The privacy and security of your information is very important to us. Whether you are booking a room or are a member of one of our loyalty programmes, we want you to trust that the information that you have provided to us is being properly managed and protected.
We have prepared this Privacy Statement to explain more about who we are and how we collect and manage your information.
Who we are
This Privacy Statement is issued by the InterContinental Hotels Group of Companies (collectively referred to as "IHG”, "we”, "us” or "our” in this Privacy Statement), which includes the direct and indirect subsidiaries of InterContinental Hotels Group PLC and covers information collected and used by us in the course of our business. When we mention "IHG", "we", "us", or "our" we are referring to the relevant company in the InterContinental Hotels Group that processes your personal information.
Your information may also be collected and used by IHG-branded hotels. In most cases these hotels are independently owned and their use of your information is only covered in this Privacy Statement where specifically noted.
If you would like to learn more about IHG and our relationship with our IHG-branded hotels, click below.
We are a global hospitality company with IHG-branded hotels in nearly 100 countries. We predominantly franchise our brands to, and manage hotels on behalf of, independent third-party owners. We also operate a number of programmes that are related to our hotel business such as IHG Rewards Club, which is our core loyalty programme.
We franchise our brands to, and manage hotels on behalf of, third-party owners. Most hotels operating under IHG’s brands are independently owned and operated by parties that have entered into a franchise agreement with IHG that allows them to use an IHG brand for the purposes of operating a hotel (referred to as “Franchisees” or “Franchised Hotels”). If you make a reservation through us to stay at an IHG-branded hotel, we will share your information with that hotel. However, as IHG-branded hotels are not owned or controlled by IHG, their use of your information will be governed by their own privacy practices and is only covered in this Privacy Statement where specifically noted.
Information we collect and how we use and share it
You do not have to provide us with your information although in some cases, if you do not, it may mean that you are unable to use our services. For example, we may be unable to complete any booking you may wish to make, or you may be unable to participate in our loyalty programmes.
To learn more about how we collect, use and share your information, please click the relevant section below.
Information we collect: We collect information from you when you make a booking through our reservation system or stay at an IHG-branded hotel. Information collected during the course of the reservation and during your stay may include:
- Your name, email address, home and business address, phone number, nationality and payment card information;
- Information relating to your membership in one of our services or programmes or those of our programme partners such as your IHG® Rewards Club number or frequent flier number; and
- Information such as stay and room preferences made during the course of your reservation such as your preferred room type and specific requests to the hotel.
This information may be provided to us directly when you make a reservation through one of our global reservation offices, through our websites, directly at the hotel or through our mobile applications. In some cases we will receive this information from a third-party, such as when you book through an online travel agency or if information is provided directly to one of our Franchisees.
How we use this information: We use the information collected from you primarily to fulfil your hotel reservation. Prior to your stay this may include sending your information to the hotel or sending you pre-stay communications. Following your stay, we may also send you post-stay communications and satisfaction surveys to get feedback on your experience.
In some instances where we have your consent or where permitted under applicable law, we may send you marketing communications (which may include text messages or calls placed using autodialer technology) for products and services that we believe would be relevant for you. We also may use information related to your stay to display targeted advertisements on our websites or on third-party websites or to send you more relevant messaging. Additionally, we use this information for purposes of aggregated trend and statistical analysis to evaluate and improve our products and services, plan new hotel locations and services and other market research.
Who we share your information with: We will share your information with the hotel you are staying at to fulfil your reservation. We may also share your information with third-party service providers to provide services in relation to our business as well as to help us improve our products and services. For example, we might use a third party or a third-party product for the purposes of market research and data analytics, or share data with online partners we work with, so we, or our online partners on our behalf, can communicate with you and serve advertisements through their platforms or on other websites or platforms. In certain instances, subject to local consent requirements, third-party service providers may also assist us with various marketing campaigns. These companies are authorised to use your personal information only as necessary to provide these services to us. We may also share your information with third parties, including our IHG® Rewards Club partners and other third parties, to extend special offers about their own products and services to you. These parties have agreed to comply with our privacy requirements. If you do not want us to share your personal information with these companies, contact our global customer care offices or the IHG Privacy Office (details found in the "How to contact us" section).
