CUSTOMER PERSONAL DATA PROTECTION CHARTER
1. THE ACCORHOTELS GROUP’S COMMITMENT TO PROTECTING PRIVACY
Because we consider you an important customer, our first priority is to offer you exceptional times and stays throughout the world.
Your complete satisfaction and confidence in Accor S.A. are absolutely essential to us.
That’s why, as part of our commitment to meeting your expectations, we have set up a customer privacy protection policy. This Charter formalizes our commitments to you and describes how Accor S.A. uses your personal data.
The main rules applicable within the AccorHotels Group worldwide (Accor S.A. and its subsidiaries) are founded on seven principles.
“Personal data” means any information collected and logged in a format that allows you to be identified personally, either directly (e.g. name) or indirectly (e.g. telephone number) as a natural person. Before providing us with this information, we recommend that you read this document describing our customer privacy protection policy.
This Personal Data Protection Charter forms part of the terms and conditions that govern our hotel services. By accepting these terms and conditions, you expressly accept the provisions of this Charter.
The seven principles below are applicable within the AccorHotels Group throughout the world.
- Transparency: When collecting and processing your personal data, we will communicate all information to you and inform you of the purpose and recipients of the data.
- Legitimacy: We will collect and process your personal data only for the purposes described in this Charter.
- Relevance and accuracy: We will only collect personal data that is necessary for data processing. We will take all reasonable steps to ensure that the personal data we hold is accurate and up to date.
- Storage: We will hold your personal data for the period necessary for processing the same in compliance with the provisions of the law.
- Access, rectification, opposition: You may access, modify, correct or delete your personal data. You may also oppose the use of your personal data, particularly to avoid receiving sales and marketing information. The details of the department to contact in this respect are shown below (§13) in the clause “Access and modification”.
- Confidentiality and security: We will ensure reasonable technical and organizational measures are in place to protect your personal data against alteration or accidental or unlawful loss, or unauthorized use, disclosure or access.
- Sharing and international transfer: We may share your personal data within the AccorHotels Group or with third parties (such as commercial partners and/or service providers) for the purposes set out in this Charter. We will take appropriate measures to guarantee security when sharing or transferring such data.
For any questions concerning the seven principles of AccorHotels Data Protection, please contact the Data Privacy department whose details appear in the clause “Access and modification”.
This Charter applies:
- To all data processing implemented in our subsidiary and managed hotels, i.e. those operating under an AccorHotels Group brand name (Sofitel, Pullman, Novotel, Suite Novotel, Mercure, ibis, ibis Styles, ibis budget, Hotel F1 etc.) This list is regularly updated.
- To all Accor S.A. reservation websites, including www.accorhotels.com but also brand sites (sofitel.accorhotels.com, mercure.accorhotels.com etc.).
Although our customer privacy protection policies cannot be imposed on our franchised hotels, Accor S.A. will do its utmost to promote the seven principles set out in this Charter so that our franchises comply with the applicable laws in relation to the processing of your personal data.
At various times, we will be obliged to ask you, as an Accor S.A. customer, for information about you and/or members of your family, such as:
- Contact details (for example, last name, first name, telephone number, email)
- Personal information (for example, date of birth, nationality)
- Information relating to your children (for example, first name, date of birth, age)
- Your credit card number (for transaction and reservation purposes)
- Your membership number for the AccorHotels loyalty program or another partner program (for example, the airline loyalty program)
- Your arrival and departure dates
- Your preferences and interests (for example, smoking or non-smoking room, preferred floor, type of bedding, type of newspapers/magazines, sports, cultural interests)
- Your questions/comments, during or following a stay in one of our establishments.
The information collected in relation to persons under 18 years of age is limited to their name, nationality and date of birth, which can only be supplied to us by an adult. We would be grateful if you could ensure that your children do not send us any personal data without your consent (particularly via the Internet). If such data is sent, you can contact the Data Privacy department (“Access and modification” clause) to arrange for this information to be deleted.
We do not deliberately collect sensitive information, such as information concerning race, ethnicity, political opinions, religious and philosophical beliefs, union membership, or details of health or sexual orientation.
Moreover, depending on applicable local laws, other information could be considered sensitive, such as your credit card number, your leisure activities, personal activities and hobbies, and whether or not you are a smoker. We may be obliged to collect such information in order to meet your requirements or provide you with an appropriate service, such as a specific diet.
In this case, depending on the laws in force in certain countries, your prior consent may be required with regard to the collection of sensitive information.
