Hilton Worldwide Holdings Inc. Global Privacy Statement

 

Last Updated: August 12, 2020

 

Notice relating to the COVID-19 pandemic

For the purposes of (1) protecting the health and safety of you and team members at Hilton properties, and (2) complying with legal requirements, some Hilton properties may take your temperature when you arrive at the property and/or during
your stay. If a property is conducting temperature checks of guests, the property will make available to you a privacy notice about the temperature checks. The notice will include details such as what personal information is being collected,
the legal basis for the collection of such information, the purpose for which the information will be used, and how long the information will be retained. For more information on Hilton’s commitment to you during the COVID-19 pandemic, please
click here.

Introduction

Hilton’s mission is to be the most hospitable company in the world. We’re passionate about delivering exceptional guest experiences, and we look forward to welcoming you to our hotels so we can share the light and warmth of hospitality with you.

We pledge to deliver the highest level of customer service, which includes respecting your privacy and protecting your personal information. In this privacy statement (“Statement”), we provide you with details about how we collect, use, and disclose your personal information.

This Statement applies to Hilton Worldwide Holdings Inc., its subsidiaries , and all of the hotels within the Hilton Portfolio of Brands (collectively, “Hilton,” “we,” or “us”). Our Portfolio of Brands includes Waldorf Astoria Hotels & Resorts, LXR Hotels & Resorts, Conrad Hotels & Resorts, Canopy by Hilton, Signia Hilton, Hilton Hotels & Resorts, Curio A Collection by Hilton, DoubleTree by Hilton, Tapestry Collection by Hilton, Embassy Suites by Hilton, Hilton Garden Inn, Motto by Hilton, Hampton by Hilton, tru by Hilton, Homewood Suites by Hilton, and Home2 Suites by Hilton.

By using any of our products or services and/or by agreeing to this Statement, e.g. in the context of registering for any of our products or services, you understand and acknowledge that we will collect and use personal information as described in this Statement.

Please note that this Statement does not apply to our processing of personal information on behalf of and subject to the instructions of third parties such as airlines, car rental companies and other service providers, companies that organize or offer packaged travel arrangements, marketing partners, or corporate customers.

1 Hilton Domestic Operating Company Inc. is the Hilton entity that is the data controller for all guest data and operates, among other things, Hilton’s marketing activities. Hilton Reservations Worldwide, L.L.C., which is a subsidiary of Hilton Domestic Operating Company Inc., processes the data you provide when making a reservation at a Hilton property and is a data controller for that information. Hilton Honors Worldwide LLC, which is a subsidiary of Hilton Domestic Operating Company Inc., operates the Hilton Honors loyalty program and is a data controller for that program. Hilton Domestic Operating Company Inc. is a subsidiary of Hilton Worldwide Holdings Inc.

The Hilton Portfolio of Brands includes managed hotels and franchised hotels. A list of entities that operate managed hotels in the European Economic Area, the United Kingdom, Switzerland, and the Asia Pacific region can be found here. In addition to Hilton Domestic Operating Company Inc., these entities also are data controllers for guest data. Franchised hotels are operated by entities that are separate from Hilton. To determine the entity that operates a franchised hotel, please contact that hotel. In addition to Hilton Domestic Operating Company Inc., those entities also are data controllers for guest data.
HGV operates timeshare and fractional resorts. HGV is a third-party partner whose privacy statement is available at https://www.hiltongrandvacations.com/en/privacy-policy.html.

Back to Top


Collection of Personal Information – Generally

The chart below summarizes the categories of personal information we have collected in the past 12 months, the sources for those categories of personal information, the business or commercial purposes for which the information was collected, the categories of third parties with whom the information may have been shared, as permitted by law, and whether the information was sold to a third party for a business or commercial purpose within the past 12 months.

We have collected the following categories of personal information in the past 12 months: We have obtained this personal information from the following sources: We collected this personal information for the following business or commercial purposes: We have shared this personal information with the following categories of third parties: This information was sold to a third party within the past 12 months
  • Name
  • Directly from consumers themselves
  • From third party partners such as credit card providers
  • From demographics companies
  • Fulfill guest reservations
  • Send guests communications relating to their reservations
  • Administer membership and activity in the Hilton Honors loyalty program
  • Provide customer service and support
  • Verify identity
  • Send marketing communications via email, direct mail, and social media
  • Perform analytics in order to provide guests with personalized offers and content
  • Perform analytics to improve business operations
  • Determine guests’ eligibility for special or promotional rates
  • Process payments
  • Process transactions with partners
  • Administer contests and sweepstakes
  • Share that data with Hilton Grand Vacations, Hilton’s third-party partner, and Journera, a platform for creating seamless travel experiences
  • Detect and prevent fraud
  • Service providers who perform tasks on behalf of Hilton
  • Hilton Grand Vacations, Hilton’s third-party partner
  • Journera, a platform for creating seamless travel experiences
  • Payment card providers
  • Employers pursuant to corporate agreements
  • Entities that have arranged a special rate plan with Hilton
  • Government agencies pursuant to legal requirements in some countries
Yes
  • Contact information (mailing address, email address, phone number)
  • Directly from consumers themselves
  • From third party partners such as credit card providers
  • From demographics companies
  • Fulfill guest reservations
  • Send guests communications relating to their reservations
  • Administer membership and activity in the Hilton Honors loyalty program
  • Provide customer service and support
  • Verify identity
  • Send marketing communications via email, direct mail, and social media
  • Perform analytics in order to provide guests with personalized offers and content
  • Perform analytics to improve business operations
  • Determine guests’ eligibility for special or promotional rates
  • Process payments
  • Process transactions with partners
  • Administer contests and sweepstakes
  • Share that data with Hilton Grand Vacations, Hilton’s third-party partner, and Journera, a platform for creating seamless travel experiences
  • Detect and prevent fraud
  • Service providers who perform tasks on behalf of Hilton
  • Hilton Grand Vacations
  • Journera
  • Employers pursuant to corporate agreements and as permitted by law

 

