensure adequate incident prevention, response, and documentation (including CCTV); requesting assistance from emergency services; and sending notifications and alerts in the event of incidents or emergencies (such as via SMS, email, call, audio-visual device prompts, etc.).

Performance of contract, such as ensuring the safety of guests and personnel through interactions with on-site security personnel

Legitimate interests, such as monitoring properties through CCTV to ensure the safety of guests and personnel

Legal obligations, such as documenting on‑site accidents

Individuals’ vital interests, such as contacting medical or emergency services for an ill guest

Legal & ComplianceThere are a number of activitiesassociated with this purpose, such as: complying with applicable laws; complying with legal processes; responding to requests from public and government authorities; meeting national security or law enforcement requirements; enforcing our terms and conditions; protecting our operations; protecting the rights, privacy, safety, or property of the Marriott Group, guests, visitors, and other relevant individuals; and allowing us to pursue available legal remedies and limiting the damages that Marriott may sustain.

Legal obligations, such as complying with legal processes

Legitimate interests, such as enforcing terms and conditions to protect trademarks

Individuals’ vital interests, such as contacting emergency services in case of disturbances and incidents involving guests

Spa, Beauty, Golf, & Fitness ServicesThere are a number of activities associated with this purpose, such as: facilitating reservations and bookings; determining eligibility for services; honoring disability or other health-related restrictions and providing appropriate and safe activities, services, and treatments; providing consistent and personalized service based on past usage and preferences expressed by the individual; processing payments; arranging requested professionals for specific treatments and services; and handling customer requests, inquiries, and complaints.

Performance of contract, such as processing payments

Consent, such as collecting information about back problems when providing massage services

Legitimate interests, such as providing personalized services (e.g., offering golfing opportunities based on past activity)

Legal obligations relating to financial transactions, such as the obligation to maintain books and records

Individuals’ vital interests (e.g., when an individual becomes ill while using the fitness equipment)

Food & Beverage ServicesThere are a number of activities associated with this purpose, such as: facilitating reservations; honoring dietary preferences; providing consistent and personalized service based on past usage and preferences expressed by the individual; processing payments; arranging reservations; and handling customer requests, inquiries, and complaints.

Performance of contract, such as processing payments

Consent, such as collecting information about dietary or health  restrictions of a guest when ordering food

Legitimate interests, such as providing personalized services (e.g., offering red wine to a guest based on previous requests)

Legal obligations relating to financial transactions, such as the obligation to maintain booksand records

Vital interests (e.g., when an individual becomes ill in one of the restaurants)

Child-Related Services (for Parents & Legal Guardians)There are a number of activities associated with this purpose, such as: facilitating babysitting/hotel nanny, kids club, and junior golf program services; facilitating reservations and bookings; preparing for and coordinating hotel accommodations and services in accordance with guest preferences, instructions, and expectations; payment and billing services; dining services (for example, special menus for children or special discounts for breakfast for children under a certain age).

Performance of contract, such as having a child of a certain age stay in the room with his/her parents may amount to extra charges or discounts

Consent of parent or legal guardian, such as accommodating needs of children

Legitimate interests, such as providing a crib or child-sized bathrobes and other amenities forchildren

Legal obligations relating to financial transactions, such as the obligation to maintain books and records

Individuals’ vital interests, such as when a child becomes ill while participating in kids’ club

Loyalty Programs, Accounts, & Relationship ManagementThere are a number of activities associated with this purpose, such as: registering users in loyalty and other client account programs and payment card programs; determining eligibility for various programs and related services; administering loyalty programs; providing consistent and personalized service based on past usage and the preferences expressed by members; ensuring access to Online Services; processing payments; notifying members about changes to programs, terms, and conditions; and handling members’ requests, inquiries, and complaints.

