Policy and Personal data protection manual

of the users of the Hotel Pance 122® website

Under the regulatory framework of the Constitution and Law 1581 of 2012, the Hotel Pance 122 chain makes available to users and holders of information, its Privacy Policy and Protection of Personal Data, under the following terms:

Legal Basis and Scope of Application:

The information treatment policy is developed in compliance with articles 15 and 20 of the Political Constitution; of articles 17 literal k) and 18 literal f) of the Statutory Law 1581 of 2.012, which dictates general provisions for the Protection of Personal Data (LEPD); and of article 13 of Decree 1377 of 2013, by which the previous Law is partially regulated.

This policy will be applicable to all personal data registered in databases that are subject to treatment by the data controller.

Definitions established in article 3 of the LEPD and article 3 of Decree 1377 of 2013

Authorization: Prior, express and informed consent of the Holder to carry out the processing of personal data.
Database: Organized set of personal data that is subject to processing.
Personal data: Any information linked or that may be associated with one or more specific or determinable natural persons.
Public data: It is the data that is not semi-private, private or sensitive. They are considered public data, among others, data relating to the marital status of people, their profession or trade and their status as merchant or public servant. By their nature, public data may be contained, among others, in public records, public documents, official gazettes and newsletters and duly enforced judicial sentences that are not subject to reservation.
88 Sensitive data: Sensitive data is understood to be those that affect the privacy of the Holder or whose improper use may generate discrimination, such as those that reveal racial or ethnic origin, political orientation, religious beliefs or philosophical, membership of unions, social organizations, human rights or that promotes interests of any political party or that guarantee the rights and guarantees of opposition political parties, as well as data related to health, sexual life, and Biometric data
Responsible for the processing: Natural or legal person, public or private, that by itself or in association with others, performs the processing of personal data on behalf of the person responsible for the treatment.
Responsible for the processing: Natural or legal person, public or private, that by itself or in association with others, decides on the basis of data and / or data processing.
Owner: Natural person whose personal data is subject to processing.
Treatment: Any operation or set of operations on personal data, such as the collection, storage, use, circulation or deletion.
Privacy notice: Verbal or written communication generated by the person in charge, addressed to the Holder for the processing of his personal data, by means of which he is informed about the existence of the information processing policies that will be applicable, the way to access them and the purposes of the treatment that is intended to give personal data.
Transfer: The transfer of data takes place when the person in charge and / or in charge of the processing of personal data, located in Colombia, sends the information or personal data to a recipient, who in turn is responsible for the treatment and is inside or outside the country.
Transmission: Processing of personal data that implies the communication of them within or outside the territory of the Republic of Colombia when it is intended to carry out a treatment by the person in charge of the person responsible.

Authorization of the treatment policy

According to article 9 of the LEPD, the prior and informed authorization of the Holder is required for the processing of personal data. By accepting this policy, any Owner who provides information regarding their personal data is consenting to the processing of their data by Hotel Pance 122 ® in the terms and conditions included in it.

The authorization of the Holder will not be necessary in the case of:

Information required by a public or administrative entity in the exercise of its legal functions or by court order.
Data of a public nature.
Medical or health emergency cases.
Treatment of information authorized by law for historical, statistical or scientific purposes.
Data related to the Civil Registry of persons.

Treatment Managers

The person responsible for the treatment of the databases object of this policy is Hotel Pance 122 ® , whose contact details are as follows :

Address: CRA 122 # 22a-60, CALI
Email: pqr@hotelpance122.com
Phone: 555-54-82

Address : CRA 122 # 22a-60, CALI
Email pqr@hotelpance122.com
Phone 555-54-82

Treatment and purposes of the databases

Hotel Pance 122 ® , in the course of its business activity, carries out the processing of personal data relating to natural persons who they are contained and are treated in databases destined for legitimate purposes, complying with the Constitution and the Law.

Below are the different databases that manage the company and the purposes assigned to each of them

Table I. Databases and purposes

Databases	information	finality
resumes	Data of minors, data of adults, name, identification number, age, sex, signature, nationality, place and date of birth or death, other identification documents, photographs, fingerprint, stature, work activity mail , Work activity telephone number, work activity address, personal mail, personal telephone number, address of the place of residence, health status information, results of medical tests and diagnoses, financial, economic or credit information of the persons, labor information of the person, academic information of the person, judicial or disciplinary background.	Personnel training, payroll management, personnel management, temporary work management, social benefits, prevention of occupational hazards, promotion and employment management, promotion and selection of personnel, administrative management, collection and payment management, Billing management, economic and accounting festival.
Guests / Company	Data of adults, name, identification number, age, sex, signature, nationality, place and date of birth or death, other identification documents, photographs, fingerprint, iris or voice record, personal mail, address of the place of residence	Customer loyalty, provision of certification services, administrative procedures, publications, administrative management, customer management, collection and payment management, billing management, economic and accounting management, historical business relationships.
Suppliers	Data of adults, name, identification number, age, sex, signature, nationality, place and date of birth or death, other identification documents, work activity mail, work activity telephone number, work activity address, information on economic activity, labor information of the person.	Administrative management, collection and payment management, billing management, supplier management, economic and accounting management, tax management, historical business relationships.
Cameras	Videos	security, security and access control to buildings.