Yes
  • Nationality
  • Directly from consumers themselves
  • Comply with applicable laws that require us to collect this information in some jurisdictions
  • Government agencies pursuant to legal requirements in some countries
No
  • Date of birth
  • Directly from consumers themselves
  • Comply with applicable laws that require us to collect this information in some jurisdictions
  • Government agencies pursuant to legal requirements in some countries
No
  • Gender
  • Directly from consumers themselves
  • Comply with applicable laws that require us to collect this information in some jurisdictions
  • Government agencies pursuant to legal requirements in some countries
No
  • Payment card information
  • Directly from consumers themselves

 

  • Process payments
  • Detect and prevent fraud
  • Payment processors
No
  • Hilton Honors number
  • Directly from Hilton Honors members themselves
  • Fulfill guest reservations
  • Send guests communications relating to their reservations
  • Administer membership and activity in the Hilton Honors loyalty program
  • Provide customer service and support
  • Verify account
  • Send marketing communications via email, direct mail, and social media
  • Perform analytics in order to provide guests with personalized offers and content
  • Perform analytics to improve business operations
  • Determine guests’ eligibility for special or promotional rates
  • Process payments
  • Process transactions with partners
  • Administer contests and sweepstakes
  • Share that data with Hilton Grand Vacations, Hilton’s third-party partner, and Journera, a platform for creating seamless travel experiences
  • Detect and prevent fraud
  • Service providers who perform tasks on behalf of Hilton
  • Hilton Grand Vacations
  • Journera
  • Employers pursuant to corporate agreements and as permitted by law

 

Yes
  • Passport information
  • Directly from consumers themselves
  • Pursuant to laws that require the collection of such data
  • Government agencies pursuant to legal requirements in some countries
No
  • Preferred language
  • Directly from consumers themselves, including from browser and computer settings

 

  • Better serve our guests
We do not share customers’ preferred language with third parties. No
  • Room preference
  • Directly from consumers themselves

 

  • Better serve our guests
We do not share customers’ room preferences with third parties. No
  • Room selection and assignment
  • Guests can select their rooms on the Hilton Honors app and Hilton assigns rooms
  • Better serve our guests
We do not share customers’ room assignments with third parties. No
  • Arrival Time
  • Directly from consumers themselves
  • Better serve our guests
We do not share customers’ arrival times with third parties. No
  • Additional guest names
  • Directly from consumers themselves

 

  • Fulfill reservations
  • Journera

 

Yes
  • Corporate travel planner contact information (name, title, company, business phone, email and address)
  • Directly from the corporate contacts themselves

 

  • Fulfill and manage corporate travel reservations
  • Provide customer service and support
  • Send marketing communications via email, direct mail, and social media
  • Employers pursuant to corporate agreements and as permitted by law

 

No
  • Corporate number and name
  • Directly from consumers themselves

 

  • Fulfill reservations
  • Determine guests’ eligibility for special or promotional rates
  • Employers pursuant to corporate agreements and as permitted by law
  • Hilton Grand Vacations
  • Journera
Yes
  • Travel agent number and name
  • Directly from consumers themselves
  • From travel agents
  • Properly attribute reservations to travel agents
  • Hilton Grand Vacations
  • Journera
Yes
  • Airline partner number and name
  • Directly from consumers themselves
  • Properly attribute points to consumers who participate in airline loyalty programs
  • The respective airlines
  • Hilton Grand Vacations
  • Journera
Yes
  • Vehicle information
  • Directly from consumers themselves
  • Enable guests to park at our properties.
We do not share vehicle information with any third parties. No
  • Images or footage captured by closed circuit television (CCTV)
  • Directly from cameras located on and around the property
  • Protect guests, employees and visitors to properties
  • Comply with applicable laws that require us to collect this information in some jurisdictions
During the COVID-19 pandemic, we may share CCTV footage from a property with a college or university if that college or university is using rooms at the property for student housing No
  • Internet or other electronic network activity information, including information regarding a customer’s interaction with Hilton websites, applications, or advertisements
  • Directly from consumers themselves via cookies, server logs, web beacons, tags, pixels, and other similar technologies
  • Perform analytics in order to provide guests with personalized offers and content
  • Perform analytics to improve business operations
  • Marketing
  • Share that data with advertising networks who serve personalized advertisements
  • Detect and prevent fraud
  • Advertising networks
  • Analytics providers for our websites and mobile applications

 

Yes
  • IP addresses
  • Directly from consumers as a result of their browsing activity on the internet
  • Perform analytics in order to provide guests with personalized offers and content
  • Perform analytics to improve business operations
  • Share that data with advertising networks who serve personalized advertisements
  • Detect and prevent fraud
  • Advertising networks
  • Analytics providers for our websites and mobile applications

 

 

No
  • Session IDs
  • Directly from consumers as a result of their browsing activity on the internet
  • Perform analytics in order to provide guests with personalized offers and content
  • Marketing
  • Perform analytics to improve business operations
  • Share that data with advertising networks who serve personalized advertisements
  • Detect and prevent fraud
  • Advertising networks
  • Analytics providers for our websites and mobile applications

 

Yes
  • Booking engine
  • Directly from consumers as a result of their browsing activity on the internet
  • Show you targeted advertisements on media
  • Support marketing efforts
  • Provide customer service
  • Perform analytics to improve business operations
  • Advertising networks
  • Analytics providers for our websites and mobile applications
Yes
  • Whether you have a Hilton and American Express Co-Branded Credit Card
  • From American Express
  • Provide you with benefits associated with your co-branded card
  • Show you targeted advertisements on media
  • Support marketing efforts
  • Provide customer service
  • Perform analytics to improve business operations
  • Advertising networks
  • Analytics providers for our websites and mobile applications
  • Hilton Honors affiliated partners
No
  • Whether your Hilton and Amazon accounts are linked
  • From Amazon
  • Facilitate use of Honors points as part of Amazon’s Shop with Points program
  • Show you targeted advertisements on media
  • Support marketing efforts
  • Provide customer service
  • Perform analytics to improve business operations
  • Advertising networks
  • Analytics providers for our websites and mobile applications
No
  • Whether your Hilton and Lyft accounts are linked
  • From Lyft
  • Show you targeted advertisements on media
  • Support marketing efforts
  • Provide customer service
  • Perform analytics to improve business operations
  • Advertising networks
  • Analytics providers for our websites and mobile applications
  • Hilton Honors affiliated partners
No
  • Geolocation information
  • Directly from consumers as a result of their browsing activity on the internet and use of the Hilton Honors app
  • Perform analytics in order to provide guests with personalized offers and content
  • Marketing
  • Share that data with advertising networks who serve personalized advertisements
  • Detect and prevent fraud
  • Advertising networks
  • Analytics providers for our websites and mobile applications

 

No
  • Device information
  • Directly from consumers as a result of their browsing activity on the internet, scanning of QR codes on property, and use of the Hilton Honors app
  • Perform analytics in order to provide guests with personalized offers and content
  • Marketing
  • Share that data with advertising networks who serve personalized advertisements
  • Detect and prevent fraud
  • Advertising networks
  • Analytics providers for our websites and mobile applications

 

 

Yes
  • Social media information
  • Directly from consumers themselves
  • Perform analytics in order to provide guests with personalized offers and content
  • Respond to service concerns in order to better serve our guests
We do not share social media information with any third parties.

