STR Privacy Policy


Who We Are.

STR, Inc. (U.S.), STR Global, Ltd. (U.K.), and its affiliates, including STR Sector Analysis, LLC (U.S.)  (collectively, the “STR Group”) are privacy conscious global organizations. This means we are committed to protecting the privacy of all individuals who interact with us, whether by registering as a user on our websites in order to receive our data and reports, participating in one of our research projects, or by attending one of our many events held around the world.  This approach to privacy applies to all personal information received by us from our customers, whether in electronic, paper or verbal form.  It also applies to our websites and how we use the websites to collect information, how we use that information, and the choices that are available to you regarding our use of your personal information. 

Privacy Shield

The STR Group, through STR, Inc. and STR Sector Analysis, LLC in the U.S complies with the EU-U.S. Privacy Shield  (Privacy Shield) as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and the United Kingdom to the United States in reliance on Privacy Shield The STR Group has certified to the Department of Commerce that it adheres to the Privacy Shield Principles with respect to such information.  If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.  To learn more about the Privacy Shield program, and to view our certification, please visit,

If you have any questions or complaints about our compliance with the Privacy Shield, please contact us at or send a letter to our U.S. headquarters at STR, Inc., 735 East Main Street, Hendersonville, Tennessee, USA 37075, Attention: Legal).

If we cannot resolve your complaint, or if you do not receive a timely acknowledgement of your complaint from us, you may submit the complaint at no-cost to the American Arbitration Association (AAA®) and its international division, the International Centre for Dispute Resolution (ICDR®) at

Under certain limited circumstances, if all other remedies have been exhausted to no avail, European Union individuals may invoke binding Privacy Shield arbitration as a last resort.  Please visit for information on when you may invoke binding arbitration.   To initiate binding arbitration, you must give notification of this decision to STR at or send a letter to our U.S. headquarters STR, Inc., 735 East Main Street, Hendersonville, Tennessee, USA 37075, Attention: Legal).

General information about the Privacy Shield and the Privacy Shield Principles, as well as information about binding Privacy Shield arbitration, can be found at

Please note that STR, Inc. is also subject to the investigatory and enforcement powers of the United States Federal Trade Commission.


What Information Do We Collect From You and When?

  1. Personal Information Collected for STR Benchmarking

If you are an employee of one of our lodging industry clients, or if you purchase data from us directly, we collect personal information about you when you register to use our websites, or when someone in your organization asks that you be added as a user; when you enroll on behalf of your company in our benchmarking program; when you request more information on products or services; when you request one of STR’s executives speak to your group, company or association; when you register for, or agree to sponsor or present at our Hotel Data Conference; or when you order reports and other products from us.  We will also ask for your personal information if you participate in one of our surveys or other research methods which we conduct on behalf of third party companies or our own behalf.

The personal information we collect usually consists of your name, an email address, phone number and mailing address at which you wish to receive communications from us, your credit card and/or banking information if you are using a personal card or account.  If you are participating as a speaker in our Hotel Data Conference, in addition to the foregoing, a photograph, your curricula vitae/biography and audio/visual recordings of you may be used.

  1.  Personal Information Collected for Survey and Market Research

Our Tourism Consumer Insights Group in the UK collects personal information about you when you agree to participate in and when you complete one of our surveys or other research methods which we conduct on behalf of third party companies or our own behalf.  Likewise our U.S. operations also collects personal information for marketing and research purposes.  If your business or you as an individual consumer are a participant in one of our surveys, one of our focus groups or other research projects, in addition to the above information, we may also ask for sensitive information such as, but not limited to, your gender preference, age, occupation, household income, post code / ZIP code, residency or other personal information to achieve our research objectives.

At the outset of the research process, either by ourselves or via professionals whom we sub-contract services to, we provide respondents with clear information on the background of the research we are undertaking and, if applicable, the reasons for collecting and processing personal data.

Similarly, when undertaking research we ensure that respondents are aware that 1. their participation in the research is voluntary; 2.they have a right to withdraw consent or object to processing  at any time; 3. they may access their data upon request;, and  4. they may exit and/or unsubscribe entirely from the research at any stage, should they wish to.

In all research STR undertakes, unless agreed otherwise, the identity of all respondents will remain confidential; responses will not be identifiable when passed to the client.

