Privacy Promise

Effective: July 2004

Who are we?
Carlson Travel Group is a subsidiary of Carlson Companies, the parent corporation of businesses operating in the hospitality, travel, and relationship-marketing industries. Carlson Travel Group brands include Radisson Hotels, Country Inns & Suites by Carlson, Park Inns and Park Plaza Hotels, Regent Hotels, Radisson Seven Seas Cruises, Carlson Vacation Ownership, Carlson Lifestyle Living, and Provisions. We have a major interest in Carlson Restaurants Worldwide, the parent company of TGI Friday's and Pick Up Stix. Carlson Travel Group is also a member of Carlson Companies' Gold Points Rewards network.

How can someone learn about our privacy practices?
Wherever we ask for your personal information, we'll let you know how you can find out about the steps we take to guard your information. If we're asking you for information online, such as on one of our websites, we'll provide a link to our Privacy Promise. If we're asking you to complete a paper form, we'll include a privacy notice with additional points of contact for your questions. If you're making a reservation by phone, our operators will be able to answer your privacy questions. Our hotel and restaurant managers and our ship captains know about our commitments to your privacy. They will be able to answer your questions and promptly address any of your concerns.

What personal information do we collect, how, and why?
Our sole purpose in collecting your personal information is to provide the level of hospitality you expect. By learning more about you and your preferences, we can provide you meaningful offers and deliver services that meet your highest standards.

We'll require only the minimum amount of information from you that we need to provide our services. If you're dining in one of our restaurants, you need not provide any personal information. If you're reserving a stay in one of our hotels or a voyage on one of our ships, you need only to provide your basic billing information. We'll always indicate the minimum required information on forms that we ask you to complete.

We believe that in order to make your stay with us pleasing and comfortable, we must strive to anticipate your needs. To do this, we'll occasionally ask for your hospitality preferences. If you provide us comments through our guest cards, we'll ensure your wishes are respected in future stays. We try to identify guests who stay with us a number of times to let them know about discounted rates and programs they may be eligible for. To learn more about the needs and wishes of hospitality customers, we will obtain customer information from companies outside our family of businesses, but will do so only if these companies have permission to share that information with us.

If you're visiting one of our websites, we track the domain name of the computer you're using and the places on our websites you visit. We track this information without your name and use it to improve the design of our web pages. Like many commercial websites, we use "cookies" to help our websites function properly. Cookies are small files placed on your computer that contain information you've provided to the website. They help our websites provide you a smooth registration process. To protect the information stored on your cookies, we encrypt them and expire them after one year of inactivity.

If you've given us your e-mail or postal address, we'll initiate contact with you to invite you back again. At that time, we'll also let you know how to remove your name from our marketing efforts. We'll never collect information about you for which you haven't given your consent.

Do we collect information from children?
No. We will never knowingly request personally identifiable information from children.

How long do we keep your information?
We'll keep information associated with your name for only as long as we need it. For each program we operate, we'll establish an information-retention plan. These plans will result in eliminating your name from our records after a defined point in the future, such as account inactivity, unless a law where you live requires us to retain it for a different length of time.

How can you remove your name from our lists?
At any time, you can contact carlsonhospitality@carlson.com or 1-800-CTG-DATA to request that you not be contacted for marketing purposes. Our e-mailed offers also include instructions for unsubscribing from future e-mailed offers. If you want to be removed only from our postal mailing list, please provide us with your complete name and address. You can also ask that your name be removed entirely from our customer database, but know that doing so will erase any Gold Points Rewards account you have with us.

How can you access the information we've collected about you?
At any time, you can contact carlsonhospitality@carlson.com or 1-800-CTG-DATA and request that a copy of your personal profile be delivered to your home or e-mail address. We'll use secure means to confirm your identity to prevent the wrong people from accessing your information. If you've registered to become a Gold Points Rewards member through one of our websites, you may also access your information at that website by accessing the "My Account" or "My Profile" sections.

