Skip to Content

Privacy Centre

 

Last Updated: 19 March 2024

 

Marriott Group Global Privacy Statement

The Marriott Group values you as our guest and recognises that privacy is important to you. We want you to be familiar with how we collect, use, and disclose your Personal and Other Data (collectively, “Data”).

 

Data Covered by this Privacy Statement
The Data We Collect
The Online and Mobile Data We Collect
How and Where We Collect Your Data
Why We Collect Your Data
How and When We Share Your Data
Your Data, Your Choices: Your Privacy Preferences & Rights
Other Important Provisions
Contact Us
Related Links

California and Colorado Privacy Statement

Washington and Nevada Consumer Health Data Privacy Statement

Privacy Preferences

At Marriott, we respect your privacy and want to provide you with the options, information, and choices below to express your preferences: what and how much you share with us and when and how you hear from us.

We want to learn what is relevant to you and ensure you have a personalised experience. As described in more detail in our Global Privacy Statement, we use digital tools like cookies and tags on our webpages. Cookies help us provide, protect, and improve our services. To adjust your preferences, please visit our Tracking Preferences page.

We want to engage with you in a way that is valuable to you, including how often you want to hear from us. To set your preferences, please sign in to your loyalty account profile and select Communication Preferences. To unsubscribe from marketing emails, you can use the link at the bottom of those communications. NOTE: Even if you choose to opt out of marketing communications, we will continue to send you transactional messages, such as information about your reservations or stays, including confirmation and pre-arrival emails, and account security updates.

Individual Rights

If you are afforded Individual Rights under applicable law, you can exercise these rights by completing the required form in our Individual Rights Portal here↗, or by contacting our DPO at MarriottDPO@marriott.com.

These rights will allow you or your authorised agent to request access, correction, deletion, restriction, portability, or objection to the processing of your Personal Data. You may also appeal our decision regarding your Individual Rights request (to the extent these rights are provided to you by law).

Do Not Sell, Do Not Share, and/or Opt-out of Targeted Advertising

If these rights are available to you under applicable U.S. State law, you can exercise your rights to opt-out of the sale and/or sharing of your Personal Data, or opt-out of the use of your Personal Data for targeted advertising by visiting Marriott’s “Your Privacy Choices” page.

Additional Information

For your protection, we only fulfil requests for the Personal Data associated with the email address and/or loyalty account number that you identify in your request, and we may need to verify your identity before fulfilling certain requests. When permitted by law, we may charge an appropriate fee to cover the costs of responding to your request.

We will try to comply with your request as soon as reasonably practicable and consistent with applicable law. Please note that all Individual Rights may not be available under applicable law to all our guests or other users of our Services.

Contact Us

If you have any questions about Your Privacy Choices or Individual Rights, please contact us at privacy@marriott.com, or by mail at:

Marriott International, Inc.
Global Compliance, Privacy
7750 Wisconsin Avenue
Bethesda, MD 20814
United States of America

If you live in the European Union or European Economic Area, the data controller is Luxury Reservations Limited, with an address of:

Luxury Reservations Limited
10 Earlsfort Terrace
Dublin D02 T380
Ireland

If you live in the United Kingdom, the data controller is:

Marriott Hotels Limited
3 More London Riverside, 4th Floor
London SE1 2AQ
England

DATA COVERED BY THIS PRIVACY STATEMENT

This Privacy Statement describes the privacy practices of the Marriott Group for Data that we collect:

 

  • through websites operated by us from which you can access this Privacy Statement, including Marriott.com and other websites owned or controlled by the Marriott Group (collectively, our Websites);
  • through the software applications (including automated tools and chat functionalities) made available by us for use on or through computers and mobile devices (collectively, our Apps);
  • through our social media pages that we control from which you can access this Privacy Statement (collectively, our Social Media Pages);
  • through email messages that we send you that link to this Privacy Statement and through your communications with us online or in person;
  • from third parties such as Authorised Licensees, Owners, and Franchisees, and from Other Sources, such as public databases, marketing partners, and other third parties; and
  • when you visit or stay as a guest at one of our properties, or at homes and villas offered on the Homes and Villas by Marriott International platform (Homes and Villas), or through other offline interactions (collectively, Property Visits and Offline Interactions).

 

Collectively, we refer to our Websites, our Apps, and our Social Media Pages, as the “Online Services” and, together with the Property Visits and Offline Interactions, the “Services”.

 

THE DATA WE COLLECT

At touchpoints throughout your guest journey, we collect Personal Data in accordance with the law, and to provide you with exemplary services. Personal Data is information that may identify you as an individual or relate to you as an identifiable individual. We collect and process the following types of Personal Data about you:
 

General Identifying Information
Including full name, postal address, e-mail address, telephone number, social media account ID, profile photo and other data made publicly available, or data made available by linking your social media and loyalty accounts, or other similar identifiers.

 

Demographic Information and Important Dates
Including gender, language preferences, nationality, birthdays, anniversaries, or special occasions.

 

Government-Issued Identification
Including passport, visa, or other government-issued identification (and the Personal Data contained therein).

 

Financial Information
Including credit, debit, or other payment data.

 

Loyalty Programme Information
Including membership or loyalty programme data, co-branded payment cards information, and travel partner programme affiliations.

 

Travel Information
Including prior guest stays or interactions (including interactions via our chat functionalities), goods and services purchased, special service and amenity requests, travel itinerary, tour group information, activity data, or employer details (for business-related bookings).

 

Claims Information
Including insurance information, emergency contacts, complaints, or employment details (for worker’s compensation claims).

