HOTELES DE CONVENIENCIA S.A.S. guarantees the protection of rights such as Habeas Data, privacy, intimacy, good name, image, for this purpose all actions will be governed by principles of good faith, legality, computer self-determination, freedom and transparency. Whoever, in the exercise of any activity, including commercial activities, whether permanent or occasional, may provide any type of personal information to HOTELES DE CONVENIENCIA S.A.S. and in which the latter acts as data processor or data controller may know, update and rectify it.



HOTELES DE CONVENIENCIA S.A.S. shall apply the following specific principles set forth below, which constitute the rules to be followed in the collection, handling, use, processing, storage and exchange of personal data: 

a) Principle of Legality: In the use, capture, collection and processing of personal data, shall apply the current and applicable provisions governing the processing of personal data and other related fundamental rights. 

b) Principle of Freedom: The use, capture, collection and processing of personal data may only be carried out with the prior, express and informed consent of the Data Subject. Personal data may not be obtained or disclosed without prior authorization, or in the absence of legal, statutory, or judicial mandate that relieves consent. 

c) Principle of Purpose: The use, capture, collection and processing of personal data to which you have access and are collected and gathered by HOTELES DE CONVENIENCIA S.A.S., will be subordinated and will serve a legitimate purpose, which must be informed to the respective owner of the personal data. 

d) Principle of Truthfulness or Quality: The information subject to use, capture, collection and processing of personal data must be truthful, complete, accurate, current, verifiable and understandable. The processing of partial, incomplete, fractioned or misleading data is prohibited. 

e) Principle of Transparency: In the use, capture, collection and processing of personal data, the Holder's right to obtain from HOTELES DE CONVENIENCIA S.A.S., at any time and without restrictions, information about the existence of any type of information or personal data of interest or ownership must be guaranteed. 

f) Principle of Access and Restricted Circulation: Personal data, except for public information, may not be available on the Internet or other means of dissemination or mass communication, unless access is technically controllable to provide restricted knowledge only to the Owners or authorized third parties. For these purposes, HOTELES DE CONVENIENCIA S.A.S.'s obligation shall be of medium. 

g) Security Principle: The personal data and information used, captured, collected and subject to treatment by HOTELES DE CONVENIENCIA S.A.S., will be protected to the extent that technical resources and minimum standards allow, through the adoption of technological protection measures, protocols, and all kinds of administrative measures that are necessary to provide security to electronic records and repositories to prevent tampering, modification, loss, consultation, and in general against any unauthorized use or access. 

h) Principle of Confidentiality: Each and every person who administers, manages, updates or has access to information of any kind contained in databases or data banks, undertakes to keep confidential and not disclose to third parties, all personal, commercial, accounting, technical, commercial or any other type of information provided in the performance and exercise of their duties. All persons who are currently working or will be hired in the future for such purpose, in the administration and management of databases, must sign an additional document to their employment or service contract in order to ensure such commitment. This obligation persists and is maintained even after the end of their relationship with any of the tasks included in the processing.


HOTELES DE CONVENIENCIA S.A.S., will keep in mind, at all times, that personal data are the property of the persons to whom they refer and that only they can decide about them. In this sense, it will use them only for those purposes for which it is duly empowered, respecting in any case the current regulations on personal data protection.