CHROMA HOSPITALITY PRIVACY STATEMENT
Last Updated: January 2018
Effective Date: January 2017
This privacy statement (“Statement”) applies to Chroma Hospitality, its subsidiaries and all of the hotels within the Crimson, Quest, Grafik, Azure, Mimosa Golf Course Portfolio of Brands (collectively, "Chroma," "we," or "us"). At Chroma, we strive to deliver outstanding products, services, and experiences around the world. We value your business and, more importantly, your loyalty. We recognize that privacy is an important issue. We have developed this Statement to explain our practices regarding the personal information we collect from you or about you on this site or via our apps, through written or verbal communications with us, when you visit one of our properties, or from other sources. While this Statement broadly describes the practices we have adopted across Chroma, local laws vary and some jurisdictions may place restrictions on our processing activities (e.g., certain jurisdictions may require affirmative consent to send marketing messages). Therefore, our actual practices in such jurisdictions may be more limited than those described herein in order to enable us to comply with local requirements.
By using any of our products or services and/or by agreeing to this Statement, e.g. in the context of registering for any of our products or services, you agree to the collection and use of Personal Information as described in this Statement.
Please note that this Statement does not apply to our processing of personal information on behalf of and subject to the instructions of third parties such as airlines, car rental companies and other service providers, companies that organize or offer packaged travel arrangements, marketing partners, or corporate customers.
PERSONAL INFORMATION WE COLLECT
At every touch point or guest interaction, and in conducting every aspect of our business, we may collect personal information. This personal information may include: your contact information; information related to your reservation, stay or visit to a property; participation in a membership or loyalty program (including Chroma co-branded payment cards or other co-branded programs); participation in a contest, sweepstakes, or marketing program (even if you do not stay at one of our hotels); information related to the purchase and receipt of products or services; personal characteristics, nationality, income, passport number and date and place of issue; travel history; payment information, such as your payment card number and other card information, as well as authentication information and other billing and account details associated with mobile billing; guest preferences; marketing and communication preferences; information about vehicles you may bring onto our properties; reviews and opinions about our Portfolio of Brands or properties (if they are identified or associated with you); frequent flyer or travel partner program affiliation and member number; hotel, airline and rental car packages booked; groups with which you are associated for stays at hotels; information provided on membership and account applications; and other types of information that you choose to provide to us or that we may obtain about you.
We may ask for details on joint travellers, including their names and frequent flyer numbers, and the age of the driver of the rental car. We may also collect information related to conversations, including recording or monitoring customer service calls for quality assurance and training purposes, and other communications such as in-app messages and SMS.
In addition, we collect other personal information in certain cases, such as:
Surveys: We may request demographic data or other personal information in customer surveys.
On-property Collection: We collect additional personal information during registration/check-in at our properties, including such information as may be required by local laws. We may also use closed circuit television and other security measures at our properties that may capture or record images of guests and visitors in public areas, as well as information related to your location while on our properties (via keycards and other technologies). We may also use closed-circuit television and other technologies that record sound or video for the protection of our staff, guests and visitors to our properties where permitted by law. In addition, we may collect personal information in connection with on-property services, such as concierge services, health clubs, spas, activities, child care services, equipment rental.
- Event Profiles: If you plan an event with us, we collect meeting and event specifications, the date of the event, number of guests, details of the guest rooms, and, for corporate events, information on your organization (name, annual budget, and number of sponsored events per year). We also collect information about the guests that are a part of your group or event. If you visit us as part of a group, we may have personal information about you provided to us by the group and may market to you as a result of your stay with a group or attendance at an event in accordance with your preferences as permitted by law. If you visit us as part of an event, we may share personal information about you with the event planners, as permitted by law. If you are an event planner we may also share information about your event with third-party service providers who may market event services to you as permitted by law.
- Social Media: If you choose to participate in Chroma-sponsored social media activities or offerings, we may collect certain information from your social media account consistent with your settings within the social media service, such as location, check-ins, activities, interests, photos, status updates and friend list. We may also allow you to enter into contests to provide photos, such as of your stay with us, which you may share with your connections on social media for votes, shared offers or other promotions.