We also share your stay information with other third parties in circumstances such as:
- when we believe in good faith that the disclosure is required by law or to protect the safety of hotel guests, employees, the public or IHG property;
- when disclosure is required to comply with a judicial proceeding, court order, subpoena, warrant or legal process; or
- in the event of a merger, asset sale, or other related transaction.
Information we collect: We collect information from you during the course of your membership in any of our loyalty programmes and services, including our core loyalty programme, IHG® Rewards Club. Information collected during the course of your enrolment and participation in these programmes may include:
- Your name, email address, home and business address, phone number, nationality, birthday and payment card information;
- Your membership number and pin as well as details of your memberships with any of our programme partners such as our airline or car rental partners;
- Information that you choose to provide in your loyalty profile, such as your personal stay and destination preferences; and
- Marketing preferences, including how you prefer to be contacted by IHG as well as what types of information you are interested in hearing about.
This information may be provided to us directly through our global reservation and customer care offices, through our websites, via social media, directly at the hotel or through our mobile applications. In some cases we may receive this information from a third party, such as one of our Franchisees. We may also collect information from other sources, such as publicly available information, to help identify what types of marketing information you may be interested in hearing about.
How we use this information: We use your information to operate and provide services in connection with our loyalty programmes. We also use your information to improve our products and services.
This may include:
- Enrolment in the loyalty programme;
- The order and delivery of merchandise that you have redeemed online;
- Sending you updates, account statements and other information relating to your participation in one of our programmes or services;
- Sending you marketing communications (which may include text messages or calls placed using autodialler technology) in relation to the products and services offered by IHG or its third-party partners or affiliates;
- Providing you with personalised advertisements or communications for IHG products or services that we believe may be relevant for you; and
- Analytics, statistical analysis and other research.
Although provision of much of the information requested is voluntary, the failure to provide certain information may impact and/or prevent our ability to offer you certain services.
How you can manage your marketing preferences: You can manage your preferences and decide what marketing communications you would like to receive from us in our online preference centre. You can visit our preference centre here or find out more information here.
In addition you can opt out of collection of your personal information for use in targeted advertising. Please click here for more information on how to do this.
We also recommend you routinely review the privacy notices and preference settings that are available to you on any social media platforms as well as your preferences within your Rewards Club account.
Who we share your information with: During the course of your participation in our loyalty programmes, it may be necessary to share your information with third parties such as our third-party partners and service providers for the purposes of operating the programme and to provide you with the products and services that you have requested. We also use third-party service providers to assist us with managing, carrying out and improving our advertising. These companies are authorised to use your personal information only as necessary to provide these services to us. We may also share your information with third parties, including our IHG® Rewards Club partners and other third parties, to extend special offers about their own products and services to you. These parties have agreed to comply with our privacy requirements. If you do not want us to share your personal information with these companies, contact our global customer care offices or the IHG Privacy Office (details found in the "How to contact us" section).
Information we collect: We collect information from you when you sign up to receive corporate news or shareholder documents. Information collected may include:
- Information relating to your registration for corporate news such as your name, email address, profession, country/region and email service preferences for news; and
- Information relating to the receipt of shareholder documents such as your initials, surname, postcode, shareholder account number, email address and password for shareholder communications.
This information may be provided to us directly when you sign up for corporate news or shareholder documents on our corporate site.
How we use this information: We use the information collected from you to provide you with corporate news and shareholder documents for which you have signed up. For corporate news, you may change your communication preferences in accordance with the “Managing your communication preferences” section below.
Who we share your information with: We may share your information with third parties who provide services on our behalf to help with our corporate site and our shareholder functions. These services may include the provision of shareholder documents. These companies are authorized to use your personal information only as necessary to provide these services to us. If you do not want us to share your personal information with these companies, contact our global customer care offices or the IHG Privacy Office (details found in the “How to contact us" section).
