Information we collect and how we use and share it
The legal basis for processing your personal data
Using our websites, mobile applications and other technology
Cookies and other tracking technologies
Use of WI-FI services (IHG Connect)
Using Personal Information to create profiles
How we secure your information
Managing your preferences and information
Retaining your information in our systems
Additional Information for UK/EU/EEA, Turkey, U.S, People’s Republic of China, and Brazil
Additional Information for U.S. Consumers
California Notice of Financial Incentive
Colorado, Connecticut, Montana, Nevada, Oregon, Texas, Utah, and Virginia Consumer Rights
Loyalty Program Disclosures for Colorado Consumers
BRAZIL DATA SUBJECTS RIGHTS UNDER BRAZIL DATA PROTECTION LAW
The privacy and security of your information is very important to us. Whether you are visiting our website, using our app, booking a room, or are a member of one of our loyalty programs, we want you to trust the way that we manage your information and to keep you informed about how we use that information.
We have prepared this Privacy Statement to explain more about who we are, how we collect and manage your information (whether through our website, mobile apps and other IHG® Hotels & Resorts-branded digital channels (e.g., our branded IHG Connect WiFi), our social media pages, or offline) and the choices you have about how we use your information. Specific additional rights may apply if required by applicable law. For example, please view our additional disclosures directed to residents of particular states within the United States, the UK, European Economic Area (EEA) and Turkey, Brazil, and the People’s Republic of China (Excluding for the purposes of this statement Hong Kong Sar, Macau Sar and Taiwan) (“PRC”), in this Privacy Statement.
This Privacy Statement is issued by InterContinental Hotels Group (collectively referred to as "IHG”, “IHG® Hotels & Resorts”, "we”, "us” or "our” in this Privacy Statement), which includes the direct and indirect subsidiaries of InterContinental Hotels Group PLC and covers information that we collect and use in the course of our business. When we mention "IHG", “IHG® Hotels & Resorts”, "we", "us", or "our", we are referring to the relevant company in the InterContinental Hotels Group that processes your personal information. Your information may also be collected and used by IHG® Hotels & Resorts-branded hotels. In most cases, these hotels are independently owned, and their use of your information is covered by their own privacy notices, not this one. If you would like to learn more about IHG and our relationship with our IHG® Hotels & Resorts-branded hotels, click below.
We collect personal information directly from you, about you from other persons/entities/online channels, and automatically as you use our website, mobile application or other IHG-branded digital channels, and through services available at IHG-branded properties (such as IHG Connect Wi-Fi). We provide more detail in the sections below. In particular, we collect and use information about you if you (or someone on your behalf) makes a reservation to stay at an IHG-branded hotel or property offered through IHG reservations, participate in one of our loyalty programs such as IHG® One Rewards, or interact with us through our corporate site, mobile app or other IHG-branded digital channels. You do not have to provide us with your personal information in order to use our website or mobile app; however, in some cases we may not be able to provide services to you without your personal information (for example, we would not be able to complete a requested booking or enroll you in our rewards program). To learn more about how we collect, use and disclose your information, and how you can opt out, please click the relevant section below.
Information we collect:
Directly From You: We collect information from you when you make a booking through our reservation system, stay at an IHG-branded hotel, or respond to a survey. Information collected during the reservation and your stay may include:
If you provide personal information to us about other persons when making a booking or during your stay, for example, family members or colleagues, we ask you to make sure they are happy for their personal information to be disclosed with us and to direct them to read this Privacy Statement if they want to find out more about how we use their information.
From IHG-branded properties: We receive information about your bookings and stays from IHG branded hotels including those you booked directly with the property. The information we receive includes names of those included on the booking, dates of your stay, number of adults and children staying, rate detail, room type, board type/meal plans and purchases made during your stay.
From Other Sources: We also collect reservation information about you from other persons/entities, including, travel agents, websites not owned and operated by IHG, persons booking on your behalf (e.g., a family member, company representative), your employer, or other entity. We may obtain information about you from social media pages; for example, if you make a comment on IHG’s social media page or if you comment about IHG on a public social media feed. We use this information to improve our services to you and to other customers.
Automatically: We collect information about you automatically as you use our website, mobile app, our social media sites, interact with our other digital channels, and, in some instances, when we correspond with you through email. In these instances, information such as your country information, internet protocol (“IP”) address, device ID, medial access control address, your interactions with these channels, and other characteristics about your system or device may be automatically collected. This information is collected for functional purposes and to improve your experience when using these services. This information may also be used for fraud prevention, aggregated trend and statistical analysis, and for showing you more relevant advertisements and messages. More information on these practices can be found in the Using our websites, mobile applications, and other technologies section below. We do not typically associate an IP address with your IHG® One Rewards profile.
Special Hotel Programs/Biometrics: At IHG, we are always seeking more ways to enhance your experience with us. A limited number of properties now offer a biometrics check-in process to eliminate your need to stand in line. Some properties also may allow room access through the collection of biometric information. These programs are opt-in only, and any information that we collect through your participation will be used solely for the program as described in the notice provided to you at the time of the opt-in.
How we use this information:
We use your information primarily to fulfill your hotel reservations, including indicated preferences, and to provide and manage our IHG® One Rewards program. This may include communicating with you (e.g., sending a confirmation email or SMS text message) in advance of your stay. Following your stay, we may also send you post-stay communications and satisfaction surveys to get feedback on your experience.
Where we have your consent or as permitted under applicable law, we may send you marketing communications for products and services that we believe would be relevant for you. We also may use information related to you and your stays to display targeted advertisements on our websites, mobile apps, our other digital channels or on non-affiliated websites or mobile apps, or to send you more relevant messaging. Additionally, we aggregate your information with other guest information to complete trend and statistical analysis, which we use to evaluate and improve our products and services, plan new hotel locations and services, and for other market research.
Who we disclose your information with:
We disclose your reservation information as follows:
We also disclose your stay information with other entities, which may include law enforcement, professional advisors, and other persons, in circumstances such as:
Information we collect:
We collect information from you during your membership in any of our loyalty programs and services, including our core loyalty program, IHG® One Rewards. Information collected during your enrollment and participation in these programs may include:
We may collect this information from you, other sources, and automatically.