- Forward-to-a-Friend: From time to time, we may offer a feature that allows you to send an electronic postcard or otherwise share a message with a friend, whether via the Internet, a stand-alone kiosk or mobile device. If you choose to use this feature, we will ask you for the recipient's name and email address, along with the text of any message you choose to include. By using this feature, you represent that you are entitled to use and provide us with the recipient's name and email address for this purpose.
- Franchise and Ownership Opportunities: If you are interested in obtaining more information about franchise or ownership opportunities, we may collect information about you in order to assess your suitability to become a franchisee or owner. We may combine the information you provide to us with information we obtain from third parties, such as credit reporting agencies and public records databases. We use this information to conduct due diligence on potential franchisees and owners.
- Employment Applications: If you choose to apply online for employment with Chroma, please see contact our HR department
- In addition to the information we collect from you directly, we may also infer information about you based on the information you provide to us or from Other Information we collect.
PERSONAL INFORMATION WE COLLECT FROM THIRD PARTIES
We may also collect information about you from third parties, including information from our airline, payment card, and other partners; from your social media services consistent with your settings on such services; and from other third-party sources that are lawfully entitled to share your data with us. We use and share this information (and may append this information to the other information we have on file for you) for the purposes described in this Statement.
USE OF PERSONAL INFORMATION COLLECTED ABOUT YOU
We use your personal information in a number of ways, including to provide and personalize the services you request and expect from Chroma properties, to offer you the expected level of hospitality in-room and throughout our properties, conduct direct marketing and sales promotions and as set forth below in more detail:
Service Administration: We use your personal information to administer programs in which you participate, including providing you with access to your account information, such as rewards status and offers for which you are eligible; to fulfil services that are part of such program; to enable direct communication between properties within the Chroma Portfolio of Brands; and between the Chroma Portfolio of Brands and you; and to facilitate collections.
Meeting and Event Planning: We may use your personal information to provide you with information about meeting and event planning.
Marketing and Communications: Where permitted we may use your personal information to provide or offer you newsletters, promotions and featured specials, as well as other marketing messages in accordance with any communications preferences you have expressed. We use your information to provide in-stay messaging, account alerts, and reservation confirmations; to send you marketing messages; and to conduct surveys, sweepstakes, prize draws, and other contests. We may provide these communications via email, postal mail, online advertising, social media, telephone, text message (including SMS and MMS), push notifications, in-app messaging, and other means (including on-property messaging, such as your in-room television). With your consent, we also use user-generated content (such as photos) from social media services to deliver display advertising or on our website and apps. We may also collect information from your payment card, which can be appended to personal information and used by Chroma or its business partners to recognize what type of card you have, such as whether or not it is a Chroma co-branded card and/or the bank or network of the card, and present and/or send you targeted marketing messages based on your payment method and in accordance with your communication preferences. We may also partner with third parties to learn whether a visitor to our site has a cash-back offer associated with their payment card and to deliver the visitor advertising and information that explains how to take advantage of that offer through a stay at a hotel within the Chroma Portfolio of Brands.
Service Improvements: We may use your personal information to improve Chroma’s services and to ensure that our site, products, and services are of interest to you. We also use your personal information to provide you with the expected level of hospitality in-room and throughout our properties. This may include providing you with the ability to control your in-room technology through our website or apps on your personal devices.
eFolio Program: We may enroll you in our eFolio program and use your email address to send you your hotel bill via email. It is your responsibility to ensure that we have the correct (and preferred) email address for you. If you make a reservation for another person using your email address, that person’s eFolio will be sent to your email address.
Data Correctness, Analytics and Personalization: We may aggregate your personal information with data from third-party sources for purposes of keeping information up to date and analytics. We also rely on information from third parties in order to provide better, more personalized service. For example, if you connect your social media services or other accounts to our services, we may use this information to make your experiences with us more personal and social, or share and use it as described elsewhere in this Statement.
