Our Privacy Commitment
The Plaza Hotel understands the right to privacy and is committed to keeping all your Personal Data secure.
About this Privacy Policy
This Privacy Policy is an overview of how The Plaza Hotel processes personal information about individuals.
The list below sets out what is covered in this Privacy Policy and you can click on the headings below to go to a specific section:
This Privacy Policy governs the handling of Personal Data by The Plaza Hotel while carrying on commercial business and activities.
We use the following definitions in this Privacy Policy: “The Plaza Hotel“, “we or “us” means The Plaza Hotel and Accor SA.
Most Accor branded hotels are operated under a franchise or management agreement between the hotel’s owner and Accor SA (or one of its subsidiaries across the world).
When staying in one of these hotels, your personal data will be processed by the hotel and by Accor SA, both acting as Data Controllers for their own, separate, purposes.
Accor SA will process your data because it manages a central booking engine, which allows Accor SA to collect the data necessary to organise your stay in hotels under an Accor brand and to communicate this data to the concerned hotels. Accor SA also manages a global database of clients who stay in hotels under an Accor brand and Accor SA also manages the ALL loyalty programs. To know more about data processing activities under Accor SA’s control, please see the Accor Personal Data Protection Charter.
The Plaza Hotel will process your data to manage its contractual relationship with you (invoicing, payment, booking management etc.), to perform marketing activities and to comply with its legal obligations.
“Personal Data” means any data which relates to a living individual who can be identified from that data or from that data and other information which is in the possession of, or is likely to come into the possession of The Plaza Hotel (or its representatives or service providers). In addition to factual information, it includes any expression of opinion about an individual and any indication of the intentions of The Plaza Hotel or any other person in respect of an individual.
“Processing” means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
We may process information about you including, but not limited to:
We may process your Personal Data for purposes including, but not limited to:
Where we process Personal Data, we make sure that we have a lawful basis, including:
We will not collect personal information for children under the age of 13 without prior, verifiable consent from his or her legal representative.
We may share your Personal Data within the The Plaza Hotel and its managers and owners for the purposes described above.
We may also share your Personal Data outside of the The Plaza Hotel for the following purposes:
The Plaza Hotel is an establishment that serves global customers. Our customers and our operations are connected globally. As a result, we collect and transfer Personal Data on a global basis. That means that we may transfer your Personal Data to locations outside of your country.
Where we transfer your Personal Data to a country located outside the European Economic Area (‘EEA’), we will ensure that it is protected and transferred in a manner consistent with the legal requirements. In relation to data being transferred outside of the EEA, for example, this may be done in one of the following ways:
We have extensive controls in place to maintain the security of our information and information systems. Personal Data is protected with safeguards according to the sensitivity of the relevant information. Industry best practice security controls are in place and monitored on a regular basis. Electronic and physical access to systems where Personal Data is gathered, processed or stored is limited and controlled.
As a condition of employment, The Plaza Hotel’s employees are required to follow all applicable laws and regulations, including in relation to data protection law. Access to sensitive Personal Data is limited to those employees who need to know it to perform their roles. Unauthorised use or disclosure of confidential client information by a The Plaza Hotel employee is prohibited by policy and may result in disciplinary measures.
How long we will hold your Personal Data for will vary and will be determined by the following criteria:
Under the applicable law (e.g. European data privacy law), you may have the following rights:
You can exercise your rights by contacting us using the details listed in paragraph 11 below.
If you have any questions about this Privacy Policy, or to obtain more information about The Plaza Hotel’s handling of your Personal Data or anything data related request, please contact our Data Protection Officer using the following contact information:
Address:
Attention: Data Protection Officer
768 Fifth Avenue
New York, NY 10019
Email Address:
PLZ.DataProtection@fairmont.com
Verifying the identity of the requester
For the purposes of confidentiality and personal data protection, we will need to check your identity in order to respond to your request. In case of reasonable doubts concerning your identity, you may be asked to include a copy of an official piece of identification, such as an ID card or passport, along with your request. A black and white copy of the relevant page of your identity document will suffice.