 

No
  • Demographics data
  • From third-party companies that provide demographics data.
  • Perform analytics in order to provide guests with personalized offers and content
  • Link with customer information that Hilton already has on file
We do not share demographics data with any third parties. No
  • Your usability preferences regarding our website (such as your email preferences, your MyWay preferences, and your opt-out preferences)
  • Directly from consumers themselves
  • Better serve our guests
We do not share your usability preference data with any third parties. No
  • Description of a complaint that you make to us, including your free form textual feedback if you are a Hilton Honors member
  • Directly from consumers themselves
  • Better serve our guests
  • The management and/or owners of a franchise property if your complaint relates to that property.

 

No
  • Customer ratings and survey responses
  • Directly from consumers themselves
  • Troubleshoot and resolve website issues
  • Improve customer experience
We do not share your customer ratings and survey responses with any third parties. No
  • Free form textual feedback
  • Directly from consumers themselves
  • Troubleshoot and resolve website issues
  • Improve customer experience
We do not share your feedback with any third parties. No

Hilton does not knowingly collect, disclose, or sell personal information of minors under the age of 16.

Back to Top


Collection of Personal Information – Notice at Point of Collection

    • Browsing Hilton Websites

When you browse a Hilton website, we collect the following categories of personal information about you, which are used for the following purposes:

We collect the following categories of personal information… We collect this information in order to…
  • Internet or other electronic network activity information, including information regarding your interaction with Hilton websites, applications, or advertisements
  • Show you targeted advertisements on marketing efforts including media, email, and chat (e.g., if you searched for Hilton properties in New York City, then when you visit a non-Hilton website, we may show you an ad for a
    Hilton property in New York City)
  • Optimize our websites and mobile apps
  • Perform analytics to improve business operations
  • IP address
  • Show you targeted advertisements on media
  • Optimize our websites and mobile apps
  • Perform analytics to improve business operations
  • Session ID
  • Show you targeted advertisements on media
  • Optimize our websites and mobile apps
  • Perform analytics to improve business operations
  • Booking engine
  • Show you targeted advertisements on media
  • Support marketing efforts
  • Provide customer service
  • Perform analytics to improve business operations
  • Whether your Hilton and Lyft accounts are linked
  • Show you targeted advertisements on media
  • Support marketing efforts
  • Provide customer service
  • Perform analytics to improve business operations

If you are a Hilton Honors member and you log into your account during your browsing session, then we collect the following information about you, which are used for the following purposes:

We collect the following categories of personal information… We collect this information in order to…
  • Internet or other electronic network activity information, including information regarding your interaction with Hilton websites, applications, or advertisements
  • Show you targeted advertisements on marketing efforts including media, email, and chat (e.g., if you searched for Hilton properties in New York City, then when you visit a non-Hilton website, we may show you an ad for a
    Hilton property in New York City)
  • Optimize our websites and mobile apps
  • Perform analytics to improve business operations
  • IP address
  • Show you targeted advertisements on media
  • Optimize our websites and mobile apps
  • Perform analytics to improve business operations
  • Session ID
  • Show you targeted advertisements on media
  • Optimize our websites and mobile apps
  • Perform analytics to improve business operations
  • Customer ratings and survey responses
  • Troubleshoot and resolve website issues
  • Improve customer experience
  • Free form textual feedback
  • Troubleshoot and resolve website issues
  • Improve customer experience
  • IP address
  • Show you targeted advertisements on media
  • Optimize our websites and mobile apps
  • Troubleshoot and resolve website issues
  • Perform analytics to improve business operations
  • Hilton Honors number
  • Support marketing efforts
  • Provide customer service
  • Troubleshoot and resolve website issues
  • Hilton Honors tier
  • Support marketing efforts
  • Provide customer service
  • Troubleshoot and resolve website issues

California and Nevada consumers, if you would like to opt out of the sale of your personal information, please click here. California consumers, please note that if
you choose to opt out of the sale of your personal information through cookies, tags, and pixels, that opt-out will only apply to the device and the browser you are using when you opt out. Due to current technology limitations, if you wish to
opt out of the sale of your personal information through cookies, tags, and pixels on your other devices or other browsers, you will need to opt out again for each of your devices and browsers.

    • Making a Reservation

When you make a reservation at a Hilton property, we collect the following categories of personal information about you, which are used for the following purposes:

We collect the following categories of personal information… We collect this information in order to…
  • Name
  • Look up and verify your reservation
  • Fulfill your reservation
  • Send you communications relating to your reservation
  • Send you marketing communications via email and direct mail
  • Perform analytics in order to provide you with personalized offers and content
  • Perform analytics to improve business operations
  • Determine your eligibility for special or promotional rates
  • Process payments
  • Process transactions with partners
  • Share this information with Hilton Grand Vacations, Hilton’s third-party partner, and Journera, a platform for creating seamless travel experiences
  • Optimize our websites and mobile apps
  • Detect and prevent fraud
  • Additional names
  • Fulfill your reservation
  • Hilton Honors number
  • Look up and verify your Hilton Honors account and reservation
  • Administer your membership in Hilton Honors
  • Phone number
  • Send you text messages relating to any services you may need during your stay
  • Perform analytics in order to provide you with personalized offers and content
  • Perform analytics to improve business operations
  • Process transactions with partners
  • Share this information with Hilton Grand Vacations, Hilton’s third-party partner, and Journera, a platform for creating seamless travel experiences
  • Detect and prevent fraud
  • Address
  • Fulfill your reservation
  • Send you communications relating to your reservation
  • Send you marketing communications
  • Perform analytics in order to provide you with personalized offers and content
  • Perform analytics to improve business operations
  • Process payments
  • Process transactions with partners
  • Share this information with Hilton Grand Vacations, Hilton’s third-party partner, and Journera, a platform for creating seamless travel experiences
  • Detect and prevent fraud
  • Address type (home/work)
  • Perform analytics in order to provide you with personalized offers and content