PERSONAL INFORMATION WE SHARE
In order to offer you the expected level of hospitality and to provide you with the best level of service, we may share your personal information among members of the Chroma Portfolio of Brands, our service providers, and other third parties as set forth in detail below:
Chroma Portfolio of Brands, Including Franchised Hotels, Managed Hotels: We may share personal information within the Chroma Portfolio of Brands, as well as with owners and operators of franchised hotels, owners of hotels that we manage but do not own that may individually or jointly use the personal information to provide you with services, personalization, and for the purposes described above. In addition, when we cease managing a hotel that we do not own or end a franchise relationship, we may provide the hotel's owner with certain information about past or future guests of that hotel.
Electronic Billing Program: If you receive an eFolio by email (as discussed above), a summary detailing the goods and services provided to you during your stay will be shared with the payment card provider and, if you participate in a corporate billing program and use a corporate payment card, the payment card provider may share that summary with your employer. The privacy policies of your employer, the relevant payment card provider and card issuer apply once we have transferred your information.
Group Events or Meetings: If you visit Chroma properties as part of a group event or meeting, information collected for meeting and event planning may be shared with the organizers of those meetings and events, and, where appropriate, guests who organize or participate in the meeting or event.
Business Partners: We may partner with other companies to provide you with products, services, or offers based upon your experiences at our properties and may share your information with our business partners accordingly. For example, we may help to arrange rental cars or other services from our business partners, and share personal information with our business partners in order to provide those services. We may also share your personal information, such as your email address, with our corporate travel partners to help them assess compliance with travel policies or participation in special rate plans or to engage in co-branded marketing with our corporate travel partners. We may also work with third parties, such as our airline and payment card partners, to allow us and our partners to deliver advertisements to our shared customers. Our partners may be able to provide more relevant offers to you based upon information that we share about your experiences at our properties, as well as information in your Chroma centralized profile. Additionally, we may allow third-party partners to recognize you when you visit that partner’s website or app, or to recognize you as one of their customers when you visit Chroma managed websites or apps so that they may provide more relevant offers to you. We may share a hashed version of your email address with third parties using available security measures that may match it with their own hashed versions of email addresses so that they can send online and email advertisements to you on our behalf.
- Co-Sponsors of Promotions: We co-sponsor promotions, sweepstakes, prize draws, competitions or contests with other companies, and we provide prizes for sweepstakes and contests sponsored by other companies. If you enter one of these sweepstakes or contests, we may share your information with the co-sponsor or third-party sponsor.
- On-property Services: We may share personal information with third-party providers of on-property services such as concierge services, spa treatments, golf, or dining experiences.
- Service Providers: We rely on third parties to provide services and products on our behalf and may share your personal information with them as appropriate. Generally, our service providers are contractually obligated to protect your personal information and may not otherwise use or share your personal information, except as may be required by law. However, our fraud detection service providers may use, but not share, your personal information for fraud detection purposes. We may use service providers to communicate news and deliver promotional and transactional materials to you on our behalf, including personalized online and mobile advertising in accordance with your preferences and applicable law. Please see our Cookies statement for more information. Chroma will only work with parties that offer a method to opt-out of such advertising. We may also share information with service providers to allow you to create itineraries by selecting sites, activities, and restaurants from lists that we have personalized for you based on your preferences and third-party data.
- Business Transactions: As we develop our business, we might sell, buy, restructure or reorganize businesses or assets, or cease being the manager or franchisor of a hotel that is currently part of our portfolio. In such circumstances, Chroma may transfer, sell or assign information collected, including, without limitation, Other Information (described below) and personal information, to one or more affiliated or unaffiliated third parties in connection with these business transactions. To the extent that local laws require it, we will provide notice of our intent to transfer personal data to a third party for this purpose, and explain how you can object to such transfer.
- Telemarketing: If you stay at one of our hotels and are a Loyalty card member, we may share your telephone number among the Chroma Portfolio of Brands, for purposes of telemarketing in accordance with your preferences and applicable law. We may also receive your telephone number from our partners or from other sources, which we may use for telemarketing purposes.