From You/Other Person acting on Your Behalf: We collect your information through our global reservation and customer care offices, through our websites, through our mobile applications or through our other digital channels.
IHG-Branded Properties: We receive information about your stay from IHG-branded hotels and other properties within the IHG network so that we can honor the program.
Service Providers: We may also collect information about you from other sources, including entities that assist us in confirming the accuracy of your mailing address; in some circumstances, we do not receive the updated address verification from the vendor; rather, the vendor may simply update our mailing with the address that it believes is aligned with the postal service requirements. We may also obtain Personal Information from data enrichment providers where permitted under applicable law.
Other Sources: We may obtain information about you from social media pages; for example, if you make a comment on IHG’s social media page or if you comment about IHG on a public social media feed. We use this information to improve our services to you and to other customers. We may use this information in combination with information in your profile to identify relevant opportunities about which to notify you.
Your Friends: We may obtain information about you from friends if they refer you to us, where necessary with consent or another appropriate legal basis.
Automatically: We collect information about you automatically through our website, mobile app, our emails, and social media sites. In these instances, information such as your country information, internet protocol (“IP”) address, device ID, medial access control address, and other characteristics about your system or device may be automatically collected in accordance with an appropriate legal basis. This information is collected for functional purposes and to improve your experience using these services. This information may also be used for fraud prevention, aggregated trend and statistical analysis, and for showing you more relevant advertisements and messages. More information on these practices can be found in the Using our websites, mobile applications, and other technologies section below, and in our Cookies and other tracking technologies section. We do not typically associate an IP address with your IHG® One Rewards profile.
How we use this information: We use your information to operate and provide services in connection with our loyalty programs. We also use your information to improve our products and services. Where permitted by applicable law, or where we have your consent, we also may disclose your information to other parties, including our loyalty partners and others, to extend special offers about their own products and services to you.
This may include:
Although provision of much of the information requested is voluntary, the failure to provide certain information may impact and/or prevent our ability to offer you certain services.
We occasionally run promotions where we ask IHG® One Rewards Members to refer a friend to IHG® One Rewards with consent or other appropriate legal basis. In these cases, we always ask members to make sure anyone they refer has consented to sharing their personal information with us, and to direct friends to read this Privacy Statement if they want to find out more about how we use their information.
How you can manage your marketing preferences: You can manage your preferences and decide what marketing and other communications you would like to receive from us in our online preference center. You can visit our Preference center or find out more information in the Managing your Preferences and information section.
In addition, you can opt out of collection of your personal information for use in targeted advertising. Please see Managing cookies and opting out for more information on how to do this.
We also recommend you routinely review the privacy notices and preference settings that are available to you on any social media platforms as well as your preferences within your IHG® One Rewards account. In addition, certain U.S. state residents may have the option of clicking on the Do Not Sell or Share My Personal information link, which would eliminate the sharing that might constitute a sale under applicable law.
Who we disclose your information with: As part of our loyalty programs, we disclose your information as follows:
We also will disclose your information in the following circumstances:
Information we collect:
We collect information from you when you sign up to receive corporate news or shareholder documents, participate in surveys, submit reviews, contact customer service, or otherwise provide feedback to us or through social media or our other digital channels.
Corporate News:
Information collected may include:
We collect this information directly from you when you sign up for corporate news or shareholder documents on our corporate site.
Competitions or sweepstakes:
We collect contact information from you when you sign up for a competition or sweepstake; we do not necessarily include this information as part of your IHG® One Rewards profile. In these instances, we will collect information from and about you for running and administering the respective competition, sweepstakes or service that you have elected to participate in. The information collected may include personal details such as your name and address as well as certain demographic information that you choose to provide. In each case, we will collect, use and secure your information in a manner consistent with the general principles set out in this Privacy Statement unless we tell you otherwise.
Other Collections:
We also collect information from you when you sign up to receive our newsletters or other special offers and promotions, download one of our mobile applications, or participate in one of our other services. The type of information that we collect from you depends on your interaction with our site and services.
Automatically:
We also collect information about you when you browse our website, use our mobile app, interact with our emails or use our social media sites. In these instances, information such as your country information, internet protocol (“IP”) address, media access control address and other characteristics about your system or device may be automatically collected. This information is collected for functional purposes and to improve your experience using these services. This information may also be used for aggregated trend and statistical analysis, and for showing you more relevant advertisements and messages. More information on these practices can be found in the Using our websites, mobile applications and other technology section below. We do not typically associate an IP address with your IHG® One Rewards profile.
How we use this information:
We use your information to provide you with corporate news and shareholder documents for which you have signed up. For corporate news, you may change your communication preferences in accordance with the Managing your communication preferences section below.
If you sign up for a promotion, we may associate that promotion with your account (e.g., if related to an IHG® One Rewards program.). If you sign up for a contest or sweepstakes, we will use your information for the purpose of that contest or sweepstakes. Please be advised that there may be additional rules for the sweepstakes or contest, and those rules may provide additional information about how we will use your information collected for any event that you choose to enter.
For online collected data, please see Online Channels and our Cookies and other tracking technologies for additional information.
Who we disclose your information with:
We may disclose your information with our service providers who provide services on our behalf to help with our corporate site and our shareholder functions. These services may include the provision of shareholder documents and services related to management of our shareholder register. These companies are authorized to use your personal information only as necessary to provide these services to us.
We will also disclose your information in circumstances, such as:
We are committed to collecting and using your information in accordance with applicable data protection laws.
We collect, use and disclose your information where we have an appropriate legal basis to do this.
This may be because:
If you would like to find out more about the legal basis for which we process personal information please contact us (details found in the How to contact us section). If you have provided your consent to our processing of your information you can withdraw this consent at any time by contacting the IHG Privacy Office (details found in the How to contact us section).