We may obtain personal information about you from organizations to which you belong or are a member or from other sources when there is a legitimate interest to invite you to participate in research. To the extent we combine information obtained from these sources with other information we may have collected about you, we will treat the combined information as personal information under this Privacy Policy.  Of course, we are not responsible for the accuracy of any information provided to us by a third party

  1. Personal Information Collected When Visiting STR Websites  

Also, to ensure that our websites are well managed and to facilitate improved navigation within the sites, we or our service provider(s) use cookies (small text files stored in a user’s browser), web beacons (electronic images that allow the websites to count visitors who have accessed a particular page and to access certain cookies), or similar tracking technologies (collectively, “Tracking Technologies”) to collect aggregate data. Specifically, we use such Tracking Technologies to track information on our systems and identify categories of visitors by items such as IP address, domain, browser type and pages visited. These Tracking Technologies do not collect any additional personal information about you.  We do not link the information collected by these Tracking Technologies to your IP address or anything that could be considered personally identifiable information. 

The Tracking Technologies includes HotJar and Google Analytics for tracking on our STR and STR Global websites, as well as Clicky and StatCounter for our HotelNewsNow website. 

You may learn more about how Google and HotJar use the information they collects by visiting the following sites; 1. “How Google uses data when you use our partners' sites or apps” (located at ; and 2. HotJar Product Tour  Google’s ability to use and share information collected by Google Analytics about your visits to our websites is restricted by the Google Privacy Policy (located at Similar information about Hot Jar may be found at Clicky information about may be found at and  StatCounter privacy and use information are found at functionalities and other information may be found at

Finally, we may obtain personal information about you from other sources, such as from others at your place of business (if our main contact at your company asks us to add your name and email to a list of individuals who may be granted website access or be added to a company distribution list), organizations to which you belong or are a member (usually where we are conducting surveys on behalf the organization), and public websites (to confirm office address and contact information). To the extent we combine information obtained from these sources with other information we may have collected about you, we will treat the combined information as personal information under this Privacy Policy.  Of course, we are not responsible for the accuracy of any information provided to us by a third party.

Do Not Track Policy

“Do Not Track” is a proposed standard that is currently under development. As it is not yet finalized, we adhere to the standards set out in this Privacy Policy and we do not currently respond to “Do Not Track” signals on our websites

Why Do We Need The Information That We Collect from You?

Your personal information is used by the STR Group for various legitimate business purposes, all of which are undertaken in order to provide you with the reliable, timely and excellent data delivery, analytics and other services you expect from the STR Group.  These purposes are:

  • To register you as a user on our websites and other client portals. This applies whether you signed up directly with us as a user, or were identified as a user by someone within your organization.  
  • For invoicing purposes and for credit card payment processing, using a third party vendor. 
  • To contact you (whether by phone or email), if necessary, about your order. 
  • If you are an employee or representative of one of our hotel clients, to contact you to inquire about your data or your competitive set selection, and to discuss your contract renewal.
  • To notify you about other STR Group products and services, or any STR Group events, in which you may be interested.
  • To notify you about any updates or maintenance to our websites.
  • To notify you about any corrections or delays in our data reporting.  
  • For direct marketing and advertising purposes. However, we do not sell our client lists to any other third parties for use in their marketing campaigns. Also, at any time you may opt out of receiving such marketing materials and solicitations from us.
  • In relation to our Hotel Data Conference (HDC) or other seminars, conferences and events, for the specific purpose of registering you as an attendee and sending you updates prior to and during the event.  In addition, we will provide HDC sponsors with the list of attendees free of charge and as a benefit to them. If you are an HDC attendee but wish to limit how your contact information is used you may opt out.
  • STR Group webmasters use cookie information to analyze the number of visitors to different areas of the websites, to determine how long users are remaining on the sites. This information helps us make sure that our websites are serving as a useful, effective information source for you.
  • To contact you to inquire whether you wish to participate in a survey or other research method on behalf of third party companies or on our own behalf. 
  • If you are a main point of contact for a hotel company, for inclusion in the STR Directory (formerly the AH&LA Directory).
  • To analyze and report on the results of surveys or other research methods.
  • To comply with our legal and contractual obligations, to resolve disputes, and to enforce agreements
  • To undertake research on our own behalf and for a variety of clients. We and our client look forward to hearing what you have to say, learning more about you and understanding your behaviour and attitudes relating to our research topics. Gathering this information helps us and our clients, among other things, to improve products and services and to inform business decision making.