 

In more limited circumstances, we may also collect:

 

  • Data about family members and companions (including names, and ages of children);
  • Biometric data; and
  • Images, videos, and audio data via: (a) recordings of your voice (such as when we record customer service calls for quality assurance); (b) security cameras located in public areas, such as hallways and lobbies, in our properties; and (c) body-worn cameras carried by our loss prevention officers and other security personnel.

 

We may also collect information about your "Stay Preferences" that we use to make your current and future stays and experience with us more enjoyable, including information about your interests and other relevant information that we learn about you during your stay. This may also include any likes and dislikes about our services so that we can improve our services, and specific dietary, health restrictions or personal needs to provide for your wellbeing. We may also collect your “Personal Preferences", which may include details of your special anniversaries (such as your birthday or wedding anniversary), what type of activities you prefer to take part in when staying with us, your hobbies and your preferences exhibited through your use of Online Services. Personal Preferences may also include details about who you usually travel with, their relationship to you, and your marital status.

 

If you submit any Personal Data about other people to us or our Service Providers (e.g. if you make a reservation for another individual), you represent that you have the authority to do so and you permit us to use the data in accordance with this Privacy Statement.

 

THE ONLINE AND MOBILE DATA WE COLLECT

We may also collect “Other Data” that does not directly identify you. To the extent Other Data reveal your specific identity or relate to an individual, we will treat Other Data as Personal Data.

 

Other Data includes:

 

System Data: When you use both desktop and mobile devices to access the Online Services, we collect certain data through your browser or automatically through your device, such as your computer type, screen resolution, operating system name and version, device manufacturer and model, language, internet browser type and version and the name and version of the Online Services you are using.

 

IP Address: We also collect your IP address, a number that is automatically assigned to the device that you are using by your Internet Service Provider (ISP). An IP address is identified and logged automatically in our server log files when a user accesses the Online Services, along with the time of the visit and the pages that were visited. We use IP addresses to calculate usage levels, diagnose server problems and administer the Online Services. We also may derive your approximate location from your IP address.

 

Precise Location-Based Services: With your consent, we may collect the precise geolocation of your device by using satellite, cell tower, Wi-Fi signals, or other technologies. We will collect this data if you opt-in through the App or other program (either during your initial login or later) to improve special offers and to enable location-driven capabilities on your device. If you have opted-in to share your location, the App or other program will continue to collect location data based on how you choose to share the data. 

 

  • Precise Location Choices: You can specify via your device operating system (such as through the “Settings” icon) to always share location data, only when the App is in use, or never. If you choose only when the App is in use, we will have access to the data until you log off or close the application or until you use your phone or other devices settings to disable location capabilities for the App or another program.

 

Cookies and Similar Technologies on our Websites:


When you visit our Websites from either a desktop or mobile device, we may collect and use cookies or other identifiers to serve you with personal advertisements for Marriott and third-party products, via email, on our Websites, or on other websites on the Internet; to measure how you interact with our Websites; and to maintain your preferences. We do this primarily through cookies, which are pieces of data stored directly on the computer or mobile device that you are using. We do not currently respond to browser do-not-track signals. Marriott recognises the Global Privacy Control.

 

You can learn more about cookies at: http://www.allaboutcookies.org/manage-cookies/index.html↗.

 

In general, we use four different types of cookies:

 

  • Strictly Necessary Cookies: These cookies are necessary to enable the basic features of our Websites and Apps, such as providing a secure log-in or booking a stay.
  • Functional Cookies: These cookies allow our Websites and Apps to remember your site preferences and choices you make on the site. We also use functional cookies to facilitate navigation, to display content more effectively, and/or to personalise your experience.
  • Advertising Cookies: Advertising cookies allow us to select which advertisements or offers are most likely to appeal to you. We also use them to track responses to online advertisements and marketing, and we may use them to better understand your interests so we can present you with relevant messages and offers. These cookies may also allow you to share certain pages with social networks.
  • Analytics Cookies: Analytics cookies help us improve our Websites and Apps by collecting and reporting information on how you use it.

 

Cookie Choices

 

There are several ways to opt-out of cookies, if however, you do not accept any cookies, you may experience some inconvenience in your use of the Online Services. For example, we will not be able to recognise your computer, and you will need to log in every time you visit. You will not receive advertising or other offers from us that are relevant to your interests. Marriott recognises the Global Privacy Control.

 

There are several ways to manage cookies:

 

1. Browser settings: You can opt out of cookies on your browser. Every browser is different, please check the instructions provided by your browser.

2. Through our Tracking Preferences site.

3. Google and Adobe Analytics: We collect data through Google Analytics and Adobe Analytics, which use cookies and technologies to collect and analyse data about use of the Online Services. These services also collect data regarding the use of other websites, apps, and online resources. You can learn about Google’s practices by going to www.google.com/policies/privacy/partners/↗ and opt out by downloading the Google Analytics opt out browser add-on, available at https://tools.google.com/dlpage/gaoptout↗. You can learn more about Adobe and opt out by visiting http://www.adobe.com/privacy/opt-out.html↗.

 

Advertising Choices

 

We may use third-party advertising companies to serve advertisements on our Websites, Apps, and other websites regarding both Marriott and third-party goods and services that may interest you when you access and use the Online Services or other websites or online services. You may receive advertisements based on information relating to your access to and use of the Online Services and other websites or online services on any of your devices, as well as on information received from third parties.

 

To serve such advertisements, these companies place or recognise a unique cookie on your browser (including through use of pixel tags). They also use these technologies, along with information they collect about your online use, to recognise you across the devices you use, such as a mobile phone and a laptop. If you would like more information about this practice, and to learn about your choices in connection with it, please visit http://www.networkadvertising.org/managing/opt_out.asp↗ and http://www.aboutads.info/↗, http://www.youronlinechoices.eu↗ or https://business.safety.google/privacy/↗.