We will also share your information with other third parties in circumstances, such as:
- when we believe in good faith that the disclosure is required by law or to protect the safety of hotel guests, employees, the public or IHG property;
- when disclosure is required to comply with a judicial proceeding, court order, subpoena, warrant or legal process; or
- in the event of a merger, asset sale, or other related transaction.
There are other times when we collect and use personal information, for example if you choose to participate in one of our competitions or sweepstakes, sign up to receive our newsletters or other special offers and promotions, download one of our mobile applications or participate in one of our other services. In these instances, we will collect information from you for running and administering the respective competition, sweepstakes or service that you have elected to participate in. The information collected may include personal details such as your name and address as well as certain demographic information. In each case, we will collect, use and secure your information in a manner consistent with the general principles set out in this Privacy Statement unless we tell you otherwise.
We also collect information from you when you browse our website, use our mobile applications or participate in certain services at an IHG-branded hotel. In these instances, information such as your country information, internet protocol ("IP”) address, media access control address and other characteristics about your system or device may be automatically collected. This information is collected for functional purposes as well as to improve your experience when using these services. This information may also be used for aggregated trend and statistical analysis, and for showing you more relevant advertisements and messages. More information on these practices can be found in the "Using our websites, mobile applications and other technology” section below.
The legal basis for processing your personal data
We are committed to collecting and using your information in accordance with applicable data protection laws.
We will only collect, use and share your information where we are satisfied that we have an appropriate legal basis to do this.
This may be because:
- you have provided your consent to us using the personal information;
- our use of your information is necessary to perform our contract with you, for example, making and managing your booking and operating and providing services in connection with our Loyalty Programme in accordance with the terms of our agreement with you;
- our use of your information is necessary to meet responsibilities we have to our regulators, tax officials, law enforcement, or otherwise meet our legal responsibilities;
- our use of your information is in our legitimate interest as a commercial organisation, for example to operate and improve our services and to keep people informed about our products and services (including for profiling and targeted advertising) - in these cases we will look after your information at all times in a way that is proportionate and respects your privacy rights and you have a right to object to processing as explained in "To object to how we use your information".
If you would like to find out more about the legal basis for which we process personal information please contact our offices (details found in the “How to contact us" section). If you have provided your consent to our processing of your information you can withdraw this consent at any time by contacting the IHG Privacy Office (details found in the “How to contact us" section).
As we operate via a global network of corporate offices, reservation and service centres, data centres and hotels, it may be necessary to transfer your information to a country outside of the country where it was originally collected or outside of your country of residence or nationality. The information that you provide us during the course of a reservation or through the provision of any other services may be transferred to any of our IHG-owned or affiliated entities and hotels around the world for the purposes of carrying out or facilitating these services. It will also be necessary to transfer this information to third parties, including, without limitation, our Franchisees, partners and third-party service providers.
Where we transfer information which originates in the European Union ("EU") to a country outside of the EU, we will take steps to make sure such transfer is carefully managed to protect your privacy rights:
- transfers within the IHG Group will be covered by an agreement entered into by members of the IHG Group (an intra-group agreement) which contractually obliges each member to ensure that your information receives an adequate and consistent level of protection wherever it is transferred within the IHG Group;
- where we transfer your data outside of the IHG Group including to other companies providing us with a service, we will obtain contractual commitments and assurances from them to protect your information. Some of these assurances are well recognised certification schemes such as standard contractual clauses and the EU - U.S. Privacy Shield for the protection of personal information transferred from within the EU to the United States of America;
- we will only transfer personal information to countries which are recognised as providing an adequate level of legal protection or where we can be satisfied that alternative arrangements are in place to protect your privacy rights; and
- any requests for information we receive from law enforcement or regulators will be carefully validated before personal information is disclosed.
Using our websites, mobile applications and other technology
We may receive information about your location during the course of and for the purpose of providing you the services described above through your use of our websites and mobile applications. For example, if you are using our mobile applications and have consented to sharing your location information with us, this information might be collected through GPS or Bluetooth technologies to enable us to provide certain services to you such as customised offers and promotions. In addition to your use of our websites and mobile applications, we may also receive location information from wireless networks or cellular towers in proximity to your mobile device, through your Internet protocol (“IP”) address or through your use of other services we provide at our hotels. We may also have access to location information that you provide to us through your use of social media, such as when you “tweet” your location. Your location preferences can be set or modified at the device level or through modifying your settings with the relevant social media platform.
