At Hotel Amares Acapulco, we understand the importance of knowing how we will treat your personal data, and we are aware that by using our services, you entrust us with such information. We understand the responsibility this entails, and we will strive to care for and protect your information. In this sense, and in order to inform you about how we treat your personal data and in compliance with the Law, we make available to you the following Privacy Notice, with the OBJECTIVE of informing you about what data we collect, why we request it, how you can update or even delete it, among other things. Personal data of minors or incapacitated persons under the Law can only be provided by the father, mother, or legal guardian and will be safeguarded under strict security measures. If you are a minor or an incapacitated person under the Law, you should not provide us with your personal data without the prior, express, and written consent of the person who exercises parental authority or guardianship over you.
1.- IDENTITY AND ADDRESS OF THE “RESPONSIBLE”.
Hipocampo, S.A. de C.V., as operator of the hotel known commercially as Amares Acapulco and all its dining areas (points of sale) (hereinafter simply the “RESPONSIBLE”) with address at Liverpool 133, Col. Juárez, Cuauhtémoc Mayor’s Office, C.P. 06600, Mexico City, is responsible for the processing of your personal data (hereinafter simply the “DATA”) and the information collected from the owners of the “DATA” (hereinafter simply the “OWNERS” or the “OWNER”), which will be treated strictly confidentially.
2.- PERSONAL DATA TO BE REQUIRED.
Hipocampo, S.A. de C.V., will be responsible for collecting, using, and protecting the following “DATA”, whether verbally, in writing, or through electronic means, in accordance with the purposes for which the “OWNER” gives their consent, the latter being responsible for the veracity of the same:
Unordered list
a).- Full name.
b).- Place and date of birth.
c).- Nationality.
d).- Age.
e).- Marital Status.
f).- Address.
g).- Tax Situation Certificate.
h).- CURP
i).- Email.
j).- Telephone number (s).
k).- Official identification with photograph (INE, passport, professional ID, ID, driver’s license).
l).- Bank card number (either credit or debit), as well as expiration date and security code.
m).- License plates of your car, if you park it at the mentioned hotel.
n).- If your stay is covered by your company: name of your company, position you hold in that company, and Tax Situation Certificate of your company.
3.- SENSITIVE DATA.
The “RESPONSIBLE” will collect and process certain sensitive “DATA”, that is, those that may reveal aspects such as racial or ethnic origin, present or future health status, genetic information, religious, philosophical, and moral beliefs, union affiliation, political opinions, and sexual preference, committing the “RESPONSIBLE” to treat all sensitive “DATA” with strict security and confidentiality.
Derived from the COVID-19 pandemic, data concerning your health status will be collected for the sole purpose of achieving your health protection and that of the rest of the people staying at the mentioned hotel, safeguarding this information for the time necessary to fulfill the purposes of this “NOTICE” (hereinafter simply the “NOTICE”), in accordance with the provisions of articles 10 fractions V and VI of the Federal Law on the Protection of Personal Data Held by Individuals (hereinafter simply the “LAW”).
4.- PURPOSES OF PROCESSING PERSONAL DATA.
The “DATA” obtained will be used for the following purposes, taking into account that some of these purposes will proceed until you are our guest:
I.- Primary or necessary purposes:
Unordered list
a).- Verify your identity and information.
b).- Update your information in our database.
c).- Analyze your economic capacity to cover our services.
d).- Identify and/or register you as a client or user of our site.
e).- Carry out, if necessary, investigations to verify through third parties hired for this purpose, the veracity of the data you provide us.
f).- Provide the requested services and inform you of changes to them.
g).- Internal reports from the different areas of the aforementioned hotel for statistical purposes.
h).- Payment of services for a one-time occasion or programming of service payments.
i).- Issuance of invoices.
j).- Video surveillance within our facilities (common areas) for your safety, that of other guests, and the staff within them.
k).- Preserve your information for compliance with legal provisions and requirements of various authorities and/or regulatory entities.
l).- Compliance with provisions on the prevention of Money Laundering.
m).- Address your doubts, complaints, clarifications, claims, and suggestions as a guest.
n).- Understand your needs to adequately provide services.
o).- Evaluate the quality of the services provided by the hotel.
p).- Provide personalized attention through various electronic communication means such as email, telephone, chat, WhatsApp, among others.
q).- Maintain a history of the use of our services, which includes a physical or electronic record, of your stays, consumptions, payment of the same, channel through which you made the reservation.