You may object to our use of your information for any of these purposes and you may ask that we cease such use at any time by contacting us at or call  our U.S. headquarters at 1-615-824-8664 ext 3340.  Please note that if we fulfill your request we may no longer be able to communicate with you or to provide you with the data services you or your company has been receiving from us.

With Whom Do We Share Your Personal Information? How Long Do We Keep it?

Your personal information may be shared between and among STR, Inc. in the United States and STR Global, Ltd in the UK, with offices in Germany, Beijing, Dubai, Australia, Brazil, Singapore, and Spain, for purposes of enabling the STR Group to provide you with the optimal data and analytic services that you and our clients expect.

We also contract with third party data processors to help us store, catalog and/or process your personal and payment/credit card information for our sales, service and marketing activities.  Among these third parties are SalesForce (cloud based Customer Relations Management), Cvent (Hotel Data Conference registration), MailChimp (marketing and promotional emails), Azure (online data storage) Adyen (third party payment processing) and Proofpoint (email firewall).  We require all third party data processors to keep confidential all information that we disclose to them, including personal information, and to only use such information for the purpose for which it was disclosed. Please let us know if you would like more information about how we work with these companies.  We recognize that STR Group is liable under the EU-US Privacy Shield Principles for the actions of those agents and processors we use to process your information in a manner consistent with Privacy Shield Principles

As stated above, if you are an attendee at our Hotel Data Conference, we may share your contact information with certain corporate sponsors of the Conference. 

In all research STR undertakes, unless agreed otherwise, the identity of all respondents will remain confidential; responses will not be identifiable when passed to the client.

We may provide information to regulatory authorities and law enforcement officials in accordance with applicable law or when we otherwise believe in good faith that the law requires it.  There may be instances when we may access or disclose your information in order to protect or defend the legal rights or property of the STR Group or their employees and agents, to protect the safety and security of users, and to protect against fraud.

The STR Group may sell, transfer or otherwise share some or all of its assets in connection with a merger, reorganization or sale of assets, or in the event of bankruptcy, without your permission.  In such an event, personal information may be one of the assets transferred.

We will not share your information with any other party, for any reason, unless otherwise disclosed at the point of collection. If that occurs, you will have the opportunity to refuse to give us consent or to withdraw your consent if previously given.

We retain your personal information for as long as needed to provide you or your company with our services. We also retain and use this information as necessary to comply with legal obligations, resolve disputes, and enforce agreements. If you are a participant in a survey or other research method, we retain your personal information for a reasonable time after the project is completed so that, if needed, we can verify the basis for the survey results.

You May Access Your Information, Correct It And Delete It.

We are dedicated to providing reasonable access to individuals who wish to review the personal information we have retained so that they may correct any inaccuracies it may contain or opt to delete the information.

If you wish to see the information about you that we have in our possession, if you wish to correct this information or if you wish to have it deleted in its entirety from our systems, please email us at or call our U.S. headquarters at 1-615-824-8664 extension 3340.

While we will respond to your request as quickly as possible, please allow us no more than 30 days for any personal information about you to be accessed, extracted, modified or deleted from our servers, and those of our third party vendors.  

We will certainly respect and fulfill your request to have your information removed from our system. However, please note that in certain cases (such as where you are on a distribution list or identified as the contact person for a hotel that is participating with us) such removal may result in you no longer having access to STR Group reports and data, being able to take part in ongoing research in which you have previously indicated you wish to be a participant, or hearing about new or updated STR Group products, services and events. Likewise such removal may result in you no longer being able to take part in ongoing research in which you have previously indicated you wish to be a participant. Also, if you are the main contact for your company, or are the person identified to receive invoices on behalf of your company, we will first need for you to identify the person who will be your replacement.  We will assume that you have the authority to provide us with that person’s contact information.

Also, please bear in mind that, even if we delete your information, it may still persist on back-up tapes and archival documents or electronic media on which other business critical information is stored and which STR must retain for legal, tax, or regulatory reasons, or for legitimate and lawful business purposes.  Access to such archival information is limited to only authorized personnel who are under an obligation to maintain its confidentiality.

