Privacy Policy

PRIVACY NOTICE

It is of much importance to us to maintain your personal information private and confidential.

The following Notice (the “Notice”) clearly describes how and for what purposes we intend to manage the personal information (the “Personal Information”) that you provide us (the “Management”). The management of your information is in accordance with the Protection of Personal Information in the Possession of Individuals Act (the “Law”), its Regulation (the “Regulation”), and the Guidelines of the Privacy Notice (the “Guidelines”).

Corporación Inmobiliaria KTRC, S.A. de C.V., its subsidiaries and its hotels (collectively “us”, “we” or “our”) understand that our guests, clients, users and/or visitors (jointly, the “guests and clients”) place their trust in us, and we are committed to protecting all personal data that we collect through the websites that we operate (the "Websites"), applications that we make available on or through mobile devices or computers (the "Apps"), through wireless connectivity and Wi-fi that may be offered on our properties (the "Wi-Fi Connection"), and through social media channels that we control (the "Social Network Channels") (collectively the "Services"). This Notice describes our global practices regarding the collection, use, and sharing of Personal Data about identified or identifiable individuals through the Services.

By using the Services, you acknowledge, understand and accept all policies and practices stated herein.

The capitalized terms in the following Notice should be understood as references to the definitions included in the Law, the Regulations, the Guidelines or the ones established in the following Notice.

 

I. RESPONSIBLE PARTY

The entity responsible for the management of your Personal Information is Corporación Inmobiliaria KTRC, S.A. de C.V. with the following address: Boulevard Kukulcán, Kilómetro 14.5, Zona Hotelera, Código Postal 77500, in Cancún, Benito Juárez, Quintana Roo, Estados Unidos Mexicanos.

 

II. COLLECTED INFORMATION

We collect your Personal Information through the Services, when you provide it to us personally, by telephone and through any other source provided for and permitted by Law. Including, but not limited to, the Personal Data that we obtain are: name and surname, personal address, personal telephone number, personal email, copy of your official identification, ID number, the Public Identification Number (CURP), nationality, Federal Taxpayers Registry, account number, credit or debit card number.

We do not gather information that could result in discrimination, such as race or ethnicity, health status, genetic information, religion, philosophical and moral beliefs, union membership, political affiliation, or sexual orientation (“Sensitive Personal Information”).

Some of the Personal Information is automatically gathered by using the Services, while other is gathered through the data that you provide us personally. As a result, you have a choice over the data we gathered. When you are asked to provide any data, you may refuse that request; but if you don’t provide any information needed for the provision of the Services, you won´t be able to receive said Services. For example, you can create an account when you book a room through our Services, providing some extra information, which will lead to a simple booking process in the future. Also, you can use your personal social network accounts to share digital content through our Services, but be aware we can collect some information associated to that account, such as nickname, full name, the digital content shared and any comment or reaction regarding said content.

Furthermore, the Responsible Party will collect the following Personal Information through the Services:

 

 

Finally, we may collect data that is not Personal Information. We may use and distribute such data at our discretion, unless it is combined with Personal Information, in which case we will treat it as Personal Information under the privacy policy of this Notice.

 

III. PURPOSES

The obtained Personal Information shall be used for the following purposes (the "Purposes"):

 

You will have a five (5) days period to express your refusal to the processing of your Personal Information for purposes that are not necessary, nor did they relate to the relationship with the Responsible Party.

 

IV. TRANSFER OF PERSONAL INFORMATION

Your Personal Information may be transferred, without your prior consent when the transfer is made to national and international holding companies, subsidiaries or affiliates under the common control of the Responsible Party, or a parent company, or to any company of the business group that operates under the same processes and internal policies, in accordance with the provisions of the Law, the Regulations, and the Guidelines.

Likewise, some of the aforementioned Purposes involve sharing Personal Information collected with third parties. We share Personal Information with your consent, as necessary to complete any transaction or required to provide any service that the User has requested or authorized, or as permitted or required by the law. We share Personal Information for a variety of purposes, including to provide our services such as reservations, guest communications and concierge services, marketing of our products and services, payment processing and other financial services, fraud prevention, and risk mitigation/reduction. For example, when you make a reservation through a provider's service, we may share certain personal data with the provider to authenticate you. Furthermore, some of our operations, such as reservation services, may be operated using the providers' systems, and as such the providers will be directly collecting your personal information.

