IHG HOTELS AND RESORTS (“IHG,” “we,” “our” or “us”)
PURPOSE OF THIS NOTICE: We are providing this Applicant Privacy Notice (the “Notice”) to describe the personal information that we collect about job applicants (including applicants for work experience, internships and apprenticeships) at IHG or IHG-branded hotels (which may include franchised hotels or hotels which are managed by IHG but which are independently owned) and applicants for IHG career development programmes such as IHG Academy, General Manager Assessments and IHG Future Leaders Aspire (”Applicants”).
SCOPE OF THIS NOTICE: This Notice applies to the personal information that we collect from and about Applicants, in the context of reviewing, assessing, considering, managing, storing or processing their applications or otherwise considering them for a position with us.
What is personal information? In this Notice, “personal information” is any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual or household.
Are our practices the same for all Applicants? The categories of personal information we collect and our use of personal information may vary depending upon the position(s) or location, as well as the associated qualifications and responsibilities. The information in this Notice is intended to provide an overall description of our collection and use of personal information about Applicants.
CATEGORIES OF PERSONAL INFORMATION COLLECTED: Generally, and where permitted under applicable law, we may collect the following categories of personal information about Applicants:
- Name, Contact Info and other Identifiers: identifiers such as a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers.
- Protected Classifications: characteristics of protected classifications under applicable law such as race, color, sex, age, religion, national origin, disability, citizenship status, and genetic information.
- Sensitive Personal Information: information about race or ethnicity, religious beliefs, sexual orientation, political opinions, information about health including medical conditions, information about criminal convictions or offences.
- Usage Data: internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding interaction with an internet website, application, or advertisement, as well as physical and network access logs and other network activity information related to your use of any company device, network or other information resource.
- Geolocation Data: precise geographic location information about a particular individual or device.
- Audio/Visual Data: audio, electronic, visual, thermal, olfactory, or similar information such as, CCTV images and photographs, and audio recordings (e.g., recorded meetings).
- Employment History: professional or employment-related information.
- Education Information: information about education history or background that is not publicly available personally identifiable information.
- Information collected during application process: information collected during any interviews or assessments as part of the application process.
- Profiles and Inferences: inferences drawn from any of the information identified above to create a profile reflecting preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
HOW IS YOUR PERSONAL INFORMATION COLLECTED: Generally, we may collect information about Applicants from the following sources:
- From you, the Applicant
- From a recruitment agency if used as part of the hiring process
- From a background check provider if used as part of the hiring process
- From referees, if references are collected as part of the hiring process
- From publicly available sources such as criminal records check information
PURPOSES FOR COLLECTING AND USING PERSONAL INFORMATION: Generally, we may use the above categories of personal information for the following purposes:
- Management of Job Applications, Recruiting and Hiring. To review, assess, recruit, consider or otherwise manage applicants, candidates and job applications, including:
- Scheduling and conducting interviews
- Identifying candidates, including by working with external recruiters
- Reviewing, assessing and verifying information provided, to conduct criminal and background checks, and to otherwise screen or evaluate Applicants’ qualifications, suitability and relevant characteristics
- Extending offers, negotiating the terms of offers, and assessing salary and compensation matters
- Satisfying legal and regulatory obligations
- In support of our equal opportunity employment policy and practices
- Security and Monitoring. In order to monitor and secure our resources, network, premises and assets, including:
- Monitoring for, preventing and investigating suspected or alleged misconduct or violations of work rules
- Monitoring for, preventing investigating, and responding to security and privacy incidents
- Providing and managing access to physical and technical access controls
- Monitoring activities, access and use to ensure the security and functioning of our systems and assets
- Securing our offices, premises and physical assets, including through the use of electronic access systems and video monitoring
- Communicating with Applicants regarding their applications and about other similar position(s) for which they may be interested or to communicate about IHG news and recruitment events
- Maintaining Applicant personal information for future consideration
- Auditing, reporting, corporate governance, and internal operations. Relating to financial, tax and accounting audits, and audits and assessments of our business operations, security controls, financial controls, or compliance with legal obligations, and for other internal business purposes such as administration of our records retention program.
- M&A and Other Business Transactions. For purposes of planning, due diligence and implementation of commercial transactions, for example mergers, acquisitions, asset sales or transfers, bankruptcy or reorganization or other similar business transactions.