 

  • Email address
  • Look up and verify your Hilton Honors account and reservation
  • Associate your reservation with your Hilton Honors account
  • Send you communications relating to your reservation
  • Send you marketing communications
  • Perform analytics in order to provide you with personalized offers and content
  • Perform analytics to improve business operations
  • Determine your eligibility for special or promotional rates
  • Process transactions with partners
  • Share this information with Hilton Grand Vacations and Journera
  • Detect and prevent fraud
  • Preferred language
  • Provide you with a superior guest experience
  • Send you communications relating to your reservation
  • Send you marketing communications
  • Perform analytics in order to provide you with personalized offers and content
  • Share this information with Hilton Grand Vacations and Journera
  • Payment card information
  • Process payments
  • Detect and prevent fraud
  • Room preference
  • Fulfill your reservation
  • Personalize your experience
  • Perform analytics in order to provide you with personalized offers and content
  • Perform analytics to improve business operations
  • Corporate name and number
  • Fulfill your reservation
  • Determine your eligibility for special or promotional rates
  • Travel agent name and number
  • Fulfill your reservation
  • Determine your eligibility for special or promotional rates
  • Calculate commissions
  • Airline partner name and number
  • Credit points to you if you participate in an airline loyalty program

California and Nevada consumers, if you would like to opt out of the sale of your personal information, please click here. California consumers, please note that if
you choose to opt out of the sale of your personal information through cookies, tags, and pixels, that opt-out will only apply to the device and the browser you are using when you opt out. Due to current technology limitations, if you wish to
opt out of the sale of your personal information through cookies, tags, and pixels on your other devices or other browsers, you will need to opt out again for each of your devices and browsers.

    • Enrolling in Hilton Honors

When you enroll in Hilton Honors, we collect the following categories of personal information about you, which are used for the following purposes:

We collect the following categories of personal information… We collect this information in order to…
  • Name
  • Administer your membership in the Hilton Honors loyalty program
  • Verify your Hilton Honors account
  • Send you communications relating to Hilton Honors
  • Send you marketing communications
  • Perform analytics in order to provide you with personalized offers and content
  • Perform analytics to improve business operations
  • Determine your eligibility for special or promotional rates
  • Process payments
  • Process transactions with Hilton Honors affiliated partners (such as Points.com and Lyft)
  • Share this information with Hilton Grand Vacations, Hilton’s third-party partner, and Journera, a platform for creating seamless travel experiences
  • Detect and prevent fraud
  • Phone number
  • Administer your membership in the Hilton Honors loyalty program
  • Verify your Hilton Honors account
  • Send you text messages relating to any services you may need during your stays at Hilton properties
  • Perform analytics in order to provide you with personalized offers and content
  • Perform analytics to improve business operations
  • Process transactions with partners
  • Share this information with Hilton Grand Vacations and Journera
  • Detect and prevent fraud
  • Addresses
  • Administer your membership in the Hilton Honors loyalty program
  • Verify your Hilton Honors account
  • Send you communications relating to Hilton Honors
  • Send you marketing communications
  • Perform analytics in order to provide you with personalized offers and content
  • Perform analytics to improve business operations
  • Determine your eligibility for special or promotional rates
  • Process transactions with partners
  • Detect and prevent fraud
  • Email addresses
  • Administer your membership in the Hilton Honors loyalty program
  • Verify your Hilton Honors account
  • Send you communications relating to Hilton Honors
  • Send you marketing communications
  • Perform analytics in order to provide you with personalized offers and content
  • Perform analytics to improve business operations
  • Determine your eligibility for special or promotional rates
  • Process transactions with partners
  • Detect and prevent fraud
  • Preferred language
  • Provide you with a superior guest experience
  • Send you communications relating to Hilton Honors
  • Send you marketing communications
  • Payment card information
  • Process payments
  • Room preference
  • Fulfill your reservations
  • Perform analytics in order to provide you with personalized offers and content
  • Perform analytics to improve business operations
  • Corporate name and number
  • Fulfill your reservation
  • Determine your eligibility for special or promotional rates
  • Travel agent name and number
  • Fulfill your reservation
  • Determine your eligibility for special or promotional rates
  • Calculate commissions
  • Airline partner name and number
  • Credit points to you if you participate in an airline loyalty program
  • My Way preferences
  • Provide you with a superior guest experience
  • Email subscription preferences
  • Send you the communications you would like to receive
  • Opt-out preferences
  • Send you the communications you would like to receive

California and Nevada consumers, if you would like to opt out of the sale of your personal information, please click here. California consumers, please note that if
you choose to opt out of the sale of your personal information through cookies, tags, and pixels, that opt-out will only apply to the device and the browser you are using when you opt out. Due to current technology limitations, if you wish to
opt out of the sale of your personal information through cookies, tags, and pixels on your other devices or other browsers, you will need to opt out again for each of your devices and browsers.

    • Check-In at a Hilton Property

When you check in at a Hilton property, we may collect the following categories of personal information about you, which are used for the following purposes:

We collect the following categories of personal information… We collect this information in order to…
  • Name
  • Verify your reservation
  • Payment card information
  • Receive payment for your reservation
  • Additional guest names
  • Fulfill your reservation
  • Passport information
  • Comply with applicable laws that require us to collect this information in some jurisdictions
  • Address
  • Comply with applicable laws that require us to collect this information in some jurisdictions
  • Nationality
  • Comply with applicable laws that require us to collect this information in some jurisdictions
  • Date of birth
  • Comply with applicable laws that require us to collect this information in some jurisdictions
  • Gender
  • Comply with applicable laws that require us to collect this information in some jurisdictions
  • Hilton Honors number
  • Look up and verify your Hilton Honors account and reservation
  • Administer your membership in Hilton Honors
  • Frequent flyer number
  • To facilitate the award of loyalty points
  • Email address
  • Send folios after the completion of a stay

California and Nevada consumers, if you would like to opt out of the sale of your personal information, please click here. California consumers, please note that if
you choose to opt out of the sale of your personal information through cookies, tags, and pixels, that opt-out will only apply to the device and the browser you are using when you opt out. Due to current technology limitations, if you wish to
opt out of the sale of your personal information through cookies, tags, and pixels on your other devices or other browsers, you will need to opt out again for each of your devices and browsers.

