General Data Protection Regulation
Updated 25.06.2023
Use and protection of the information we collect
Room Reservations
We collect your contact information, payment information, reservation information, and accommodation preferences. That information is collected directly from you when you make a room reservation. In a small number of cases we collect information about a guest’s health. For example, a guest may voluntarily choose to provide information about a disability as part of a request for an accommodation preference. You are required to provide this information in order to complete a reservation. If you choose not to provide this information, we may be unable to complete your request.
We use your information in order to perform our contractual obligations, fulfill your requests for a reservation, and to take steps in anticipation of those obligations. In some jurisdictions we also need your information to comply with legal obligations to collect and maintain information about guests. We also have a legitimate interest in analyzing trends and patterns among guests. In the rare circumstances in which we collect information about a guest’s health, that information is collected only for the purpose of accommodating a guest’s needs and is used for no other purpose.
​
​
Cookies and First Party Tracking
We use cookies and clear GIFs. “Cookies” are small pieces of information that a website sends to a computer’s hard drive while a website is viewed. In most cases, you are required to provide this information. If you choose to turn off first party cookies, the website may not function correctly.
We have a legitimate interest in making our website operate efficiently and analyzing trends and patterns among our website visitors.
​
​
Cookies and Third Party Tracking
We participate in behavior-based advertising. This means that a third party uses technology (e.g., a cookie) to collect information about your use of our website so that it can provide advertising about products and services tailored to your interests on our website or on other websites. The provision of this information is voluntary. You may choose to opt out of third party tracking through our Cookie Preferences Center.
We base the use of third party tracking, including behavioral advertising, on consent where required by law.
​
​
Email Interconnectivity
If you receive email from us, we use certain tools to capture data related to when you open our message, click on any links or banners it contains, or make reservations. The provision of this information is voluntary.
We have a legitimate interest in understanding how you interact with reservation confirmations. We base other email tracking on consent where required by law.
​
​
Customer Care
If you contact us with an issue we will collect your name and e-mail address, as well as any other content that you send to us in order to reply. If you choose not to provide this information, we may be unable to assist with your issue or question.
We have a legitimate interest in receiving and acting upon the information that you provide to us concerning issues that you raise.
Communications List
When you opt-in or sign up to receive communications, we collect your email address, postal address, or phone number for text messaging. If you choose not to provide this information, we may be unable to send you the requested communications. We share information about our products and services or the products and services of other companies, if you consent to receive that information. We also have a legitimate interest in sharing information with you about our services and those of our partners.
​
​
Mobile Devices
We collect information from your mobile device such as unique identifying information broadcast from your device when visiting our websites or applications. In most cases, you are required to provide this information. If you choose not to provide this information the mobile website and app may not function correctly.
We have a legitimate interest in identifying unique visitors and in understanding how users interact with us on their mobile devices.
​
​
Website Interactions
We use technology to monitor how you interact with our website. This may include the links you click on or information that you type into our online forms. The provision of this information is voluntary. You may choose to opt out of third party tracking through our Cookie Preferences Center.
We have a legitimate interest in understanding how you interact with our website to better improve it and to understand your preferences and interests in order to select offerings that you might find most useful.
Web Logs
We collect information, including your browser type, operating system, Internet Protocol (IP) address (a number that is automatically assigned to a computer when the Internet is used), domain name, click-activity, referring website, and/or a date/time stamp for visitors. In most cases, you are required to provide this information. If you choose not to provide this information the website may not function correctly.
We have a legitimate interest in monitoring our networks and the visitors to our websites. Among other things, it helps us understand which of our services is the most popular.
​
Employment Candidates
If you apply to work for us, we collect information necessary to evaluate your application. If you choose not to provide us with the requested information, we may be unable to process your application for employment.
We use information about prospective employees in connection with our legal obligations and our legitimate interest in evaluating candidates.
In addition to the information that we collect from you directly, we may also receive information about you from other sources, including business partners, BWR partners, Licensed Hotels, Affiliates, Travel Agents, Online Travel Websites, or publicly available sources. For example, if you make a reservation at one of our Licensed Hotels, that hotel transmits information to us as part of our legitimate interest in, among other things, maintaining a global reservation system and providing for customer service and support.
In addition to the purposes and uses described above, we use information in the following ways:
-
For internal administrative purposes as well as to manage our relationships
-
To conduct analytics.