Personal data may be collected on a variety of occasions, including:
- Hotel activities:
- Booking a room
- Checking-in and paying
- Eating/drinking at the hotel bar or restaurant during a stay
- Requests, complaints and/or disputes.
- Participation in marketing programs or events:
- Signing up for loyalty programs
- Participation in customer surveys (for example, the Guest Satisfaction Survey)
- Online games or competitions
- Subscription to newsletters, in order to receive offers and promotions via email.
- Transmission of information from third parties:
- Tour operators, travel agencies, GDS reservation systems, and others
- Internet activities:
- Connection to AccorHotels websites (IP address, cookies)
- Online forms (online reservation, questionnaires, AccorHotels pages on social networks, network login devices such as Facebook login etc.).
We collect your personal data for the purposes of:
- Meeting our obligations to our customers.
- Managing the reservation of rooms and accommodation requests:
- Creation and storage of legal documents in compliance with accounting standards.
- Managing your stay at the hotel:
- Monitoring your use of services (telephone, bar, pay TV etc.)
- Managing access to rooms
- Internal management of lists of customers having behaved inappropriately during their stay at the hotel (aggressive and anti-social behavior, non-compliance with the hotel contract, non-compliance with safety regulations, theft, damage and vandalism, or payment incidents).
- Improving our hotel service, especially:
- Processing your personal data in our customer marketing program in order to carry out marketing operations, promote brands and gain a better understanding of your requirements and wishes
- Adapting our products and services to better meet your requirements
- Customizing commercial offers and the promotional messages we send to you
- Informing you of special offers and any new services created by Accor S.A. or one of its subsidiaries.
- Managing our relationship with customers before, during and after your stay:
- Managing the loyalty program
- Providing details for the customer database
- Segmentation operations based on reservation history and customer travel preferences with a view to sending targeted communications
- Predicting and anticipating future behaviors
- Developing statistics and commercial scores, and carrying out reporting
- Providing context data for the offer push tool when a customer visits a Group website or makes a reservation
- Knowing and managing the preferences of new or repeat customers
- Sending you newsletters, promotions and tourist, hotel or service offers, or offers from Accor S.A. partners, or contacting you by telephone
- Managing requests to unsubscribe from newsletters, promotions, tourist offers and satisfaction surveys
- Taking into account the right to object
- Using a dedicated telephone service to search for persons staying in AccorHotels Group hotels in the event of serious events affecting the hotel in question (natural disasters, terrorist attacks etc.).
- Use a trusted third party to cross-check, analyze and apply certain devices to your collected data at the time of booking or at the time of your stay, in order to determine your interests and your customer profile, and to allow us to send you personalized offers.
- Improving Accor S.A. services, especially:
- Carrying out surveys and analyses of questionnaires and customer comments
- Managing claims/complaints
- Offering you the benefits of our loyalty program.
- Securing and enhancing your use of Accor S.A. websites, especially:
- Improving navigation
- Implementing security and fraud prevention.
- Conforming to local legislation (for example, storing of accounting documents).
As we are present in many countries, we endeavor to provide you with the same services throughout the world. Thus, to guarantee you the right of access and amendment (“Access and modification” clause), we have to share your personal data with internal and external recipients subject to the following conditions:
a. Within the AccorHotels Group, in order to offer you the best service, we can share your personal data and give access to authorized personnel from the Group, including:
- Hotel staff
- Reservation staff using AccorHotels reservation tools
- IT departments
- Commercial partners and marketing services
- Medical services if applicable
- Legal services if applicable
- Generally, any appropriate person within AccorHotels Group entities for certain specific categories of personal data.
b. With service providers and partners: your personal data may be sent to a third party for the purposes of supplying you with services and improving your stay, for example:
- External service providers: IT sub-contractors, international call centers, banks, credit card issuers, external lawyers, dispatchers, printers.
- Commercial partners: Accor S.A. may, unless you specify otherwise to the Data Privacy department, enhance your profile by sharing certain personal information with its preferred commercial partners. In this case, a trusted third party may cross-check, analyze and apply certain devices to your data. This data processing will allow Accor S.A. and its privileged contractual partners to determine your interests and your customer profile, and will allow us to send you personalized offers.
- Social networking sites: In order to allow you to be identified on the website without the need to fill out a registration form, Accor S.A. has put the Facebook login system in place. If you log in using the Facebook login system, you explicitly authorize Accor S.A. to access and store the public data on your Facebook account, as well as the other data mentioned during use of the Facebook login system. Accor S.A. may also communicate your email address to Facebook in order to identify whether you are already a Facebook user, in order to post personalized and relevant ads on your Facebook account if appropriate.
c. Local authorities: We may also be obliged to send your information to local authorities if this is required by law or as part of an inquiry and in accordance with local regulations.