- Defending and Protecting Rights. In order to protect and defend our rights and interests and those of third parties, including to manage and respond to employee and other legal disputes, to respond to legal claims or disputes, and to otherwise establish, defend or protect our rights or interests, or the rights, interests, health or safety of others, including in the context of anticipated or actual litigation with third parties.
- Compliance with Applicable Legal Obligations. Relating to compliance with applicable legal obligations (such as hiring eligibility, responding to subpoenas and court orders) as well as assessments, reviews and reporting relating to such legal obligations, including under employment and labor laws and regulations, Social security and tax laws, environmental regulations, workplace safety laws and regulations, and other applicable laws, regulations, opinions and guidance.
PURPOSES FOR COLLECTING AND USING SENSITIVE PERSONAL INFORMATION: We may use sensitive personal information for the following purposes:
- We may use information about your disability status to consider whether we need to provide appropriate adjustments during the recruitment process
- We may use sensitive personal information such as information about race or ethnicity, religious beliefs or sexual orientation for equal opportunity monitoring and reporting purposes
- Where permitted under applicable law we may carry out criminal records checks for certain roles
THE LEGAL BASIS FOR PROCESSING YOUR PERSONAL INFORMATION: We are committed to collecting and using your personal information in accordance with applicable data protection laws. We collect, use and share your information where we have an appropriate legal basis to do so. This may be because:
- You have provided your consent to us using the personal information
- Our use of the information is necessary to perform a contract with you
- Our use of the information is necessary to meet responsibilities we have to our regulators, tax officials, law enforcement, or otherwise meet our legal responsibilities
- Our use of the information is in our legitimate interests as a commercial organization. In these cases, we will look after your information in a way that is proportionate and respects your privacy rights.
AUTOMATED DECISION-MAKING: We do not carry out automated decision-making for decisions that may have a significant impact on you.
DATA TRANSFER: As we operate via a global network of offices and hotels it may be necessary to transfer your information to a country outside the country where it was originally collected or outside your country of residence or nationality. It may be necessary to transfer this information to other entities including, without limitation, our IHG-branded hotels and our service providers. Where we transfer information out of the European Union we take steps to make sure that such transfer is managed to protect your privacy rights:
- Transfers within the IHG group will be covered by an agreement entered into by members of the IHG group (intra-group agreement) which contractually obliges each member to ensure that your information receives an adequate and consistent level of protection wherever it is transferred within the IHG group
- Where we transfer your information outside of IHG to other companies providing us with services, we obtain contractual commitments and assurances from them to protect your information, such as standard contractual clauses.
When we otherwise transfer personal information between jurisdictions we will take such steps as required by local law in an effort to ensure that such transfer is managed to protect your privacy rights.
DATA SHARING: We will share your information with our service providers who provide services to us in relation to our business. These companies are authorized to process your personal information only as necessary to provide such services to us. We may also share your information with IHG-branded hotels, for example, if you have applied for a job at an IHG-branded hotel or to contact you about job opportunities that may be of interest to you. These may include franchised hotels or hotels which are managed by IHG but which are independently owned.
DATA SECURITY: We are committed to protecting the confidentiality and security of the information that you provide to us. To do this, technical, physical and organizational security measures are put in place to protect against unauthorized access, disclosure, damage or loss of your information. The collection, transmission and storage of information can never be guaranteed to be completely secure, however, we take steps to ensure that appropriate security safeguards are in place to protect your information.
DATA RETENTION: We generally only keep your information for as long as reasonably required for the reasons explained in this policy. In some cases we keep records (which may include your information) for longer periods if necessary to meet legal, regulatory, tax or accounting needs. We may also retain data for the establishment, exercise or defence of legal claims.
RIGHTS IN CONNECTION WITH PERSONAL INFORMATION
Depending on your location, you may have rights under the General Data Protection Regulation, California Consumer Privacy Act or other applicable data protection laws, to:
- Request access to your personal information (commonly known as a "data subject access request"). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
- Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
- Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes and the right to opt out of the sale or sharing of personal information.
- Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
- Request the transfer of your personal information to another party.
To exercise these or other applicable privacy rights or to contact our data protection officer, please contact PrivacyOffice@ihg.com. We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights).
CONTACTING US ABOUT THIS NOTICE: If you have any questions or concerns regarding our use of personal information as described in this Notice, please contact PrivacyOffice@ihg.com.