 

For any advertising in our Apps, you may download the AppChoices app at https://youradchoices.com/appchoices↗ to opt out.

 

For the advertisements you see on the Online Services, you can also opt-out:

 

 

For California and Colorado Residents, please see our California and Colorado Privacy Statement to learn more about how we Sell and Share Other Information for Purposes of Cross-Context Behavioural Advertising.

 

Apps and Mobile Devices

 

We collect certain data when you download and/or use an App, such as App usage data, the date and time the App on your device accesses our servers, and what data and files have been downloaded to the App based on your device id. We use this data to ensure that the Online Services function properly.

 

Our Apps may also contain software development kits (SDKs) from third parties which may collect and transmit data to enable various features in the App.

 

With your consent if required by the operating system and/or applicable law, we may also collect mobile device advertising identifiers to enhance and personalise your experience and deliver relevant products, content, or ads to show you on our Websites, Apps, or through external advertising.

 

If you use our automated chat functionalities or AI-powered chat technologies, we collect the Personal Data that you submit to provide, improve, or develop the chat functionality, so we can better respond to your and other customers’ future interactions. If you choose to use our automated chat functionalities, you understand that Marriott and our third-party service providers will be using the information in the chat for quality and training purposes.

 

Optional App Features: Our Apps may contain optional features made available to developers by the device’s operating system. To improve your experience, we may require your permission for the use of your device’s location, camera, or other functions (e.g. using your device’s camera to capture your credit card information). You may choose not to allow the use of such functions, in which case the App features relying on such functions may not be available to you. Go to your device settings to manage these permissions. 

 

Aggregated and Segmented Data

 

We may aggregate data that we collect, and this aggregated data will not personally identify you or any other user. We may also use both Personal Data and Other Data to divide customers into segments, or groups, to provide more relevant advertising, including third-party advertising.

 

HOW AND WHERE WE COLLECT YOUR DATA

This Privacy Statement describes the privacy practices of the Marriott Group for Personal and Other Data that we collect through the following:

 

  • Marriott Group. We collect Personal Data and Other Data from other companies within the Marriott Group for the purposes described in this Privacy Statement, such as providing and personalising the Services, communicating with you, facilitating the loyalty programmes and to accomplish our business purposes.
  • Owners, Franchisees & Joint Ventures. We collect Personal Data and Other Data from Owners of Marriott Group branded properties that we manage, from Franchisees of Marriott Group branded properties that are independently owned and operated under a franchise agreement with us, and from Joint Venture Partners. Owners and Franchisees are independent from the Marriott Group. Franchisees include their third-party operators and management companies.
  • Owners of hotels associated with Design Hotels. We collect Personal Data and Other Data from Owners of hotels associated with Design Hotels which are independently owned and operated and enter into a service and membership agreement with us
  • Homes and Villas Property Management Companies. We collect Personal Data and Other Data from companies and their service providers who manage Homes and Villas properties, your booking of Homes and Villas, and to provide additional support to you during your stay at Homes and Villas (“Homes and Villas Property Management Companies”). Homes and Villas Property Management Companies are independent from the Marriott Group.
  • Authorised Licensees. We collect Personal Data and Other Data from companies when we enter into a licence or similar agreement to sell goods and services under a Marriott Group brand (“Authorised Licensees”). Examples of Authorised Licensees include our time share partner, Marriott Vacations Worldwide Corporation, Cruise Yacht Optco Ltd. d/b/a The Ritz-Carlton Yacht Collection, developers of Marriott Group branded real estate including Hotel Residences and Apartments, select MGM Resorts International properties in the U.S. and Canada, and co-branded credit card partners. Authorised Licensees are independent from the Marriott Group.
  • On-Property and/or Travel Providers. We may collect your Personal Data and Other Data from spa, restaurant, health club, concierge, and other outlets at our properties.
  • Linked Accounts. We collect Personal Data and Other Data when you use your loyalty programme number or Online Services login to receive or register for certain third-party services. These companies include businesses such as airlines and rental car providers, and restaurant reservation and car services partners. Additionally, your social media account provider allows you to connect your social media account to your Online Services account or log into your Online Services account from your social media account. When you enrol in those services, we disclose your Personal Data and Other Data to those third parties. If you do not want us to collect your Personal Data or Other Data in this way, do not provide your loyalty programme number to third parties, do not use your Online Services login to register for third-party promotions, and do not connect your Online Services account with accounts on third-party services.
  • Promotional Activity. We collect Personal Data and Other Data from third parties who may provide promotions to you, such as sweepstakes, contests, or other offers.
  • eFolio Programme. If you are an employee of a company that participates in the Marriott Group eFolio Programme and book your room using a company corporate code or pay for your expenses using a corporate credit card, we may collect Personal Data and Other Data related to your stay or employment. This Privacy Statement does not apply to the handling of your Personal Data by your employer, credit card company or bank, and we are not responsible for their practices.
  • Other Sources & Service Providers. We collect Personal Data and Other Data from various third parties, such as public databases, joint marketing partners, financial service providers, online travel agencies and providers. 
  • Online Services. We collect Personal or Other Data when you interact with our Online Services, by performing such actions as, but not limited to, browsing, making a reservation, purchasing goods and services from our Websites or Apps, communicating with us (including via our automated chat functionalities or AI-powered technologies) or otherwise connecting with us or posting to social media pages, or signing up for a newsletter or participating in a survey, contest, or promotional offer.
  • Customer Care Centres. We collect Personal Data when you make a reservation over the phone, communicate with us by email, fax, or via online chat services or contact customer service. These communications may be recorded for purposes of quality assurance and training.
  • Internet-Connected Devices. We collect Personal and Other Data from internet-connected devices available in our properties. Examples include when you connect a device to the hotel’s internet, or when a smart home assistant may be available for your use to tailor your accommodations and experience.