-
To identify you when you visit our websites or Licensed Hotels.
-
To provide service to you and to improve our services and product offerings.
-
To respond to inquiries related to support, employment opportunities, or other requests.
-
To send marketing and promotional materials, including information relating to our products, services, sales, or promotions.
-
To streamline the reservation or checkout process.
-
To debug, identify and repair errors that impair existing intended functionality of our website and services.
-
To detect and protect against malicious, deceptive, fraudulent, or illegal activity, including violation of our policies and terms and conditions, security incidents, and harm to the rights, property, or safety of our company and our users, employees, or others.
-
To comply with our legal or regulatory obligations, to establish or exercise our rights, and to defend against a legal claim.
-
For the safety and security of guests, staff, and other visitors.
Although the sections above describe our primary purpose in collecting your information, in many situations we have more than one purpose. For example, if you make a room reservation we collect your information so that we, or so that a Licensed Hotel, can perform a contract with you, but we also collect your information as we have a legitimate interest in maintaining your information after your transaction is complete so that we can quickly and easily respond to any questions about your stay. As a result, our collection and processing of your information may be based upon our need to perform a contract, our obligations under law, our legitimate interest in conducting our business, and/or your consent.
To the extent we maintain and use personal information in a deidentified form, we will not attempt to reidentify the information, except for the purpose of determining whether our deidentification processes satisfy our legal obligations.
​
Sharing of information
In addition to the specific situations discussed elsewhere in this policy, we disclose information in the following situations:
Service Providers
We share your information with service providers. Among other things, service providers help us to administer our databases, websites, marketing, communications, and surveys; service providers provide us with technical and logistical support; service providers process payments on our behalf; and service providers assist in the fulfillment of reservations and orders.
Public
Some of our websites may provide the opportunity to post comments or reviews in a public forum. If you decide to submit information on these pages, that information may be publicly available.
Other Disclosures without Your Consent
We may disclose information in response to subpoenas, warrants, or court orders, or in connection with any legal process, or to comply with relevant laws or for national security requirements within the United States or the other jurisdictions in which we operate. We may also share your information in order to establish or exercise our rights, to defend against a legal claim, to investigate, prevent, or take action regarding possible illegal activities, suspected fraud, safety of person or property, or a violation of our policies, or to comply with your request for the shipment of products to or the provision of services by a third party intermediary. We also may share information with our corporate affiliates (e.g., subsidiaries, joint ventures, or other companies under common ownership or control). In addition, if another company acquires or plans to acquire our company, business, or our assets, we will also share information with that company, including at the negotiation stage.
​
Other Disclosures with Your Consent
We may ask if you would like us to share your information with other unaffiliated third parties who are not described elsewhere in this policy.
How We Protect Personal Information
No method of transmission over the Internet or of electronic storage is fully secure. While we use reasonable efforts to protect your personal information from unauthorized access, use, or disclosure, we cannot guarantee the security of your personal information. In the event that we are required by law to inform you of any breach to your personal information we may notify you electronically, in writing, or by telephone, if permitted to do so by law.
Some of our websites permit you to create an account. When you do you will be prompted to create a password. You are responsible for maintaining the confidentiality of your password, and you are responsible for any access to or use of your account by someone else that has obtained your password, whether or not such access or use has been authorized by you. You should notify us of any unauthorized use of your password or account.
How Long We Retain Information
We retain your personal information for the period necessary to fulfill the purposes outlined in this policy, including for the purposes of satisfying any legal, accounting, or reporting requirements, unless a longer retention period is required or permitted by law. For example, we retain BWR information for as long as an individual remains a BWR member because BWR points do not expire and the information is needed in order to allow the individual to redeem their rewards. We retain information in our reservation system, in full or in summary form, for three years following a guest’s departure in order to process your reservation, provide post-reservation customer support, and provide invoicing and recordkeeping. We typically retain information in our customer care complaint system for three years after receipt, unless the information is needed for an ongoing purpose such as to address an open issue.
​
​
Changes to This Privacy Policy
We may change our privacy policy and practices over time. When we make changes to the policy, we will change the "Updated and Effective” date at the beginning of this policy, and we will provide any other form of notice as may be required by law. All changes shall be effective from the date we post the revised policy.