    • E-Check In

When you check in using e-check in, we collect the following categories of personal information about you, which are used for the following purposes:

We collect the following categories of personal information… We collect this information in order to…
  • Payment card information
  • Receive payment for your reservation
  • Room selection and assignment
  • Fulfill your reservation
  • Arrival time
  • Fulfill your reservation
  • Personalize your experience
  • Customer service

California and Nevada consumers, if you would like to opt out of the sale of your personal information, please click here. California consumers, please note that if
you choose to opt out of the sale of your personal information through cookies, tags, and pixels, that opt-out will only apply to the device and the browser you are using when you opt out. Due to current technology limitations, if you wish to
opt out of the sale of your personal information through cookies, tags, and pixels on your other devices or other browsers, you will need to opt out again for each of your devices and browsers.

    • Digital Key

When you use Digital Key, we collect the following categories of personal information about you, which are used for the following purposes:

We collect the following categories of personal information… We collect this information in order to…
  • Payment card information
  • Receive payment for your reservation
  • Room selection and assignment
  • Fulfill your reservation

 

  • Arrival time
  • Fulfill your reservation
  • Location information
  • Fulfill Digital Key sharing requests

California and Nevada consumers, if you would like to opt out of the sale of your personal information, please click here. California consumers, please note that if
you choose to opt out of the sale of your personal information through cookies, tags, and pixels, that opt-out will only apply to the device and the browser you are using when you opt out. Due to current technology limitations, if you wish to
opt out of the sale of your personal information through cookies, tags, and pixels on your other devices or other browsers, you will need to opt out again for each of your devices and browsers.

    • Guest Assistance

When you contact Guest Assistance, we collect the following categories of personal information about you, which are used for the following purposes:

We collect the following categories of personal information… We collect this information in order to…
  • Name
  • Verify your identity
  • Search our records for information about your past stays and membership in the Hilton Honors loyalty program
  • Provide service recovery
  • Address
  • Verify your identity
  • Phone number
  • Verify your identity
  • Description of complaint or inquiry
  • Respond to your complaint
  • Perform analytics to improve business operations

California and Nevada consumers, if you would like to opt out of the sale of your personal information, please click here. California consumers, please note that if
you choose to opt out of the sale of your personal information through cookies, tags, and pixels, that opt-out will only apply to the device and the browser you are using when you opt out. Due to current technology limitations, if you wish to
opt out of the sale of your personal information through cookies, tags, and pixels on your other devices or other browsers, you will need to opt out again for each of your devices and browsers.

Back to Top


Analytics and Interest-Based Advertisements

We partner with certain third-party service providers to collect information to engage in analytics, auditing, research, and reporting.  These third parties may use server logs, web beacons, tags, pixels, and similar technologies, and they
may set and access cookies on your computer or other device.

In particular, we use Yahoo Analytics to help us understand how our customers use our websites. You can read more about how Yahoo uses your Personal Information and opt out of the use of cookies in web browsers by Yahoo Analytics by clicking here. We also use FullStory. The FullStory analytics service uses heat mapping and records mouse movements, clicks,
scrolls, and keystrokes during your use of our site. This information helps us identify and address technical issues and understand usage of our Services, which we use to improve the Services for you. You can opt-out of our use of FullStory here. We also partner with 24/7 which supports our chat platform. 24/7 uses tags on websites to determine and enable predictive chat and allow the chat agent to understand what page the guest is on
so the agent can provide assistance.

We also partner with third parties to provide advertising services that are targeted based on your online activities across websites, mobile apps, and devices over time (commonly referred to as “interest-based advertising”). Our
advertising partners may collect information about your activities on our Services on your current device and combine it with information about your activities on other websites, mobile apps, and devices. They may collect such information using
server logs, cookies, web beacons, tags, pixels, mobile advertising IDs (such as Facebook cookies or Google’s Advertising ID), cross-device linking, and similar technologies. For example, our advertising partners may use the fact that you visited
our website to target advertising to you on other websites and mobile apps on your current device or on other devices you use. They may match your browsers or devices if you log into the same online service on multiple devices or if your devices
share similar attributes that support an inference that they are used by the same person or household. This means that information about your activity on websites or apps on your current browser or device may be combined and used with information
collected from your other browsers or devices. You can opt out of interest-based advertising in web browsers and mobile apps on your current browser or device by following the instructions below.

For more information about interest-based advertising and cross-device linking, please visit the Network Advertising Initiative (“NAI”) website and the
Digital Advertising Alliance (“DAA”) website. We adhere to the DAA’s interest-based advertising principles by providing you enhanced notice, transparency, and control of our digital marketing
practices as stated at http://www.aboutads.info/principles/. You may opt out of interest-based advertising and cross-device linking in web browsers and mobile apps on your current browser or device by following the instructions below.

  • Web Browser Opt-Out. To opt out in web browsers, please visit http://optout.aboutads.info/ and http://optout.networkadvertising.org.  To help preserve the choices that you make in the DAA’s WebChoices page, you can install the DAA’s “Protect My Choices” extension that is
    available at http://www.aboutads.info/PMC.
  • Mobile Application Opt-Out.  To opt out in mobile apps, you can adjust the advertising preferences on your mobile device (for example, in iOS, visit Settings > Privacy > Advertising > Limit Ad
    Tracking, and in Android, visit Settings > Google > Ads > Opt out of interest-based ads).  You can also opt out for companies that participate in the Digital Advertising Alliance’s AppChoices tool by downloading it here and following the instructions in the app.  For more information about opting out on mobile devices, please see here.