As we operate via a global network of corporate offices, reservation and service centers, data centers and hotels, it may be necessary to transfer your information, for example, information collected in connection with a reservation or stay at an IHG-branded hotel, joining one of our loyalty programs or interacting with us through our corporate site, websites, emails or our other digital channels to a country outside of the country where it was originally collected or outside of your country of residence or nationality. The information that you provide us during the course of a reservation or through the provision of any other services may be transferred to any of our IHG-owned or affiliated entities and hotels around the world for the purposes of carrying out or facilitating these services. It will also be necessary to transfer this information to other entities, including, without limitation, our IHG-branded hotels, partners and our service providers.
Where we transfer information which originates in the European Union ("EU"), United Kingdom (“UK”), Brazil, or Turkey to a country outside of the country of origination, we will take steps to make sure such transfer is carefully managed to protect your privacy rights:
When we otherwise transfer personal information between jurisdictions, we will take such steps as required by local law in an effort to ensure that such transfer is managed to protect your privacy rights.
We and our service providers use cookies, pixels, web beacons, tracking tools and other similar technologies on our websites, mobile applications and in other areas of our business to collect information and provide you with the services that you have requested or participate in and to provide targeted advertising. Subject to local consent requirements, we may use this and other information we collect, such as a hashed email address, to help us and our service providers identify other devices that you use (e.g., a mobile phone, tablet, other computer, etc.). If you are using our mobile applications and have consented to sharing your location information with us, this information might be collected through GPS to enable us to provide certain personalized services to you such as recommendation of hotels nearby, customized offers and promotions. Your location preferences can be set or modified at the device level or through modifying your settings with the relevant social media platform. This information also includes personally identifiable information that you provide when you join one of our loyalty programs to enable us to verify your membership. We, and our service providers, also may use the cross-device tracking and other information we learn about you to serve targeted advertising on your devices. We also use the information that we collect to improve our products and services as well as your experience when visiting our websites and using our mobile applications. For more information on these subjects, please click the relevant section below.
We may engage vendors to provide certain interactive features on our websites, mobile applications and in other areas of our business. Your use of these interactive features is voluntary, and we may retain the information that you submit through these features. For example, we may offer an interactive chat feature on the website to assist you for customer service purposes. When you participate in the interactive chat, the contents of the chat may be captured and kept as a transcript. By using these features, our vendors may process the information obtained through the feature to provide the service on our behalf.
Our mobile application uses software development kits (SDKs). Please see our SDK list for more information about our integrated SDKs.
What is a cookie: A “cookie” is a small text file that is placed onto an Internet user’s web browser or device and is used to remember as well as obtain information about that party. You might be assigned a cookie when visiting our websites or when using our mobile applications or other digital channels. In some instances, where permitted under the applicable law, cookies may also be used for the purposes of certain email campaigns.
What types of cookies and trackers we use and how we use them: We use different types of cookies and trackers, which include:
To learn more about cookies and how they are used, please visit: http://www.allaboutcookies.org/.
Cookies: As described above, we use a number of service providers to help us manage, carry out and improve our advertising. These parties set cookies at our direction to help us collect information and provide you with advertisements that we believe would be relevant for you. In some instances, these parties may also assist us by providing certain statistical and analytics information in relation to our marketing practices. We also may disclose information collected through cookies (and other tracking technologies) with third parties to use for their own analytics and marketing purposes. These third parties may serve targeted advertising to you about IHG and non-IHG branded hotels. The scope of information shared may include information collected through cookies, such as your IP address/device ID, and information about the search that you performed on our website (e.g., you were looking for a hotel in New York City) but would not include your name or IHG® One Rewards information.
Managing cookies and opting out: You can change your cookie preferences in our Cookie preferences tool, which is also available from the Privacy and Cookies Center. You can choose to visit our web sites without cookies, but in some cases certain services, features and functionality may not be available. To visit without cookies, you can configure your browser to reject all cookies or notify you when a cookie is set. Each browser is different, so check the "Help" menu of your browser to learn how to change your cookie preferences.
In relation to cookies placed by our service providers, we participate in the Self-Regulatory Program for Online Behavioral Advertising managed by the Digital Advertising Alliance (“DAA”). As part of this commitment, IHG has agreed to comply with the standards and guidelines promulgated by the DAA. For more information regarding targeted advertisements and/or to opt out of automatic collection for these purposes, please visit http://www.aboutads.info/choices/ or http://www.networkadvertising.org/managing/opt_out.asp. Within the EU, UK and Canada the local DAA organizations operate a similar "ad choices" scheme: see http://www.youronlinechoices.com (UK/Europe) and http://youradchoices.ca/ (Canada). If you opt-out of these targeted advertising cookies, your opt-out will be specific to the web browser or mobile device from which you accessed the opt-out. If you use multiple devices or browsers, you will need to opt out each browser or device that you use.
Other technologies: Other technologies such as pixels and web beacons may also be used on our websites, mobile applications, in email messages and in other areas of our business. These technologies are used to improve our products and services as well as our marketing efforts. We use pixels in our emails to help us determine the success of our advertising campaigns, such as to give us insight into whether you opened, deleted, or forwarded an email, or clicked on a link contained in the email.
Targeted advertising: We and our service providers may serve targeted advertisements through the use of first-party or third-party cookies, pixels and web beacons when you visit our website, use our mobile applications, or visit websites owned by other entities. In some instances, these cookies may be persistent cookies. As described in the Using our websites, mobile applications and other technology section above, we and our service providers may also use cookie and other information to try to identify other devices and web browsers that you may use so we and our service providers may serve targeted advertisements to those devices. We do this to provide you with advertising that we believe may be relevant for you as well as improve our own products and services, including the functionality and performance of our websites and mobile applications. To learn more about opting out of certain types of targeted advertising, please see the Managing cookies and opting out section above.
Do-Not-Track: Currently, our systems do not recognize browser “do-not-track” signals except for certain locations as described below in the section US State Consumer Rights. You may, however, disable certain tracking as discussed in this section (e.g., by disabling cookies); you also may opt-out of targeted advertising by following the instructions at the DAA and the Network Advertising Initiative websites.
