Privacy Policy

PRIVACY POLICY

Effective and last updated: April 16, 2025

Introduction

Sofitel Los Angeles at Beverly Hills (“Sofitel LA,” “we,” “our,” or “us”) respects the privacy of your information. This Privacy Policy is designed to assist you in understanding how we collect, use, share, and safeguard your information. This Privacy Policy applies to individuals who access this website and our mobile applications (collectively, “Site”) and any of our online and, where required, offline services (collectively, “Services”).

From time to time, we may change this Privacy Policy. If we do, we will post an amended version on this webpage with a new “last updated” date. If we make material changes, we will provide you with additional notice, such as adding a statement on the homepages of our Site or sending you a notification. Please review this Privacy Policy periodically.

This Privacy Policy covers the following topics:

Scope and Relationship with Accor SA
Personal Data We Collect
How We Use Your Personal Data
How We Share Your Personal Data
International Data Transfers
Universal Opt-Out Mechanisms
Security
Third-Party Links
Children’s Privacy
Your State Privacy Rights and Additional Disclosures
Notice to California Residents
Your Personal Data and Your Rights – Europe and the United Kingdom Only
Accessibility
How to Contact Us

1. Scope and Relationship with Accor SA

This Privacy Policy governs the handling of personal data by Sofitel LA while carrying on commercial business and activities. Most Accor branded hotels are operated under a franchise or management agreement between the hotel’s owner and Accor SA (or one of its subsidiaries across the world).

When staying in one of these hotels, your personal data will be processed by the hotel and by Accor SA, both acting as data controllers for their own, separate, purposes.

Accor SA will process your data because it manages a central booking engine, which allows Accor SA to collect the data necessary to organize your stay in hotels under an Accor brand and to communicate this data to the concerned hotels. Accor SA also manages a global database of clients who stay in hotels under an Accor brand and Accor SA also manages the ALL loyalty programs. To know more about data processing activities under Accor SA’s control, please see the Accor Personal Data Protection Charter.

Sofitel LA will process your data to manage its contractual relationship with you (invoicing, payment, booking management etc.), to perform marketing activities and to comply with its legal obligations.

2. Personal Data We Collect

We collect personal data from you through your use of the Site and Services. Personal data is information that is linked or reasonably linkable to an identified or identifiable individual. We collect the following types of personal data:

Personal Data You Provide

Depending on how you interact with our Site and Services, we will collect the following personal data that you voluntarily provide to us for the following purposes:

Sign Up. If you sign up for a loyalty membership, you will provide us with your email address and you will create a password for future login purposes. We use Accor to manage our loyalty memberships.
Book a Room. To book a hotel reservation, you will provide us with your name, nationality, phone number, email address, physical address, and payment information. We use Accor to manage our room reservations.
Salon Appointment. To book an appointment at our salon, you will provide us with your name, phone number, email address, and payment information. Mangomint provides our salon appointment booking services. Mangomint may collect, record, and store the information you provide in your reservation. Please review Mangomint’s privacy policy here.
Dining Reservations. To book a dining reservation, you will provide us with your name, email address, phone number, and any other information you choose to include. You may choose to book a reservation through OpenTable. OpenTable may collect, record, and store the information you provide in your reservation. Please review OpenTable’s privacy policy here.
Event Request. To request an event quote, you will provide us with your name, email address, phone number, and any other information you choose to provide.
To subscribe to our newsletter, you will provide us with your email address. You may also provide us with your name and country of residence.
Contact Us. If you contact us, you will provide us with your name, email address, phone number, and any information you choose to provide in your message. You may also provide us with your address.

Personal Data as You Navigate Our Site

We automatically collect certain personal data through your use of our Site and our use of cookies and other tracking technologies, such as the following:

Usage Information. For example, the pages on the Site you access, the frequency of access, and what you click on while on the Site.
Device Information. For example, hardware model, operating system, application version number, and browser.
Mobile Device Information. Aggregated information about whether the Site is accessed via a mobile device or tablet, the device type, and the carrier.
Location Information. Location information from Site visitors on a city-regional basis.