resumes

information:

Data of minors, data of adults, name, identification number, age, sex, signature, nationality, place and date of birth or death, other identification documents, photographs, fingerprint, stature, work activity mail , Work activity telephone number, work activity address, personal mail, personal telephone number, address of the place of residence, health status information, results of medical tests and diagnoses, financial, economic or credit information of the persons, labor information of the person, academic information of the person, judicial or disciplinary background.

finality:

Personnel training, payroll management, personnel management, temporary work management, social benefits, prevention of occupational hazards, promotion and employment management, promotion and selection of personnel, administrative management, collection and payment management, Billing management, economic and accounting festival.

Guests / Company

information:

Data of adults, name, identification number, age, sex, signature, nationality, place and date of birth or death, other identification documents, photographs, fingerprint, iris or voice record, personal mail, address of the place of residence

finality:

Customer loyalty, provision of certification services, administrative procedures, publications, administrative management, customer management, collection and payment management, billing management, economic and accounting management, historical business relationships.n,

Suppliers:

information:

Data of adults, name, identification number, age, sex, signature, nationality, place and date of birth or death, other identification documents, work activity mail, work activity telephone number, work activity address, information on economic activity, labor information of the person.

finality:

Administrative management, collection and payment management, billing management, supplier management, economic and accounting management, tax management, historical business relationships.

Cameras

information

Videos

finality

security, security and access control to buildings.

Navigation data

The navigation system and the software necessary for the operation of this website collect some personal data, whose transmission has been implicit in the use of Internet communication protocols.

By its very nature, the information collected could allow the identification of users through their association with third-party data,aunque no se obtenga para ese fin. En esta categoría de datos se encuentran, la dirección IP o el nombre de dominio del equipo utilizado por el usuario para acceder a la página web, la dirección URL, la fecha y hora y otros parámetros relativos al sistema operativo del usuario.

This data is used for the sole purpose of obtaining anonymous statistical information on the use of the website or controlling its correct technical operation, and is canceled immediately after being verified.

Cookies or Web bugs

This website does not use cookies or web bugs to collect personal data of the user, but its use is limited to providing the user with access to the website. The use of session cookies, not permanently memorized on the users computer and that disappear when the browser is closed, is only limited to collecting technical information to identify the session in order to facilitate the safe and efficient access of the website . If you do not want to allow the use of cookies, you can reject them or delete existing ones by configuring your browser, and disabling the browsers Java Script code in the security settings.

Rights of the Owners

In accordance with Article 8 of the LEPD and Articles 21 and 22 of Decree 1377 of 2013, Data Holders may exercise a series of rights in relation to the processing of their personal data. These rights may be exercised by the following persons.

By the Holder, who must prove his identity sufficiently by the various means made available to him by the person in charge.
For their successors, who must prove such quality.
By the representative and / or proxy of the Holder, after accreditation of the representation or empowerment.
By stipulation in favor of another and for another.
The rights of children or adolescents shall be exercised by the persons who are empowered to represent them.

The rights of the Holder are the following:

Right of access or consultation: This is the right of the Holder to be informed by the person responsible for the treatment, upon request, regarding the origin, use and purpose that they have given to their personal data.
Rights of complaints and claims. The Law distinguishes four types of claims:
- Claim for correction: the right of the Holder to update, rectify or modify those partial, inaccurate, incomplete, fractional, error-inducing data, or those whose treatment is expressly prohibited or has not been authorized.
- Claim for deletion: the right of the Holder to delete data that is inappropriate, excessive or does not respect the principles, rights and constitutional and legal guarantees.
- Claim: the right of the Holder to void the authorization previously given for the processing of his personal data.
- Infringement claim: the right of the Holder to request that the breach of the data protection regulations be rectified.
Right to request proof of authorization granted to the controller: except when expressly excepted as a requirement for treatment in accordance with the provisions of article 10 of the LEPD.
Right to file complaints with infringements before the Superintendence of Industry and Commerce: the Holder or Candidate may only raise this complaint once the consultation or claim process has been exhausted before the person in charge of the treatment or in charge of the treatment.