Please note that the opt-outs described above will apply only to the specific browser or device from which you opt out, and therefore you will need to opt out separately on all of your browsers and devices. If you delete or reset your cookies or
mobile advertising identifiers, change browsers (including upgrading certain browsers), or use a different device, any opt-out cookie or tool may no longer work, and you will need to opt out again. We do not respond to Do Not Track signals at
this time.

Back to Top


Changing and Accessing Your Personal Information

If you are a Hilton Honors member, you may review and update the information you provided to us at the time of enrollment at any time by signing in to your Hilton Honors profile.

To the extent required by applicable law, you may be able to request that we inform you about the personal information we maintain about you and, where appropriate, withdraw your consent for certain data processing activity and/or request that
we update, correct, delete, and/or stop processing your personal information. We will make all required updates and changes within the time specified by applicable law and as required by law. When permitted by law, we may charge an appropriate
fee to cover the costs of responding to the request. Such requests may be submitted by accessing the Data Subject Rights Requests Portal at datarights.hilton.com or in
writing to DataProtectionOffice@hilton.com or Hilton Data Protection Officer, 7930 Jones Branch Drive, McLean, VA 22102, USA.

In addition, in some circumstances based on applicable law, you may request that we cease sharing personal information about you with our business partners or that Hilton cease using personal information about you by contacting us using the
email or mailing address above. We will honor those requests as required by applicable law.

Back to Top


California Consumers’ Rights

    • The Right to Know, The Right to Delete, and the Right to Opt-Out of the Sale of Personal Information

The California Consumer Privacy Act (“CCPA”) affords California consumers (1) the right to know what personal information we collect, use, disclose, and/or sell; (2) the right to request that we delete their personal information;
and (3) the right to request that we no longer sell their personal information.

If you would like information about the personal information that we collect, disclose, and/or sell about you, or if you would like to make a request for us to delete or to stop selling your personal information, please visit our website at datarights.hilton.com or click the “Personal Data Requests” link at the bottom of any Hilton website to submit your request. You also may call our
toll-free telephone number: (800) 413-7470, email the Data Protection Office (“DPO”) at DataProtectionOffice@Hilton.com, send a letter to the Data Protection Office at 7930 Jones Branch Drive, McLean, Virginia, USA 22102, or
complete a paper form available from the front desk at any of our hotels. In addition to these methods, California consumers may request that we no longer sell their personal information by clicking here.

When the DPO receives your request, the DPO will first verify your identity. If you are a Hilton Honors member, the DPO will verify your identify by asking you to provide your name, Hilton Honors account number, and the email address and phone
number associated with your Hilton Honors account. If you are not a Hilton Honors member, the DPO will verify your identity by asking you to provide your name, the confirmation number from one of your stays at a Hilton property, and the email
address associated with that stay. Once the DPO has verified your identity, the DPO will promptly fulfill your request.

If you would like, you may designate an authorized agent to make a request on your behalf. In order to designate an authorized agent, please submit an order issued by a court, a document submitted by a barred attorney, or a formal certified
document issued by an official governmental agency.

If you would like to opt out of the sale of your personal information to behavioral advertising networks, you may do so by clicking on the banner that appears on any Hilton website when you access that site from an IP address that relates to
California or by visiting our website at datarights.hilton.com or click the “Personal Data Requests” link at the bottom of any Hilton website to submit
your request. Please note that when you opt out of cookies, tags, and pixels, that opt out only pertains to the device and the browser that you are using when you opt out. If you wish to opt out for other devices or browsers, you must opt out
again when you are using those devices or browsers.

    • Direct Marketing Disclosure

California consumers also may request information about our disclosures of certain categories of personal information to third parties for their direct marketing purposes. Such requests must be submitted to us at one of the following
addresses: CA_Privacy@Hilton.com or DataProtectionOffice@Hilton.com, send a letter to the Data Protection Office at 7930 Jones Branch Drive, McLean, Virginia, USA 22102. Within thirty days of receiving such a request, we will provide a list of
the categories of personal information disclosed to third parties for third-party direct marketing purposes during the immediately preceding calendar year, along with the names and addresses of these third parties. This request may be made no
more than once per calendar year. We reserve our right not to respond to requests submitted to addresses other than the addresses specified in this paragraph.

    • The Right to Non-Discrimination

The CCPA prohibits a business from treating a consumer differently because the consumer exercised a right conferred on him/her by the CCPA. We welcome you to exercise your rights under the CCPA, and we will not discriminate against you for
doing so.

    • Removal of Content

If you are a California resident under the age of 18, and a registered user of any site where this policy is posted, California Business and Professions Code Section 22581 permits you to request and obtain removal of content or information you
have publicly posted. To make such a request, please send an email with a detailed description of the specific content or information to CA_Privacy@Hilton.com. Please be aware that such a request does not ensure complete or comprehensive
removal of the content or information you have posted and that there may be circumstances in which the law does not require or allow removal even if requested.

Back to Top


Nevada Consumers’ Rights

    • The Right to Opt-Out of the Sale of Personal Information

If you are a Nevada resident, you may request that we stop selling certain categories of personal information that we collect. To submit a request please visit our website at datarights.hilton.com or click the “Personal Data Requests” link at the bottom of any Hilton website to submit your request. You also may call our
toll-free telephone number: (800) 413-7470, email the Data Protection Office (“DPO”) at DataProtectionOffice@Hilton.com, send a letter to the Data Protection Office at 7930 Jones Branch Drive, McLean, Virginia, USA 22102, or
complete a paper form available from the front desk at any of our hotels. When the DPO receives your request, the DPO will first verify your identity. If you are a Hilton Honors member, the DPO will verify your identify by asking you to provide
your name, Hilton Honors account number, and the email address and phone number associated with your Hilton Honors account. If you are not a Hilton Honors member, the DPO will verify your identity by asking you to provide your name, the
confirmation number from one of your stays at a Hilton property, and the email address associated with that stay. Once the DPO has verified your identity, the DPO will promptly fulfill your request.

Back to Top


How We Protect Personal Information

We take reasonable measures to: (i) protect personal information from unauthorized access, disclosure, alteration, or destruction, and (ii) keep personal information accurate and up-to-date as appropriate.

Hilton employs a robust team of dedicated information security professionals who are responsible for managing Hilton’s security program. This team is responsible for, among many other things, monitoring our systems for potential intrusions,
responding to potential incidents, supporting property-level information security, regularly reviewing and updating the security controls Hilton uses to protect data, and providing training on Hilton’s information security program.