Other Choices About Your Information

In addition to the options described above, the following mechanisms are available that allow you to control information that is collected about you and your use of our websites:

  • Tracking Technologies.  You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent.  If you disable or refuse cookies, please note that some parts of our websites may then be inaccessible or not function properly.
  • Google Analytics Opt-out Option.  If you do not want your information collected with Google Analytics, you can install the Google Analytics opt-out browser add-on.  To opt-out of Google Analytics, visit the Google Analytics opt-out page (located at and install the add-on for your browser.  For more details, visit the “Google Analytics opt-out browser add-on” page (located at
  • HotJar Opt-Out Option. Likewise, if you no longer wish to be tracked by HotJar while you are on our site, you may follow the instructions found on “How To Stop HotJar From Collecting Your Data” at
  • At this time, similar opt-out features are not available through Clicky,, or StatCounter.

How Do We Protect Your Information?

The STR Group takes appropriate administrative, physical, and technical measures (collectively “Security Measures”) to protect your personal information from loss, misuse, unauthorized access or disclosure, alteration and destruction.  We follow generally accepted standards when implementing and maintaining such Security Measures, including, but not limited to, TLS/SSL for data in transit, limiting unnecessary access, using at rest and in transit encryption, using services such as a 24x7 Security Operations Center (SOC), monitoring for unauthorized access attempts, using secure servers operated by datacentres that hold ISO27001 accreditation, filtering access attempts and mitigating activities by bad actors. These Security Measures are periodically reviewed and, if necessary, updated to ensure they meet current generally accepted standards. Furthermore, only authorized personnel have access to personally identifiable information. Such employees are required to maintain the confidentiality of this sensitive data. This policy also applies to any and all agents and third party data processors that may receive such information from us. Website visitors who provide personal information to us through our websites should be aware, however, that our websites may contain links to third party sites that are not governed by this Privacy Policy or any other privacy statement.  IT specialists are able to operate from disaster recovery sites to provide a continual service to clients should their or our offices be inaccessible or office communications be rendered inoperable.

No method of transmission over the internet, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee the absolute security of information that is transmitted to us electronically.  Any transmission of personal information is at your own risk.  We are not responsible for circumvention of any privacy settings or security measures we provide. If you have questions about the security of your personal information, our websites or other systems on which your personal information may be transmitted, please do not hesitate to contact us at or call us at our US Headquarters 1-615-824-8664 ext 3340. 

Third Party Websites

This Privacy Policy does not apply to any third party websites or to other companies or persons that may access our websites, with or without our permission.  Our websites may contain links to, and media and other content from, other sites.  In addition, such third-party media and content may also contain external links.  Because of the dynamic media capabilities of our websites, it may not be clear to you which links are embedded in our websites and which are embedded in third-party media and/or content.  The STR Group cannot and does not guarantee the privacy policies and practices of any third party.  We do not control, operate, or endorse any information, products, or services of any third-party websites that may be reached through links from our websites. 

The use of any personal information provided by you to, or automatically collected from, a third party will be governed by that party's privacy policy.  If you are unsure whether a website is controlled, affiliated, or managed by the STR Group, you should review the privacy policy at each linked website to determine how that site treats your personal information.

Protecting Children

Our websites are not intended for children under 13 years of age.  The STR Group does not knowingly collect personal information from children under 13.  If you are under 13, do not use our websites or provide any information about yourself to us, including your name, postal address, telephone number, email address or any screen name or user name you may use.  If we learn we have collected or received personal information from a child under 13 without verification of parental consent, we will delete that information.  If you believe we might have any information from or about a child under 13, please contact us at or call us at 1-615-824-8664 ext 3340.

Your California Privacy Rights

California Civil Code Section § 1798.83 permits users of our websites that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes.  To make such a request, please contact us at or call us at 1-615-824-8664 ext 3340. Please note, however, that the STR Group does not disclose personal information to third parties for their direct marketing purposes unless we have previously obtained your consent.

Future Changes to Our Privacy Policy

This Privacy Policy was last revised in March 2019.  The law and technology is always changing, as is how we interact with you.  Therefore, the STR Group may need to modify or amend this privacy statement at any time.  If so, we will notify you.  Any changes to this Privacy Policy will be in effect as of the “Last Updated” date referenced in this Privacy Policy.

For Complaints or Further Inquiries:  If you have any questions about our privacy policy and practices or if you have a complaint about how your data has been handled by the STR Group, please contact us at:

By email:

By phone:  1-615-824-8664 ext 3340

By mail;

STR, Inc.

Attention Legal Department

735 East Main Street

Hendersonville, TN, USA 37075.