In some jurisdictions, and where permitted by applicable law or with your consent, we may receive information about your location during the course of and for the purpose of providing you the services described above through your use of our websites and mobile applications. For example, if you are using our mobile applications and have consented to sharing your location information with us, this information might be collected through GPS or Bluetooth technologies to enable us to provide certain services to you such as customized offers and promotions. In addition to your use of our websites, mobile applications and other digital channels, we may also receive location information from wireless networks or cellular towers in proximity to your mobile device, through your Internet protocol (“IP”) address or through your use of other services we provide at our hotels. We may also have access to location information that you provide to us through your use of social media, such as when you “tweet” your location. We do not maintain this information as part of your IHG® One Rewards profile, and we typically use this information at the point in time at which you provide it to satisfy your request. Your location preferences can be set or modified at the device level or through modifying your settings with the relevant social media platform.
We receive information about you when you use our mobile applications. Some information such as your device manufacturer, type and operating system version, are collected automatically, while other information is only collected if you choose to provide it and where permitted by applicable law, such as your precise geolocation information. We do not typically associate your precise geolocation information obtained through your use of our mobile apps with your IHG® One Rewards Account. It may sometimes be necessary to associate your geolocation information with your account to support your participation in a particular program or feature that we may offer, but we do not otherwise retain your geolocation information in a way that identifies you as an individual.
If you use our mobile app, we also send you push notifications from time-to-time in order to update you about any events or promotions that we may be running. If you no longer wish to receive these types of communications, you may turn them off in your device settings. To ensure you receive proper notifications, we will need to collect certain information about your device such as operating system and user identification information.
We use mobile analytics software to allow us to better understand the functionality of our mobile applications on your phone. This software may record information such as how often you use the application, the events that occur within the application, aggregated usage, performance data, and where the application was downloaded from.
We may use information from online sources, such as websites, social media and information sharing platforms. This information may be used to help tailor and improve our services and communicate with you effectively, as we know many of our customers use a range of media channels to communicate and disclose information.
We may use various social media features such as the Facebook “Like” button on our websites and mobile applications. We collect certain information about you through your use of these features in conjunction with our services and programs. Subject to your account and privacy settings, we may also be able to see information that you post when using these social media platforms. In some instances, depending on the circumstances, we may contact you on these social media platforms. The information you post on social media sites as well as the controls surrounding these disclosures are governed by the respective policies of the social media site.
Where we use information from these sources, we will respect any permissions you have set about how you would like your information to be used for each source. We do not associate the information that we collect through these platforms with your IHG® One Rewards account.
We recommend you routinely review the privacy notices and preference settings that are available to you on any social media platforms. To learn more about opting out of certain types of targeted advertising, please see the Managing cookies and opting out section above.
When you use the IHG Connect WI-FI service (IHG Connect), we may collect and process certain additional information.
We use personal information only for the purposes described in this Privacy Statement, except if otherwise disclosed to you at the time the data is collected or otherwise authorized by law or by you. We use the personal information that we collect through IHG Connect:
Our goal is to create a personalized and customized experience for you when you stay at an IHG-branded property. In order to determine appropriate advertising and to customize your experience, as described in the section above in relation to cookies, we have relationships with companies such as Google and Facebook which enable us to serve targeted advertising. In addition to the activities described under the heading Targeted Advertising above, we also match Facebook and Google users across sites and devices which enables us to better understand your interests. We use this information to enable us to tailor our marketing communications to you so we can make sure we tell you about things which are most likely to be of interest to you. You have options about how we disclose your information; please log into the preference center at any time to view and exercise your choices. In addition, certain U.S. state residents may have the option of clicking on the Do Not Sell or Share My Personal Information link, which would eliminate the disclosure that might constitute a "sale"/ "share" under applicable law.
We are committed to protecting the confidentiality and security of the information that you provide to us. To do this, technical, physical and organizational security measures are put in place to protect against any unauthorized access, disclosure, damage or loss of your information. The collection, transmission and storage of information can never be guaranteed to be completely secure, however, we take steps to ensure that appropriate security safeguards are in place to protect your information.
We want to ensure that you have the necessary tools at your disposal to control the information that you provide to us, including how we communicate with you. It is also important that you contact us to update your information if any of it is inaccurate or changes. Please click the relevant section below to learn more about how to control how we communicate with you and how to update, modify and delete your information. EU, UK and Turkey Data Subjects, please see also the Data Subject Rights under UK/EU/EEA and Turkey Data Protection Laws specific-section. U.S residents, please see also the U.S.-specific section. Californians, please see also the CA-specific section. Data Subjects located in Brazil, please see also the Brazil-specific section. Data Subjects located in PRC, please see also the PRC-specific section.
Through the provision of the services described above, we, and in some instances our IHG-branded hotels, IHG® One Rewards partners, and service providers may communicate with you in relation to a reservation, as a member of any of our loyalty programs, through online digital services (e.g. online advertising, social media communications), or to support any other services that we provide.
In some instances, especially if you are a member of IHG® One Rewards or an InterContinental Ambassador, you can go to your account, sign in and click on the “Communication Preferences” section to revise your communication preferences. IHG® One Rewards members can also contact any of our IHG® One Rewards Service Centers. Additionally, the option to unsubscribe from marketing communications will be included within the communication itself. In all other cases, or if you are having difficulties with unsubscribing from any particular communication, please contact one of our global customer care offices or the IHG Privacy Office (details found in the How to contact us section).
Please be aware that unsubscribing from one type of communication may not unsubscribe you from another type. Likewise, unsubscribing from our communications may not mean that you are unsubscribed from certain communications carried out independently by our IHG-branded hotels.
In the event any information that you provide to us is inaccurate or changes, you can let us know by contacting one of our global customer care offices. In some instances, especially if you are an IHG® One Rewards or InterContinental Ambassador member, you can update certain aspects of your personal information by going to your account, signing in and clicking on the “Personal Information” section to update and amend your personal information. For all other cases, please contact the IHG Privacy Office (details found in the How to contact us section). We will respond to your request within a reasonable timeframe.
