Effective Date: September 7, 2017
This Privacy Notice describes the privacy practices of Club Quarters Hotels, its partner hotels (which include The Jewel facing Rockefeller Center, World Center Hotel, Hotel Boutique at Grand Central, Central Loop Hotel, River Hotel, and The Grand at Trafalgar Square), Shared Mutual Services, LLC, and their respective parent entities, direct and indirect subsidiaries and affiliates (collectively, “CQ Hotels,” “we,” or “us”). This Privacy Notice describes how we handle personal information we collect online and offline in connection with operating our company.
This Privacy Notice explains the types of personal information that CQ Hotels collects and processes, how CQ Hotels may use and share the information, and the choices that are available to individuals with respect to CQ Hotels’ handling of the information.
Click on the links below to jump to sections of the Privacy Notice:
- Personal Information We Collect
- How We Use The Personal Information We Collect
- Personal Information We Share
- Cookies and Other Information Collected by Automated Means
- Data Retention
- Privacy Preferences, Rights, And Choices
- International Data Transfers
- How We Protect Personal Information
- Links To Websites And Third Party Content
- Updates To Our Privacy Notice
- How To Contact Us
Personal Information We Collect
Whose information we collect
We may collect information about a variety of individuals who interact with CQ Hotels – website and mobile app users, guests at our hotels, individuals who attend meetings or events at our hotels, employees or guests of our corporate members who are authorized to use the corporate membership, meeting and event planners, travel agents and corporate travel coordinators, job applicants, and others.
How we collect the information
We may collect information about individuals:
- Through our websites and mobile apps
- Directly from individuals
- From individuals’ agents – such as secretaries, assistants, or corporate travel coordinators
- From our corporate members
- From third party vendors or business partners – such as travel agencies and data providers
Types of information we collect
The types of information we collect include:
- Personal and business contact information (such as name, employer name, email address, mailing address, and phone number)
- Loyalty program number
- Information provided to us to make a hotel room reservation, such as dates of arrival and departure, details regarding travel plans (such as flight information), room preferences and requests; and, for group reservations, the group with which an individual is associated
- Information about a stay at our hotel, including the usage of our services and amenities, such as room charges, telephone and fax usage, and messages received
- Username and password that an individual may select in connection with establishing an profile on our websites or mobile apps
- Information that an individual provides to us by interacting with us through social media
- Demographic information (such as date of birth, gender, and zip code)
- Geolocation information from users of our mobile app.
- Payment information (such as a credit or debit card number)
- For job applicants, information of the type that would be included on a resume, such as work experience, education, and languages spoken
- Publicly available information, such as individuals’ comments or reviews about our hotels on third-party review websites
- Information that individuals voluntarily provide and which may be deemed sensitive under applicable law (such as a request for an accessible room or a hearing impaired kit)
We, our service providers, and our business partners may also collect certain information about the use of our websites and mobile apps by automated means. In addition, we and our service providers may collect certain information about the use of the wireless network at our hotels by automated means. Please see the “Cookies And Other Information Collected By Automated Means” section of this Privacy Notice for more information.
How We Use The Personal Information We Collect
We may use personal information to:
- Communicate about the products and services we offer, and respond to requests, inquiries, comments, and suggestions
- Provide our products and services
- Analyze use of our products and services
- Operate, evaluate and improve our business, our websites and mobile apps, and other products and services we offer (including to research and develop new products and services)
- Establish and maintain an individual’s profile on our website or mobile apps
- Administer surveys and other market research
- Analyze and enhance our communications and strategies (including by identifying when emails we sent have been received and read)
- Tailor the content we display in our communications and on our websites and in mobile apps
- Customize our services to individuals’ preferences
- Process employment applications (including to contact applicants and/or their references and former employers if appropriate)
- Monitor recruiting statistics, to inform our recruitment activities
- Comply with legal requirements, judicial process, and our company policies (including to verify users’ identity in connection with access or correction requests)
- Protect against, identify, investigate, and respond to fraud, illegal activity (such as incidents of hacking or misuse of our websites, mobile apps, or the wireless network at our hotels), and claims and other liabilities, including by enforcing the terms and conditions that govern the services we provide
We may also aggregate and/or de-identify any information that we collect, such that the information no longer identifies any specific individual. We may use, disclose and otherwise process such information for our own legitimate business purposes – including historical and statistical analysis and business planning – without restriction.
Personal Information We Share
CQ Hotels may share personal information as described in this Privacy Notice. In all cases, we take measures to share only the information that is needed to fulfill the purposes for which we share the information.