 

WHY WE COLLECT YOUR DATA (LEGAL BASES)

Please note that in some jurisdictions you must agree to the collection of your Personal Data for Marriott to provide its Services.

PURPOSE
DESCRIPTION OF ACTIVITIES ASSOCIATED WITH PURPOSE
LEGAL BASES (WHERE APPLICABLE)

Booking & Guest Registration

There are a number of activities associated with this purpose, such as: facilitating reservations and bookings of hotel accommodations and related services; engaging in prearrival communications (logistics, changes, preferences, etc.); and processing payments and security deposits. Performance of contract for the individual with the guest booking the room

Legitimate interests for the individual booking the room, for example, honouring his/her preferences, as well as for any individuals accompanying the primary guest (e.g. spouse, children, friends)

Legal obligations relating to financial transactions, such as the obligation to maintain books and records

On-Site Reception & Stay Services

There are a number of activities associated with this purpose, such as: facilitating check-in and check-out; processing payments; providing consistent and personalised service and advice about the on-site services (based on past usage or expressed preferences); providing concierge, luggage storage and parking services; making arrangements with third-party providers on behalf of guests (such as coordinating tours and other sightseeing excursions; arranging taxi, shuttle and chauffeur services; and facilitating reservations and bookings at restaurants and events); administering and facilitating access to Wi-Fi, TV and other connectivity services (including access to business centre amenities, such as fax and photocopying services) and entertainment systems (such as PlayStations and music players); facilitating in-room dining (including taking into account any dietary, health restrictions or other personal needs expressed by the guest); housekeeping services (including preferences for housekeeping frequency, special pillows, duvets and other amenities expressed by the guest) and dry-cleaning services; handling customer requests, enquiries and complaints (including providing our automated chat functionalities or AI-powered technologies for customers to make requests or enquiries); and determining eligibility for age restricted goods and services (such as alcohol or in-room adult entertainment). Performance of contract, such as processing payments

Legitimate interests, such as honouring the guest’s preferences (e.g. for a room near the elevator or on a top floor)

Consent, such as collecting information regarding dietary preferences that the guest chooses to provide

Legal obligations, such as collecting national ID numbers where legally required

Meetings & Events

There are a number of activities associated with this purpose, such as: communicating with planners and participants about meetings or events (“Events”); facilitating booking Events and associated participant reservations via all booking channels; engaging in pre- and post-Event communications (logistics, accommodations, changes, payments, etc.); preparing for and coordinating Events in accordance with group, planner, or participant instructions, expectations and preferences; assigning guest rooms; facilitating catering; facilitating use of third-party vendors (including audiovisual and transportation providers); receiving and shipping Event-related materials and equipment; communicating about billing and recovering amounts owed; collecting or processing payments, security deposits, and commissions; performing credit checks; handling group, planner, or participant requests, enquiries and complaints; and communicating with participants before, during, and after Events. Performance of contract, such as collecting information about an Event

Legitimate interests, such as responding to customer complaints or concerns relating to an Event

Legal obligations relating to financial transactions, such as the obligation to maintain books and records

Marriott Operations & General Business

There are a number of activities associated with this purpose, such as: administering customer-care services to facilitate and address enquiries, comments and complaints about any of our services (such as in person, through phone lines, email, or on social media); handling security and fraud prevention; administering online services (including troubleshooting, data analysis, testing, system maintenance, support, reporting and the hosting of data); monitoring and analysing usage of services and using data analytics or AI to improve services, marketing, programmes, overall customer experience, gathering feedback, carrying out pilot programmes for potential new services and both developing new and improving existing services (including by analysing information you provide via automated chat functionalities or AI-powered technologies); and facilitating mergers, acquisitions and other reorganisations and restructurings of our business (including prospective transactions). Performance of contract, such as checking that the Online Services are functioning so that individuals can make reservations or manage loyalty accounts

Legitimate interests, such as responding to customer complaints and concerns which may include, where applicable law permits, recording customer service calls

Consent, such as for marketing programmes

Legal obligations relating to financial transactions, such as the obligation to maintain books and records

Emergency & Incident Response

There are a number of activities associated with this purpose, such as: providing for the security of on-site services; responding to, handling and documenting on-site accidents and medical and other emergencies (including facilitating in-house doctor services); actively monitoring properties to ensure adequate incident prevention, response and documentation (including CCTV and body-worn cameras); requesting assistance from emergency services; and sending notifications and alerts in the event of incidents or emergencies (such as via SMS, email, call, audio-visual device prompts, etc.). Performance of contract, such as providing for the safety of guests and personnel through interactions with on-site security personnel

Legitimate interests, such as monitoring properties through CCTV and body-worn cameras to provide for the safety of guests and personnel

Legal obligations, such as documenting onsite accidents

Individuals’ vital interests, such as contacting medical or emergency services for an ill guest

Legal & Compliance

There are a number of activities associated with this purpose, such as: complying with applicable laws; complying with legal processes; responding to requests from public and government authorities; meeting national security or law enforcement requirements; enforcing our terms and conditions; protecting our operations; protecting the rights, privacy, safety, or property of the Marriott Group, guests, visitors and other relevant individuals; and allowing us to pursue available legal remedies and limiting the damages that Marriott may sustain. Legal obligations, such as complying with legal processes