II.- Secondary or accessory purposes:
Unordered list
a).- Inform you about new services, products, or events related to the above.
b).- Send you our promotions, newsletters, news, thank you notes, congratulations through various means.
c).- Fulfill obligations related to services.
d).- Conduct quality and satisfaction surveys to evaluate the quality of our services and, if applicable, our products.
e).- Invite you to participate in our events or campaigns.
f).- Carry out advertising on social networks, media, newspapers, or magazines.
g).- Offer any of our services and, if applicable, our products.
h).- For marketing, commercial prospecting, statistical, and historical purposes.
i).- Develop analyses of service usage, market segmentation, statistics, records, and information analysis.
j).- Use of images in advertising and support media, corporate image, marketing, advertising campaigns, videos, photography, and publications in any media.
The “DATA OWNER” has the right to object to their “DATA” being used for the aforementioned secondary or ancillary purposes. If you wish to exercise this right, the “DATA OWNER” must do so in accordance with the procedure established in section 5 (five) of this “NOTICE,” within 5 (five) business days following the date on which this “NOTICE” was made available to you, so that the “RESPONSIBLE” does not process your “DATA” for those purposes. Otherwise, it will be understood that the “OWNER” agrees and consents to the processing of their “DATA” for each and every one of the purposes listed above. It should be noted that the above is without prejudice to the provisions of article 26 of the “LAW” and other applicable provisions. Refusal to use your “DATA” for secondary or ancillary purposes will not be a reason for us to deny you our services.
5.- OPTIONS OR MEANS OFFERED BY THE RESPONSIBLE TO LIMIT THE USE OR DISCLOSURE OF PERSONAL DATA.
The “DATA OWNER” to limit the use or disclosure of their data, must send an email to the email address hernandeza@ostar.com.mx requesting the limitation of the use or disclosure in question, through which they can request to be included in internal exclusion lists for not contacting for promotional and market purposes. The “DATA OWNER” to avoid unwanted advertising can also register in the Public Registry of the Federal Consumer Protection Agency (REPEP) by entering the following link http://repep.profeco.gob.mx/, in which case there is a possibility that you may not have access to the possible additional benefits with our secondary purposes.
6.- MEANS TO EXERCISE ACCESS, RECTIFICATION, CANCELLATION, OR OPPOSITION RIGHTS (ARCO RIGHTS).
Based on the “LAW,” the “DATA OWNER” has the right to Access (“ACCESS”) the data held by the “RESPONSIBLE,” as well as the details of its treatment. They also have the right to Rectify them (“RECTIFICATION”) if they are incomplete or inaccurate, to Cancel them (“CANCELLATION”) as stipulated in the LAW, and to Object (“OPPOSITION”) to the processing of the same. To exercise the aforementioned rights, the “DATA OWNER” or, where appropriate, their legal representative, must send a request through a written document to the email address hernandeza@ostar.com.mx or through written notification to the legal department located at Liverpool 133, Col. Juárez, Cuauhtémoc Mayor’s Office, C.P. 06600, during office hours from Monday to Friday from 09:00 hours to 18:00 hours, specifically stating that they wish to exercise their ARCO rights. This request (written document) must contain the requirements referred to in article 29 of the LAW, that is:
Unordered list
a).- Name of the “DATA OWNER” and address or other means (for example, email) to communicate the response to their request.
b).- Documents proving their identity, or, where appropriate, legal representation of the “DATA OWNER.”
c).- Clear and precise description of the “DATA” for which they intend to exercise any ARCO right.
d).- Any other element or document that facilitates the location of the “DATA.”
e).- In the case of requests for rectification of “DATA,” the owner must indicate, in addition to what is stated in the previous sections of this section, the modifications to be made and provide the documentation that supports their request.
If the information provided by the “DATA OWNER” in their request is not sufficient or is incorrect to process their request, or if the necessary documents are not provided, the “RESPONSIBLE” may request the necessary information and/or documentation from the “DATA OWNER” to process their request in accordance with article 96 of the Regulation of the LAW, the “DATA OWNER” having 10 (ten) business days to comply with the “RESPONSIBLE” request. In turn, the “RESPONSIBLE” must notify the “DATA OWNER” within a maximum period of 20 (twenty) business days from the date of receipt of their request for access, rectification, cancellation, or opposition, of the determination taken, so that, if applicable, it can be made effective within 15 (fifteen) business days following the date the response is communicated. In accordance with article 33 of the LAW, the aforementioned deadlines may be extended once for an equal period, provided that the circumstances of the case justify it.
When the “DATA OWNER” exercises the “ACCESS” right, this obligation on the part of the “RESPONSIBLE” will be considered fulfilled when the “DATA OWNER” is provided with the “DATA,” or by issuing simple copies or electronic documents that will be sent to the “DATA OWNER” at the email address provided in their request.
The “RESPONSIBLE” may deny access to the “DATA” or make the rectification or cancellation, or grant the opposition to the processing of the same in the cases referred to in article 34 of the LAW. The “RESPONSIBLE” is not obliged to cancel the “DATA” of the “OWNER” under the assumptions established in article 26 of the LAW.
If the data subject requires clarification about the procedure and requirements for exercising ARCO rights, they should send an email to the address hernandeza@ostar.com.mx.
7.- REVOCATION OF CONSENT.
The “DATA OWNER” has the right to revoke at any time the consent they have granted us for the processing of their “DATA,” as established in article 8 of the LAW, for which they must send a written request to the email address hernandeza@ostar.com.mx, or by written notification to the address Liverpool 133, Col. Juárez, Cuauhtémoc Mayor’s Office, C.P. 06600, Mexico City, from Monday to Friday during office hours from 09:00 to 18:00 hours, detailing clearly the data for which they revoke their consent. In the same addresses, you will be informed of the procedure to follow to address your request.
8.- PERSONAL DATA OF PERSONS UNDER A GUARDIANSHIP OR LEGAL INCAPACITY ESTABLISHED BY LAW.
Some of the data we process may include data of persons under guardianship or legal incapacity established by law, for whose treatment we require the consent of the guardians. In this case, the exercise of the ARCO rights may be carried out through the person exercising guardianship or representation of the incapacitated or declared person under guardianship.
9.- SECURITY MEASURES.
The “RESPONSIBLE” knows and recognizes the value of your “DATA,” so they have implemented security measures to try to prevent its use for purposes other than those authorized and to prevent its alteration, loss, theft, or access by third parties. Among the measures are the use of specialized computer programs, staff training, and the adoption of internal data protection policies.
10.- TRANSFER OF DATA TO BE MADE.
The “RESPONSIBLE” may carry out national or international data transfers without the consent of the “DATA OWNER” in accordance with the provisions of article 37 of the LAW and in compliance with article 69 of its Regulation.
11.- USE OF COOKIES.
A cookie is a file that is downloaded to your computer when you access certain web pages. In this sense, we use cookies to improve our services, show you advertising related to your browsing preferences and the content of your previous visits, keep sessions active, as well as to record traffic coming from redirection from other sites. When visiting the website of the “RESPONSIBLE” again, cookies allow us to customize our content according to your preferences.
It should be noted that the website of the “RESPONSIBLE” does not use or save cookies to obtain personal identification data from the “DATA OWNER’s” computer regarding data that were not originally sent as part of the cookie. Although most browsers accept cookies, the “DATA OWNER” can configure their browser not to accept them, that is, they can disable them by following the procedure of each browser, in which case, it should be taken into account that, by deactivating them, the functioning offered by the platform may be limited.
12.- NOTIFICATION OF CHANGES AND/OR UPDATES TO THE PRIVACY NOTICE.
The “RESPONSIBLE” may modify and/or update this “NOTICE” at any time, either due to legislative or jurisprudential reforms, internal policies, or new requirements, with the updated version that will apply at all times being published on our website hotelcalindabeach.com.
When the “RESPONSIBLE” needs to change its identity, collect additional financial or asset data, change or modify the purposes for which it obtained the “DATA,” or modify the conditions of the transfers that may be made in accordance with what is established in this “NOTICE,” it will make available to the “DATA OWNERS,” a new “NOTICE,” through the email provided to the “RESPONSIBLE” by the “DATA OWNER” or through the website of the “RESPONSIBLE.”
13.- ACCEPTANCE OF TERMS.
If the “DATA OWNER” uses the services, it means that they have read, understood, and accepted each and every point outlined in this “NOTICE.” If you do not agree with all or any of these points, the “DATA OWNER” should not provide any personal information or use the services.
In case of any disagreement or complaint about the treatment of your “DATA,” you can contact the Institute indicated by the LAW.
June 21, 2023.