For more information on our cookie usage see our Cookie Policy here.

Personal Data We Collect About You from Other Sources

In some cases, we may receive personal data about you from other sources. This includes advertising networks, operating systems and platforms, social networks, advertising and marketing partners, online booking providers, and technology support providers.

Social Media Login

If you login to your account using your Google or Meta account, we will collect personal data that the social media platform (i.e., Google or Meta) discloses to us, such as your name, email address, language preferences, and profile picture, and any other information you permit the social media platform to share with third parties. The personal data we receive from Google or Meta is dependent upon your privacy settings with the social media platform. For more information, please review the privacy policies and settings of the social media platform that you use.

In addition to the purposes stated below in the “How We Use Your Personal Data” section, we use this personal data to enable you to sign into your account.

3. How We Use Your Personal Data

In addition to the purposes stated above, we may use all the personal data we collect in accordance with applicable law such as to:

Maintain and improve our Site and Services;
Protect the security and integrity of our Site and Services;

Investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, and to otherwise fulfill our legal obligations;
Monitor compliance with and enforce this Privacy Policy and any applicable agreements and policies;

Defend our legal rights and the rights of others;
Fulfill any other purposes for which you provide it;
For any purpose that is reasonably necessary to or compatible with the original purpose for which we collected the personal data as disclosed to you; and
Comply with applicable law.

4. How We Share Your Personal Data

We may share the personal data that we collect about you in the following ways:

With Accor, our parent, subsidiary and affiliated entities, and with our authorized employees and departments;
With vendors who perform data or Site-related services on our behalf (e.g., email, hosting, maintenance, backup, analysis, etc.);
To the extent that we are required to do so by law;
In connection with any legal proceedings or prospective legal proceedings;
To establish, exercise, or defend our or a third party’s legal rights, including providing information to others for the purposes of fraud prevention;
With any person who we reasonably believe may apply to a court or other competent authority for disclosure of that personal data where, in our reasonable opinion, such court or authority would be reasonably likely to order disclosure of that personal data;
With any other person or entity as part of any business or asset sale, equity transaction, merger, acquisition, bankruptcy, liquidation, or similar proceeding, or in preparation for any of these events;
With any other person or entity where you consent to the disclosure; and
For any other purpose disclosed by us when you provide the personal data or for any other purpose we deem necessary, including to protect the health or safety of others.

5. International Data Transfers

We operate internationally and transfer information to the United States for the purposes described in this policy. The United States may have privacy and data protection laws that differ from, and are potentially less protective than, the laws of your country. Your Personal Data can be subject to access requests from governments, courts, or law enforcement in the United States according to the laws of the United States.

For any transfers of Personal Data from the European Economic Area (EEA), Switzerland or the United Kingdom that we make to other entities as described in this Privacy Policy, we use appropriate safeguards to ensure for the lawful processing and transfer of the Personal Data, including, when appropriate, the use of standard contractual clausesapproved by the European Commission. To obtain a copy of the safeguards, contact us at sofitel.losangeles@sofitel.com.

6. Universal Opt-Out Mechanisms

The Site recognizes the Global Privacy Control (“GPC”) signal. If you are using a browser setting or plug-in that sends an opt-out preference signal to each website you visit, we will treat that as a valid request to opt out. To download and use a browser supporting the GPC browser signal, click here: https://globalprivacycontrol.org/orgs. If you choose to use the GPC signal, you will need to turn it on for each supported browser or browser extension you use.

Some internet browsers incorporate a “Do Not Track” feature that signals to websites you visit that you do not want to have your online activity tracked. Given that there is not a uniform way that browsers communicate the “Do Not Track” signal, the Site does not currently interpret, respond to or alter its practices when it receives “Do Not Track” signals.

7. Security

We maintain commercially reasonable security measures to protect the personal data we collect and store from loss, misuse, destruction, or unauthorized access. However, no security measure or modality of data transmission over the Internet is 100% secure. Although we strive to use commercially acceptable means to protect your personal data, we cannot guarantee absolute security.

