Marriott International, Inc. and the U.S. affiliates listed at the end of this Policy (“Marriott U.S.”) have created this Privacy Shield Privacy Policy to help you learn about how we handle Guest Personal Data that we receive from our affiliates, Owners and Franchisees located in the European Economic Area (the “EEA”) and Switzerland under the Privacy Shield program. This Privacy Shield Privacy Policy supplements the Marriott Group Global Privacy Statement. Unless specifically defined differently in this Policy, the capitalized terms in this Privacy Shield Privacy Policy have the same meaning as in the Marriott Group Global Privacy Statement.
Marriott U.S. has subscribed to the EU-U.S. and Swiss-U.S. Privacy Shield programs (“Privacy Shield”) and is committed to adhering to the Privacy Shield Principles, which include the Supplemental Principles (collectively, the “Principles”) for all Guest Personal Data received from the EEA and Switzerland. More information about Privacy Shield can be found at: https://www.privacyshield.gov and the list of certified organizations can be found at: www.privacyshield.gov/list.
Marriott U.S. may receive Personal Data from entities in the EEA and Switzerland such as:
Any Personal Data sent to us may be used by Marriott U.S. and its Service Providers for the purposes indicated in the Marriott Group Global Privacy Statement. If we intend to use your Personal Data for a purpose that is materially different from these purposes or if we intend to disclose it to a third party not previously identified, we will notify you and offer you the opportunity to opt-out of such uses and/or disclosures where it involves Personal Data or opt-in where Sensitive Personal Data is involved.
Your Personal Data may be disclosed to the following:
We sometimes contract with other companies and individuals to perform functions or services on our behalf such as spas and restaurants within our hotels, website hosting, data analysis, payment processing, order fulfillment, information technology and related infrastructure provision, customer service, email delivery, auditing and other services. They may have access to Personal Data needed to perform their functions, but are restricted from using the Personal Data for purposes other than providing services for us or to us. Marriott U.S. requires that its Service Providers that have access to Personal Data received from the EEA and Switzerland provide the same level of protection as required by the Privacy Shield Principles. We are responsible for ensuring that our Service Providers process the Personal Data in a manner consistent with our obligations under the Principles.
We use reasonable physical, electronic, and administrative safeguards to protect your Personal Data from loss, misuse and unauthorized access, disclosure, alteration and destruction, taking into account the nature of the Personal Data and the risks involved in processing that information.
We limit the collection and use of Personal Data to the information that is relevant for the purposes of processing and will not process Personal Data in a way that is incompatible with the purposes for which the information has been collected or subsequently authorized by you. We take reasonable steps to ensure the Personal Data is reliable for its intended use, accurate, complete, and current to the extent necessary for the purposes for which we use the Personal Data.
You can ask to review, correct, or delete Personal Data that we maintain about you by sending a written request to privacy@marriott.com.
If you have any questions or concerns, please write to us at the address listed below. We will investigate and attempt to resolve complaints and disputes regarding use and disclosure of Personal Data in accordance with the Privacy Shield Principles.
If we are unable to resolve your complaints or disputes, you may contact JAMS and they will investigate and assist you, free of charge, in resolving your complaint. Please refer to: https://www.jamsadr.com for more information.
As further explained in the Privacy Shield Principles, a binding arbitration option will also be made available to you in order to address residual complaints not resolved by any other means. Marriott U.S. is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).
We may need to disclose Personal Data in response to lawful requests by public authorities for law enforcement or national security reasons or when such action is necessary to comply with a judicial proceeding or court order, or when otherwise required by law.
If you have any questions regarding this Privacy Shield Privacy Policy, please contact us by email at privacy@marriott.com, or please write to the following address:
Marriott International, Inc.
Global Compliance, Privacy
10400 Fernwood Road
Bethesda, MD 20817
United States of America
This Policy may be changed from time to time, consistent with the requirements of the Privacy Shield. You can determine when this Policy was last revised by referring to the “LAST UPDATED” legend at the top of this page. Any changes to our Policy will become effective upon our posting of the revised Policy on the Site.
Marriott Hotel Services, Inc.
Marriott International Administrative Services, Inc.
Marriott Rewards, Inc.
Marriott Worldwide Reservation Services, LLC
Starwood Hotels & Resorts Management Company, LLC
Starwood Hotels & Resorts Worldwide, LLC
Starwood Reservations LLC
The Ritz-Carlton Hotel Company, LLC
Galaxy Hotel Systems LLC
For more detailed information MARRIOTT GROUP GLOBAL PRIVACY STATEMENT, please visit Privacy Center at https://www.marriott.com/about/privacy.mi
LAST UPDATED: May 18, 2018