Legitimate interests, such as enforcing terms and conditions to protect trademarks

Individuals’ vital interests, such as contacting emergency services in case of disturbances and incidents involving guests

Spa & Beauty Services

There are a number of activities associated with this purpose, such as: facilitating reservations and bookings; determining eligibility for services; honouring disability or other health-related restrictions and providing appropriate and safe activities, services and treatments; providing consistent and personalised service based on past usage and preferences expressed by the individual; processing payments; arranging requested professionals for specific treatments and services; and handling customer requests, enquiries and complaints. Performance of contract, such as processing payments

Consent, such as collecting information about back problems when providing massage services

Legitimate interests, such as providing personalised services (e.g. offering a specific treatment based on past activity)

Legal obligations relating to financial transactions, such as the obligation to maintain books and records

Individuals’ vital interests (e.g. when an individual becomes ill while receiving treatment)

Fitness & Recreation Services

There are a number of activities associated with this purpose, such as: facilitating reservations and bookings; determining eligibility for services; honouring restrictions and providing appropriate and safe activities and services; providing consistent and personalised service based on past usage and preferences expressed by the individual; processing payments; and handling customer requests, enquiries and complaints. Performance of contract, such as processing payments

Consent, such as collecting information about past injuries during a fitness consultation

Legitimate interests, such as providing personalised services (e.g. presenting fitness/recreation offers and/or opportunities based on past activity)

Legal obligations relating to financial transactions, such as the obligation to maintain books and records

Individuals’ vital interests (e.g. when an individual becomes ill while using the fitness equipment)

Golf & Resort Membership Services

There are a number of activities associated with this purpose, such as: facilitating tee-time reservations and other resort member event bookings; providing consistent and personalised service based on past usage and preferences expressed by the individual; processing payments; and handling customer requests, enquiries and complaints. Performance of contract, such as processing payments

Consent, such as collecting information about preferences and family members when initiating a resort membership

Legitimate interests, such as providing personalised services (e.g. offering resort membership opportunities based on past activity)

Legal obligations relating to financial transactions, such as the obligation to maintain books and records

Individuals’ vital interests (e.g. when an individual becomes ill while frequenting the resort)

Food & Beverage Services

There are a number of activities associated with this purpose, such as: facilitating reservations; honouring dietary preferences; providing consistent and personalised service based on past usage and preferences expressed by the individual; processing payments; arranging reservations; and handling customer requests, enquiries, and complaints. Performance of contract, such as processing payments

Consent, such as collecting information about dietary or other restrictions, or personal needs of a guest when ordering food

Legitimate interests, such as providing personalised services (e.g. offering red wine to a guest based on previous requests)

Legal obligations relating to financial transactions, such as the obligation to maintain books and records

Individuals’ vital interests (e.g. when an individual becomes ill in one of the restaurants)

Child-Related Services (for Parents & Legal Guardians)

There are a number of activities associated with this purpose, such as: facilitating babysitting/hotel nanny, kids club and junior golf programme services; facilitating reservations and bookings; preparing for and coordinating hotel accommodations and services in accordance with guest preferences, instructions and expectations; processing payment and billing services; providing child-friendly dining services (for example, special menus for children or special discounts for breakfast for children under a certain age). Performance of contract, such as having a child of a certain age stay in the room with his/her parents, resulting in extra charges or discounts

Consent of parent or legal guardian, such as accommodating needs of children according to a parent’s instructions

Legitimate interests, such as providing a crib or child-sized bathrobes and other amenities for children

Legal obligations relating to financial transactions, such as the obligation to maintain books and records

Individuals’ vital interests, such as when a child becomes ill while participating in a kids’ club

Loyalty Programmes, Accounts, & Relationship Management

There are a number of activities associated with this purpose, such as: registering users in loyalty and other client account programmes and payment card programmes; determining eligibility for various programmes and related services; administering loyalty programmes; providing consistent and personalised offers and services based on past usage and preferences expressed or exhibited by members; ensuring access to Online Services; processing payments; notifying members about changes to programmes, terms and conditions; and handling members’ requests, enquiries and complaints. Performance of contract, such as assessing points and distributing benefits

Consent, such as honouring the mode of communication preferences (e.g. email, SMS)

Legitimate interests, such as managing members’ choices regarding how they wish to earn, track, and use points

Legal obligations relating to financial transactions such as the obligation to maintain books and records

Marketing, Promotions, Contests & Third-Party Products

There are a number of activities associated with this purpose, such as: communicating about products and services that may be of interest to guests; providing personalised advertisements for products and services on selected websites; facilitating participation in sweepstakes, contests and other promotions (such as best vacation photo contests on social media); and handling customer requests, enquiries and complaints. Performance of a contract, such as fulfilling obligations associated with a contest

Consent, such as honouring the mode of communication preferences (e.g. email, SMS)

Legitimate interests, such as providing advertisements for similar products and services

Legal obligations, such as handling information consistent with rules relating to sweepstakes

MORE INFORMATION ABOUT YOUR PERSONAL PREFERENCES

Our goal is to serve you better and meet your expectations and preferred level of hospitality at each stage, from the moment that you book with us through to when you check out. See below to learn more.

PERSONAL PREFERENCES
PURPOSES
LEGAL BASES (WHERE APPLICABLE)

Anniversaries

When you stay with us, we want to help you celebrate any special occasion, such as an anniversary, birthday. For example, we may make a note of these dates to allow us to provide you with a birthday or anniversary gift. Legitimate interest, in order to provide you with exceptional service

Consent

Activity type and hobbies (such as trips to beach, babysitting, fitness, travel and transport details, kids’ club, theatre, restaurant etc.)