Our websites and applications contain links to websites that are maintained and/or controlled by non-affiliated parties. In some instances these websites may be co-branded and display our logos or other trademarks. You can always tell whether you are on one of our websites by checking the uniform record locator ("URL”) on the page that you are visiting. We encourage you to review the privacy policies of these websites as their privacy practices may differ from ours.
Our websites are not intended for children and we do not intentionally solicit or collect personal information from individuals under the age of 18. If we are notified or otherwise discover that a minor’s personal information has been improperly collected, we will take all commercially reasonable steps to delete that information.
We generally only keep your information for as long as is reasonably required for the purposes explained in this privacy policy. In some cases we keep transactional records (which may include your information) for longer periods if necessary to meet legal, regulatory, tax or accounting needs. We will also retain information if we reasonably believe there is a prospect of litigation.
We maintain a data retention policy which we apply to the records we hold.
For any questions or concerns regarding this Privacy Statement or our data privacy practices, please contact us:
You may also contact our Data Protection Officer by emailing privacyoffice@ihg.com.
To the extent permitted under the local law, you may also use the above contact details to request access to, correct, or (in certain circumstances) delete, any of your personal information that is held by IHG, or, where we have relied upon your consent to process your personal information, to withdraw your consent to such processing of your personal information. These requests will be reviewed and processed in line with the local law.
You also may have a right under the local law to lodge a complaint with us or with your local data protection supervisory authority at any time. However, we ask that you please try to resolve any issues with us first before referring your complaint to the supervisory authority.
In the EU, IHG’s GDPR lead supervisory authority is the Hessen supervisory authority that can be contacted at:
Der Hessische Beauftragte für Datenschutz und Informationsfreiheit (The Commissioner for Data Protection and Freedom of Information of Hesse)
Gustav-Stresemann-Ring 1
65189 Wiesbaden
Germany
For Turkish data subjects, our Data Controller Representative in Turkey is Özdağıstanli Ekici Avukatlık Ortaklığı for compliance with the Turkish data protection regulations and can be contacted at info@iptech-legal.com.
UK, EU/EEA and Turkey data subjects have legal rights under their respective UK, EU and Turkish Data Protection Laws in relation to their personal information. Click on the links below to learn more about each right you may have subject to applicable laws in your location. To exercise any of your rights please use the forms available in our Privacy and Cookie Center or contact our Data Protection Officer by emailing privacyoffice@ihg.com.
We may ask you for proof of identity when making a request to exercise any of these rights. We do this to make sure that we only disclose information where we know we are dealing with the right individual. We will not ask for a fee, unless we think your request is unfounded, repetitive or excessive. Where a fee is necessary, we will inform you before proceeding with your request.
We aim to respond to all valid requests within one month. It may however take us longer if the request is particularly complicated or you have made several requests. We will let you know if we think a response will take longer than one month. To help us respond more quickly, we may ask you to provide more detail about what you want to receive or are concerned about.
We may not always be able to do what you have asked, for example if it would impact the duty of confidentiality we owe to others, or if we are otherwise legally entitled to deal with the request in a different way.
This section supplements the other parts of our Privacy Statement and provides additional information for residents of California, Colorado, Connecticut, Delaware, Iowa, Montana, Nebraska, Nevada, New Hampshire, New Jersey, Oregon, Texas, Utah and Virginia. The rights under this section will apply to you to the extent the law permits.
As used in this section, “Personal Information” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. Personal Information does not include information that is publicly available, de-identified, or aggregated. Personal Information includes “personal data” as defined by applicable state privacy laws.
Click on the links for each state to learn more about specific California and Colorado, Connecticut, Delaware, Iowa, Montana, Nebraska, Nevada, New Hampshire, New Jersey, Oregon, Texas, Utah and Virginia consumer rights.
Submitting Requests. You can exercise your rights by visiting our Privacy and Cookie Center or by contacting us at 1 877 424 2449 (toll free). We will respond to your requests within 45 days, unless additional time is needed, in which case we will let you know.
When you submit your request, we will take steps to attempt to verify your identity. We will attempt to match the information in your request to the Personal Information we maintain about you. As part of our identity verification process, we may ask you to submit additional information or to sign into your account.
Non-Discrimination: If you choose to exercise any of the privacy rights described below, you will not subjected to discriminatory treatment by us.
Personal Information We Collect and How We Use and Disclose it
Category of Personal Information | Purposes for Collection, Use, and Disclosure | Categories of Recipients to Which Personal Information is Disclosed |
Identifiers, including real name, alias, postal address, unique identifier (e.g., your IHG® One Rewards number if you choose to enroll in the program), IP address (if you access our websites, emails, or other digital channels), email address or other similar identifiers. |
|
|
Customer Records, including Personal Information such as name, signature, address, telephone number, driver’s license number, and financial information (e.g., payment information for your reservation). |
|
|
Characteristics of Protected Classifications, including age. |
|
|
Commercial Information, including records of products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. |
|
|
Internet or Other Electronic Network Activity Information, including browsing history, search history, and information regarding a consumer’s interaction with an Internet Web site, application, or advertisement. |
|
|
Geolocation Data |
|
|
Sensory Data, including closed-circuit television recordings from IHG-branded properties (collected for security purposes), and audio recordings of customer care calls. |
|
|
Inferences used to create or enhance a profile about a consumer reflecting the consumer’s preferences and tendencies (e.g., what types of properties the consumer prefers, how frequently the consumer travels, etc.). |
|
|
Personal Information that reveals a consumer’s precise geolocation. |
|
|
Personal Information collected and analyzed concerning a consumer’s accessibility needs. |
|
|
We may also disclose all categories of Personal Information described above to our service providers and other vendors that are contractually restricted from using your Personal Information for any purposes other than providing requested services to us. In addition to the purposes for collection, use, and disclosure of Personal Information described in the above table, we may collect, use, and disclose Personal Information to meet responsibilities we have to regulators, tax officials, law enforcement, or otherwise meet our legal responsibilities.