For the purposes set out in Clause 7 of this Charter, we may transfer your personal data to internal or external recipients who may be in countries offering different levels of personal data protection.
Consequently, in addition to implementation of this Charter, Accor S.A. employs appropriate measures to ensure secure transfer of your personal data to an AccorHotels entity or to an external recipient located in a country offering a different level of privacy from that proposed in the country where the personal data is collected.
As part of these activities, your data may be sent, in particular as part of the reservation process, to AccorHotels hotels located outside of the European Union, in particular in the following countries: South Africa, Algeria, Andorra, Saudi Arabia, Argentina, Australia, Bahrain, Benin, Brazil, Cambodia, Cameroon, Canada, Chile, China, Colombia, South Korea, Ivory Coast, Cuba, Egypt, United Arab Emirates, Ecuador, United States of America, Fiji, Ghana, Guatemala, Equatorial Guinea, India, Indonesia, Israel, Japan, Jordan, Kuwait, Laos, Lebanon, Madagascar, Malaysia, Morocco, Mauritius, Mexico, Monaco, Nigeria, New Zealand, Oman, Uzbekistan, Panama, Paraguay, Peru, Philippines, Qatar, Dominican Republic, Russia, Senegal, Singapore, Switzerland, Chad, Thailand, Togo, Tunisia, Turkmenistan, Turkey, Ukraine, Uruguay, Vietnam, Yemen, Taiwan, Hong Kong, Macao, Dubai.
Other than those that are required to carry out your reservation, dataflows to countries having different levels of personal data protection are regulated by standard contractual manager-to-subcontractor clauses defined by the European Commission. Dataflows to the United States are made to entities that belong to Safe Harbor.
Accor S.A. takes appropriate technical and organizational measures, in accordance with applicable legal provisions, to protect your personal data against illicit or accidental destruction, accidental alteration or loss, and unauthorized access or disclosure. To this end, we have taken technical measures (such as firewalls) and organizational measures (such as a user ID/password system, means of physical protection etc.).
When you submit credit card data when making a reservation, SSL (Secure Socket Layer) encryption technology is used to guarantee a secure transaction.
These tracers may be installed on your device depending on the preferences that you expressed or may express at any time in accordance with this policy.
1. Why have a cookies policy?
With a view to provide information and ensure transparency, AccorHotels established this policy so that you can learn more about:
- The origin and purpose of the information processed when you browse AccorHotels Websites
- Your rights with regard to cookies and other tracers used by AccorHotels
2. What is a cookie?
Cookies and other similar tracers are packets of data used by servers to send status information to a user’s browser and return status information to the original server through this same browser.
The status information can be a session identifier, a language, an expiration date, a response field or other types of information.
During their validity period, cookies are used to store status information when a browser accesses various pages of a website or when the browser returns to this website at a later point.
There are different types of cookies:
- Session cookies, which are deleted as soon as you exit the browser or leave the website
- Persistent cookies, which remain on your device until their expiration or until you delete them using the features of your browser
Cookies strictly necessary for browsing the AccorHotels Websites and the ability to use all of their features, and intended in particular to:
- Manage authentication of website visitors and the associated security measures, and ensure proper functioning of the authentication module
- Optimize the user experience and facilitate browsing, in particular determining “technical routes” for browsing
- Store information regarding the “cookies” information banner seen by website visitors who then continue to browse the website after agreeing to accept cookies on their device
- Implement security measures (for example, when you are asked to log in again for content or a service after a certain period of time, or to ensure basic operation of AccorHotels Websites and use of their major technical features, such as monitoring of performance and browsing errors, management of user sessions, etc.)
Cookies for features intended in particular to:
- Adapt AccorHotels Websites to the display preferences of your device (language, currency, display resolution, operating system used, configuration and settings of the display of web pages based on the device you are using and its location, etc.)
- Store specific information that you enter on AccorHotels Websites in order to facilitate and customize your subsequent visits (including displaying the visitor’s first and last names if the visitor has a user account)
- Allow you to access your personal pages more quickly by storing the login details or information that you previously entered
Cookies for visitor tracking are aimed at improving the comfort of users by helping us understand your interactions with AccorHotels Websites (most visited pages, applications used, etc.); these cookies may collect statistics or test different ways of displaying information in order to improve the relevance and usability of our services.