We may share personal information with:
- CQ Hotels affiliates, parent entities, and subsidiaries, for the purposes described in this Privacy Notice
- Service providers that perform services on our behalf, or partners with whom we may collaborate, in each case for the purposes described in this Privacy Notice. The types of service providers and partners with whom we may share personal information may include:
- Customer service and support providers
- Technology providers (including technology support, central reservation system providers, keyless entry providers, email and web hosting providers, email and text communications providers, and mobile app developers)
- Meeting and event planners
- Travel agents and corporate travel coordinators
- Shipping and fulfilment service providers
- Survey and market research providers
- Advertising and marketing partners
- Analytics organizations
- Our corporate members, regarding the employees or guests that stay at our properties under the company’s membership with CQ Hotels
- Organizers of corporate meetings or events, regarding individuals who attend those meetings or events
Unless prohibited by applicable law, we reserve the right to transfer the information we maintain in the event we sell or transfer all or a portion of our business or assets (or during the negotiations of any of such sale or transfer). If we engage in such a sale or transfer (or related negotiations), we will – where required by applicable law – make reasonable efforts to direct the recipient to use the personal information we provide in a manner that is consistent with this Privacy Notice. After such a sale or transfer, individuals may contact the recipient with any inquiries concerning the processing of their personal information.
In addition, we may share personal information to comply with legal and regulatory requirements, and protect against and prevent fraud, illegal activity (such as identifying and responding to incidents of hacking or misuse of our websites and mobile apps), and claims and other liabilities.
Cookies And Other Information Collected By Automated Means
We, our service providers, and our business partners may collect certain information about the use of our websites and mobile apps by automated means, such as cookies, web beacons and other technologies. A “cookie” is a text file that websites send to a visitor‘s computer or other Internet-connected device to uniquely identify the visitor’s browser or to store information or settings in the browser. Please see our Cookies Policy for further information. A “web beacon,” also known as an Internet tag, pixel tag or clear GIF, is used to transmit information back to a web server. We and our service providers and business partners may collect information about individuals’ online activities over time and across third-party websites when an individual uses our websites and mobile apps.
In addition, at our hotels, we and our service providers may collect certain information by automated means. For example, we may monitor activity on the wireless network at our hotels by automated means, engage in video monitoring of the public areas of our hotels, and monitor when individuals use room keys (or similar methods of access) assigned to their rooms.
The information that may be collected by automated means includes:
- Details about the devices that are used to access our websites or mobile apps (such as IP address, type of operating system, and web browser)
- Location information, for example, of a mobile device running one of our mobile apps when the mobile app is running in the foreground or background; or when the room key assigned to an individual is used or attempted to be used to access a room
- Details about the devices that are used to access the wireless network at our hotels (such as IP address, MAC address, or other unique identifier)
- Dates and times of visits to, and use of, our websites, mobile apps, and the wireless network at our hotels
- Information about how our websites and mobile apps are used (such as the content that is viewed on our websites and how users navigate between our webpages, or the features of our mobile apps that are used and how users navigate between screens on our mobile apps)
- Information about how the wireless network at our hotels is used (including information regarding the demand of our network, such as the volume of data transmitted over our network, the speed of transmission, and the webpages that are viewed and apps used when connected to our wireless network)
- Video of individuals present and activity occurring in the public areas of our hotels
- URLs that refer visitors to our websites
- Search terms used to reach our websites or locate our mobile apps
Web browsers may offer users of our websites or mobile apps the ability to disable receiving certain types of cookies; however, if cookies are disabled, some features or functionality of our websites may not function correctly.
Some of the business partners that collect information about users’ activities on our websites and in our mobile apps may be members of organizations or programs that provide choices to individuals regarding the use of their browsing behavior for purposes of targeted advertising. For example, users may opt out of receiving targeted advertising on websites through members of the Network Advertising Initiative by clicking here or the Digital Advertising Alliance by clicking here. European users may opt out of receiving targeted advertising on websites through members of the European Interactive Digital Advertising Alliance by clicking here, selecting the user’s country, and then clicking “Choices” (or similarly-titled link). Mobile app users may opt out of receiving targeted advertising in mobile apps through members of the Digital Advertising Alliance by installing the AppChoices mobile app, available here, and selecting the user’s choices. Please note that we also may work with companies that offer their own opt-out mechanisms and may not participate in the opt-out mechanisms that we linked above.
Because there is not yet a consensus on how companies should respond to web browser-based do-not-track (“DNT”) mechanisms, we do not respond to web browser-based DNT signals at this time.