Sources of Personal Information
We collect the Personal Information identified above directly from you, from other persons/entities making a reservation on your behalf (e.g., travel agent, a member of your travel party, someone making the booking on your behalf), automatically via cookies and tracking technologies when you access our online services, from travel partners, including airlines and rental car agencies, and from IHG-branded hotels (that are generally independently owned and operated). We may also obtain Personal Information from data enrichment providers.
Targeted Advertising, Sales, and Sharing of Personal Information
We may sell or share with third parties for cross-context behavioral advertising or targeted advertising the following categories of Personal Information:
The third parties to whom this Personal Information is sold or shared are advertisers, data enrichment providers, and analytics vendors.
We may also sell the following categories of Personal Information: to airlines, vacation ownership and co-branded credit card partners:
You may opt out of the sale or sharing of your Personal Information as provided below.
Retention of Personal Information
We keep the categories of Personal Information described above for as long as necessary for the purposes described in this section or as otherwise authorized by law. This generally means holding the Personal Information for as long as one of the following apply:
Where Personal Information is used for more than one purpose, we will retain it until the purpose with the latest period expires.
The California Consumer Privacy Act (“CCPA”) provides California residents the right to submit certain requests relating to their Personal Information as described below.
Right to Know. You have the right to know what Personal Information we have collected about you, which includes:
(1) The categories of Personal Information we have collected about you, including
a. The categories of sources from which the Personal Information was collected
b. Our business or commercial purposes for collecting, selling, sharing, and disclosing Personal Information
c. The categories of recipients to which we disclose Personal Information
d. The categories of Personal Information that we sold or shared, and for each category identified, the categories of third parties to which we sold that particular category of Personal Information
e. The categories of Personal Information that we disclosed for a business purpose, and for each category identified, the categories of recipients to which we disclosed that particular category of Personal Information
(2) The specific pieces of Personal Information we have collected about you
To submit a request to know, please fill out the form here.
Right to Delete: You have the right to request that we delete Personal Information we collected from you, subject to certain exceptions. To submit a request to delete, please fill out the form here.
Right to Correct Inaccurate Information. If you believe that Personal Information we maintain about you is inaccurate, you have the right to request that we correct that information. To submit a request to correct, please contact us at PrivacyOffice@ihg.com.
Right to Opt Out of Sales and Sharing of Personal Information. You have the right to opt out of the sale of your Personal Information, and to request that we do not share your Personal Information for cross-context behavioral advertising. To opt-out of cookie-based sales and sharing, please click “View Cookie Preference Tool” under Cookie Settings here, toggle cookie settings to “No” and click “Submit Preferences. To opt out of offline sales or Personal Information, please fill out the form here. If you would like to use a universal opt-out preference signal, please download and use a browser supporting the Global Privacy Control (GPC) browser signal. If you choose to use the GPC signal, you will need to turn it on for each supported browser or browser extension you use.
Right to Limit Use and Disclosure of Sensitive Personal Information. We do not process sensitive Personal Information for purposes to which the right to limit use and disclosure of sensitive Personal Information applies, and therefore we do not provide such a right.
Appeals. If you would like to submit an appeal regarding our response to a request, you may appeal by contacting us at PrivacyOffice@ihg.com.
Authorized Agents. The CCPA allows California consumers to designate an authorized agent to exercise their rights under CCPA. If you use an authorized agent to submit a request, we will ask your agent to provide information to demonstrate the agent has your authorized consent to submit a request. Proof of authorization evidenced by your signed permission should be submitted to PrivacyOffice@ihg.com. We may also ask you to provide information to verify your identity directly with us.
If you are a California employee or job applicant, or if you interact with us in a commercial context, please contact us at PrivacyOffice@ihg.com to submit a request.
Metrics: Our annual metrics related to California Consumer Requests received and other information, including the number of requests and the mean number of days for our response, can be found here.
Shine the Light
Under California’s “Shine the Light” law (Cal. Civ. Code § 1798.83), California residents who provide us with certain Personal Information are entitled to request and obtain from us, free of charge, information about the Personal Information (if any) we have shared with third parties for their own direct marketing use. Such requests may be made once per calendar year for information about any relevant third party sharing in the prior calendar year. If you are a California resident and would like to make such a request, please submit your request in writing to PrivacyOffice@IHG.com. In your request, please attest to the fact that you are a California resident and provide a current California address.
The IHG® One Rewards program (“Program”), which includes InterContinental® Ambassador and IHG® Business Rewards, is a loyalty program offered by Six Continents Hotels, Inc. and its subsidiaries and affiliates, all of which are referred to herein as IHG.
IHG® One Rewards program. IHG offers guests the opportunity to participate in the Program which may provide benefits, including free internet, as well as the opportunity to earn points that can be redeemed for discounted or free stays or other items, as described in the IHG® One Rewards member benefit chart to those who choose to join. These benefits may be considered to be financial incentives under the CCPA and are described along with other material terms and conditions here.
Information we collect. To join the Program, IHG collects at a minimum, your first name, last name, address, email address, country/region, city, and zip code.
IHG may also collect the following additional information from you during the course of your membership in the Program.
How we use the information. We use your information to operate and provide services in connection with our Program in accordance with our IHG® One Rewards Membership Terms and Conditions. We also use your information to improve our products and services. Where permitted by applicable law, or where we have your consent, we also may disclose your information with other parties, including our loyalty partners and others, to extend special offers about their own products and services to you.
This may include:
Who we disclose your information with: During the course of your participation in our loyalty programs, we disclose your information as follows:
We may also disclose your information in other circumstances, as fully described under “If you join one of our loyalty programs” in our Privacy Statement.
Our members can opt-out of sharing their personal information with our partners for offers and rewards through Communication Preferences in their accounts. Our California members can also opt-out of the sale of their personal information by using our Do Not Sell My Personal or Share Information link. If you opt-out, we will no longer disclose your information with our loyalty partners where such sharing could be construed as a “sale” under the CCPA.
Joining IHG® One Rewards. You may register for our Program online, through the IHG website or mobile app, or when you book a reservation. You may also be offered to join the Program at the time of check-in.