8. Third-Party Links

The Site may contain links that will let you leave the Site and access another website. Linked websites are not under our control. We accept no responsibility or liability for these other websites.

9. Children’s Privacy

The Site and Services are not intended for children under 13 years of age. We do not knowingly collect, use, or disclose personal data from children under 13.

10. Your State Privacy Rights and Additional Disclosures

Depending on the state in which you reside, you may have certain privacy rights regarding your personal data. If you are a California resident, please see our “Notice to California Residents” section below. For other state residents, your privacy rights may include (if applicable):

The right to confirm whether or not we are processing your personal data and to access such personal data;
The right to obtain a copy of your personal data that we collected from and/or about you in a portable and, to the extent technically feasible, readily usable format that allows you to transmit the information to another controller without hindrance, where the processing is carried out by automated means;
The right to delete personal data that we collected from and/or about you, subject to certain exceptions;
The right to correct inaccurate personal data that we maintain about you, subject to certain exceptions;
The right, if applicable, to opt out of the processing of your personal data for purposes of (1) targeted advertising; (2) the “sale” of your personal data (as that term is defined by applicable law); and (3) profiling in furtherance of decisions that produce legal or similarly significant effects concerning you;
If we are required by applicable law to obtain your consent to process sensitive personal data, the right to withdraw your consent; and
The right not to receive discriminatory treatment by us for the exercise of your privacy rights.

We use cookies and other tracking technologies to display advertisements about our products to you on nonaffiliated websites, applications, and online services. This is “targeted advertising” under applicable privacy laws. When we engage in those activities, we sell personal data (i.e., information from cookies) to third-party advertisers and analytics companies. We do not use personal data for profiling in furtherance of decisions that produce legal or similarly significant effects concerning individuals.

To exercise your rights, please submit a request through our interactive webform available here or by calling us at 800-221-5817. If legally required, we will comply with your request upon verification of your identity and, to the extent applicable, the identity of the individual on whose behalf you are making such request. To do so, we will ask you to verify data points based on information we have in our records. If you are submitting a request on behalf of another individual, please use the same contact methods described above. If we refuse to take action regarding your request, you may appeal our decision through our interactive webform available here or by calling us at 800-221-5817. If you would like to opt out of targeted advertising, you may alter your cookie preferences here.

11. Notice to California Residents

The California Consumer Privacy Act, as amended by the California Privacy Rights Act of 2020 (“CCPA”), requires that we provide California residents with a privacy policy that contains a comprehensive description of our online and offline practices regarding the collection, use, disclosure, sale, sharing, and retention of personal information and of the rights of California residents regarding their personal information. This section of the Privacy Policy is intended solely for, and is applicable only as to, California residents. If you are not a California resident, this section does not apply to you and you should not rely on it.

The CCPA defines “personal information” to mean information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California resident or household. Personal information does not include publicly available, deidentified or aggregated information or lawfully obtained, truthful information that is a matter of public concern. For purposes of this “Notice to California Residents” section we will refer to this information as “Personal Information.”

Notice at Collection of Personal Information

We currently collect and, in the 12 months prior to the Last Updated Date of this Privacy Policy, have collected the following categories of Personal Information:

Identifiers (name, alias, postal address, online identifier, Internet Protocol address, email address)
Unique personal identifiers (device identifier; cookies, beacons, pixel tags, mobile ad identifiers, or other similar technology; customer number, unique pseudonym or user alias; telephone numbers, or other forms of persistent or probabilistic identifiers that can be used to identify a particular consumer or device)
Personal information described in California’s Customer Records statute (California Civil Code § 1798.80(e)) (signature, telephone number, bank account number, credit card number, debit card number, or any other financial information)
Characteristics of protected classifications under California or federal law (race, color, sex/gender (age (40 and older), marital status, disability)
Commercial information (records of products or services purchased, obtained or considered; other purchasing or consuming histories or tendencies; or other commercial information)
Internet or other electronic network activity information (browsing history; search history; and information regarding consumer’s interaction with website, application or advertisement)
Geolocation data
Audio, electronic, and visual information
Inferences drawn from above information to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes

We collect Personal Information directly from California residents, from Accor and its business affiliates and subsidiaries, and from advertising networks, internet service providers, data analytics providers, government entities, operating systems and platforms, social networks, and data brokers. We do not collect all categories of Personal Information from each source.