Performance of contract, such as assessing points and distributing benefits

Consent, such as honoring the mode of communication preferences (e.g., email, SMS)

Legitimate interests, such as managing members’ choices regarding how they wish to earn, track, and use points

Legal obligations relating to financial transactions such as the obligation to maintain books and records

Marketing,  Promotions, & ContestsThere are a number of activities associated with this purpose, such as: communicating about products and services that may be of interest to guests; providing personalized advertisements for products and services on selected websites; facilitating participation in sweepstakes, contests, and other promotions (such as best vacation photo contests on social media); and handling customer requests, inquiries, and complaints.

Performance of a contract, such as fulfilling obligations associated with a contest

Consent, such as honoring the mode of communication preferences (e.g., email, SMS)

Legitimate interests, such as providing advertisements for similar products and services

Legal obligations, such as handling information consistent with rules relating to sweepstakes

MORE INFORMATION ABOUT YOUR PERSONAL PREFERENCES

Our goal is to serve you better and meet your expectations and preferred level of hospitality at each stage, from the moment that you book with us through to when you check out. See below to learn more.

PURPOSEDESCRIPTION OF ACTIVITIES ASSOCIATED WITH PURPOSELEGAL BASES
AnniversariesWhen you stay with us, we want to help you celebrate any special anniversaries or birthdays. For example, we may make a note of these dates to allow us to provide you with a birthday or anniversary gift.Consent, where applicable.
Activity type and hobbies (such as trips to beach, babysitting, fitness, travel and transportation details, kids club theater, restaurant etc.)We want to ensure that we provide you with services that enhance your Marriott experience. To do this, we may retain your preferences about the types of activities that you like to take part in, so that we can ensure we are able to offer you similar experiences when you stay with us in the future.Consent, where applicable.
Relationships (husband, wife, son, daughter, etc.)We understand that your Preferences may change depending on who you are traveling with (such as your preferred room type). We may keep a record of your relationships to assist us with making your Marriott stay as comfortable as possible. For example, if we know you are traveling with small children, we can proactively plan for additional accommodations such as a crib or roll-away bed.

Legitimate interest, in order to provide you with exceptional service.

Consent, where applicable.

Preferences for Properties, Clubs, and FacilitiesWhen you are staying with us, we want to make sure that we can provide you with services to enhance your Marriott experience. To do this, we may retain your preferences for our properties, clubs, and facilities, based on your past stay preferences, of our kids’ clubs, nanny services, spa and beauty services, golf, restaurant and fitness facilities.

Legitimate interest, in order to provide you with exceptional service.

Consent, where applicable.

Dietary PreferencesWhen you stay with us, we want to ensure that you are safe, that we are looking after your wellbeing, and to provide you with services to enhance your Marriott experience. For example, we may make a note of your dining or beverage preferences so that we are prepared if you request room service or dine at one of our cafes or restaurants.

Legitimate interest, in order to provide you with exceptional service.

Consent, where applicable.

HOW AND WHEN WE SHARE YOUR DATA

Our goal is to provide you with the highest level of hospitality and Services, and to do so, we share Personal Data and Other Data with the following third parties:

