Privacy Policy

Welcome to the privacy policy of Imperial London Hotels Limited

Privacy Notice
(Last updated: 14th January 2026)

1.    Introduction

This notice applies to Imperial London Hotels Group (“Imperial”, “ILH”, “we”, “us”, or “our”) is committed to protecting and respecting your privacy. We are a limited company registered in England and Wales under registration number 07469777  Registered at Directors' Office Royal National Hotel, 38-51 Bedford Way, London, United Kingdom, WC1H 0DG. We are registered with the UK supervisory authority, Information Commissioner’s Office (“ICO”) in relation to our processing of personal data under registration number Z6428573

Unless we notify you otherwise, we are the controller of the personal data we process about you. This means that we decide what personal data to collect and how to process it.

Imperial London Hotels respects your privacy and is committed to meeting our legal obligations when it comes to protecting your personal data, including how and why we collect and use your data, and how we safeguard your personal information.

This Privacy Notice explains the types or personal data we collect, how we collect, use, disclose and protect that data when you:

•    Visit or use our website, mobile site, or mobile app
•    Book, check in, or stay as a guest at one of our properties
•    Visit our properties as a day visitor, contractor, or event attendee
•    Contact us for information, make an enquiry, or sign up to our marketing communications
•    Apply for employment with us

Please note: We may collect and process limited personal data about children staying with you (such as name, age, and nationality). This information is collected from parents or guardians to meet our legal obligations, manage your booking, and ensure a safe and appropriate service.

We do not knowingly collect information directly from children. We do not use children’s data for marketing.
Parents or guardians may contact us at privacy@imperialhotels.co.uk to access, correct, or request deletion of their child’s data.

What this Notice does not apply to
This notice does not apply to other organisations’ websites, apps, products, services and social media accessed from our websites and/or apps. When you leave our website(s) and/or apps, we encourage you to read the privacy policies and/or notices of every website and app that you visit. We do not accept any responsibility or liability for the privacy policies or notices on third-party websites or apps. Please check these policies before you submit any personal data to these websites or apps.

2.    The Data We Collect

Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (which is known as anonymous data).

There are different ways in which we collect your information both directly from you and from third parties. For example:

Data Source

Type of Data

Data you provide to us directly
  • Full name, title, role and contact details (e.g. email, phone)
  • Organisation or company name (where applicable)
  • Card payment data, such as limited transaction details (note: full card numbers are securely processed and not stored by us beyond what is necessary to complete the transaction)
  • Preferences, special requirements (e.g. accessibility needs, room preferences)
  • Information provided through forms, emails, calls, or at events/exhibitions
  • Job application details such as CVs, education and work history
  • Health Data and Allergy information
Data Collected when you visit our website and/or use our Mobile App
  • Technical information including IP address, browser type/version, time zone, operating system, and device identifiers
  • Website and app usage data, such as pages visited, navigation paths, and time spent on pages
  • Log-in and authentication data (where applicable)
  • Information collected via cookies and similar technologies. Please see our Cookie Notice
Data Collected at Our Properties    
  • Booking details, including stay dates, room numbers, and guest preferences 
  • Guest registration data (e.g. contact details, ID information where required by law) 
  • Card payment data for in-person purchases, including transaction details (processed securely via PCI-DSS compliant providers)
  • CCTV footage for security and safety 
  • Vehicle registration numbers for parking management
  • Visitor log details for contractors, event guests, or site visitors
  
Data received from third-party booking partners and travel agencies
  • Booking details provided to us by third-party platforms (e.g. Booking.com, Expedia, corporate travel agents), including guest name, contact details, booking dates, and payment confirmation 
  • Any preferences, special requests, or comments submitted through those platforms 
  • Limited payment information or authorisation references necessary to confirm or secure the booking

3.    How We Use Your Personal Data

Purpose  Lawful BasisExample of Use
To provide products and servicesPerformance of a ContractManaging bookings, processing payments, communicating with guests and ensuring suitable products or services are provided based on health or allergy information you choose to share
To respond to enquiries or requestsLegitimate Interests / Consent    Responding to questions, quote requests, or feedback
To send marketing communicationsConsent 
(can be withdrawn at any time)		 Updates about our services, offers, or newsletters (if you have subscribed)
To manage guest and visitor safetyLegitimate interests / Legal Obligation CCTV monitoring, incident recording, visitor access control and ensuring suitable products or services are provided based on health or allergy information you choose to share
To improve our website, app, and services  Legitimate InterestsAnalysing usage data and improving user experience
To manage job applicationsLegitimate Interests / ConsentProcessing applications, communicating with candidates
To prevent fraud or resolve disputesLegitimate Interests / Legal ObligationChargeback management, verification of transactions

ILH do not use your personal data for automated decision-making or profiling. This means that any decisions that could have a legal or significant effect on you are not made solely by automated means. All such decisions, if applicable, involve human review and judgment.

Use of Artificial Intelligence (AI):

We may use artificial intelligence (AI)–powered tools and technologies to support our services, including improving functionality, efficiency, security, customer support, and data analysis. Where AI is used, it operates under appropriate safeguards and is designed to process data in accordance with this Privacy Policy. 

We do not use AI to make decisions that produce legal or similarly significant effects about individuals without appropriate human oversight, and we do not use personal data to train AI models unless explicitly disclosed or permitted by applicable law.

4.    How We Share Information with Others

Where we share your information with third parties, they will process your information either as a data controller or as our data processor, and this will depend on the reason for our sharing your personal data with them. We will only share your personal data in compliance with the applicable data protection laws and regulatory compliance and only for the purposes set out in paragraph 3 of this notice.