Hilton maintains a payment card industry (“PCI”) compliance program and an Information Technology compliance program. This compliance program generates audit reports concerning the adequacy and effectiveness of Hilton’s Technology
internal controls, including a PCI Attestation of Compliance signed by an external PCI Qualified Security Assessor and a SSAE16/SOC1 report addressing the Technology general controls over systems that support certain accounting and financial
reporting.

We require third parties with whom we share personal information to exercise reasonable efforts to maintain the confidentiality of personal information.

We will never ask you to send us confidential personal information or payment card information via email or text message.

In the event of a security incident, Hilton will notify regulators and/or consumers as required by applicable laws and regulations.

Back to Top


Disclosure Pursuant to Legal Obligations or to Protect the Safety and Security of People and Property

Hilton will disclose personal information as required by law. Examples of such disclosures include when countries require Hilton to collect personal data about visitors to properties in that country, when a law enforcement agency serves a valid subpoena on Hilton, and when a civil litigant serves a lawful discovery request on Hilton. Hilton may elect to share personal information with law enforcement or others as necessary to protect the safety and security of people and property, to pursue available remedies or limit the damages that we may sustain, and to respond to an emergency.

Back to Top


Marketing Communications – Choices

We want to make you aware of the fantastic products we offer! To do so, we may send you communications via email, text message, push notifications, in-app alerts, direct mail, and social media.

If you are a Hilton Honors member, you may change the communications you receive from us by logging on to your online account and managing your subscriptions; by writing to us (and including your email address) at Hilton Data Protection Officer,
7930 Jones Branch Drive, McLean, VA 22102, USA; or by emailing us at DataProtectionOffice@hilton.com.

If you prefer not to receive email marketing materials from us, you may opt-out at any time by using the unsubscribe function in any email you receive from us or by clicking this link: https://secure.hilton.com/en/hhonors/optout/unsubscribe.jhtml?listid=0, by writing to us (and including your email address) at Hilton Data Protection Officer,
7930 Jones Branch Drive, McLean, VA 22102, USA, or by emailing us at DataProtectionOffice@hilton.com. Opt-out requests can take up to ten business days to be effective.

To opt out of text messages, tell the hotel front desk that you do not want to receive text messages from the hotel or reply “STOP” to the message you received.

You may control whether our mobile apps send you push notifications by changing your notification settings on your mobile device. If we engage in sending you in-app messages, we will allow control for those in our apps’ settings.

Back to Top


International Transfers of Personal Information

As a global company, we endeavor to provide you with the same level of service that you have come to expect at Hilton whether you are in San Francisco, London or Tokyo. To provide this service, you acknowledge that we may share your personal information among members of the Hilton Portfolio of Brands, our service providers, and other third parties, which may be located in countries outside of your own. When you stay at a Hilton property outside the United States, the data controller for that property transfers the personal information relating to your reservation to Hilton in the United States pursuant to data transfer agreements when required by applicable laws or regulations. The data controller may also maintain a local copy of your personal information when so required by applicable laws or regulations. Although the data protection laws of various countries may differ from those in your own country, we will take appropriate steps to ensure that your personal information is handled as described in this Statement and in accordance with the law.

Back to Top


Data Retention Periods

We retain personal information about you necessary to fulfill the purpose for which that information was collected or as required or permitted by law. When we destroy your personal information, we do so in a way that prevents that information
from being restored or reconstructed.

Back to Top


Changes to this Statement

We may modify this Statement from time to time. When we make material changes to this Statement we will post a link to the revised Statement on the homepage of our site. You can tell when this Statement was last updated by looking at the date at
the top of the Statement. Any changes to our Statement will become effective upon posting of the revised Statement on the site. Use of the site, any of our products and services, and/or providing consent to the updated Statement following such
changes constitutes your acceptance of the revised Statement then in effect.

Back to Top


Contact Information for Questions or Concerns

If you have any questions or concerns, please contact us by sending an email to DataProtectionOffice@hilton.com, by sending a letter to Hilton Data Protection Officer, 7930 Jones Branch Drive, McLean, VA 22102, or by calling our toll-free
number: (800) 413-7470.

This Statement was most recently updated on August 12, 2020.

Back to Top


APPENDIX A
ADDITIONAL PROVISIONS APPLICABLE TO PROCESSING OF PERSONAL
INFORMATION OF EEA RESIDENTS

 

For individuals residing in the EEA, this Appendix outlines certain additional information that Hilton is obligated to provide to you, as well as certain rights you have with respect to the processing of your personal information, pursuant to
applicable local laws. This Appendix will control to the extent it conflicts with any provision in the main body of this Statement.

Controller: for more information on the Hilton entities that process your personal information, please click here.

Data Protection Officer: Hilton’s Data Protection Officer may be contacted by email at DataProtectionOffice@Hilton.com, or at the following address:

Attn: Data Protection Officer 7930 Jones Branch Drive McLean, VA 22102 USA

Purposes and Legal Basis for Processing: Hilton processes your personal information for the purposes set forth in Sections 4 (Use of Personal Information Collected About You) and 5 (Personal Information We Share) of the main body of this
Statement.

The legal bases for Hilton’s processing activities include processing such information as necessary to comply with our contractual obligations, compliance with our legal obligations, protecting the safety of our employees, guests and others, for
our legitimate business interests, and pursuant to your consent.

The particular legal basis for the processing of your personal information is based on the purpose for which such information was provided or collected:

Hilton Honors Participation: We process the personal information obtained in connection with your participation in the Hilton Honors program on the basis of our contractual relationship with you and in furtherance of our business
interests, including to personalize your use of our services and applications, to communicate news and promotional items, and to deliver personalized advertising and content.

Surveys: Completion of surveys is voluntary – we process the information obtained from surveys on the basis of your consent and in furtherance of our business interests, including marketing, service improvements, and analytics.

On-property Collection: When you make a reservation and when you stay at one of our hotel properties, we process your name, address, contact information, along with the details of your stay (arrival and departure day and time, vehicle
information and information regarding others traveling or staying with you), on the basis of our contractual relationship with you. We also process such data for our business interests, including for marketing, service improvements,
administration of our e-Folio program, and analytics and service personalization, as described in Section 4 of our Global Privacy Statement (above).

