Cybersecurity Risk Management and Strategy Disclosure	12 Months Ended
Dec. 31, 2024
Cybersecurity Risk Management, Strategy, and Governance [Line Items]
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]	We have strategically integrated cybersecurity risk management into our broader enterprise risk management function to promote a company-wide culture of cybersecurity risk management. Our board of directors has general oversight responsibility for our enterprise risk management function, which includes specific areas of focus including competitive, economic, operational, financial (accounting, credit, liquidity and tax), legal, compliance, information technology security programs (including cybersecurity), ESG/corporate social responsibility, political and reputational risks. Our board of directors has delegated oversight of certain of these areas to the committees of our board of directors, including delegating the oversight of our information technology security programs (including cybersecurity) to the risk committee of our board of directors (the “Risk Committee”). We believe this division of risk management-related roles to the committees of our board of directors fosters an atmosphere of significant involvement in the oversight of risk at the board level and complements our risk management policies. The oversight responsibility of our board of directors is facilitated by a management report process that is designed to provide both visibility and transparency to our board of directors about the identification, assessment and management of critical risks and management’s risk mitigation strategies. Our risk management team, which includes members of senior management, including our Chief Financial Officer (“CFO”), Chief Information Officer (“CIO”) and General Counsel, as well as external consultants, works closely with our information technology department (“IT Department”) to continuously evaluate and address cybersecurity risks relevant to our business and operations. In addition, we have set company-wide policies and procedures that directly or indirectly relate to cybersecurity matters, such as policies related to encryption standards, antivirus protection, access removal, multifactor authentication, confidential information or use of the internet, social media, email and wireless devices. These policies go through an annual internal management review and approval process. Our IT Department management team meets monthly to assess and review cybersecurity status, which includes dashboard reviews, operational risks and company compliance. Annually, our internal audit group and third-party consultants meet with our IT Department to perform risk assessment walkthrough meetings, discuss potential enhancements, materiality of risks and alignment with the Center for Internet Security Critical Security Controls framework. In addition, we engage third-party consultants to perform annual red team exercises and external penetration tests. We promote a culture of cybersecurity compliance throughout our organization, including required monthly cybersecurity training for all employees with company accounts and annual training for service-related employees on cybersecurity related topics, including social engineering (e.g., phishing, vishing and smishing), ransomware, denial of service or information, and other security breach tactics. We conduct quarterly ERM discussions where top risk owners discuss how risks have changed and how such risks are being addressed with approaches designed to mitigate such risks. In addition to assessing our own cybersecurity preparedness and as part of our overall cybersecurity risk management framework, we also consider and evaluate cybersecurity risks associated with our use of third-party service providers. We perform a formal System and Organization Controls (“SOC”) review process annually on our financially significant third-party service providers, which includes our internal assessment of complementary user entity controls. All other material third-party service providers undergo assessment as a contract is entered into or renewed to ensure cybersecurity alignment. Our internal audit group meets regularly with management team members of Marriott, our third-party hotel manager, to assess security applications compliance. We also regularly meet with management team members of Marriott to understand system upgrades, changes and associated risks with third-party managed applications. In addition, we generally require our third-party service providers to promptly notify us of any actual or suspected breach impacting our data or operations. In assessing cybersecurity threats, our IT Department has established controls and procedures for responding to cybersecurity incidents, including a process to evaluate the significance of a cybersecurity incident. Members of senior management, including our General Counsel and CFO, are tasked with performing a materiality assessment in the event of a cybersecurity incident, which includes the consideration of relevant quantitative and qualitative factors, as well as SEC guidance. Based on the results of this evaluation, further escalation of the cybersecurity event may occur, which may include our CEO, our board of directors and/or law enforcement. In addition, members of senior management will determine, based on the assessment described above, whether the cybersecurity incident requires disclosure with the SEC. We currently maintain a cybersecurity insurance policy that provides coverage for security incidents and periodically meet with our insurer to discuss emerging trends in cybersecurity. We do not believe that any risks we have identified to date from cybersecurity threats, including as a result of any previous cybersecurity incidents, have materially affected or are reasonably likely to materially affect us, including our business strategy, results of operations or financial condition. However, notwithstanding the programs, policies and procedures described above, there can be no assurance that we or businesses with which we interact will not experience a cybersecurity incident that materially affects us in the future. For more information about the cybersecurity risks we face, see the risk factor entitled “Cybersecurity incidents, including the failure to protect the integrity or availability of IT systems or the security of confidential information, or the introduction of malware or ransomware, could harm our business.” in Item 1A. Risk Factors of Part I of this Annual Report on Form 10-K.