We require all third parties with whom we share your personal data to respect the security of your personal data and to treat it in accordance with the law.

We may share your personal data with partner companies with whom we have contracts for certain products and/or services, including:

1.    Companies within the Imperial London Hotel Group
2.    Banks and payment providers to process transactions
3.    IT, system, and website hosting providers
4.    Third-party contractors and service providers who support the day-to-day running of our hotels and properties 
5.    CCTV and security monitoring providers
6.    Booking and reservation platforms such as Booking.com, Expedia, and other travel agents
7.    Professional advisers (such as auditors, insurers, or legal representatives)
8.    Regulatory, law enforcement, or public authorities, where disclosure is required by law

All contractors and service providers are bound by confidentiality obligations and data processing agreements, ensuring they handle your information securely and only in accordance with our instructions.

We may share personal data with relevant payment providers to supply evidence of guest stays at our hotels when required to manage and resolve chargeback requests. This processing is based on our legitimate interests in protecting the business from financial disputes and ensuring effective transaction management.

5.    How we Protect your Data 

ILH will store your data safely and, therefore, ILH maintains appropriate technical and organisational measures to protect against unauthorised or unlawful processing of Personal Data and/or against accidental loss, alteration, disclosure or access, or accidental or unlawful destruction of or damage to your Personal Data. 


To prevent unauthorised access, maintain data accuracy and ensure the correct use of information ILH maintains physical, electronic, standard security practices, including:

•    Encryption of data where appropriate, 
•    Use of strong authentication methods
•    physical security measures, 
•    managerial procedures 
•    Regular penetration testing of systems
•    Training for employees on security and privacy to protect the security and confidentiality of Personal Data. 

Only a limited number of persons within our organisation are authorised to access, delete or modify your data. These measures are aimed at ensuring the on-going integrity and confidentiality of Personal Data. ILH evaluates these measures on a regular basis to ensure the security of processing.

ILH’s employees or any of ILH’s contractual partners who have access to your data in order to provide ILH are contractually obliged to keep such information in confidence and may not use these data for any other purpose than performing their contractual missions for ILH.

6.    How Long we Keep your Information

ILH retain your personal data only for as long as necessary to fulfil the purposes we collected it for, including to meet any legal, accounting, or reporting requirements. We adhere to our documented retention policy, for specific information on data retention, please email: privacy@imperialhotels.co.uk

7.    Your Rights 

You have the right to withdraw your consent to the processing of your Personal Data at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
To the extent required by applicable law and subject to legal limitations, you have the right:

Rights    Description
Access: You have the right to get access to the information and/or data that we hold about you.If you would like a copy of the information and/or data that we hold about you, please contact us by email at privacy@imperialhotels.c
Rectification: You have a right to rectification of any inaccurate information and/or data and to update incomplete information and/or data that we hold about you. If you believe that any of the information and/ or data that we hold about you is inaccurate, you have a right to request that we rectify any such data. For any rectification requests please email us at privacy@imperialhotels.co.uk
Erasure: You have a right to request that we delete your information and/or data.You may request that we delete your information and/or data in certain circumstances including where: - we no longer need to process information and/or data for the purposes for which it was provided; we have requested your consent to process your information and/or data and you wish to withdraw your consent; - we are relying on legitimate interests as our basis for processing your data, you object to such processing and we do not have an overriding legitimate interest to continue this processing ; or - we are not using your information and/or data in a lawful manner. For any deletion requests please email us at
privacy@imperialhotels.co.uk
Restriction: You have a right to request that we restrict the processing of your information and/or data.  You may request that we restrict or limit the way that we process your information and/or data in certain circumstances including where: - you want us to establish the data’s accuracy; - our use of the data is unlawful but you do not want us to erase it; - you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or - you have objected to our use of your data, but we need to verify whether we have overriding legitimate grounds to use it. For any deletion requests please email us at privacy@imperialhotels.co.uk
Portability: You have a right to data and/or information portability.Where we are processing your data by automated means and either we have requested your consent to process your information and/or data or you have provided us with information and/or data for the purposes of entering into a contract with us, you have a right to receive the information and/or data you provided to us in a portable Rights Description format. You may also request us to provide it directly to a third party, if technically feasible. If you would like to request the information you provided to us in a portable format, please contact us by email atprivacy@imperialhotels.co.uk or write to us at Data Protection, 38-51 Bedford Way, London, WC1H 0DG
Objection: You have a right to object to our processing of your data and / or information.   You have a right in certain circumstances to object at any time to processing of your information and/or data including where the processing is for: - direct marketing purposes; or - your legitimate interests (or those of a third party). I f you would like to object to our processing of your data, please write to us at privacy@imperialhotels.co.uk

8.    Changes To This Policy

Any changes we may make to this policy in the future will be posted on our website (https://www.imperialhotels.co.uk/privacy-policy) and, where appropriate, notified to you by email. Please check back frequently to see any updates of changes.

9.    Contact Us 

If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact the DPM using the following details:

Email address: privacy@imperialhotels.co.uk
Postal address: 38-51 Bedford Way, London, WC1H 0DG

10.    How to Complain

ILH is committed to working with you to obtain a fair resolution of any complaint or concerns about privacy. If, however, you believe that ILH has not been able to assist with your complaint or concern, you have the right to make a complaint to the Information Commissioner’s Office, the supervisory authority for data protection issues in England and Wales. who can be contacted online at https://ico.org.uk/make-a-complaint/ or by telephone on 0303 123 1113.

Or in writing to: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF