This policy was last updated on February 21, 2022.
Omni Hotels & Resorts® respects the privacy of all our guests, and we are committed to protecting it through our compliance with this policy. This policy describes the type of information we may collect from our guests and our practices for collecting, using, maintaining, protecting, and disclosing that information.
- through this Website
- through the software applications made available by us for use on or through computers and mobile devices
- through our social media pages that we control
- through email messages that we send you
- when you visit or stay as a guest at one of our properties
We collect your Personal Information in accordance with the law, and to serve you better. We collect and process the following type of Personal Information about you:
- Postal Address
- Telephone number
- Email Address
- Financial Information (such as credit and debit card number or other payment data)
- Date of birth
- Government-issued identification data
- Membership or loyalty program data
- Employer details (for business-related bookings)
- Travel itinerary, tour group, or activity data
- Prior guest stays or interactions, goods and services purchased, special service, amenity requests, and room preferences
- Social media account ID, profile photo and other data publicly available, or data made available by linking your social media and loyalty accounts
In more limited circumstances, we may also collect:
- Data about family members and companions, names, and ages of children
- Images, video and audio data via (a) security cameras located in public areas, such as hallways and lobbies, in our properties; and (b) body-worn cameras carried by our loss prevention officers and other security personnel
This Website does not collect, save or store any Personal Information from you while you simply browse this Website, unless you voluntarily and intentionally provide it to us (for example, by making an online booking or requesting further information).
INFORMATION WE COLLECT THROUGH AUTOMATIC DATA COLLECTION TECHNOLOGIES
As you navigate through and interact with our Website, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including:
- Details of your visit to our Website or mobile applications (“usage data”), including traffic data, location data, logs, and other communication data and resources that you access and use on the Website.
- Information about your computer and internet connection, including your IP address, operating system, unique device ID, referral URLs and browsing type.
The technologies we use for this automatic data collection may include.
- Flash Cookies. Certain features of our Website may use local stored objects (Flash cookies) to collect and store information about your preferences and navigation to, from, and on our Website. Flash cookies are not managed by the same browser settings as are used for browser cookies.
- Web Beacons. Pages of our Website and our e-mails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit us, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).
We also serve ads through third-party advertising technology. In the course of serving our advertisements to you, unique third-party persistent cookies, clear gifs or beacon gifs may be placed on your computer or device to help manage our online advertising, recognize when a device visits our Websites, learn which ads bring users to our Websites, and track whether a reservation is made. The information our ad-serving providers and we collect through this technology is not personally identifiable but is used to create an anonymous profile which allows the ad-serving provider to serve ads targeted towards you and your interests across the ad-serving network.
Our Websites do not currently respond to “Do Not Track” signals that may be sent by your device or browser.
USE OF INFORMATION
We use your personal data to fulfill the purpose for which it was provided, or as otherwise set forth in this policy. For example, we may use your personal data as necessary to:
|How we may use your personal information
| Our reasons
| To process your reservation request and payment, contact you about your reservation, or to make requested changes to your reservation or user account
| For the performance of our services to you at your request
| To respond to your inquiries and other communications
||For the performance of our services to you at your request
| To enroll you in Omni Hotels Select Guest® or other guest loyalty program
|| For the performance of our services to you at your request
|To provide you with a personalized experience on our Websites
||To provide you with a personalized experience on our Websites
| To prevent and detect fraud against you or us
|| For our legitimate interests or those of a third party, i.e. to minimize fraud that could be damaging for us and for you
| Processing necessary to comply with professional, legal and regulatory obligations that apply to our business
|| To comply with our legal and regulatory obligations
| Ensuring business policies are adhered to, e.g. policies covering security and internet use
For our legitimate interests or those of a third party, i.e. to make sure we are following our own internal procedures so we can deliver the best service to you
| Statistical analysis to help us manage our business, e.g. in relation to our financial performance, customer base, product range or other efficiency measures
For our legitimate interests or those of a third party, i.e. to be as efficient as we can so we can deliver the best service for you at the best price
| Updating and enhancing customer records
To comply with our legal and regulatory obligations; and for our legitimate interests or those of a third party, e.g. making sure that we can keep in touch with our customers about existing orders and new products
|To register you to receive marketing/promotional e-mails or other information for which you’ve expressed an interest
For the performance of our services to you at your request
| Marketing our services and those of selected third parties to:
— existing and former customers;
— third parties who have previously expressed an interest in our services;
—third parties with whom we have had no previous dealings.