We are usually able to resolve privacy questions or concerns promptly and effectively. If you are not satisfied with the response you receive from our Privacy Officer, you may escalate concerns to the applicable privacy regulator in your jurisdiction. Upon request, The Plaza Hotel’s Privacy Officer will provide you with the contact information for that regulator.
We may change this Privacy Policy at any time. Any changes will become effective when we post the revised Privacy Policy on this website. Your use of our services following these changes means that you accept the revised Privacy Policy. We recommend that you regularly review the Privacy Policy when you visit our website.
This policy was last updated in December 16, 2022.
The California Consumer Privacy Act (CCPA) requires that we provide California residents with a privacy policy that contains a comprehensive description of our online and offline practices regarding the collection, use, disclosure, and sale of personal information and of the rights of California residents regarding their personal information.
The CCPA defines “personal information” to mean information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. Personal information does not include information that is publicly available, deidentified or aggregate information. For purposes of this “Notice to California Residents” section we will refer to this information as “Personal Information.”
Your Right
If you are a California resident, you have the right to request that we disclose what Personal Information we have collected about you. This right includes the right to request any or all of the following:
The CCPA defines “sell” to mean selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a California resident’s Personal Information to another business or a third party for monetary or other valuable consideration.
How to Submit a Request to Know
You may submit a request to know through our secure interactive web form available here, CCPA Request Form, or by contacting our Data Protection Officer using the following information.
Address:
Attention: Data Protection Officer
768 Fifth Avenue
New York, NY 10019
Phone:
833.244.4421
Email Address:
PLZ.DataProtection@fairmont.com
Only you, or a person or corporate entity registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information.
Verifying the identity of the requester
The verifiable consumer request must:
Your Right
Subject to certain limitations, California residents may also have the right to have us delete their personal information. This is sometimes called the “right to be forgotten.” If, The Plaza Hotel receives a verifiable consumer request to delete a consumer’s personal information, we must comply unless we must retain the personal information for one of the following reasons:
To exercise your rights under the CCPA, make a request through our secure interactive web form available here, CCPA Request Form, or by contacting our Data Protection Officer using the following information.
Address:
Attention: Data Protection Officer
768 Fifth Avenue
New York, NY 10019
Phone:
833.244.4421
Email Address:
PLZ.DataProtection@fairmont.com
Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information.
You may only make a verifiable consumer request for access or data portability twice within a 12-month period. Any disclosures we provide will only cover the 12-months prior to the request.
Verifying the identity of the requester
The verifiable consumer request must:
We will confirm receipt of a verifiable consumer request within 10 business days and provide information on how we intend to process the request.
We will provide a response to a verifiable consumer request within forty-five (45) days of its receipt.
If additional time is required to respond (up to 45 days), we will inform the consumer, at their option, of the reason and extension period electronically or via mail.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
We will not discriminate against you for exercising any of your CCPA rights.
Unless permitted by the CCPA, we will not:
However, we may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your personal information’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt-in consent, which you may revoke at any time.
Under CCPA, the disclosure of personal information to a third party for monetary or other consideration of value can be considered a “sale”.
The CCPA also gives residents of California the right to stop the “sale” of their personal information through a mechanism called “Do Not My Personal Information”.
California’s definition of a “sale” also includes the transfer of data between corporate affiliates. In other words, companies that share a common ownership or other transfers for the purposes of serving the customer that would ordinarily not be thought of as a “sale”.
We provide the opportunity for consumers to exercise this right if any of our online business practices are considered to be a sale under the CCPA’s broad definition.
If you would like to opt out of the sale of your personal information, you can submit an opt-out request by clicking here.
The Plaza
768 Fifth Avenue
New York, New York 10019
Direct: (212) 546-5249 Mobile: (646) 623-0247
fairmont.com/theplaza • theplazany.com