We also share Personal Information with vendors who need the information to provide services to the User or to us, but only to the extent that the information is necessary to provide such services. This includes: software and web developers, payment processors, online travel agencies and channel managers, reservations managers, maintenance companies, guest and customer benefit providers, email and other marketing vendors, vendors of technology and vendors that we have maintained to help secure our systems. We also use analytics and software providers to help us understand how our customers and guests use the services and our systems.

We do not share, sell or rent Personal Information to third parties for their use in marketing. We will access, transfer, disclose and preserve information about you: if you allow us to do so; if we are required by law to do so; through other legally limited circumstances (for example, as noted above, to protect your account from fraud, to enforce our terms of use and our providers); or as we reasonably consider necessary to respond to requests from government agencies or law enforcement. Furthermore, if all or part of the Responsible Party is sold or the management is transferred to another entity, we may transfer or replicate some or all of the personal data that we have to our successor.

 

V. INFORMATION PROTECTION

We guarantee the protection of your Personal Information. It should also be noted that it is protected through administrative, technical and physical security means in order to prevent the loss, alteration, destruction, use, access or improper disclosure.

Notwithstanding, it is important to bear in mind that no method of safeguarding information is completely secure. While we try to ensure the protection of your personal data, we cannot guarantee (or be responsible) that our safeguards will be effective or sufficient.

 

VI. USER’S RIGHTS (RIGHTS OF THE INTERESTED PARTIES)

Users of the Services have a variety of legal rights regarding the processing of Personal information. These rights vary depending on the applicable legislation, and may include, but are not limited to:

 

You can exercise any rights you have under your applicable law regarding your Personal Information by contacting us as described in this Notice. We may request additional information from you to verify such requests. Additionally, you may be able to view, access, correct or delete some or all the Personal Information through our consent and profile update protocol and procedures.

 

VII. ARCO RIGHTS

You have the right to request the access to, rectify, cancel and oppose the management of your Personal Information (the “ARCO Rights”). Furthermore, you have the right to request the revocation of your given consent, as well as limit the use of your Personal Information.

In order to exercise your rights, we require that you send an e-mail to privacy@rcdhotels.com, so we can send you the appropriate request form, which you should complete and submit. You may also go through this procedure personally in our offices.

For security purposes and in compliance with the Law, it is mandatory that all request forms be accompanied by the information necessary for us to identify the applicant, and if applicable his or her legal representative. As a result, your request form should be accompanied with the following documents:

 

  1. Request form fully completed and signed;

  2. Copy of the holder’s identification;

  3. In the case of legal representation, copy of the Public Grant that establishes his or her Power- of-Attorney, as well as a copy of his or her identification;

  4. Address, phone number, and e-mail;

  5. Whether or not the holder accepts to be notified via e-mail;

  6. Clear and precise description of the Information related to the exercise of your ARCO rights;

  7. If applicable, indicate which specific piece of information should be corrected and how it should be correctly read.

  8. If applicable, expressly state to revoke the consent to the management of your Personal Information;

  9. Any other piece of information that will allow us to properly identify your Personal Information.

Allow us to inform you that we keep a record of all the submitted requests. Furthermore, in case the request form should be found incomplete, we have the right to request the missing information from you.

The applicant guarantees that the given Personal Information is exact, complete and authentic. As a result, the applicant is responsible for any damage and/or harm caused by falsified information or identity impersonation.

Your request shall be processed in accordance with the manner and time established in the Law and its Regulation. We commit ourselves to give a response no later than 20 (twenty) business days after we have received your request form. The waiting period could be extended by another 20 (twenty) business days if it is justified and the holder is notified.

Upon request of access to your Personal Information, it shall be given digitally. Upon request of expressly requesting it, your Information will be sent in the form of copies to your indicated address.

 

VIII. CONSENT

You have the right to revoke your consent to the management of your Personal Information. The procedure, requirements, and contact information needed for you to revoke your consent shall be the same as the procedure needed to exercise your ARCO Rights established above.

If you have not expressed disapproval of the terms mentioned in the present Notice, it shall be understood as given consent to the management of your Information.