For our legitimate interests or those of a third party, i.e. to promote our business to existing and former customers
You may opt out of receiving any promotional or marketing emails at any time by contacting us directly or by following the “opt out” or “unsubscribe” links in such emails. We may, however, continue to contact you with relevant information about your past or upcoming reservations with us and status of loyalty account.
We may use the usage data we collect for any reason we deem appropriate, including to improve, maintain, and operate our Websites and services.
SHARING OF INFORMATION
- To our subsidiaries and affiliates
- To contractors, service providers, and other third parties we use to support our business and who are bound by contractual obligations to keep Personal Information confidential and use it only for the purposes for which we disclose it to them, as for example payment processors and customer support contractors
- To a buyer or other successor in the event of a merger, divestiture, restricting, reorganization, dissolution, or other sale or transfer of some or all of Omni Hotels & Resorts’ assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by Omni Hotels & Resorts about our customers is among the assets transferred.
- To fulfill the purpose for which you provide it
- For any other purpose disclosed by us when you provide the information
- With your consent
- To carry out the permitted uses described in the “USE OF INFORMATION” section of this policy
We may also disclose your Personal Information:
- To comply with any court order, law, or legal process, including to respond to any government or regulatory request
- If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of Omni Hotels & Resorts, our customers, or others.
LINKS TO THIRD PARTY WEB SITES
Please be aware that third-party websites available through links on our Websites each have separate privacy and data collection practices. We have no control, responsibility or liability for these third-party websites or their applicable policies or content. Omni Hotels & Resorts cannot ensure or warrant the security of any information you disclose on third-party sites.
WHERE PERSONAL INFORMATION IS HELD
Omni Hotels & Resorts is based in the United States, and personal data collected by Omni Hotels & Resorts worldwide (including within the European Economic Area) may be transferred to the United States for processing and storage. For example, we may import your personal data into the United States to fulfill our contractual obligations to you. By using the Services or submitting personal data to us, you consent to the transmission of your information outside your own country to be stored in the United States. We take steps to ensure that any such transfer complies with data protection law and that all personal information is secure, including, where appropriate, putting in place standard contractual clauses or implementing other lawful tools and processes for transferring personal information.
RETENTION OF PERSONAL INFORMATION.
We will keep your personal information while you have an account with us or while we are providing services to you. Thereafter, we will keep your personal information for as long as is necessary:
- To respond to any questions, complaints or claims made by you or on your behalf;
- To show that we treated you fairly; or
- To keep records required by law.
We will not retain your personal information for longer than necessary for the purposes set out in this policy. Different retention periods apply for different types of personal information. In the event that your personal information is deidentified, or anonymized, we will not make any efforts to reidentify such information.
SECURITY OF PERSONAL DATA
Omni Hotels & Resorts is committed to the security of your personal data. We use commercially reasonable technical measures to protect personal data in our possession, and our Website uses secure socket layer (SSL) encryption technology to help protect the privacy of credit card information, name, address, email and other sensitive information you provide to us.
CHILDREN UNDER THE AGE OF 16
Our Websites and services are not intended for children under 16 years of age. and we do not knowingly solicit or collect personal data from children. No one under age 16 may provide any Personal Information to us. If we are notified or discover that a child under the age of 16 has submitted Personal Information to us, we will take reasonable steps to delete the information. We do present information regarding Omni Sensational Kids program on our Websites for the reference of adults that are interested in activities at our locations for children.
California consumers have the right to request any of the following information from us regarding personal information collected about you
• The categories of personal information collected about you.
• The categories of sources from which the personal information is collected.
• The business or commercial purpose for collecting or selling personal information.
• The categories of third parties with whom we share personal information, if any.
• The specific personal information collected about you.
• For personal information sold or disclosed to a third party for a business purpose, you have a right to know the categories of personal information about you that we sold and the categories of third parties to whom the personal information was sold; and the categories of personal information that we disclosed about you for a business purpose.
We will provide this information free of charge up to two (2) times in any twelve (12) month period within 45 days of receiving your verifiable request (including verification of your identity and your California residency), subject to delays and exclusions permitted by law. Specific personal information about you or your account that is categorized as sensitive or confidential may be redacted.
As a California resident, you have the following additional rights regarding your personal information:
• Deletion. The right to request that we delete any personal information that we have collected about you. We will honor this request subject to the range of exclusions permitted by law. For example, we are not required to delete personal information if it is necessary to complete a transaction or reasonably used for an ongoing business relationship or if it is used internally in a lawful manner that is compatible with the context in which the consumer provided the information.