Value of Consumer’s Data. Pursuant to the valuation methods defined by certain U.S. state laws, a good faith estimate of the value of our consumers’ (members’) Personal Information to IHG is US $0.42 in 2023. This estimate is calculated by dividing the annual value of the revenue generated from the commercial relationships we have with our loyalty partners with respect to consumer data, by the number of US members in our Program. This estimate is not specific to any individual consumer. The actual value to the consumer of becoming a member of the Program may vary significantly as this will depend on an individual member’s engagement with the Program.
Withdraw from the IHG® One Rewards program. You have the right to withdraw from the Program at any time. You may do so by notifying IHG® One Rewards Customer Care Centre.
Under certain U.S. State laws, members have the right to delete their Personal Information. However, if you exercise your right to delete your account information, you will no longer be enrolled in the Program and accumulated points will also be deleted.
Contact Us
If you have questions about our privacy practices, would like to make a complaint, or to request a printable version of this Privacy Statement, please contact us at PrivacyOffice@ihg.com. This California privacy notice is effective from January 1, 2020 and was last updated on July 1, 2024.
If you are a resident of Colorado, Connecticut, Delaware, Iowa, Montana, Nebraska, Nevada, New Hampshire, New Jersey, Oregon, Texas, Utah or Virginia, you have the right to submit certain requests relating to your Personal Information as described below.
Access and Data Portability: You have the right to confirm whether we are processing your Personal Information, to access your Personal Information, and to obtain a copy of your Personal Information in a portable format. To submit a request to access, please fill out the form here.
Deletion: You have the right to request that we delete the Personal Information that we have collected about you, subject to certain exemptions. To submit a request to delete, please fill out the form here.
Right to Correct: If you are a resident of Colorado, Connecticut, Delaware, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Texas or Virginia, you have the right to request that we correct inaccuracies in your Personal Information, taking into account the nature of the Personal Information and our purposes for processing it. To submit a request to correct, please contact us at PrivacyOffice@ihg.com.
Opt-out of the Sale of My Personal Information and Targeted Advertising. You have the right to opt out of the sale of your Personal Information and the use of your Personal Information for targeted advertising. To opt out of sales of Personal Information and targeted advertising via cookies, please click “View Cookie Preference Tool” under Cookie Settings here, toggle cookie settings to “No” and click “Submit Preferences.” To opt out of offline sales of Personal Information, please fill out the form here. If you are a resident of Colorado, Connecticut, Montana, Nebraska, New Hampshire and Texas and would like to use a universal opt-out preference signal, please download and use a browser supporting the Global Privacy Control (GPC) browser signal. If you choose to use the GPC signal, you will need to turn it on for each supported browser or browser extension you use.
Authorized Agents. If you are a resident of Colorado, Connecticut, Delaware, Iowa, Montana, Nebraska, New Hampshire, New Jersey, Oregon or Texas, you may designate an authorized agent to exercise your right to opt-out of the sale of your Personal Information. If you use an authorized agent, we will ask your agent to provide information to demonstrate the agent has your authorized consent to submit this request. Proof of authorization evidenced by your signed permission should be submitted to PrivacyOffice@ihg.com. We may also ask you to provide information to verify your identity directly with us.
Right to Limit Use and Disclosure of Sensitive Personal Information. We do not process sensitive Personal Information for purposes to which the right to limit use and disclosure of sensitive Personal Information applies, and therefore we do not provide such a right.
Appeals. If you would like to submit an appeal regarding our response to a request, you may appeal by contacting us at PrivacyOffice@ihg.com.
The purpose of this section is to notify Colorado consumers of how we use Personal Information in connection with your participation in the IHG® One Rewards loyalty program. You have the right to delete your Personal Information associated with your IHG® One Rewards account; however, if you delete your Personal Information, we will be unable to link your rewards to your account, and therefore you will be unable to receive benefits from the program. The chart below identifies the categories of Personal Information that we collect, sell, or process for targeted advertising, and the third parties who receive each category in connection with IHG® One Rewards.
Category of Personal Information | Third Parties Who Receive Each Category |
Identifiers | Third-party advertisers Data enrichment providers |
Customer Records | |
Commercial Information |
Through the IHG® One Rewards program, consumers can earn points with airline, dining, rental car, vacation ownership, hotel alliance, loyalty platform and financial loyalty program partners for discounted or free IHG hotel stays and loyalty partner services and products.
Consumers can also redeem or transfer their the IHG® One Rewards program points with gift card, charity, loyalty platform, vacation ownership and hotel alliance loyalty program partners for services or products provided by the partners,
For more information about how we process your Personal Information, please see the other sections of our Privacy Policy.
NEVADA CONSUMER RIGHTS
Nevada residents have the right to opt out of the of the sale of certain Personal Information called “covered information” to third parties. IHG does not sell “covered information” as defined by the law. If you are a Nevada resident and you would like to be notified if we change our practices regarding the sale of “covered information” to third parties, please contact us at PrivacyOffice@ihg.com.
If there is any inconsistency between the below and the above Privacy Statement, the following shall prevail in respect of the PRC.
Data controller
For the PRC, Intercontinental Hotel Groups (Shanghai) Co., Ltd., Registered office: 22nd Floor, Citigroup Tower, No. 33 Huayuanshiqiao Road, China (Shanghai) Pilot Free Trade Zone, is the data controller. For questions or concerns related to your personal information or related to the Privacy Statement, please contact privacyoffice@ihg.com.
Consent
We will obtain your consent (where applicable, separate consent) to collect, use, share, transfer (including but not limited to overseas transfer), disclose or otherwise process your personal information if and to the extent required by the applicable laws.
Sensitive personal information
Certain of the types of personal information described in this Privacy Statement are considered "sensitive" and, depending on your jurisdiction of work or residence and applicable law, additional rules will apply in respect of this personal information. References to personal information in this Privacy Statement shall be deemed to include reference to sensitive personal information (if any) where applicable.
“Sensitive personal information” as defined under PRC laws and regulations which we may collect and use for the purposes described in the above Privacy Statement may include information relating to:
Share and disclose your personal information with another controller
With your consent, we may share and disclose your personal information with another data controller as explained in the section “Information we collect and how we use and disclose it” in the Privacy Statement.
