HOTELES DE CONVENIENCIA SAS

MANUAL OF PRIVACY POLICIES AND PROCESSING OF PERSONAL DATA

1. General principles and postulates.

HOTELES DE CONVENIENCIA SAS Guarantees the protection of rights such as Habeas Data, privacy, privacy, good name, image, for this purpose all actions will be governed by principles of good faith, legality, computer self-determination, freedom and transparency. Whoever in the exercise of any activity, including activities, commercial, whether permanent or occasional, can provide any type of information or personal data to HOTELES DE CONVENIENCIA SAS and in which it acts as responsible for the treatment or responsible for the treatment may know, update and rectify it

2. Legal framework

• Political Constitution, article 15.
• Law 1266 of 2008
• Law 1581 of 2012
• Regulatory Decrees 1727 of 2009 and 2952 of 2010, and Partial Regulatory Decree • No 1377 of 2013 • Judgments of the Constitutional Court C - 1011 of 2008, and C - 748 of 2011; • Single decree 1074 of 2015 • External circular No 02 of November 3, 2015


3. Definitions

In accordance with current legislation on the subject, the following definitions are established, which will be applied and implemented, accepting interpretation criteria that guarantee a systematic and comprehensive application, and in line with technological advances, technological neutrality; and the other principles and postulates that govern the fundamental rights that surround, orbit and surround the right of habeas data and protection of personal data.

Authorization: Prior, express and informed consent of the owner to carry out the processing of personal data.

Database: Organized set of personal data that is subject to Treatment.

Personal data: Any information linked to or associated with one or several natural persons determined or determinable. Private data: It is a personal data that due to its intimate or reserved nature only interests its owner and for its treatment it requires express authorization. Semi-private data: These are data that are not of an intimate, reserved or public nature and whose knowledge or disclosure may not only interest Its owner, but to a group of people or society in general. Responsible for the treatment: Natural or legal person, public or private, that by itself or in association with others, performs the processing of personal data on behalf of the controller.
Responsible for the treatment: Natural or legal person, public or private, that by itself or in association with others, decides on the database and / or the treatment of the data.

Owner: Natural person whose personal data are subject to treatment.

Treatment: Any operation or set of operations on personal data, such as collection, storage, use, circulation or deletion.


4. Specific principles

HOTELES DE CONVENIENCIA SAS It will apply the following specific principles that are established below, which constitute the rules to follow in the collection, handling, use, treatment, storage and exchange of personal data:

a) Principle of legality: In the use, capture, collection and processing of personal data, will be applied to the current and applicable provisions governing the processing of personal data and other related fundamental rights. b) Principle of freedom: The use, capture, collection and processing of personal data can only be carried out with the prior, express and informed consent of the Holder. Personal data may not be obtained or disclosed without prior authorization, or in the absence of legal, statutory, or judicial mandate that relieves consent. c) Principle of purpose: The use, capture, collection and processing of personal data to which it has access and are collected and collected by HOTELES DE CONVENIENCIA SAS, will be subordinated and will serve a legitimate purpose, which should be informed to the respective owner of Personal information. d) Principle of truth or quality: The information subject to use, capture, collection and processing of personal data must be truthful, complete, accurate, updated, verifiable and understandable. The processing of partial, incomplete, fractioned or misleading data is prohibited.

e) Principle of transparency: In the use, capture, collection and processing of personal data must guarantee the right of the Holder to obtain SAS HOTELS CONVENIENCE, at any time and without restrictions, information about the existence of any information or personal data that is of interest or ownership.

f) Principle of access and restricted circulation: Personal data, except public information, may not be available on the Internet or other means of dissemination or mass communication, unless the access is technically controllable to provide restricted knowledge only to the Owners or authorized third parties. For these purposes the obligation of HOTELES DE CONVENIENCIA SAS, will be medium.

g) Principle of security: The personal data and information used, captured, collected and subject to treatment by HOTELES DE CONVENIENCIA SAS, will be subject to protection to the extent that the technical resources and minimum standards allow it, through the adoption of technological protection measures, protocols, and all kinds of administrative measures that are necessary to provide security to electronic records and repositories, preventing their adulteration, modification, loss, consultation, and in general against any use or unauthorized access.


h) Principle of confidentiality: Each and every one of the people who administer, manage, update or have access to information of any kind that is in databases or databases, commit to keep and keep strictly confidential and not disclose it. to third parties, all personal, commercial, accounting, technical or any other information provided in the execution and exercise of their functions. All persons who currently work or are linked to the future for this purpose, in the administration and management of databases, must sign an additional document or other to their employment contract or service provision to ensure such commitment. This obligation persists and is maintained even after the end of its relationship with any of the tasks included in the Treatment.

5. Sensitive data:

Sensitive data are those that affect the privacy of the owner or whose improper use can generate discrimination, such as those that reveal racial or ethnic origin, political orientation, religious or philosophical convictions,

How do we share your personal information with third parties?

  • Booking.com: We have teamed up with Booking.com B.V., located at Herengracht 597, 1017 CE Amsterdam, The Netherlands (www.booking.com) (hereafter Booking.com) to offer you our online reservation services. While we provide the content to this website and you make a reservation directly with us, the reservations are processed through Booking.com. The information you enter into this website will therefore also be shared with Booking.com and its affiliates. This information may include personal data such as your name, your contact details, your payment details, the names of guests traveling with you and any preferences you specified when making a booking. To find out more about the Booking.com corporate family, visit About Booking.com.
  • Booking.com will send you a confirmation email, a pre-arrival email and provide you with information about the area and our accommodation. Booking.com will also provide you with international customer service 24/7 from its local offices in more than 20 languages. Sharing your details with Booking.com’s global customer service staff allows them to respond when you need assistance. Booking.com may use your data for technical, analytical and marketing purposes as further described in the Booking.com Privacy Policy. This includes that your data might also be shared with other members of the Booking Holdings Inc. group of companies for analysis to provide you with travel-related offers that may be of interest to you and to offer you customised service. If needed under applicable law, Booking.com will first ask your consent. If your data is transferred to a country outside the European Economic Area, Booking.com will make contractual arrangements to ensure that your personal data is still protected in line with European standards. If you have questions about the processing of your personal data by Booking.com, please contact dataprotectionoffice@booking.com.
  • BookingSuite: Your personal data may be shared with BookingSuite B.V. located at Herengracht 597, 1017 CE Amsterdam, the Netherlands, the company which operates this website and the website suite.booking.com.