 

IX. COOKIES AND TRACKING TECHNOLOGIES

The website's cookie notice will provide you with the option to reject the Responsible Party’s use of cookies while visiting the website. However, if you decide to decline cookies, some features and functions of the website may be affected, including the personalization features associated with creating a user profile. If you have established a user profile, you can adjust your preferences so that we can provide you with more appropriate recommendations. We may use the information that you provide to your user profile to populate other databases maintained by us and our service providers, as appropriate. By creating a user profile, you agree that we may use the personal information that you provide for these purposes. You can view, update or delete any personal information that you have provided to us for inclusion in your user profile by modifying your user profile online or by sending an email to privacy@rcdhotels.com. If you subsequently choose to delete your user profile, we will have the right to use any personal information previously provided by you for inclusion in your user profile for record keeping and quality assurance purposes. Even if you decide not to create a user profile, you can still use our websites to find and purchase services.

Services do not respond to Do Not Track (DNT) signals. We use a number of vendor technologies that can track guests and customers across sites, including, but not limited to, Google products and services, Google DoubleClick, Saber (synxis), Facebook, Adara, the hotel network, TripTease, Sojern, TripCraft, Cendyn and TRAVELCLICK.

 

X. LINKS TO THIRD PARTY WEBSITES AND SERVICES

The Services may contain links to third-party services, content, or products that are not affiliated with us. We are not responsible for examining or evaluating the content or accuracy of such third-party websites, and we do not warrant and will not have any liability or responsibility for any third-party materials or websites, or for any other third-party materials, products, or services. Please, refer to the privacy statements of those third-party services for information about what they collect and how they use your data.

We are not responsible for any damages or losses related to the purchase or use of goods, services, resources, content or any other transaction made regarding any third-party website. Please carefully review the policies and practices of third parties and make sure you understand them before engaging in any transaction. Complaints, claims, concerns or questions regarding third party products should be directed to the third party.

 

XI. EMAIL, OPT-OUT AND MARKETING COMMUNICATIONS

If you no longer wish to receive email communications from us, you can follow the specific unsubscribe instructions in the email you receive or contact us through the means of contact stipulated in this Notice. If you do business with us, you cannot opt out of certain automated notifications (including confirmation, receipt, and post-checkout emails) based on the corresponding transaction.

 

XII. NOTICE UPDATE

From time to time and in compliance with the Law, the Responsible Party may modify or update this Notice. In which case, you may check any updates through our website, https://rcdhotels.com/politica-de-privacidad/.

 

XIII. CONTACT US

Should be any questions or concerns about this Notice, the management of your Personal Information or your rights, please, feel free to email to privacy@rcdhotels.com, or send a communication to:

Boulevard Kukulcán km 14.5, Zona Hotelera, Cancún, Quintana Roo, 77500, México, directed to our IT Department.

Telephone: 011-52 (998) 881 3600

Fax: 011-52 (998) 881 3601

 

CALIFORNIA PRIVACY RIGHTS / CALIFORNIA RESIDENT NOTICE

California residents who have provided personal information to the Responsible Party may obtain information about the disclosure by the Responsible and its hotels, if any, to third parties for the third party's direct marketing purposes. Requests should be sent to the following email privacy@rcdhotels.com or to the address: Boulevard Kukulcán km 14.5, Zona Hotelera, Cancún, Quintana Roo, 77500, Mexico. Within 30 days of receiving such a request, we will provide a California Privacy Disclosure, which will include a list of certain categories of Personal Information disclosed during the preceding calendar year to third parties for their direct marketing purposes, along with the names and addresses of third parties. This request cannot be made more than twice per calendar year. We reserve the right not to respond to requests if they are not sent to the address specified in this paragraph.


PRIVACY NOTICE RGPD (RCD HOTELS-EUROPEAN UNION)

It is of much importance to us to maintain your personal information private and confidential.

The following Notice (the “Notice”) clearly describes how and for what purposes we intend to manage the personal information (the “Personal Information”) that you provide us (the “Management”). The management of your information is in accordance with the General Data Protection Regulation for the European Union (“RGPD”), and the Guidelines of the Privacy Notice (the “Guidelines”).

Corporación Inmobiliaria KTRC, S.A. de C.V., its subsidiaries and its hotels (collectively “us”, “we” or “our”) understand that our guests, clients, users and/or visitors (jointly, the “guests and clients”) place their trust in us, and we are committed to protecting all personal data that we collect through the websites that we operate (the "Websites"), applications that we make available on or through mobile devices or computers (the "Apps"), through wireless connectivity and Wi-fi that may be offered on our properties (the "Wi-Fi Connection"), and through social media channels that we control (the "Social Network Channels") (collectively the "Services"). This Notice describes our global practices regarding the collection, use, and sharing of Personal Data about identified or identifiable individuals through the Services.