  • Marriott Group. We disclose Personal Data and Other Data to other companies within the Marriott Group (PDF) Open in a new browser tab for the purposes described in this Privacy Statement, such as providing and personalizing the Services, communication with you, facilitating the loyalty programs and to accomplish our business purposes. We share your Personal Data and Other Data used for making a reservation with the applicable property and Marriott entity to fulfill and complete your reservation.
  • Service Providers: We disclose Personal Data and Other Data to third party service providers including, for example, companies that provide website hosting, data analysis, payment processing, order fulfillment, information technology and related infrastructure provision, customer service, email delivery, marketing, auditing and other services. To see our Privacy Shield Policy related to Disclosures to Service Providers, please go to our Privacy Shield Policy for Guest Data.
  • Franchisees. We disclose Personal Data and Other Data to Franchisees of Marriott Group branded properties for the purposes described in this Global Privacy Statement. Franchisees have a limited right to use certain Personal Data for their own purposes and therefore qualify as independent data controllers for the following processing: Franchisees manage and coordinate your stay at hotels that they operate so they may use your Personal Data for that purpose. Franchisees may also use your Personal Data for compliance with their own legal obligations, including maintaining books & records.
  • Owners: We disclose Personal Data and Other Data to Owners of Marriott Group branded properties for the purposes described in this Global Privacy Statement. Owners have a limited right to use certain Personal Data for their own purposes and therefore qualify as independent data controllers for the following processing: Owners may use your Personal Data for complying with their own legal obligations, including maintaining books & records.
  • Homes and Villas Property Management Companies. We disclose Personal Data and Other Data to Homes and Villas Property Management Companies and their service providers for the purpose described in this Privacy Statement, such as providing, facilitating, and personalizing the Services, facilitating the loyalty programs and their own marketing.
  • Authorized Licensees. Where allowed by law we disclose Personal Data and Other Data to our Authorized Licensees, including Ritz-Carleton Yacht Collection and Marriott Vacations Worldwide, for the purposes described in this Privacy Statement, such as providing and personalizing the Services, fulfilling your requests and providing their own marketing. For example, this sharing enables you to purchase Marriott branded goods and services, including time share properties.
  • On-Property and/or Travel Partners: We may share your information with spa, restaurant, health club, concierge and other outlets at our properties to provide you with services and their own marketing, such as with Disney Destinations, LLC and Walt Disney Travel Company when you stay at one of our properties affiliated with Walt Disney World®. This sharing also enables us to provide you with a single source for purchasing packages that include travel-related services, such as airline tickets, rental cars and vacation packages.
  • Strategic Business Partners. As allowed by applicable law, we disclose Personal Data and Other Data with select Strategic Business Partners who provide goods, services and offers that we believe will be of interest to you. By sharing data with these Strategic Business Partners, we are able to make personalized services and unique travel experiences available to you.
  • Linked Accounts and Promotional Activity. We partner with certain third parties that allow you to enroll in their services or participate in their promotions. For example, certain companies allow you to use your loyalty program number or Online Services login to receive or register for their services. These companies include airlines and rental car providers, as well as sponsors of sweepstakes and contests. Additionally, your social media account provider allows you to connect your social media account to your Online Services account or log into your Online Services account from your social media account. When you enroll in those services, we disclose your Personal Data and Other Data to those third parties. If you do not want us to share your Personal Data or Other Data in this way, do not provide your loyalty program number to third parties, do not use your Online Services login to register for third-party promotions, and do not connect your Online Services account with accounts on third-party services. Data shared in this way will be governed by the third party’s privacy policy and not this Privacy Statement.
  • eFolio Program. If you are an employee of a company that participates in the Marriott Group eFolio Program and book your room using a company corporate code or pay for your expenses using a corporate credit card, an extract of your folio detailing the goods and services provided to you may be sent to your company and to the credit card company. This Privacy Statement does not apply to the handling of your Personal Data by your employer, and any credit card company or bank, and we are not responsible for their practices.

Other Uses and Disclosures:

We will use and disclose Personal Data as we believe to be necessary or appropriate: (a) to comply with applicable law, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public and government authorities, including authorities outside your country of residence and to meet national security or law enforcement requirements; (d) to enforce our terms and conditions; (e) to protect our operations, such as in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of the Marriott Group business, assets or stock (including any bankruptcy or similar proceedings); (f) to protect the rights, privacy, safety or property of the Marriott Group, you or others; and (g) to allow us to pursue available remedies or limit the damages that we may sustain.

We may use and disclose Other Data for any purpose, except where we are not allowed to under applicable law.

Back to top

YOUR DATA, YOUR CHOICES: YOUR PRIVACY PREFERENCES & RIGHTS

At Marriott, we believe that you should have choices with respect to your data. We provide you with the options, information, and choices below to express your preferences: what and how much you share with us and when and how you hear from us.