Cybersecurity Risk Management Processes Integrated [Flag]	true
Cybersecurity Risk Management Processes Integrated [Text Block]	We have strategically integrated cybersecurity risk management into our broader enterprise risk management function to promote a company-wide culture of cybersecurity risk management. Our board of directors has general oversight responsibility for our enterprise risk management function, which includes specific areas of focus including competitive, economic, operational, financial (accounting, credit, liquidity and tax), legal, compliance, information technology security programs (including cybersecurity), ESG/corporate social responsibility, political and reputational risks. Our board of directors has delegated oversight of certain of these areas to the committees of our board of directors, including delegating the oversight of our information technology security programs (including cybersecurity) to the risk committee of our board of directors (the “Risk Committee”). We believe this division of risk management-related roles to the committees of our board of directors fosters an atmosphere of significant involvement in the oversight of risk at the board level and complements our risk management policies. The oversight responsibility of our board of directors is facilitated by a management report process that is designed to provide both visibility and transparency to our board of directors about the identification, assessment and management of critical risks and management’s risk mitigation strategies. Our risk management team, which includes members of senior management, including our Chief Financial Officer (“CFO”), Chief Information Officer (“CIO”) and General Counsel, as well as external consultants, works closely with our information technology department (“IT Department”) to continuously evaluate and address cybersecurity risks relevant to our business and operations. In addition, we have set company-wide policies and procedures that directly or indirectly relate to cybersecurity matters, such as policies related to encryption standards, antivirus protection, access removal, multifactor authentication, confidential information or use of the internet, social media, email and wireless devices. These policies go through an annual internal management review and approval process. Our IT Department management team meets monthly to assess and review cybersecurity status, which includes dashboard reviews, operational risks and company compliance. Annually, our internal audit group and third-party consultants meet with our IT Department to perform risk assessment walkthrough meetings, discuss potential enhancements, materiality of risks and alignment with the Center for Internet Security Critical Security Controls framework. In addition, we engage third-party consultants to perform annual red team exercises and external penetration tests. We promote a culture of cybersecurity compliance throughout our organization, including required monthly cybersecurity training for all employees with company accounts and annual training for service-related employees on cybersecurity related topics, including social engineering (e.g., phishing, vishing and smishing), ransomware, denial of service or information, and other security breach tactics. We conduct quarterly ERM discussions where top risk owners discuss how risks have changed and how such risks are being addressed with approaches designed to mitigate such risks. In addition to assessing our own cybersecurity preparedness and as part of our overall cybersecurity risk management framework, we also consider and evaluate cybersecurity risks associated with our use of third-party service providers. We perform a formal System and Organization Controls (“SOC”) review process annually on our financially significant third-party service providers, which includes our internal assessment of complementary user entity controls. All other material third-party service providers undergo assessment as a contract is entered into or renewed to ensure cybersecurity alignment. Our internal audit group meets regularly with management team members of Marriott, our third-party hotel manager, to assess security applications compliance. We also regularly meet with management team members of Marriott to understand system upgrades, changes and associated risks with third-party managed applications. In addition, we generally require our third-party service providers to promptly notify us of any actual or suspected breach impacting our data or operations. In assessing cybersecurity threats, our IT Department has established controls and procedures for responding to cybersecurity incidents, including a process to evaluate the significance of a cybersecurity incident. Members of senior management, including our General Counsel and CFO, are tasked with performing a materiality assessment in the event of a cybersecurity incident, which includes the consideration of relevant quantitative and qualitative factors, as well as SEC guidance. Based on the results of this evaluation, further escalation of the cybersecurity event may occur, which may include our CEO, our board of directors and/or law enforcement. In addition, members of senior management will determine, based on the assessment described above, whether the cybersecurity incident requires disclosure with the SEC. We currently maintain a cybersecurity insurance policy that provides coverage for security incidents and periodically meet with our insurer to discuss emerging trends in cybersecurity. We do not believe that any risks we have identified to date from cybersecurity threats, including as a result of any previous cybersecurity incidents, have materially affected or are reasonably likely to materially affect us, including our business strategy, results of operations or financial condition. However, notwithstanding the programs, policies and procedures described above, there can be no assurance that we or businesses with which we interact will not experience a cybersecurity incident that materially affects us in the future. For more information about the cybersecurity risks we face, see the risk factor entitled “Cybersecurity incidents, including the failure to protect the integrity or availability of IT systems or the security of confidential information, or the introduction of malware or ransomware, could harm our business.” in Item 1A. Risk Factors of Part I of this Annual Report on Form 10-K.