By using the Services, you acknowledge, understand and accept all policies and practices stated herein.

 

I. RESPONSIBLE PARTY

The entity responsible for the management of your Personal Information is Corporación Inmobiliaria KTRC, S.A. de C.V. with the following address: Boulevard Kukulcán, Kilómetro 14.5, Zona Hotelera, Código Postal 77500, in Cancún, Benito Juárez, Quintana Roo, Estados Unidos Mexicanos.

 

II. COLLECTED INFORMATION

We collect your Personal Information through the Services, so the Responsible Party will process that identifying information necessary to enable the User to consult information related to the services that can be contracted, as well as to manage requests for information or requests for services. Including, but not limited to, the Responsible Party will obtain from the User Personal Information such as name and surname, date of birth, country of residence, email, telephone, in order that the Responsible Party can manage the User’s requests. This information will allow the Responsible Party to give a satisfactory answer and make available to the User options that suit their needs.

We do not gather information that could result in discrimination, such as race or ethnicity, health status, genetic information, religion, philosophical and moral beliefs, union membership, political affiliation, or sexual orientation (“Sensitive Personal Information”).

Some of the Personal Information is automatically gathered by using the Services, while other is gathered through the data that you provide us personally. As a result, you have a choice over the data we gathered. When you are asked to provide any data, you may refuse that request; but if you don’t provide any information needed for the provision of the Services, you won´t be able to receive said Services. For example, you can create an account when you book a room through our Services, providing some extra information, which will lead to a simple booking process in the future. Also, you can use your personal social network accounts to share digital content through our Services, but be aware we can collect some information associated to that account, such as nickname, full name, the digital content shared and any comment or reaction regarding said content.

Furthermore, the Responsible Party will collect the following Personal Information through the Services:

 

Finally, we may collect data that is not Personal Information. We may use and distribute such data at our discretion, unless it is combined with Personal Information, in which case we will treat it as Personal Information under the privacy policy of this Notice.

 

III. PURPOSES

The obtained Personal Information shall be used for the following purposes (the "Purposes"):

The Responsible Party will have the full consent of the User to process the Personal Information and provide an answer to the User in the aforementioned cases, from the moment the User sent any request to the Responsible Party. 

This processing is based on the legitimate interest of the Responsible Party. 

As long as this processing is carried out by electronic means and refers to products and services offered by the Responsible Party, it will be legitimized in the satisfaction of the legitimate interests of the Responsible Party. 

At any time, the User may object to their Personal Information being processed for this purpose by following the instructions set out in section VI of this Notice.

The Responsible Party will have the full consent of the User to process the Personal Information and provide an answer to the User in the aforementioned cases,  from the moment the User sent any request to the Responsible Party. 

This processing is based on the legitimate interest of the Responsible Party.

 

IV. HOW LONG DO WE KEEP THE PERSONAL INFORMATION?

The Personal Information collected by the Responsible Party will be managed for the time required to fulfill the purposes for which it was collected and established in the Notice, and where appropriate, until the limitation period of the actions related to the legal relationship that gave rise to the collection and management of your Personal Data.

V. TRANSFER OF PERSONAL INFORMATION

 

The Responsible Party will not share any personal information with unaffiliated third parties, except in the following circumstances:

Likewise, some of the aforementioned Purposes involve sharing Personal Information collected with third parties. We share Personal Information with your consent, as necessary to complete any transaction or required to provide any service that the User has requested or authorized, or as permitted or required by the RGPD. We share Personal Information for a variety of purposes, including to provide our services such as reservations, guest communications and concierge services, marketing of our products and services, payment processing and other financial services, fraud prevention, and risk mitigation/reduction. We also share Personal Information with vendors who need the information to provide services to the User or to us, but only to the extent that the information is necessary to provide such services. This includes: software and web developers, payment processors, online travel agencies and channel managers, reservations managers, maintenance companies, guest and customer benefit providers, email and other marketing vendors, vendors of technology and vendors that we have maintained to help secure our systems. We also use analytics and software providers to help us understand how our customers and guests use the services and our systems.

Furthermore, if it is necessary to transfer Personal Information to third countries or international organizations, the Responsible Party guarantees that such transfers will be made in accordance with the principles and conditions established in the RGPD.

 

VI. USERS RIGHTS 

Users may exercise, if they wish, the rights of access, rectification and removal of data. They may also request that the processing of their Personal Information be limited, or even oppose it, request the portability of their data, as well as reject being subjects of automated decisions, through the following:

The request must contain and comply with the following:

The Responsible Party will notify the user the determination adopted in relation to their request, within a period of one month from the date we receive the request. Exceptionally, the Responsible Party may extend this period for up to two months, considering the complexity and number of requests submitted. In case of considering that a request is inadmissible, the Responsible Party will inform the user the reasons for its determination, within the month following the receipt of said request.

If the information provided in the request turns out to be erroneous or insufficient, or the necessary documents to prove identity or the corresponding legal representation are not attached, the Responsible Party will require the correction of the deficiencies to process the request.

The User may withdraw their consent for the processing of their personal data, without retroactive effects, in all those cases in which said revocation does not imply the impossibility of complying with obligations derived from a current legal relationship between the User and the Responsible Party; the User may also limit the processing of personal information in the cases expressly provided for by the RGPD.

The User will be responsible for keeping their personal information up to date. Therefore, the User guarantees and responds, in any case, to the veracity, accuracy, validity and authenticity of the Personal Information provided, and undertakes to keep them duly updated, communicating any changes to the Responsible Party.

 

VII. CONSENT

The User has the right to revoke their consent to the processing of their Personal Information. The procedure, requirements, and contact information to revoke your consent will be the same as the procedure established in the section VI of this Notice.

If you have not expressly disapproved the terms stated herein, it shall be understood as given consent to the management of your Information.

 

VIII. COOKIES AND TRACKING TECHNOLOGIES

The website's cookie notice will provide you with the option to reject the Responsible Party’s use of cookies while visiting the website. However, if you decide to decline cookies, some features and functions of the website may be affected, including the personalization features associated with creating a user profile. If you have established a user profile, you can adjust your preferences so that we can provide you with more appropriate recommendations. We may use the information that you provide to your user profile to populate other databases maintained by us and our service providers, as appropriate. By creating a user profile, you agree that we may use the personal information that you provide for these purposes. You can view, update or delete any personal information that you have provided to us for inclusion in your user profile by modifying your user profile online or by sending an email to privacy@rcdhotels.com. If you subsequently choose to delete your user profile, we will have the right to use any personal information previously provided by you for inclusion in your user profile for record keeping and quality assurance purposes. Even if you decide not to create a user profile, you can still use our websites to find and purchase services.

Services do not respond to Do Not Track (DNT) signals. We use a number of vendor technologies that can track guests and customers across sites, including, but not limited to, Google products and services, Google DoubleClick, Saber (synxis), Facebook, Adara, the hotel network, TripTease, Sojern, TripCraft, Cendyn and TRAVELCLICK.

 

IX. LINKS TO THIRD PARTY WEBSITES AND SERVICES

The Services may contain links to third-party services, content, or products that are not affiliated with us. We are not responsible for examining or evaluating the content or accuracy of such third-party websites, and we do not warrant and will not have any liability or responsibility for any third-party materials or websites, or for any other third-party materials, products, or services. Please, refer to the privacy statements of those third-party services for information about what they collect and how they use your data.

We are not responsible for any damages or losses related to the purchase or use of goods, services, resources, content or any other transaction made regarding any third-party website. Please carefully review the policies and practices of third parties and make sure you understand them before engaging in any transaction. Complaints, claims, concerns or questions regarding third party products should be directed to the third party.

 

X. NOTICE UPDATE

From time to time and in compliance with the RGPD, the Responsible Party may modify or update this Notice. In which case, you may check any updates through our website, https://rcdhotels.com/politica-de-privacidad/.

 

XI. CONTACT US

Should be any questions or concerns about this Notice, the management of your Personal Information or your rights, please, feel free to email to privacy@rcdhotels.com, or send a communication to:

Boulevard Kukulcán km 14.5, Zona Hotelera, Cancún, Quintana Roo, 77500, México, directed to our IT Department.

Telephone: 011-52 (998) 881 3600

Fax: 011-52 (998) 881 3601