In addition to the purposes stated above in the section “How We Use Your Personal Data” we currently collect and have collected the above categories of Personal Information for the following business or commercial purposes:

Auditing related to counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards
Helping to ensure security and integrity to the extent the use of your Personal Information is reasonably necessary and proportionate for these purposes
Debugging to identify and repair errors that impair existing intended functionality
Performing services, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, or providing similar services
Undertaking internal research for technological development and demonstration
Undertaking activities to verify or maintain the quality or safety of a service, and to improve, upgrade, or enhance the service
Advancing our commercial or economic interests, such as by inducing another person to buy, rent, lease, join, subscribe to, provide, or exchange products, goods, property, information, or services, or enabling or effecting, directly or indirectly, a commercial transaction

Sale, Sharing, and Disclosure of Personal Information

The CCPA defines “sale” as the transfer of Personal Information for monetary or other valuable consideration. Although we do not “sell” Personal Information as that term may be commonly interpreted, we engage in online activities that may constitute a sale or a share of Personal Information under California law. This may include showing you advertisements on other websites.

The following table identifies the categories of Personal Information that we sold or shared to third parties in the 12 months preceding the Last Updated Date of this Privacy Policy and, for each category, the categories of third parties to whom we sold or shared Personal Information:

Category of Personal Information	Categories of Third Parties
Unique personal identifiers (device identifier; cookies, beacons, pixel tags, mobile ad identifiers, or other similar technology; customer number, unique pseudonym or user alias; telephone numbers, or other forms of persistent or probabilistic identifiers that can be used to identify a particular consumer or device)	Advertising networks; data analytics providers; advertising and marketing partners; social networks

We sold or shared Personal Information to third parties to advance our commercial and economic interests.

The following table identifies the categories of Personal Information that we disclosed for a business purpose in the 12 months preceding the Last Updated Date of this Privacy Policy and, for each category, the categories of recipients to whom we disclosed Personal Information.

Category of Personal Information	Categories of Recipients
Identifiers (name, postal address, online identifier, Internet Protocol address, email address)	Online booking providers; payment processors; customer relationship managers; cloud hosting providers; data storage providers; digital concierge provider
Personal information described in California’s Customer Records statute (California Civil Code § 1798.80(e)) (telephone number)	Online booking providers; customer relationship managers; cloud hosting providers; data storage providers; digital concierge provider
Personal information described in California’s Customer Records statute (California Civil Code § 1798.80(e)) (bank account number, credit card number, debit card number, or any other financial information)	Online booking providers; payment processors
Commercial information (records of products or services purchased, obtained or considered; other purchasing or consuming histories or tendencies; or other commercial information)	Online booking providers; data storage providers; customer relationship managers; cloud hosting providers; digital concierge provider

We disclosed Personal Information for the following business or commercial purposes:

Helping to ensure security and integrity to the extent the use of your Personal Information is reasonably necessary and proportionate for these purposes
Performing services, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, or providing similar services
Undertaking activities to verify or maintain the quality or safety of a service, and to improve, upgrade, or enhance the service

We do not knowingly collect, sell, or share the Personal Information of consumers under 16 years of age. We do not use Sensitive Personal Information for purposes other than those allowed by the CCPA and its regulations.

Retention of Personal Information

We retain your Personal Information for as long as necessary to fulfill the purposes for which we collect it, such as to provide you with the service you have requested, and for the purpose of satisfying any legal, accounting, contractual, or reporting requirements that apply to us.