We receive information about you when you use our mobile applications. Some information such as your device manufacturer, type and operating system version are collected automatically, while other information is only collected if you choose to provide it, such as your location information. Where we process and use your personal information in connection with any mobile applications, we will do this in line with the general principles outlined in this Statement unless we tell you otherwise.
If you use our mobile app, we also send you push notifications from time-to-time in order to update you about any events or promotions that we may be running. If you no longer wish to receive these types of communications, you may turn them off at the device level. To ensure you receive proper notifications, we will need to collect certain information about your device such as operating system and user identification information.
We use mobile analytics software to allow us to better understand the functionality of our mobile applications on your phone. This software may record information such as how often you use the application, the events that occur within the application, aggregated usage, performance data, and where the application was downloaded from. We do not link the information we store within the analytics software to any personally identifiable information you submit within the mobile application.
We may use information from online sources, such as websites, social media and information sharing platforms. This information may be used to help tailor and improve our services and communicate with you effectively, as we know many of our customers use a range of media channels to communicate and share information.
We may use various social media features such as the Facebook “Like” button on our websites and mobile applications. Certain information may be shared or otherwise provided to us through your use of these features in conjunction with our services and programmes. Subject to your account and privacy settings, we may also be able to see information that you post when using these social media platforms whether or not you are using one of our services. In some instances, depending on the circumstances, we may contact you on these social media platforms. The information you post on social media sites as well as the controls surrounding these disclosures are governed by the respective policies of these third parties.
Where we use information from these sources, we will respect any permissions you have set about how you would like your information to be used for each source.
We recommend you routinely review the privacy notices and preference settings that are available to you on any social media platforms To learn more about opting out of certain types of targeted advertising, please see the “Managing cookies and opting out” section above.
Use of WI-FI services (IHG Connect)
When you use the IHG Connect WI-FI service (IHG Connect), we may collect and process certain additional information.
What information we collect
- Registration and User-Provided Information: When you register to use IHG Connect, we may collect personal information about you including your IHG Rewards Club number. You may also provide us with personal information about you in various ways when you use IHG Connect, for example, when you send us customer service-related requests.
- Device Identifiers. In the course of providing the IHG Connect, we may automatically collect a device identifier (such as your IP address, MAC Address or other unique identifier) for the computer, mobile device, technology or other device you use to access IHG Connect. A device identifier is a number that is automatically assigned to your device when you access IHG Connect, and we may identify your device by its device identifier. When you use IHG Connect, we may view your device identifier and use this information to enhance our service. We may associate your device identifier with other information about you, such as your IHG Rewards Club number.
- Other device information: We may also automatically record certain information from your device including, device type, the web pages, apps or sites that you visit, and the dates and times that you visit, access, or use IHG Connect. While generally this information is pseudonymous and/or aggregated, this information may be associated with your IHG Rewards Club number and/or other IHG service account information or persistent identifiers. This data helps us to manage our networks and provides us with information about the use of IHG Connect. We do not, however, collect and process the contents of email communications or other electronic communications you send or receive when using IHG Connect.
- Location information: We may collect information about your location through your use of the WI-FI services we provide at our hotels to enable us to improve our service and provide certain services to you such as customized offers and promotions.
How We Use the Information We Collect
We use personal information only for the purposes described in this Policy, except if otherwise disclosed to you at the time the data is collected or further authorized by law or by you.
- We use the personal information that we collect through IHG Connect to operate, maintain, enhance and provide all features of the service, to provide services and information that you request, to respond to comments and questions and to provide support to users.
We use the personal information that we collect through IHG Connect to understand and analyze the usage trends and preferences of our users, to improve the IHG Connect service, and to develop new products, services, features, and functionality. If you provide your contact information or your IHG Rewards club number, we may send you personalized offers based on your web usage and location. You can opt-out of receiving these offers when signing in to use the IHG Connect service or at any time within your IHG Rewards account. Please see the 'Managing your preferences and information' section below.
