Rixos Hotels ("we", "us", "our") is committed to protecting and respecting your privacy. This Data Policy explains how we collect, use, store, and share your personal information when you visit our website, make a reservation, or interact with our services. We process your personal data in accordance with the Turkish Personal Data Protection Law (KVKK), the EU General Data Protection Regulation (GDPR), and other applicable data protection laws.
We collect the following categories of personal data: (a) Identity data — name, title, date of birth, nationality, passport/ID details; (b) Contact data — email address, phone number, postal address; (c) Booking data — reservation details, preferences, special requests, loyalty programme information; (d) Financial data — payment card details (processed securely via PCI-compliant partners); (e) Usage data — IP address, browser type, pages visited, interaction with our website; (f) Communication data — records of correspondence with our teams; (g) Preference data — dietary requirements, room preferences, accessibility needs.
We use your personal data for the following purposes: to process and manage your reservations; to provide and personalise your guest experience; to communicate with you about your bookings, offers, and services; to manage our loyalty programme (ALL — Accor Live Limitless); to improve our website and services through analytics; to comply with legal obligations (e.g., guest registration requirements); to detect and prevent fraud; and to send you marketing communications where you have provided consent.
We process your personal data on the following legal bases: (a) Contractual necessity — to perform our obligations under your booking agreement; (b) Legitimate interests — to improve our services, ensure security, and manage our business operations; (c) Consent — for marketing communications and non-essential cookies; (d) Legal obligation — to comply with applicable laws, such as guest registration requirements in the countries where we operate.
We may share your personal data with: Accor SA and its affiliates for loyalty programme administration and group-wide service delivery; authorised third-party service providers who assist us in delivering our services (payment processors, IT providers, marketing platforms); government authorities where required by law (e.g., immigration, tax authorities); professional advisors (legal, accounting, audit). We do not sell your personal data to third parties.
As Rixos operates across multiple countries, your personal data may be transferred to and processed in countries other than the one in which you reside. Where we transfer data outside the EU/EEA, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the European Commission and adequacy decisions where available.
We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected. Booking data is retained for up to 10 years for legal and accounting requirements. Marketing consent records are retained until you withdraw consent. Website usage data is retained for up to 24 months. After the retention period, data is securely deleted or anonymised.
Depending on your jurisdiction, you have the following rights regarding your personal data: the right to access your data; the right to rectify inaccurate data; the right to erasure ("right to be forgotten"); the right to restrict processing; the right to data portability; the right to object to processing; the right to withdraw consent at any time; the right to lodge a complaint with a supervisory authority. To exercise these rights, please contact our Data Protection Officer at privacy@rixos.com.
Our website uses cookies and similar technologies to enhance your browsing experience. Essential cookies are required for the website to function. Analytics cookies help us understand how visitors interact with our site. Marketing cookies are used to deliver relevant advertising. You can manage your cookie preferences at any time through our cookie settings panel or your browser settings. For detailed information, please see our Cookie Preferences page.
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include encryption of data in transit and at rest, access controls, regular security assessments, and staff training on data protection practices.
If you have any questions about this Data Policy or wish to exercise your data protection rights, please contact our Data Protection Officer: Email: privacy@rixos.com | Post: Data Protection Officer, Rixos Hotels, Tersane, Kemeraltı Cd., 34421 Beyoğlu, Istanbul, Turkey.
For data protection enquiries, contact privacy@rixos.com