Your Rights

If you are a California resident, you have the following rights with respect to your Personal Information:

The right to know what Personal Information we have collected about you, including the categories of Personal Information, the categories of sources from which we collected Personal Information, the business or commercial purpose for collecting, selling or sharing Personal Information (if applicable), the categories of third parties to whom we disclose Personal Information (if applicable), and the specific pieces of Personal Information we collected about you;
The right to delete Personal Information that we collected from you, subject to certain exceptions;
The right to correct inaccurate Personal Information that we maintain about you;
If we sell or share Personal Information, the right to opt out of the sale or sharing;
If we use or disclose sensitive Personal Information for purposes other than those allowed by the CCPA and its regulations, the right to limit our use or disclosure; and
The right not to receive discriminatory treatment by us for the exercise of privacy rights the CCPA confers.

How to Submit a Request to Know, Delete, and/or Correct

You may submit a request to know, delete, and/or correct through our interactive webform available here or by calling us toll free at 800-221-5817.

If you are submitting a request on behalf of a California resident, please submit the request through one of the designated methods discussed above. After submitting the request, we will require additional information to verify your authority to act on behalf of the California resident.

Our Process for Verifying a Request to Know, Delete, and/or Correct

We will comply with your request upon verification of your identity and, to the extent applicable, the identity of the California resident on whose behalf you are making such request. We will verify your identity either to a “reasonable degree of certainty” or a “reasonably high degree of certainty” depending on the sensitivity of the Personal Information and the risk of harm to you by unauthorized disclosure, deletion, or correction as applicable. To do so, we will ask you to verify data points based on information we have in our records concerning you.

Right to Opt Out of Sale or Sharing of Personal Information

If you are a California resident, you have the right to direct us to stop selling or sharing your Personal Information.

You may submit a request to opt out of sales or sharing by clicking here. If you have enabled privacy controls on your browser (such as a plugin), we will also treat that as a valid request to opt out. Please see the “Universal Opt-Out Mechanisms” section above for more information.

Notice of Financial Incentive

From time to time, you may have the opportunity to provide Personal Information in exchange for discounts and price differences. For example, we provide discounts and price differences in exchange for you subscribing to our newsletter. Categories of Personal Information that we may collect when you subscribe to receive discounts and price differences include your name, email address, and country.

How to Opt-In and Right to Withdraw

Signing up for discounts and price differences is optional. By providing your name, email address, and country during the discount sign-up process, you affirmatively opt in to receiving the financial incentive and to joining our mailing list. You have the right to withdraw from the financial incentive at any time. If you opt out of receiving a financial incentive, we will not reduce the value of any financial incentives you previously received from us. If you wish to withdraw from receiving the financial incentive, you may submit such a request at any time by emailing us at sofitel.losangeles@sofitel.com.

How the Financial Incentive is Reasonably Related to the Value of Your Personal Information

The financial incentive or price difference is reasonably related to the value provided by your Personal Information. We take into consideration, without limitation, the anticipated revenue generated from such information, the anticipated expenses which we might incur in the collection, storage, and use of such information, and the anticipated expenses which we might incur related to the offer, provision, and imposition of any financial incentive or price difference. Based on this analysis, the value of your Personal Information that allows us to make these offers and financial incentives is the value of the offer itself.

Shine the Light Law

If you are a California resident and have an established business relationship with us, you may request that we do not disclose your personal information to third parties for the third parties’ own direct marketing purposes (as those terms are defined in California Civil Code § 1798.83). You may submit such a request by clicking here.

12. Your Personal Data and Your Rights – Europe and the United Kingdom Only

If you are in a country in the European Economic Area (EEA) or in the United Kingdom, you are entitled to the following explanation of the legal bases we rely on to process your Personal Data and a description of your privacy rights.

Legal Bases for Processing Your Personal Data

The legal basis for collecting and using the Personal Data described above will depend on the Personal Data concerned and the specific context in which we collect it.

Consent

We may process your Personal Data based on your consent such as when you create an account or when you ask us to send certain kinds of marketing communications. You have the right to withdraw your consent at any time without affecting the lawfulness of the processing based on consent before its withdrawal.