Using Personal Information to create profiles
As described in the section above in relation to cookies, we have relationships with third parties such as Google and Facebook which enable us to serve targeted advertising. In addition to the activities described under the heading Targeted Advertising above, we also match Facebook and Google users across sites and devices which enables us to better understand your interests. We use this information to enable us to tailor our marketing communications to you so we can make sure we tell you about things which are most likely to be of interest to you. You can opt-out of receiving these offers when signing in to use the IHG Connect service or at any time within your IHG Rewards account. Please see the 'Managing your preferences and information' section below.
How we secure your information
We are committed to protecting the confidentiality and security of the information that you provide to us. To do this, technical, physical and organisational security measures are put in place to protect against any unauthorised access, disclosure, damage or loss of your information. The collection, transmission and storage of information can never be guaranteed to be completely secure, however, we take steps to ensure that appropriate security safeguards are in place to protect your information.
Managing your preferences and information
We want to ensure that you have the necessary tools at your disposal to control the information that you provide to us, including how we communicate with you. It is also important that you contact us to update your information if any of it is inaccurate or changes. Please click the relevant section below to learn more about how to control how we communicate with you and how to update, modify and delete your information.
Through the provision of the services described above, we and in some instances our Franchisees, third-party partners and service providers, may communicate with you in relation to a reservation, as a member of any of our loyalty programmes, through online digital services (e.g. online advertising, social media communications), or to support any other services that we provide.
In some instances, especially if you are a member of IHG® Rewards Club or an InterContinental Ambassador, you can go to your account, sign in and click on the “Communication Preferences” section to revise your communication preferences. IHG® Rewards Club members can also contact any of our IHG Rewards Club Service Centres. Additionally, the option to unsubscribe from marketing communications will be included within the communication itself. In all other cases, or if you are having difficulties with unsubscribing from any particular communication, please contact one of our global customer care offices or the IHG Privacy Office (details found in the “How to contact us section”).
Please be aware that unsubscribing from one type of communication may not unsubscribe you from another type. Likewise, unsubscribing from our communications may not mean that you are unsubscribed from certain communications carried out independently by our Franchisees.
In the event any information that you provide to us is inaccurate, changes or you would like this information deleted, your information can be updated by contacting one of our global customer care offices. In some instances, especially if you are an IHG® Rewards Club or InterContinental Ambassador member, you can update certain aspects of your personal information by going to your account, signing in and clicking on the “Personal Information” section to update and amend your personal information. For all other cases, please contact the IHG Privacy Office (details found in the “How to contact us section”). We will respond to your request within a reasonable timeframe.
Please note that in some instances it may not be possible to delete certain pieces of your information and a portion of the information may be needed for suppression purposes. In other instances, we may not have the ability to delete certain pieces of information that are stored on our systems or that have been provided to third parties in connection with the services discussed in this Privacy Statement.
California residents may request a list of certain third parties to which we have disclosed personally identifiable information about you for their own direct marketing purposes. You may make one request per calendar year. In your request, please attest to the fact that you are a California resident and provide a current California address for your response. You may request this information in writing by contacting us through one of the methods listed under the “How to contact us” section. Please allow up to thirty (30) days for a response.
Our websites are not intended for children and we do not intentionally solicit or collect personal information from individuals under the age of 18. If we are notified or otherwise discover that a minor’s personal information has been improperly collected, we will take all commercially reasonable steps to delete that information. In limited instances, we may have a campaign or program targeted toward children. In these instances, details on the information practices will be presented within the terms and conditions of the program or campaign.
Retaining your information in our systems
We maintain a data retention policy which we apply to the records we hold.
How to contact us
For any questions or concerns regarding this Privacy Statement or our data privacy practices, please contact us:
- By email: firstname.lastname@example.org
- By post:
InterContinental Hotels Group
Attn: Privacy Office
Three Ravinia Drive
Atlanta, Georgia 30346
- By phone: 1-770-604-8347
- By fax: 1-770-604-5275
You may also contact our Data Protection Officer by emailing email@example.com.