We want to provide you with services that enhance your Marriott experience. To do this, we may retain your preferences about the types of activities that you like to take part in, so that we are able to offer you similar experiences when you are planning to stay or do stay with us in the future. Legitimate interest, in order to provide you with exceptional service

Consent

Relationships (husband, wife, son, daughter, etc.)

We understand that your Preferences may change depending on who you are travelling with (such as your preferred room type). We may keep a record of your relationships to assist us with making your Marriott stay as comfortable as possible. For example, if we know you are travelling with small children, we can proactively plan for additional accommodations such as a crib or roll-away bed. Legitimate interest, in order to provide you with exceptional service

Consent

Preferences for properties, clubs, and facilities

When you are staying with us, we want to make sure that we can provide you with services to enhance your Marriott experience. To do this, we may retain your preferences for our properties, clubs, and facilities, based on your past stay preferences, of our kids’ clubs, nanny services, spa and beauty services, golf, restaurant, and fitness facilities. Legitimate interest, in order to provide you with exceptional service

Consent

Dietary preferences

When you stay with us, we want to ensure that you are safe, that we are looking after your wellbeing, and to provide you with services to enhance your Marriott experience. For example, we may make a note of your dining or beverage preferences so that we are prepared if you request room service or dine at one of our cafes or restaurants. Legitimate interest, in order to provide you with exceptional service

Consent

HOW AND WHEN WE SHARE YOUR DATA

Our goal is to provide you with the highest level of hospitality and Services, and to do so, we may share Personal Data and Other Data with the following:

 

  • Marriott Group. We disclose Personal Data and Other Data to other companies within the Marriott Group for the purposes described in this Privacy Statement, such as providing and personalising the Services, communicating with you, facilitating the loyalty programmes and to accomplish our business purposes. We share your Personal Data and Other Data used for making reservations with the applicable property and Marriott entity to fulfil and complete your reservation.
  • Franchisees. We disclose Personal Data and Other Data to Franchisees of Marriott Group branded properties for the purposes described in this Privacy Statement. Franchisees have a limited right to use certain Personal Data for their own purposes and therefore qualify as independent data controllers for the following processing: Franchisees manage and coordinate your stay at hotels that they operate so they may use your Personal Data for that purpose. Franchisees may also use your Personal Data for compliance with their own legal obligations, including maintaining books & records and other compliance obligations.
  • Owners. We disclose Personal Data and Other Data to Owners of Marriott Group branded properties for the purposes described in this Privacy Statement. Owners have a limited right to use certain Personal Data for their own purposes and therefore qualify as independent data controllers for the following processing: Owners may use your Personal Data for complying with their own legal obligations, including maintaining books & records and other compliance obligations.
  • Owners of hotels associated with Design Hotels. We disclose Personal Data and Other Data to Owners of hotels associated with Design Hotels when you book a stay at one of these hotels. These Owners have rights to use Personal Data for their own purposes and therefore qualify as independent controllers for the processing of Personal Data related to a booking at a hotel associated with Design Hotels. If available, please read the Privacy Statement of the hotel to understand the privacy practices of the hotel.
  • Homes and Villas Property Management Companies. We disclose Personal Data and Other Data to Homes and Villas Property Management Companies and their service providers for the purpose described in this Privacy Statement, such as providing, facilitating, and personalising the Services, facilitating the loyalty programmes and their own marketing.
  • Authorised Licensees. Where allowed by law or where you make a request for services with an Authorised Licensee, we disclose Personal Data and Other Data to our Authorised Licensees, including Marriott Vacations Worldwide, Ritz-Carlton Yacht Collection, Marriott Group branded real estate including Hotel Residences and Apartments, co-branded credit cards from American Express, select MGM Resorts International properties in the U.S. and Canada, Chase and other banks, for the purposes described in this Privacy Statement, such as providing and personalising the Services, fulfilling your requests and providing their own marketing. For example, this sharing enables you to purchase Marriott branded goods and services, including time share properties and Marriott Group branded real estate.

 

o Select Authorised Licensees as defined in the Marriott Bonvoy Communication Preferences means Marriott Vacations Worldwide Corporation and international co-branded credit cards.

 

  • On-Property and/or Travel Providers. We may share your information with spa, restaurant, health club, concierge, and other outlets at our properties to provide you with services and their own marketing such as with Disney Destinations, LLC and Walt Disney Travel Company when you stay at one of our properties affiliated with Walt Disney World®. This sharing also enables us to provide you with a single source for purchasing packages that include travel-related services, such as airline tickets, rental cars, and vacation packages.
  • Linked Accounts and Travel Insurance. We partner with certain third parties that allow you to enrol in their services or purchase their products. For example, certain companies allow you to use your loyalty programme number or Online Services login to receive or register for their services. These companies include businesses such as airlines and rental car providers, restaurant reservation and car services partners, and certain Authorised Licensees. Additionally, your social media account provider allows you to connect your social media account to your Online Services account or log into your Online Services account from your social media account. When you enrol in those services or purchase their products, we disclose your Personal Data and Other Data to those third parties. If you do not want us to share your Personal Data or Other Data in this way, do not provide your loyalty programme number to third parties, do not use your Online Services login to register for third-party promotions, and do not connect your Online Services account with accounts on third-party services. We may also share your Personal Data with Travel Insurance companies when you choose to purchase their products. Data shared in this way will be governed by the third-party’s privacy policy and not this Privacy Statement.
  • Promotional Activity. We partner with third parties who may provide promotions to you, such as sweepstakes, contests, or other offers.
  • eFolio Programme. If you are an employee of a company that participates in the Marriott Group eFolio Programme and book your room using a company corporate code or pay for your expenses using a corporate credit card, an extract of your folio detailing the goods and services provided to you may be sent to your company and to the credit card company. This Privacy Statement does not apply to the handling of your Personal Data by your employer, credit card company or bank, and we are not responsible for their practices.
  • Service Providers. We disclose Personal Data and Other Data to third-party service providers including, for example, companies that provide website hosting, automated chat functionalities or AI-powered technologies, data analysis, payment processing, order fulfilment, information technology and related infrastructure provision, customer service, email delivery, marketing, auditing, and other services. 