Communications and Preferences

  • To change how, how often, we or our partners communicate with you, please sign into your loyalty account profile and select Communication Preferences.
  • You can also use the unsubscribe link at the bottom of any of our communications.
  • If you no longer wish to receive marketing-related emails, you may opt out by visiting our unsubscribe page at https://www.marriott.com/profile/email/unsubscribeChallenge.mi or by following the instructions in any such email you receive from us.
  • In addition, you can opt out from marketing-related emails by sending a letter to: Internet Customer Care – Unsubscribe, 1818 North 90 Street, Omaha, Nebraska 68114-1315 USA.
  • NOTE: Even if you choose to opt out of marketing-related emails, we will continue to send you transactional messages about your reservations or stays, including pre-arrival, confirmation and guest satisfaction surveys.
  • If you want to adjust your Stay Preferences, log into your loyalty account and choose Room Options, Stay Preferences.

Cookies and Other Data

For information on your choices related to Cookies and Other Data, please see the Section on Cookies and Other Data, above.

How You Can Request to Access, Change, Delete, Restrict the Use or Object to the Processing of Your Personal Data

If you would like to request to access, change, delete, restrict the use of, or object to the processing of your Personal Data that you have previously provided to us, or if you would like to receive an electronic copy of your Personal Data for purposes of transmitting it to another company (to the extent these rights are provided to you by law), please visit our Individual Rights Portal and complete this form Open in a new browser tab. If you have any questions about the form or our process, feel free to contact us at privacy@marriott.com. Please see also, Contact Us.

For your protection, we only fulfill requests for the Personal Data associated with the email address and/or loyalty account number that you identify in your request, and we may need to verify your identity before fulfilling certain requests. When permitted by law, we may charge an appropriate fee to cover the costs of responding to your request.

Marriott acknowledges and respects our guests’ privacy and we will try to comply with your request as soon as reasonably practicable and consistent with applicable law.

Notice for California Residents: Customers who reside in California and have provided their Personal Data to us can request, once per calendar year, information about our sharing of certain categories of Personal Data to third parties and within the Marriott Group, for direct marketing purposes. Such requests should be submitted to us at privacy@marriott.com. California residents can find more information on exercising their rights under the CCPA by reading our California Consumer Privacy Statement or by calling 1-800-218-9316.

Notice for Nevada Residents: To exercise your individual rights under the Nevada Privacy Law (NRS Ch. 603A, Sec. 2(2)), please visit our Individual Rights Portal and complete this form Open in a new browser tab.

If you have given us consent in relation to particular action or activities, you can withdraw your consent at any time by contacting us as indicated in Section “Contact Us” below.

Back to top

OTHER IMPORTANT PROVISIONS

Non-Marriott Group Entities

This Privacy Statement does not address, and we are not responsible for the privacy, data, or other practices of any entities outside of the Marriott Group, including Franchisees, Owners, Homes and Villas Property Management Companies, Authorized Licensees, Strategic Business Partners, or any third party operating any site or service to which the Services link, payment service, loyalty program, or website that is the landing page of the high-speed Internet providers at our properties. The inclusion of a link on the Online Services does not imply endorsement of the linked site or service by us. We generally have no control over, and are not responsible for, any third party’s collection, use and disclosure of your Personal Data.

In addition, we are not responsible for the data collection, use, disclosure, or security policies or practices of other organizations, such as Facebook, Apple, Google, Microsoft, RIM or any other app developer, app provider, social media platform provider, operating system provider, wireless service provider or device manufacturer, including with respect to any Personal Data you disclose to other organizations through or the Apps or our social media pages.

Security

We seek to use reasonable organizational, technical and administrative measures to protect Personal Data. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of your account has been compromised), please immediately notify us in accordance with the “Contact Us” section, below.

Retention

We will retain your Personal Data for the period necessary to fulfill the purposes outlined in this Privacy Statement unless a longer retention period is required or permitted by law.

The criteria used to determine our retention periods include:

  • The length of time we have an ongoing relationship with you and provide the Services to you (for example, for as long as you have an account with us or keep using the Services)
  • Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them)
  • Whether retention is advisable considering our legal position (such as, for statutes of limitations, litigation or regulatory investigations)

Sensitive Data

Unless specifically requested, we ask that you not send us, and you not disclose, on or through the Services or otherwise to us, any Sensitive Personal Data (e.g., social security number, taxpayer identification number, passport number, driver’s license number, or other government-issued identification number; credit or debit card details or financial account number, with or without any code or password that would permit access to the account, credit history; or information on race, religion, ethnicity, sex life or practices or sexual orientation, medical or health information, genetic or biometric information, biometric templates, political or philosophical beliefs, political party or trade union membership, background check information, judicial data such as criminal records, or information on other judicial or administrative proceedings).

Use of Services by Minors

The Services are not directed to individuals under the age of sixteen (16), and we request that they not provide Personal Data through the Services.

Cross-Border Transfer

The Marriott Group is a global organization and provides a global service. Sharing data cross-border is essential to the Services so that you receive the same high-quality service wherever you are in the world. As a result, we will, subject to law, transfer Personal Data and Other Data collected in connection with the Services, to entities in countries where data protection standards may differ from those in the country where you reside. By making a reservation, visiting or staying at a Marriott branded property or using any Marriott Group branded service, you understand that we transfer your Personal Data globally.

In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries will be entitled to access your Personal Data.

Some of the non-EEA countries are recognized by the European Commission as providing an adequate level of data protection according to EEA standards (the full list of these countries is available here) Open in a new browser tab.

Privacy Shield Certification

Marriott International, Inc. and certain of its U.S. affiliates have certified to the EU-U.S. and Swiss-U.S. Privacy Shield frameworks Open in a new browser tab, regarding the collection, use, and retention of personal information transferred from the EEA, Switzerland, and the United Kingdom to the United States. Our certifications can be found at: www.privacyshield.gov/list Open in a new browser tab. For more information about the Privacy Shield principles, please visit: www.privacyshield.gov Open in a new browser tab. Our Privacy Shield Guest Privacy Policy can be found here. In some circumstances we may also transfer data by entering into Standard Contractual Clauses.

For additional information about our complaints management practices and contacts, please refer to our Privacy Shield Guest Privacy Policy. Because your email communications to us may not always be secure, please do not include credit card or Sensitive Data in your emails to us.

Updates to This Privacy Statement

The “Last Updated” legend at the top of this page indicates when this Privacy Statement was last revised. Any changes will become effective when we post the revised Privacy Statement on the Online Services. If you would like to review the version of the Privacy Statement that was effective immediately prior to this revision, please contact us at privacy@marriott.com.

Back to top

CONTACT US

If you have any questions about this Privacy Statement, please contact us at privacy@marriott.com, or by mail:

Marriott International, Inc.
Global Compliance, Privacy
10400 Fernwood Road
Bethesda, MD 20817
United States of America

Marriott Hotels Limited
Global Compliance
Barnard’s Inn
86 Fetter Lane
London EC4A 1EN
United Kingdom
 

Additional Information

DATA CONTROLLER

The Marriott Group acts as an independent Data Controller with our owners and franchisees, who have a limited right to use the Data we collect as described below:

Owners: As the hotel you are booked to stay in may not be owned by the Marriott Group we disclose Data to owners of Marriott Group branded properties for the purposes described in this Global Privacy Statement. Owners have a limited right to use certain Personal Data for their own purposes and therefore qualify as independent Data Controllers in order to comply with their own legal obligations, including maintaining books & records.

Franchisees: In addition, some Marriott-branded hotels are owned and operated under a franchise agreement with the Marriott Group. As such,we disclose Data to franchisees of Marriott Group branded properties for the purposes described in this Global Privacy Statement. Franchisees have a limited right to use certain Personal Data for their own purposes and therefore qualify as independent data controllers for the purposes of managing and coordinating your stay at hotels, and for complying with their own legal obligations, including maintaining books & records.

You can also:

Back to top