Our Legitimate Interests

We may process your Personal Data if doing so is necessary for our legitimate interests and your rights as an individual do not override those legitimate interests. For example, when we process your Personal Data to carry out fraud prevention activities and activities to increase network and information security, to market directly to you, to expand our business activities and to improve our services and the content and functionality of our Site.

To Perform a Contract

We may process your Personal Data to administer and fulfill contractual obligations to you.

To Enable Us to Comply with a Legal Obligation

We may process your Personal Data to comply with legal obligations to which we are subject. This may include any requirement to produce audited accounts and to comply with legal process.

Necessary for the Exercise or Defense of Legal Claims

If you bring a claim against us or we bring a claim against you, we may process your Personal Data in relation to that claim.

If you have any questions about or need further information concerning the legal basis on which we collect and use your Personal Data for any specific processing activity, please contact us using the “How to Contact Us” section below.

Your Rights

Access Your Personal Data

You have the right to obtain from us confirmation as to whether or not we are processing Personal Data about you and, if so, the right to be provided with the information contained in this Privacy Policy. You also have the right to receive a copy of the Personal Data undergoing processing.

Rectify Your Personal Data

You have the right to ask us to rectify any inaccurate Personal Data about you and to have incomplete Personal Data completed.

Restrict Our Use of Your Personal Data

You have the right to ask us to place a restriction on our use of your Personal Data if one of the following applies to you:

You contest the accuracy of the information that we hold about you, while we verify its accuracy;
We have used your information unlawfully, but you request us to restrict its use instead of erasing it;
We no longer need the information for the purpose for which we collected it, but you need it to deal with a legal claim; or
You have objected to us using your information, while we check whether our legitimate grounds override your right to object.

Object to Our Use of Your Personal Data

You have the right to object to our use of your Personal Data where our reason for using it is based on our legitimate interests or your consent (rather than when the reason for using it is to perform an obligation due to you under a contract with us).

Delete Your Personal Data

You can ask us to delete your Personal Data if:

We no longer need it for the purposes for which we collected it;
We have been using it with no valid legal basis;
We are obligated to erase it to comply with a legal obligation to which we are subject;
We need your consent to use the information and you withdraw consent;
You object to us processing your Personal Data where our legal basis for doing so is our legitimate interests and there are no overriding legitimate grounds for the processing.

However, this right is not absolute. Even if you make a request for deletion, we may need to retain certain information for legal or administrative purposes, such as record keeping, maintenance of opt-out requirements, defending or making legal claims, or detecting fraudulent activities. We will retain information in accordance with the “How Long Is Your Personal Data Kept” section below.

If you do exercise a valid right to have your Personal Data deleted, please keep in mind that deletion by third parties to whom the information has been provided might not be immediate and that the deleted information may persist in backup copies for a reasonable period (but will not be available to others).

Transfer Your Personal Data to Another Service Provider

You may request that we transfer some of the Personal Data you have provided to you or another service provider in electronic copy. This applies to Personal Data we are processing to service a contract with you and to Personal Data we are processing based on your consent.

To exercise any of these rights, please contact us as described in the “How to Contact Us” section below.

Make a Complaint

If you have any concerns or complaints regarding our processing of your Personal Data, please contact us as described in the “How to Contact Us” section below and we will do our best to answer any question and resolve any complaint to your satisfaction.

If, for whatever reason, you feel we do not meet the standards you expect of us, you are also entitled to make a complaint to your local supervisory authority:

EU Data Protection Authorities (DPAs)

Swiss Federal Data Protection and Information Commissioner (FDPIC)

Information Commissioner’s Office (United Kingdom)

How Long Is Your Personal Data Kept?

We will retain your Personal Data for as long as necessary to fulfill the purposes for which we collect it and as set out in this Privacy Policy and for the purpose of satisfying any legal, accounting, or reporting requirements that apply to us.

13. Accessibility

We are committed to ensuring this Privacy Policy is accessible to individuals with disabilities. If you wish to access this Privacy Policy in an alternative format, please contact us as described below.