 

Other Uses and Disclosures:

 

We will use and disclose Personal Data as we believe to be necessary or appropriate: (a) to comply with applicable law, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public and government authorities, including authorities outside your country of residence and to meet national security or law enforcement requirements; (d) to enforce our terms and conditions; (e) to protect our operations, such as in the event of any reorganisation, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of the Marriott Group business, assets or stock (including any bankruptcy or similar proceedings); (f) to protect the rights, privacy, safety or property of the Marriott Group, you or others; and (g) to allow us to pursue available remedies or limit the damages that we may sustain.

 

We may use and disclose Other Data for any purpose, except where we are not allowed to under applicable law.

 

YOUR PRIVACY CHOICES AND COMMUNICATION PREFERENCES

At Marriott, we believe that you should have choices with respect to your data. We provide you with the options, information, and choices below to express your preferences: what and how much you share with us and when and how you hear from us.

 

Communication Preferences

 

  • If you no longer wish to receive marketing-related emails, you may opt out by visiting our unsubscribe page or by following the instructions in any such email you receive from us.
  • In addition, you can opt out from marketing-related emails by sending a letter to: Internet Customer Care – Unsubscribe, 1818 North 90 Street, Omaha, Nebraska 68114-1315 USA or Luxury Reservations Limited - Unsubscribe, 10 Earlsfort Terrace, Dublin D02 T380, Ireland
  • NOTE: Even if you choose to opt out of marketing-related emails, we will continue to send you transactional messages, such as information about your reservations or stays, including confirmation and pre-arrival emails, or account security updates.
  • If you are a Bonvoy member, to change how we or our partners communicate with you via email or other channels, please sign into your loyalty account profile, and select Communication Preferences.
  • If you want to adjust any other preferences, login to your loyalty account, select Profile, and scroll down to Preferences Section.

 

Cookies and Other Data

 

For information on your choices related to Cookies and Other Data, please see the Section on Cookies and Similar Technologies on our Websites, above.

 

Your Privacy Choices & Individual Rights

 

Individual Rights

 

If you are afforded Individual Rights under applicable law you can exercise these rights by completing the form in our Individual Rights Portal here↗, or by contacting our DPO at MarriottDPO@marriott.com.

 

These rights will allow you or your authorised agent to request access, correction, deletion, restriction, portability, or objection to the processing of your Personal Data. You may also appeal our decision regarding your Individual Rights request (to the extent these rights are provided to you by law).

 

Do Not Sell, Do Not Share, and/or Opt-out of Targeted Advertising

If these rights are available to you under applicable U.S. State law, you can exercise your rights to opt-out of the sale and/or sharing of your Personal Data, or opt-out of the use of your Personal Data for targeted advertising by visiting Marriott’s “Your Privacy Choices” page.

 

Additional Information

 

For your protection, we only fulfil requests for the Personal Data associated with the email address and/or loyalty account number that you identify in your request, and we may need to verify your identity before fulfilling certain requests. When permitted by law, we may charge an appropriate fee to cover the costs of responding to your request.

 

We will try to comply with your request as soon as reasonably practicable and consistent with applicable law. Please note that all individual rights may not be available under applicable law to all our guests or other users of our Services.

 

California Shine the Light Law

 

Customers who reside in California and have provided their Personal Data to us can request, once per calendar year, information about our sharing of certain categories of Personal Data to third parties and within the Marriott Group, for direct marketing purposes. Such requests should be submitted to us at privacy@marriott.com.

 

Contact Us

 

If you have any questions about our Individual Rights Portal or process, please contact us at privacy@marriott.com, or by mail at:

 

Marriott International, Inc.
Global Compliance, Privacy
7750 Wisconsin Avenue
Bethesda, MD 20814
United States of America

 

OTHER IMPORTANT PROVISIONS

Non-Marriott Group Entities

 

This Privacy Statement does not address, and we are not responsible for the privacy, data, or other practices of any entities outside of the Marriott Group, including Franchisees, Owners, Homes and Villas Property Management Companies, Authorised Licensees, or any third-party operating any site or service to which the Services link, payment service, loyalty programme, or website that is the landing page of the high-speed Internet providers at our properties. The inclusion of a link on the Online Services does not imply endorsement of the linked site or service by us. We generally have no control over, and are not responsible for, any third-party’s collection, use and disclosure of your Personal Data.

 

In addition, we are not responsible for the data collection, use, disclosure, or security policies or practices of other organisations, such as Meta, Apple, Google, Microsoft, or any other app developer, app provider, social media platform provider, operating system provider, wireless service provider or device manufacturer, including with respect to any Personal Data you disclose to other organisations through or the Apps or our social media pages.

 

Security

 

We seek to use reasonable organisational, technical, and administrative measures to protect Personal Data. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of your account has been compromised), please immediately notify us in accordance with the “Contact Us” section, below.

 

Retention

 

We will retain your Personal Data for the period necessary to fulfil the purposes outlined in this Privacy Statement unless a longer retention period is required or permitted by law.