We collect certain additional personal information during registration/check-in at our properties (such as national ID or passport information), as necessary to comply with our legal obligations.

We use closed circuit television and other security measures at our properties that may capture or record images of guests and visitors in public areas, as well as information related to your location while on our properties (via keycards and
other technologies) for the protection of our staff, guests and visitors to our properties.

We process personal information in connection with on-property services (such as concierge services, health clubs, spas, activities, child care services, equipment rental, and our Digital Key functionality), in order to provide the services to
you and for our business interests including for marketing, service improvements, administration of our e-Folio program, and analytics and service personalization, as described in Section 4 of our Global Privacy Statement (above).

Event Profiles: We process the personal information obtained in connection with your event on the basis of our contractual relationship with you and for our business interests, including for marketing, service improvements, and
analytics and service personalization, as described in Section 4 of our Global Privacy Statement (above).

Social Media: Participation in Hilton-sponsored social media activities and offerings is voluntary – we process information obtained from social media participation on the basis of your consent and in furtherance of our related business
interests, including for marketing, service improvements, and analytics and service personalization, as described in Section 4 of our Global Privacy Statement (above).

Promotions and Sweepstakes: Participation in sweepstakes, contests and other promotional offerings is voluntary – we process the information obtained from such participation based on your consent and as necessary to administer the
offering. We also use certain data for our business purposes, including for marketing, service improvements, administration of our e-Folio program, and analytics and service personalization, as described in Section 4 of our Global Privacy
Statement (above).

Direct Marketing: We use your personal information to send you marketing messages on the basis of your consent. You may withdraw your consent for direct marketing communications at any time by contacting us at customer_privacy@Hilton.com or by following the unsubscribe instructions in the marketing message, or by logging in to your Hilton Honors account and updating your communication preferences.

Franchise and Ownership Opportunities: We process this information on the basis of our contractual relationship with you and for our related business interests, including maintaining and promoting the Hilton brand and facilitating
direct communication between properties within the Hilton Portfolio of Brands.

WMBE Suppliers: Participation in Hilton’s Supplier Diversity Program is voluntary – we process this information based on your consent and for our related business interests, including maintaining and enhancing our diversity program.

Retention: We retain personal information about you for the time necessary to accomplish the purpose for which such information was collected, usually for the duration of any contractual relationship and for any period thereafter as
legally required or permitted by applicable law. Our retention policies reflect applicable statute of limitation periods and legal requirements.

Data Subject Rights: Residents of the EEA have the following rights:

Access, Correction and Erasure Requests: You have the right to:

  • ask us to confirm whether we are processing your personal information receive information on how your data is processed
    obtain a copy of your personal information
  • request that we update or correct your personal information
  • request that we delete personal information in certain circumstances

Right to Object to Processing: You have the right to request that Hilton cease processing of your personal information:

  • for marketing activities, including profiling for statistical purposes
  • where such processing is based on our legitimate business interests, unless we are able to demonstrate a compelling legitimate basis for such processing or we need to process your personal information for the establishment, exercise
    or defense of a legal claim

Right to Restrict Processing: You have the right to request that Hilton limit the processing of your personal information:

  • while Hilton is evaluating or in the process of responding to a request by you to update or correct your personal information where such processing is unlawful and you do not want Hilton to delete your data
  • where Hilton no longer requires such data, but you want us to retain the data for the establishment, exercise or defense of a legal claim
  • where you have submitted an objection to processing based on our legitimate business interests, pending our response to such request
  • Where we limit the processing of your personal information pursuant to your request, we will inform you prior to re-engaging in such processing.

Data Portability Requests: You have the right to request that we provide you or a third party that you designate with certain of your personal information in a commonly used, machine readable format. Please note, however, that data
portability rights apply only to personal information that we have obtained directly from you and only where our processing is based on consent or the performance of a contract.

Submitting Requests: your requests may be submitted by accessing the Data Subject Rights Request Portal or in writing to DataProtectionOffice@hilton.com, or the Hilton Data Protection Officer, 7930 Jones Branch Drive, McLean, VA 22102, USA. You may also update your personal information as provided in Section 12
(Changing and Accessing Your Personal Information) of the main body of this Global Privacy Statement.

We will respond to all such requests within 30 days of our receipt of the request, unless there are extenuating circumstances, in which event we may take up to 60 days to respond. We will inform you if we expect our response to take longer than
30 days. Please note, however, that certain personal information may be exempt from such rights pursuant to applicable data protection laws. In addition, we will not respond to any request unless we are able to appropriately verify the
requester’s identity. We may charge you a reasonable fee for subsequent copies of data that you request.

If you have concerns about our data practices or the exercise of your rights, you may either contact Hilton at DataProtectionOffice@Hilton.com or the supervisory authority in the Member State
of your residence.

Right to Withdraw Consent: You have the right to withdraw your consent to any processing that we conduct solely based on your consent (such as sending direct marketing materials to your personal email account). You may withdraw your
consent to marketing activities by following the instructions on any marketing emails, or contacting customer_privacy@hilton.com. For any other activities for which you have previously consented,
you may contact DataProtectionOffice@hilton.com to withdraw such consent.

Segmentation (also referred to as profiling) and Automated Decision Making: We use personal information to divide large groups of consumers into sub-groups of consumers (known as segments) based on some type of shared
characteristics such as geography, behavior, or demographics.

With your consent, we make automated decisions, meaning without human interference, using segmentation and/or your specific personal information to offer you certain benefits based on your characteristics (such as discounted room rates or other
special offers based on your geography, behavior, or demographics). For example, if you travel frequently during the week to hotels in France, we may send you special offers for Hilton hotels in France.

International Data Transfers: We may transfer the personal information we collect about you pursuant to the purposes described in this Statement to countries that have not been found by the European Commission to provide adequate
protection. In particular, we transfer your personal information to the United States.

We use appropriate safeguards for the transfer of personal information among our affiliates in various jurisdictions, and where required, we have implemented European Union controller-to-controller standard contractual clauses or other such
safeguards for such purposes. To obtain a copy of theses clauses or additional information on transfers, you may send your request to privacy@hilton.com.