• Correction. The right to request that we correct any inaccurate personal information that we maintain about you.
• Right to Opt Out of the Sale or Sharing of Personal Information. The right to opt out of the sale of your personal information to third parties. You also have the right to opt out of the sharing of your personal information to third parties for cross-contextual behavioral advertising purposes. You also have the right to opt out of sharing the personal information of a child under the age of 16 without receiving opt-in consent. If you opt out, we will not sell or transfer your information to any third party except as otherwise authorized by law.
• Right to Restrict Processing of Sensitive Information. The right to restrict the use and disclosure of your sensitive personal information.
We will not discriminate against you if you choose to exercise any of these rights. California residents may exercise the rights described above by clicking “Personal Data Request” at the bottom of this page and following the instructions. We may require verification of your identity before further processing your request. In certain instances, we may be permitted by law to decline some or all of such request.
Virginia consumers have the following rights regarding personal data we have collected about you (for purposes of this section only, “personal data” means any information that is linked or reasonably linkable to an identified or identifiable natural person and excludes employment data, personal data that cannot be attributed to an individual without the use of additional information, and de-identified data or publicly available information):
• The Right to Know (i.e., the right to confirm whether we are processing your personal data)
• The Right to Access (i.e., the right to access your personal data processed by us)
• The Right to a Copy (i.e., the right to obtain a copy of your personal data that you have previously provided to us in a portable and readily usable (if technically feasible) format);
• The Right to Correct Inaccuracies (i.e., the right to correct inaccuracies in your personal data based on the nature of the data and the purposes of the processing);
• The Right to Deletion: (i.e., the right to request us to delete your personal data provided to us);
• The Right to Opt Out (i.e., the right to opt out of the processing of your personal data for certain purposes, including targeted advertising, the sale of personal data, or profiling for decisions with legal or other significant effects on you).
We will not discriminate against you if you choose to exercise any of these rights. Virginia residents may exercise the rights described above by clicking “Personal Data Request” at the bottom of this page and following the instructions. We may require verification of your identity before further processing your request. In certain instances, we may be permitted by law to decline some or all of such request.
We do not sell personal information as such activity would be defined under Nevada Privacy Law.
EUROPEAN ECONOMIC AREA (EEA) RESIDENTS
If you reside in the European Economic Area (EEA) you may have the following additional rights under the GDPR as applicable:
• The right to access (i.e., the right to be provided with a copy of your personal information);
• The right to rectification (i.e., the right to require us to correct any mistakes in your personal information);
• The right to be forgotten (i.e., the right to require us to delete your personal information – in certain situations);
• The right to restriction of processing (i.e., the right to require us to restrict processing of your personal information – in certain circumstances, e.g., if you contest the accuracy of the data);
• The right to data portability (i.e., the right to receive the personal information you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party – in certain situations);
• The right to object (e.g., the right to object to your personal information being used for direct marketing, and in certain other situations, to object to our continued processing of your personal information, e.g., processing carried out for the purpose of our legitimate interests);
• The right to withdraw consent (i.e., where processing is based on your consent, you have the right to withdraw that consent – without affecting the lawfulness of processing based on consent before its withdrawal);
• The right to information regarding consent (i.e., to obtain information about the possibility or providing or denying your consent and the consequences of such consent or denial of consent); and
• The right not to be subject to automated individual decision-making (i.e., the right not to be subjected to a decision based solely on automated processing – including profiling – that produces legal effects concerning you or similarly significantly affects you).
We will not discriminate against you if you choose to exercise any of these rights. You can exercise your rights under the GDPR by contacting us as follows:
Email: firstname.lastname@example.org (please use “GDPR” in the subject line as applicable)
Mail: 4001 Maple Avenue, Suite 600
Dallas, Texas, 75219
Attention: Legal Department
The GDPR also gives individuals in the EEA the right to lodge a complaint with a supervisory authority, in the European Union (or European Economic Area) state where you work, normally live, or where any alleged infringement of data protection laws occurred.
CHANGES TO THIS POLICY
We may update this policy from time to time. We will always post the then-current version of this policy on our Websites, and will indicate at the top of the policy the date on which the latest version took effect. Please review this policy from time to time to stay updated on our privacy practices.
If you have any questions about this policy or our privacy practices, please contact us at:
Mail: 4001 Maple Avenue, Suite 600
Dallas, Texas, 75219
Attention: Legal Department