To the extent permitted under the local law, you may also use the above contact details to request access to any of your personal information that is held by IHG. These requests will be reviewed and processed in line with the local law.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider here.
Where EU data protection laws apply, you have a right to lodge a complaint with your local data protection supervisory authority at any time. However, we ask that you please try to resolve any issues with us first before referring your complaint to the supervisory authority.
Your rights under EU data protection laws
You have legal rights under EU data protection laws in relation to your personal information. Click on the links below to learn more about each right you may have. To exercise any of your rights please contact our Data Protection Officer by emailing firstname.lastname@example.org.
- To access personal information
You can ask us to confirm whether or not we have and are using your personal information and for a copy of your information.
- To correct / erase personal information
You can ask us to correct any information about you which is incorrect. We will be happy to rectify such information but would need to verify the accuracy of the information first.
You can ask us to erase your information if you think we no longer need to use it for the purpose we collected it from you. You can also ask us to erase your information if you have either withdrawn your consent to us using your information (if we originally asked for your consent to use your information), or exercised your right to object to further legitimate use of your information, or where we have used it unlawfully or where we are subject to a legal obligation to erase your personal information.
We may not always be able to comply with your request, for example where we need to keep using your information to comply with our legal obligation or where we need to use your information to establish, exercise or defend legal claims.
- To restrict how we use personal information
You can ask us to restrict our use of your information in certain circumstances, for example:
- where you think the information is inaccurate and we need to verify it;
- where our use of your information is not lawful but you do not want us to erase it;
- where the information is no longer required for the purposes for which it was collected but we need it to establish, exercise or defend legal claims; or
- where you have objected to our use of your personal information but we still need to verify if we have overriding grounds to use it.
We can continue to use your information following a request for restriction where we have your consent to use it; or we need to use it to establish, exercise or defend legal claims, or we need to use it to protect the rights of another individual or a company.
- To object to how we use your information
You can object to any use of your information which we have justified on the basis of our legitimate interest, if you believe your fundamental rights and freedoms to data protection outweigh our legitimate interest in using the information. If you raise an objection, we may continue to use your information if we can demonstrate that we have compelling legitimate interests to use the information.
You can also require us to stop using your data for direct marketing purposes.
- To ask us to transfer your information to another organisation
You can ask us to provide your personal information to you in a structured, commonly used, machine-readable format, or you can ask to have it transferred directly to another data controller (e.g. another company).
You may only exercise this right where we use your information in order to perform a contract with you, or where we asked for your consent to use your information. This right does not apply to any information which we hold or process that is not held in digital form.
- Right to obtain a copy of personal information safeguards used for transfers outside your jurisdiction
You can ask to obtain a copy of, or reference to, the safeguards under which your personal information is transferred outside of the European Union.
We may redact data transfer agreements to protect commercial terms.
We may ask you for proof of identity when making a request to exercise any of these rights. We do this to make sure that we only disclose information where we know we are dealing with the right individual.
We will not ask for a fee, unless we think your request is unfounded, repetitive or excessive. Where a fee is necessary, we will inform you before proceeding with your request.
We aim to respond to all valid requests within one month. It may however take us longer if the request is particularly complicated or you have made several requests. We will let you know if we think a response will take longer than one month. To help us respond more quickly, we may ask you to provide more detail about what you want to receive or are concerned about.
We may not always be able to do what you have asked, for example if it would impact the duty of confidentiality we owe to others, or if we are otherwise legally entitled to deal with the request in a different way.
Changes to this Privacy Statement
In some instances, we may have to change, modify or amend this Privacy Statement in order to comply with the evolving regulatory environment or the needs of our business. Subject to any applicable legal requirements to provide additional notice, any changes to this Privacy Statement will be communicated through our websites and mobile applications. However, if there will be changes made to the use of your personal information in a manner different from that stated at the time of collection we will take appropriate steps to notify you, such as by posting a notice on our website for 30 days prior to the changes taking effect or by emailing you.
Effective Date: 12 May 2018