How can you make corrections to your personal information?
At any time, you can contact carlsonhospitality@carlson.com or 1-800-CTG-DATA and request that we correct your personal information, such as your name and address. If you've registered to become a Gold Points Rewards member through one of our hotel websites, you may also update your information at that website by accessing the "My Account" or "My Profile" sections. We also try to ensure that our customer addresses remain current by checking them against the national change-of-address lists that postal services make available. To deactivate your online account with us, visit the Member Services area of the website where you have the account.

Do we share your information with other companies?
We will never sell your information, and we will never share it outside our family of companies for purposes unrelated to providing the services you've sought from us.

One level of sharing occurs within the Carlson family of companies. If you stay at a Park Inn in Atlanta, for example, your contact information will be kept at that hotel. It will also be processed and stored at Carlson Hospitality's central computers. Our corporate staff, who have been trained on our privacy and security standards, may then access that information and send you offers for our other brands for which you qualify.

If you collect Gold Points by using our brands, basic processing information will be sent to Gold Points Corporation to enable it to keep track of your transactions and properly credit your account. Gold Points Corporation is a subsidiary of Carlson Marketing Group, itself a subsidiary of our parent Carlson Companies. Gold Points Corporation protects your information with the same high level of security we do. Other companies that allow you to redeem your Gold Points for their products and services will have access to your name and point balance when you give them your Gold Points Rewards account number. To learn more about the companies that form the Gold Points network, visit the Gold Points website.

A different level of sharing occurs when we contract with other companies to help provide our hospitality services. For example, when you check out of one of our hotel rooms using a credit card, we'll authorize that payment through a third party. An outside telephone company also provides the telephone network we use to transmit information between our buildings and systems. We will use other companies to prepare and send surface mail and e-mail to customers. Whenever we contract with outside companies, we'll hold them accountable to protect your information to the same high level we do.

In rare cases, we may be required by law enforcement or judicial authorities to provide personally identifiable information to governmental authorities. If requested as part of a legal proceeding, we will provide this information upon receipt of the appropriate documentation.

Do our websites send your information to other companies?
No. Our websites do not use technologies called "spyware" that secretly collect and transmit information about you outside the domain of the website.

Be aware, however, that whenever you click on any advertisements on the Internet, the companies placing the ads may collect information about you through the use of cookies. Because of the way the Internet technically operates, we cannot control this collection of information. You should contact these advertisers or content providers if you have any questions about their use of the information they collect.

We will never transfer you from one of our websites to a website outside our control without giving you prominent notification. For example, there may be links that will let you leave our site to another website owned by a different company that operates a different privacy policy. When you select such a link, we will inform you that you are leaving our domain.

Please see the Terms and Conditions of our websites you visit for additional information about the sites.

Do we transmit your information outside your country of residence?
Yes, we probably do. As a global company, our operations cross national boundaries by necessity. Our hotels, restaurants, and cruise ships operate at over 2,000 locations in over 100 countries. To keep prices down for you, we've consolidated our data operations into a few locations in North America and Europe. If you stay at a Radisson hotel in Canada, for example, your transaction will be processed by our computers in the U.S. If you call to make a reservation in the U.K., your call may be taken by an operator in Canada. In every case, we'll ensure that all of our locations are protecting your information to the same high level of security.

What security controls do we use to protect your information?
We use a combination of basic and advanced technical and procedural controls to prevent unauthorized people from seeing, altering, or obtaining your personal information. We operate secure data networks protected by industry-standard firewalls and intrusion-detection sensors. We frequently update our antivirus mechanisms and security patches. Our privacy and security policies are regularly reviewed and enhanced, and only authorized individuals have access to the information provided by our customers. Any sensitive information, such as a customer's credit-card number, is encrypted during transmission.

How do we enforce our privacy promises?
We take three main initiatives to ensure our global operations are meeting our ten privacy promises. Our most important effort is to train our key personnel handling customer information on their roles and responsibilities in protecting your privacy. Each year, we also assess the privacy and security practices of our customer-information systems. As an additional control, we've become members of TRUSTe/BBBOnLine, who maintains a dispute-resolution process for its members. If you have questions or concerns about our privacy practices, contact us at privacy@carlson.com.