 

The criteria used to determine our retention periods include:

 

  • The length of time we have an ongoing relationship with you and provide the Services to you (for example, for as long as you have an account with us or keep using the Services and for as long as necessary to satisfy the terms of the Bonvoy programme);
  • Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them); and
  • Whether retention is advisable considering our legal position (such as, for statutes of limitations, litigation, or regulatory investigations).

 

Sensitive Data

 

We only collect Sensitive Personal Data which may be necessary to perform reasonably expected services or as required by law. Unless we explicitly request that you provide Sensitive Personal Data, we ask that you not send and/or disclose to us on or through the Services (or in your emails to us) any Sensitive Personal Data (e.g. social security number, taxpayer identification number, passport number, driver’s licence number, or other government-issued identification number; credit or debit card details or financial account number, with or without any code or password that would permit access to the account, credit history; or information on race, religion, ethnicity, sex life or practices or sexual orientation, medical or health information, genetic or biometric information, biometric templates, political or philosophical beliefs, political party or trade union membership, background check information, judicial data such as criminal records, or information on other judicial or administrative proceedings).

 

Use of Services by Minors

 

The Services are not intended for children, and we do not knowingly solicit or collect Personal Data from children under the age of sixteen (16) without parental consent. For residents of India, we do not knowingly solicit or collect Personal Data from children under the age of eighteen (18) without parental consent. We request that children not provide Personal Data through the Services.

 

International Data Transfers

 

The Marriott Group is a global organisation and provides a global service. Transferring data internationally is essential to the Services so that you receive the same high-quality service wherever you are in the world. As a result, we will, subject to applicable law, transfer Personal Data and Other Data collected in connection with the Services, to entities in countries where data protection standards may differ from those in the country where you reside, including outside the EEA, the UK, or Switzerland. By making a reservation, visiting, or staying at a Marriott branded property or using any Marriott Group branded service, you understand that we transfer your Personal Data globally. The Marriott Group enters into Standard Contractual Clauses or another approved mechanism for cross-border transfer where appropriate.

 

In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries may be entitled to access your Personal Data.

 

Some of the countries are recognised by the European Commission as providing an adequate level of data protection according to EEA standards (the full list of these countries is available here↗). For the UK, the full list of countries recognised by the UK government as adequate is available here↗.

 

EU-U.S. Data Privacy Framework Certification

 

Marriott International, Inc. and certain of its U.S. Affiliates have certified to the U.S. Department of Commerce that they adhere to EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of Personal Data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. Marriott U.S. has also certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of Personal Data received from Switzerland in reliance on the Swiss-U.S. DPF.

 

Our certifications can be found at: https://www.dataprivacyframework.gov/s/participant-search↗. For more information about the Data Privacy Framework principles, please visit: https://www.dataprivacyframework.gov/s/↗. Our Data Privacy Framework Guest Privacy Statement can be found here. In some circumstances, we may also transfer data by signing Standard Contractual Clauses.

 

For additional information about our complaints management practices and contact information, please refer to our Data Privacy Framework Guest Privacy Statement.

 

Updates to This Privacy Statement

 

The “Last Updated” legend at the top of this page indicates when this Privacy Statement was last revised. Changes will become effective when we post the revised Privacy Statement on the Online Services. If you would like to review the immediately prior version of this Statement, please contact us at privacy@marriott.com.

 

CONTACT US

If you have any questions or would like to submit a complaint regarding Marriott’s collection, maintenance, use, deletion, or disclosure of your Personal Data, please contact us at privacy@marriott.com.

 

If you live in the United States or any other country outside of the European Economic Area, the United Kingdom, or Switzerland, the data controller responsible for your personal data is Marriott International, Inc. with an address of:

 

Marriott International, Inc.
Global Compliance, Privacy
7750 Wisconsin Avenue
Bethesda, MD 20814
United States of America

 

If you live in the European Economic Area, the United Kingdom, or Switzerland, the data controller is Luxury Reservations Limited, with an address of:

 

Luxury Reservations Limited
10 Earlsfort Terrace
Dublin D02 T380
Ireland

 

If you live in the United Kingdom, the data controller is:

 

Marriott Hotels Limited
3 More London Riverside, 4th Floor
London SE1 2AQ
England

 

Additional Information

 

DATA CONTROLLER

 

The Marriott Group acts as an independent data controller in relation to our Owners and Franchisees, who have a limited right to use the Personal Data and Other Data we collect as described below:

 

Owners: As the hotel you are booked to stay in may not be owned by the Marriott Group, we disclose Data to owners of Marriott Group branded properties for the purposes described in this Privacy Statement. Owners have a limited right to use certain Personal Data for their own purposes and therefore qualify as independent data controllers in order to comply with their own legal obligations, including maintaining books & records and other compliance obligations.

 

Franchisees: In addition, some Marriott-branded hotels are owned and operated under a franchise agreement with the Marriott Group. As such, we disclose Personal Data to Franchisees of Marriott Group branded properties for the purposes described in this Privacy Statement. Franchisees have a limited right to use certain Personal Data for their own purposes and therefore qualify as independent data controllers for the purposes of managing and coordinating your stay at hotels, and for complying with their own legal obligations, including maintaining books & records and other compliance obligations.

 

You can also:

 

  • Contact our data protection officer (“DPO”) responsible for your country or region via MarriottDPO@marriott.com. In your email header, please indicate the country from which you are contacting us.
  • Lodge a complaint with a data protection authority for your country or region or where an alleged infringement of applicable data protection laws occurs. For the EEA, a list of the national data protection authorities can be found here↗. For the UK, the responsible data protection authority is the Information Commissioner’s Office (ICO), more details about which can be found on the ICO website↗.