International data transfers
As IHG is a global hospitality group, for the purposes described in this Privacy Statement and in order to provide you with privileged and quality service worldwide, we may, with your separate consent (if required by applicable laws), transfer your personal information to IHG affiliated entities outside of mainland China, such as Six Continents Ltd (UK) (“IHG Foreign Affiliated Entity”), who will process your personal information for the purposes and in the manner as described in this Privacy Statement. IHG will take appropriate measures to ensure that cross-border data transfer and the processing of your personal information by IHG Foreign Affiliated Entities comply with the requirements of applicable laws and that such mechanisms are aimed at ensuring an adequate level of protection as regards your personal information under the applicable laws. If you wish to exercise your rights with respect to your personal information with any IHG Foreign Affiliated Entity, you can contact such entity through the means described in “How to Contact Us” section.
How we store and protect your personal information
We will store your personal information for as long as necessary to achieve the purposes described in this Privacy Statement and for as long as you use our services, and as otherwise required by applicable law. We will delete your personal information that has exceeded the retention period, or handle such personal information in other ways as permitted by applicable laws and regulations, in accordance with Section “Retaining your information in our systems” of this Privacy Statement. We take reasonable security measures to protect your personal information in accordance with industry standards and are committed to using various technologies and initiatives to protect your personal information from unauthorized access, use, modification, disclosure and damage, such as the use of encryption technology to protect your personal information. We will deal with personal information security incidents in accordance with applicable laws and regulations, and conduct training and dissemination of personal information protection to relevant personnel to enhance their awareness of the importance of personal information and responsibilities related to personal information protection.
SDKs and other similar software technologies made available by non-affiliated entities
Under the PRC laws, IHG is required to disclose SDKs. As a practical matter, the information described below is captured elsewhere in the privacy statement, including, in particular, in our description of IHG’s use of cookies. If you have any questions about which trackers listed in our cookie policies are SDKs, please contact the Privacy Office.
We use software known as software development kits (SDKs) and other similar technologies made available by non-affiliated entities on our mobile applications and mini programs to ensure their stable operation and to provide the services as described in this Privacy Statement. Please see our SDK list for more information about our integrated SDKs.
If you are using these features and plug-ins provided by non-affiliated entities, the privacy policies of these entities may also apply to you. Some of these entities may collect data from you for their use and processing and may obtain your consent prior to doing so. In any case, we recommend you read the privacy policies of these non-affiliated entities to understand how they collect and process your data before using their features and plug-ins.
Personalized marketing
In order to provide you with personalized advertising, we may collect your personal information.
You can turn off personalized advertising in our App in “Account”-“Personalized recommendations”. Once you turn off it, you will not receive any personalized advertising, including promotional offers and special offers.
Mobile device permissions
If you choose to use certain functions using our mobile app we will ask you for related permissions to use features on your mobile device to enable this.
When you add a payment method to book a hotel, we will ask you for camera permission if you choose to add payment information by scanning your payment card using the camera.
If you choose to add the booking to your calendar after the booking is made, we will ask you for calendar permission to help you add the booking to your calendar (only applicable to IHG Android App).
If you choose to use the voice search function when booking a hotel, we will ask you for microphone permission to allow dictation on your device to enable this.
If you choose to use the function to search for hotels near your location we will ask you for permission to access your location to enable this.
If you choose to give app feedback and upload screenshots or attachments with your feedback, we will ask you for storage permission.
Your rights
In addition to the rights mentioned in the Privacy Statement, you have the following rights where permitted by the PRC data protection laws:
To exercise any of your rights above and other rights related to your personal information, you may also contact us by emailing privacyoffice@ihg.com as well.
We aim to respond to all valid requests to exercise the above rights within 15 working days upon verifying your identity. To help us respond more quickly, we may ask you to provide more detail about your inquiry.
We may not always be able to do what you have asked, for example if it would impact the duty of confidentiality we owe to others, or if we are otherwise legally entitled to deal with the request in a different way.
Purchasing product vouchers through IHG WeChat Mini Program
When you purchase a product voucher through our IHG WeChat Mini Program, we will collect your WeChat OpenID, UnionID, membership number and purchase, redemption, and refund records. We process your information primarily to attribute your purchases to you, to show you the status of product redemptions or refunds status, and to notify you of necessary product information changes. You can check purchase, redemption, and refund records at any time. We will share your information with the hotel providing the product voucher to provide you with the services described in the product voucher. If you decline to provide such personal information, we will not be able to provide you with the abovementioned services.
Brazil data subjects have legal rights under Brazil’s Federal Law nº 13.709/2018 (LGPD), as well as any other applicable laws in relation to your personal information. To exercise any of your rights please use the forms available in our Privacy and Cookie Center or contact our Data Protection Officer by emailing privacyoffice@ihg.com.
We may ask you for proof of identity when making a request to exercise any of these rights. We do this to make sure that we only disclose information where we know we are dealing with the right individual.
We aim to respond to all valid requests within 15 (fifteen) days. It may however take us longer if the request is particularly complicated or you have made several requests. We will let you know if we think a response will take longer than 15 (fifteen) days. To help us respond more quickly, we may ask you to provide more detail about what you want to receive or are concerned about.
We may not always be able to do what you have asked, for example if it would impact the duty of confidentiality we owe to others, or if we are otherwise legally entitled to deal with the request in a different way.
If there is any inconsistency between the rights above and this Privacy Statement, the above specific rights shall prevail in respect of Brazil.
In some instances, we may have to change, modify or amend this Privacy Statement in order to comply with the evolving regulatory environment or the needs of our business. Subject to any applicable legal requirements to provide additional notice, any changes to this Privacy Statement will be communicated through our websites and mobile applications. However, if there will be changes made to the use of your personal information in a manner different from that stated at the time of collection we will take appropriate steps to notify you, such as by posting a notice on our website for 30 days prior to the changes taking effect or by emailing you. We will obtain your consent to such changes where required to do so by applicable law.
Effective Date: December 2024