Our retention periods for personal information are based on business needs and legal requirements. We retain personal information for as long as is necessary for the processing purpose(s) for which the information was collected, and any other permissible, related purpose. When we no longer need the personal information we collect, we either irreversibly anonymize the information (in which case, we may further retain and use the anonymized information) or securely destroy the information.
Privacy Preferences, Rights, And Choices
Individuals have certain rights and may make certain choices regarding CQ Hotels’ processing of their personal information.
Please note that if the exercise of these rights limits our ability to process personal information, we may be precluded from providing the individuals who exercise such rights with our products or services or from otherwise engaging with such individuals going forward.
We reserve the right to verify the identity of the individual in connection with any requests regarding personal information to help ensure that we provide the information to individuals to whom it pertains, and allow only those individuals or their authorized representatives to exercise rights with respect to that information.
For information about the rights and choices users have with respect to cookies and online advertising and tracking, please see the “Cookies And Other Information Collected By Automated Means” section of this Privacy Notice.
General objections to the processing of personal information
To the extent provided by applicable law, individuals may withdraw any consent previously provided to us, or object at any time on legitimate grounds, to the processing of their personal information. We will apply these preferences going forward. In some circumstances, withdrawing consent to CQ Hotels’ use or disclosure of personal information will mean that an individual’s participation in CQ Hotels programs or other relationships an individual may have with CQ Hotels will terminate.
Access to personal information
Individuals may request access to the personal information CQ Hotels maintains about them. If we grant this request, we will provide the individual with a copy of the personal information we maintain about them in the ordinary course of business, in a commonly used format. Individuals may request to correct any errors in their personal information. We may reject such request to access or correct personal information, as permitted by applicable law. If we reject such request, we will notify the requestor of the reason(s) for the rejection.
Deletion of personal information
Individuals may request that we delete their personal information. We may reject such request, as permitted by applicable law. If we reject such request, we will notify the requestor of the reason(s) for the rejection.
CQ Hotels profile
You may review, update, or modify your profile information, including contact information, by logging into your CQ Hotels profile. You may delete your CQ Hotels profile by emailing firstname.lastname@example.org.
Your mobile device may provide you with the ability to prevent us from automatically collecting your location information. For example, you may be able to disable location services on your mobile device or to configure your mobile device not to allow the App to collect location information. However, this will limit your ability to use certain features of the App.
Individuals may unsubscribe from receiving marketing or other commercial emails from CQ Hotels by following the instructions included in the email or by contacting CQ Hotels using the contact information below. However, even if an individual opts out of receiving such communications, we retain the right to send them non-marketing communications (such as confirmation of a reservation or purchase, or changes in our website or mobile app terms).
Individuals may unsubscribe from receiving recurring text messages from CQ Hotels sent by automated means by responding STOP to the message.
International Data Transfers
We may transfer personal information to countries other than the country in which the data was originally collected for the purposes described in this Privacy Notice. For example, we typically transfer the personal information of individuals located outside of the United States to the United States, where CQ Hotels is headquartered. The countries to which we transfer personal information may not have the same data protection laws as the country in which we initially collected the information. If we transfer personal information of a resident of the European Economic Area (EEA) outside of the EEA, we will apply the same data protection safeguards that we deploy inside the EEA.
How We Protect Personal Information
CQ Hotels maintains reasonable administrative, technical and physical safeguards designed to protect the personal information we maintain against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or use. However, we cannot guarantee that the measures we maintain will ensure the security of the personal information.
Links To Websites And Third-Party Content
We may provide links to websites and other third-party content that is not owned or operated by CQ Hotels. The websites and third-party content to which we link may have separate privacy notices or policies. CQ Hotels is not responsible for the privacy practices of any entity that it does not own or control.
Updates To Our Privacy Notice
CQ Hotels reserves the right to change this Privacy Notice at any time. When we make any updates to this Privacy Notice that are deemed material under applicable legal requirements, we will notify individuals of such changes by updating the date of this Privacy Notice and providing other notification as required by applicable law. We may also provide notification of such changes to the Privacy Notice in other ways, such as via email or using other contact information provided to us.
For all other changes, please review the Privacy Notice from time to time to stay informed of how we are processing personal information.
How To Contact Us
CQ Hotels is the data controller of your personal information. Individuals may contact us with questions, comments, or complaints about this Privacy Notice or our privacy practices, or to or to exercise any of the rights or choices they may have under applicable law. Our contact information is as follows:
Attn: Legal Department – Privacy
One Atlantic Street, 5th Floor
Stamford, CT 06901
Residents within the EEA also have the right to file a complaint with the data protection authority (also known as a supervisory authority) of the resident’s member state.