Cybersecurity Risk Management Third Party Engaged [Flag]	true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]	true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]	false
Cybersecurity Risk Board of Directors Oversight [Text Block]	Our board of directors has general oversight responsibility for our enterprise risk management function, which includes specific areas of focus including competitive, economic, operational, financial (accounting, credit, liquidity and tax), legal, compliance, information technology security programs (including cybersecurity), ESG/corporate social responsibility, political and reputational risks. Our board of directors has delegated oversight of certain of these areas to the committees of our board of directors, including delegating the oversight of our information technology security programs (including cybersecurity) to the risk committee of our board of directors (the “Risk Committee”). We believe this division of risk management-related roles to the committees of our board of directors fosters an atmosphere of significant involvement in the oversight of risk at the board level and complements our risk management policies. The oversight responsibility of our board of directors is facilitated by a management report process that is designed to provide both visibility and transparency to our board of directors about the identification, assessment and management of critical risks and management’s risk mitigation strategies.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]	Risk Committee
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]	Our full board of directors receives an annual update regarding the current cybersecurity environment from our CIO, which may include presentations from external consultants. Our Enterprise Risk Management (“ERM”) committee, which includes several members of senior management, including our CFO, our CIO, and a Certified Information Systems Auditor, also presents all of our top organizational and operational risks, including information security-related risks, focus areas and accomplishments throughout our various businesses, to the Risk Committee on a quarterly basis
Cybersecurity Risk Role of Management [Text Block]	Our risk management team, which includes members of senior management, including our Chief Financial Officer (“CFO”), Chief Information Officer (“CIO”) and General Counsel, as well as external consultants, works closely with our information technology department (“IT Department”) to continuously evaluate and address cybersecurity risks relevant to our business and operations. In addition, we have set company-wide policies and procedures that directly or indirectly relate to cybersecurity matters, such as policies related to encryption standards, antivirus protection, access removal, multifactor authentication, confidential information or use of the internet, social media, email and wireless devices. These policies go through an annual internal management review and approval process. Members of senior management, including our General Counsel and CFO, are tasked with performing a materiality assessment in the event of a cybersecurity incident, which includes the consideration of relevant quantitative and qualitative factors, as well as SEC guidance. Based on the results of this evaluation, further escalation of the cybersecurity event may occur, which may include our CEO, our board of directors and/or law enforcement. In addition, members of senior management will determine, based on the assessment described above, whether the cybersecurity incident requires disclosure with the SEC.
Cybersecurity Risk Management Positions or Committees Responsible [Flag]	true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block]	Our CIO and our Vice President of IT (“VP of IT”)
Cybersecurity Risk Management Expertise of Management Responsible [Text Block]	Our CIO and VP of IT, collectively, have over fifty years of experience working in the information technology and cybersecurity field and have extensive experience assessing and managing cybersecurity and information technology programs and cybersecurity risk. Our CIO and VP of IT hold degrees in the information technology and cybersecurity fields, as well as hold certain cybersecurity and other relevant technology certifications.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]	In assessing cybersecurity threats, our IT Department has established controls and procedures for responding to cybersecurity incidents, including a process to evaluate the significance of a cybersecurity incident. Members of senior management, including our General Counsel and CFO, are tasked with performing a materiality assessment in the event of a cybersecurity incident, which includes the consideration of relevant quantitative and qualitative factors, as well as SEC guidance. Based on the results of this evaluation, further escalation of the cybersecurity event may occur, which may include our CEO, our board of directors and/or law enforcement. In addition, members of senior management will determine, based on the assessment described above, whether the cybersecurity incident requires disclosure with the SEC.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]	true

Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

We have strategically integrated cybersecurity risk management into our broader enterprise risk management function to promote a company-wide culture of cybersecurity risk management. Our board of directors has general oversight responsibility for our enterprise risk management function, which includes specific areas of focus including competitive, economic, operational, financial (accounting, credit, liquidity and tax), legal, compliance, information technology security programs (including cybersecurity), ESG/corporate social responsibility, political and reputational risks. Our board of directors has delegated oversight of certain of these areas to the committees of our board of directors, including delegating the oversight of our information technology security programs (including cybersecurity) to the risk committee of our board of directors (the “Risk Committee”). We believe this division of risk management-related roles to the committees of our board of directors fosters an atmosphere of significant involvement in the oversight of risk at the board level and complements our risk management policies. The oversight responsibility of our board of directors is facilitated by a management report process that is designed to provide both visibility and transparency to our board of directors about the identification, assessment and management of critical risks and management’s risk mitigation strategies.

Our risk management team, which includes members of senior management, including our Chief Financial Officer (“CFO”), Chief Information Officer (“CIO”) and General Counsel, as well as external consultants, works closely with our information technology department (“IT Department”) to continuously evaluate and address cybersecurity risks relevant to our business and operations. In addition, we have set company-wide policies and procedures that directly or indirectly relate to cybersecurity matters, such as policies related to encryption standards, antivirus protection, access removal, multifactor authentication, confidential information or use of the internet, social media, email and wireless devices. These policies go through an annual internal management review and approval process.

Our IT Department management team meets monthly to assess and review cybersecurity status, which includes dashboard reviews, operational risks and company compliance. Annually, our internal audit group and third-party consultants meet with our IT Department to perform risk assessment walkthrough meetings, discuss potential enhancements, materiality of risks and alignment with the Center for Internet Security Critical Security Controls framework. In addition, we engage third-party consultants to perform annual red team exercises and external penetration tests.

We promote a culture of cybersecurity compliance throughout our organization, including required monthly cybersecurity training for all employees with company accounts and annual training for service-related employees on cybersecurity related topics, including social engineering (e.g., phishing, vishing and smishing), ransomware, denial of service or information, and other security breach tactics. We conduct quarterly ERM discussions where top risk owners discuss how risks have changed and how such risks are being addressed with approaches designed to mitigate such risks.

In addition to assessing our own cybersecurity preparedness and as part of our overall cybersecurity risk management framework, we also consider and evaluate cybersecurity risks associated with our use of third-party service providers. We perform a formal System and Organization Controls (“SOC”) review process annually on our financially significant third-party service providers, which includes our internal assessment of complementary user entity controls. All other material third-party service providers undergo assessment as a contract is entered into or renewed to ensure cybersecurity alignment. Our internal audit group meets regularly with management team members of Marriott, our third-party hotel manager, to assess security applications compliance. We also regularly meet with management team members of Marriott to understand system upgrades, changes and associated risks with third-party managed applications. In addition, we generally require our third-party service providers to promptly notify us of any actual or suspected breach impacting our data or operations.

In assessing cybersecurity threats, our IT Department has established controls and procedures for responding to cybersecurity incidents, including a process to evaluate the significance of a cybersecurity incident. Members of senior management, including our General Counsel and CFO, are tasked with performing a materiality assessment in the event of a cybersecurity incident, which includes the consideration of relevant quantitative and qualitative factors, as well as SEC guidance. Based on the results of this evaluation, further escalation of the cybersecurity event may occur, which may include our CEO, our board of directors and/or law enforcement. In addition, members of senior management will determine, based on the assessment described above, whether the cybersecurity incident requires disclosure with the SEC.

We currently maintain a cybersecurity insurance policy that provides coverage for security incidents and periodically meet with our insurer to discuss emerging trends in cybersecurity. We do not believe that any risks we have identified to date from cybersecurity threats, including as a result of any previous cybersecurity incidents, have materially affected or are reasonably likely to materially affect us, including our business strategy, results of operations or financial condition. However, notwithstanding the programs, policies and procedures described above, there can be no assurance that we or businesses with which we interact will not experience a cybersecurity incident that materially affects us in the future. For

more information about the cybersecurity risks we face, see the risk factor entitled “Cybersecurity incidents, including the failure to protect the integrity or availability of IT systems or the security of confidential information, or the introduction of malware or ransomware, could harm our business.” in Item 1A. Risk Factors of Part I of this Annual Report on Form 10-K.

Cybersecurity Risk Management Processes Integrated [Text Block]