Advertising cookies are intended to (i) offer you, in advertising spaces, relevant, targeted content that may be of interest to you (best offers, other destinations, etc.) based on your interests, browsing behavior, preferences, and other factors, and (ii) reduce the number of times that the advertisements appear.
Affiliate cookies identify the third-party website that redirected a visitor to AccorHotels Websites.
Social network cookies, set by third parties, allow you to share your opinion about and content from AccorHotels Websites on social networks (for example, the “Share” or “Like” application buttons for social networks).
The social network applications on AccorHotels Websites as mentioned above can in some cases allow the social networks concerned to identify you even if you did not click on the application button. This type of button can allow a social network to track your browsing on AccorHotels Websites, simply because your account in the social network concerned is enabled on your device (open session) while you are browsing.
We recommend that you read the policies of these social networks to familiarize yourself with how they use the browsing information they may collect, especially with regard to advertising. These policies must specifically allow you to make choices on these social networks, particularly by configuring your user accounts for each of them.
The installation of certain cookies is subject to your consent. Also, when you first visit the AccorHotels Websites, you are asked whether you agree to the installation of this type of cookie, which is only activated after your acceptance.
This process is supported by means of an information banner on the home page of the AccorHotels Websites, which informs you that by continuing to browse, you are agreeing to the installation of cookies that require consent on your device.
You can change your mind at any time using the various methods described in section “Deleting and/or blocking cookies”.
5. Deleting and/or blocking cookies
You have several options for deleting cookies and other tracers.
Although most browsers are set by default to accept cookies, you can, if you desire, choose to accept all cookies, always block cookies, or choose which cookies to accept based on their senders.
You can also set your browser to accept or block cookies on a case-by-case basis before they are installed. Your browser also allows you to regularly delete cookies from your device. Remember to configure all the browsers in your different devices (tablets, smartphones, computers, etc.).
Regarding management of cookies and your preferences, configuration varies for each browser. This is described in the Help menu of your browser, as well as how to edit your preferences with regard to cookies. For example:
- For Internet Explorer™: http://windows.microsoft.com/en-US/windows-vista/Block-or-allow-cookies
- For Safari™: http://www.apple.com/legal/privacy/en-ww/cookies
- For Chrome™: http://support.google.com/chrome/bin/answer.py?hl=en&hlrm=en&answer=95647
- For Firefox™: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
- For Opera™: http://help.opera.com/Windows/10.20/en/cookies.html
Saving a cookie to your device depends on your wishes, which you can exercise and change at any time and free of charge using the settings offered by your browser software.
If your browser is set to accept cookies on your device, the cookies embedded in the pages and content that you view may be temporarily stored in a dedicated space on your device. They can only be read by their issuer.
However, you can set your browser to block cookies. Keep in mind that if you set your browser to block cookies, some features, pages and spaces on AccorHotels Websites will not be accessible, and we cannot be held responsible in this case.
Specialized advertising platforms
Several professional advertising platforms also give you the option to accept or block cookies used by companies that are members. These centralized mechanisms do not block the display of ads; they simply prevent the installation of cookies that tailor ads to your interests.
For example, you can visit the website http://www.youronlinechoices.com to prohibit the installation of these cookies on your device. This website is offered by digital advertising professionals brought together within the European Digital Advertising Alliance (EDAA) and managed in France by Interactive Advertising Bureau France.
We retain your personal data only for the period necessary for the purposes set out in this Charter or in accordance with the provisions of applicable law.
You have the right to access your personal data collected by Accor S.A. and to modify it subject to applicable legal provisions.
You may also exercise your right to object by writing to the address below.
In the event of difficulty exercising your rights, please contact the Data Privacy department for the AccorHotels Group directly by sending an email to data.privacy@AccorHotels.com or by writing to the address below:Accor
Département Protection des Données Personnelles
82, rue Henri Farman
92130 Issy-les-Moulineaux, France
For the purposes of confidentiality and personal data protection, we will need to identify you in order to respond to your request. You will be asked to include a copy of an official piece of identification, such as a driver’s license or passport, along with your request.
If your personal data is inaccurate, incomplete or not up to date, please send the appropriate amendments to the Data Privacy department as indicated above.
All requests will receive a response as swiftly as possible and in accordance with applicable law.
You may also exercise your rights in respect of your personal data that is stored and processed by a hotel following a stay. To do this, you must contact the hotel directly.
We may modify this Charter from time to time. Consequently, we recommend that you consult it regularly, particularly when making a reservation at one of our hotels.
For any questions concerning the AccorHotels Group’s personal data protection policy, please contact the Data Privacy department (“Access and modification”clause).