- Other: In addition, Chroma may disclose personal information in order to: (i) comply with applicable laws, (ii) respond to governmental inquiries or requests from public authorities, (iii) comply with valid legal process, (iv) protect the rights, privacy, safety or property of Chroma, site visitors, guests, employees or the public, (v) permit us to pursue available remedies or limit the damages that we may sustain, (vi) enforce our websites' terms and conditions, and (vii) respond to an emergency.
When you visit and interact with Chroma managed websites and apps, we collect other information that does not directly identify you about your use of the site, such as a catalog of the site pages you visit, and the number of visits to our sites (“Other Information”). We use Other Information, as well as data received from third parties, to deliver you email, online (on our sites and other sites) and mobile advertisements. We may also use Other Information to allow third-party partners to recognize you as a Chroma member when you visit the partner’s website or app, or to recognize you as one of their customers when you visit Chroma websites or apps so that they may provide more relevant offers to you.
At this time, we do not respond to Do Not Track signals or other, similar mechanisms. Please see our Cookies Statement for more information.
We may use information we have collected and aggregated, or anonymized personal information received from third parties, to understand more about our users (for example, we may use aggregated information to calculate the percentage of our users who have a particular telephone area code). This includes demographic data, such as date of birth, gender and marital status, inferred commercial interests, such as favorite products or hobbies, and other information we may collect from you or from third parties.
Because Other Information does not personally identify you, such information may be disclosed for any purpose where permitted by law. In some instances, we may combine Other Information with personal information. If we do combine any Other Information with personal information, the combined information will be treated by us as personal information in accordance with this Statement.
The term "sensitive information" refers to information related to your racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health, sex life, or sexual orientation, genetic information, criminal background, and any biometric data used for the purpose of unique identification. We do not generally collect sensitive information unless it is volunteered by you. We may use health data provided by you to serve you better and meet your particular needs (for example, the provision of disability access).
PERSONAL INFORMATION FROM CHILDREN
We do not knowingly collect personal information from individuals under 18 years of age. As a parent or legal guardian, please do not to allow your children to submit personal information without your permission.
MOBILE AND LOCATION-BASED SERVICES
We provide mobile apps that can be downloaded to your smartphone or mobile device. These apps have a variety of functionalities that enhance the customer experience. In addition to providing services, our apps may collect personal and Other Information that will be used in accordance with this Statement. For example, to book or change a reservation, including a reward stay, you will be required to provide some personal information, such as your credentials or other information as necessary. Our Digital Key functionality within the App collects information we already have about you, including your membership number and user ID, and additional information, including use of the key. We provide a link to this Statement to customers prior to their downloading of any of our apps.
If you allow our mobile apps to access your location information on your device, our mobile apps may use your mobile device’s Global Positioning System (GPS) technology and other technology (such as wireless transmitters known as beacons) to provide you with information and offers based on the location of your device. Beacons allow us to collect information about your location within participating hotels by communicating with mobile devices that are in range. We may use this location information to enhance your on-property experience by delivering push notifications and other content to your mobile device, providing navigation assistance as you move around our locations, and sending you information and offers about products, services, or activities we believe may be of interest to you. We may share this information with third parties, including business partners and service providers, to provide information, offers, and services that may be of interest to you. You may prevent or limit collection of location information by changing the settings in the Mobile app, or by changing your device’s settings.
For certain properties, we also make available real-time or virtual “concierge” features, which may be pre-loaded onto a device, downloadable to your web-enabled mobile device, or available as part of the App. For example, you can communicate directly with the hotel; order services from the hotel, such as room service or valet parking; access our websites; access third-party websites, including local attractions and social media; and book a reservation. The hotel will access and use your personal information (such as your name, confirmation number, check-in and checkout dates, and room number) in providing these concierge services. If you request SMS (text) communications, you will be required to provide your phone number and carrier. We may also communicate with you by means of third-party digital messaging apps. If we do so, the privacy policies of those services apply.
LINKS TO THIRD-PARTY WEBSITES AND SERVICES
PROTECTING PERSONAL INFORMATION
Chroma will take reasonable measures to: (i) protect personal information from unauthorized access, disclosure, alteration or destruction, and (ii) keep personal information accurate and up-to-date as appropriate. We also seek to require our affiliates and service providers with whom we share personal information to exercise reasonable efforts to maintain the confidentiality of personal information about you. For online transactions, we use reasonable technological measures to protect the personal information that you transmit to us via our site. Unfortunately, however, no security system or system of transmitting data over the Internet can be guaranteed to be entirely secure.
For your own privacy protection, please do not send payment card numbers or any other confidential personal information to us via email.
We will not contact you by mobile/text messaging or email to ask for your confidential personal information or payment card details. We will only ask for payment card details by telephone when you are booking a reservation or promotional package. We will not contact you to ask for your Website or App account log-in information. If you receive this type of request, you should not respond to it. We also ask that you please notify us at email@example.com
CHANGING AND ACCESSING YOUR PERSONAL INFORMATION
To the extent required by applicable law, you may be able to request that we inform you about the personal information we maintain about you and, where appropriate, request that we update, correct and/or delete personal information about you that we maintain in our active database. We will make all required updates and changes within the time specified by applicable law and, where permitted by law, may charge an appropriate fee to cover the costs of responding to the request. Such requests must be submitted in writing to firstname.lastname@example.org To protect your confidentiality, we can only respond to such requests to the email address that you have registered or otherwise provided to us. Please remember that if you make such a request, we may not be able to provide you with the same quality and variety of services to which you are accustomed.
In addition, in some circumstances based on applicable law, you may request that we cease sharing personal information about you with our business partners or that Chroma cease using personal information about you by contacting us using the email or mailing address above. We will seek to honor those requests consistently with applicable law.
RETAINING PERSONAL INFORMATION
We retain personal information about you for the period necessary to fulfill the purposes outlined in this Statement, unless a longer retention period is required or permitted by applicable law.
We will destroy your personal information as early as practicable and in a way that the information may not be restored or reconstructed.
If printed on paper, the personal information will be destroyed in a secure manner, such as by cross-shredding or incinerating the paper documents or otherwise and, if saved in electronic form, the personal information will be destroyed by technical means to ensure the information may not be restored or reconstructed at a later time.
CHOICES – MARKETING COMMUNICATIONS
If you have given us your contact information (mail address, fax number, email address or phone number), we may want to inform you in accordance with any preferences you have expressed, and with your consent where required, about our products and services or invite you to events via email, online advertising, social media, telephone, text message (including SMS and MMS), push notifications, in-app alerts, postal mail, our customer service call center, and other means (including on-property messaging, such as your in-room television).
If you prefer not to receive email marketing materials from us, you may opt-out at any time by using the unsubscribe function in the email you receive from us or by emailing email@example.com Opt-out requests can take up to ten business days to be effective.
To opt out of text messages, tell the hotel front desk that you do not want to receive text messages from the hotel or reply “STOP” to the message you received.
To be added to Chroma’s internal do not call list, send a message to firstname.lastname@example.org
You may control whether our mobile apps send you push notifications by changing your notification settings on your mobile device. If we engage in sending you in-app messages, we will allow control for those in our apps’ settings. For more information about cookies and interest-based advertising and to learn about how to manage these technologies, please see our Cookies Statement.
We may modify this Statement from time to time. When we make material changes to this Statement we will post a link to the revised Statement on the homepage of our site, and if you have registered for any of your products or services, will may also inform you though a communications channel that you have provided. You can tell when this Statement was last updated by looking at the link and at the date at the top of the Statement. Any changes to our Statement will become effective upon posting of the revised Statement on the site. Use of the site, any of our products and services, and/or providing consent to the updated Statement following such changes constitutes your acceptance of the revised Statement then in effect.
If you have any questions about this Statement or how Chroma processes your personal information, please contact us by email at email@example.com