Attention to Data Holders

Stefany Donoso of Hotel Pance 122 ® will be the Data Protection Officer for the requests, queries and claims before which the Holder of the data you can exercise your rights. Phone: 3156060. Email: financiera@hotelpance122.com .

Procedures to exercise the rights of the Holder

According to article 21 of Decree 1377 of 2013, the Holder may consult his personal data for free in two cases

At least once every calendar month.
Whenever there are substantial changes in the information processing policies that motivate further consultations. inquiries whose periodicity is greater than one for each calendar month, Hotel Pance 122 ® may only charge the Holder shipping costs , reproduction and, where appropriate, certification of documents. Reproduction costs may not be greater than the recovery costs of the corresponding material. For this purpose, the person in charge must demonstrate to the Superintendence of Industry and Commerce, when it so requires, the support of said expenses. Data Holder may exercise the right of access or consultation of their data by writing to Hotel Pance 122 ® sent , by email to: pqr@hotelpance122.com , indicating in the Subject “Exercise of the right of access or consultation”, or by mail sent to Carrera 122 # 22a-60 Pance - Cali - Colombia. The request must contain the following information:
- Name and surname of the Holder.
- Photocopy of the Certificate of Citizenship of the Holder and, where appropriate, of the person representing him, as well as the document proving such representation.
- Request specifying the access request or query.
- Address for notifications, date and signature of the applicant.
- Documents accrediting the request made, when applicable.

The Holder may choose one of the following forms of consultation of the database to receive the requested information:

Screen display.
In writing, with copy or photocopy sent by certified mail or not.
Telecopy.
Email or other electronic means.
Another system suitable for the configuration of the database or the nature of the treatment, offered by Hotel Pance 122 ® .

Once the request is received, Hotel Pance 122 ® will resolve the query request within a maximum period of ten (10) business days counted from the date of receipt thereof. When it is not possible to attend the query within said term, the interested party will be informed, stating the reasons for the delay and indicating the date on which their query will be attended, which in no case may exceed five (5) business days following the expiration of the first term. These deadlines are set in article 14 of the LEPD.

Once the consultation process has been exhausted, the Holder or Candidate may file a complaint with the Superintendence of Industry and Commerce.

Rights of complaints and claims

The Data Holder may exercise the rights to claim their data by writing to Hotel Pance 122 ® Sent, by email pqr@hotelpance122.com indicating in the Subject “Exercise of the right of access or consultation”, or by mail postcard sent to Carrera 122 # 22a-60 Pance - Cali - Colombia. . The request must contain the following information:

Name and surname of the Holder.
Photocopy of the Certificate of Citizenship of the Holder and, where appropriate, of the person representing him, as well as the document proving such representation.
Description of the facts and request specifying the request for correction, deletion, revocation or inflation.
Address for notifications, date and signature of the applicant.
Documents accrediting the request made that you want to enforce, when appropriate.

If the claim is incomplete, the interested party will be required within five (5) days following receipt of the claim to correct the failures.

After two (2) months from the date of the request, without the applicant submitting the required information, it will be understood that he has given up the claim.

Once the complete claim is received, a legend that says “claim in process” and the reason for it will be included in the database, in a term not exceeding two (2) business days. This legend must be maintained until the claim is decided.

Hotel Pance 122 ® will resolve the request for consultation within a maximum period of fifteen (15) business days counted of the date of receipt of it.

When it is not possible to respond to the claim within said term, the interested party will be informed of the reasons for the delay and the date on which their claim will be addressed, which in no case may exceed eight (8) business days following the expiration of the first term.

Once the claim process has been exhausted, the Holder or successor may file a complaint with the Superintendence of Industry and Commerce.

Security measures

Hotel Pance 122 ® , in order to comply with the security principle enshrined in Article 4 literal g) of the LEPD, has implemented technical, human and administrative measures necessary to guarantee the security of the records avoiding their adulteration, loss, consultation, use or unauthorized or fraudulent access.

Moreover, Hotel Pance 122 ® , by signing the corresponding transmission contracts, has required the in charge of the treatment with which the implementation of the security measures necessary to guarantee the security and confidentiality of the information in the processing of personal data works.

The following are the security measures implemented by Hotel Pance 122 ® , which are collected and developed in its Internal Security Manual (Tables II, III, IV and V).

Transfer of data to third countries

In accordance with Title VIII of the LEPD, the transfer of personal data to countries that do not provide adequate levels of data protection is prohibited. It is understood that a country offers an adequate level of data protection when it meets the standards set by the Superintendence of Industry and Commerce on the subject, which in no case may be lower than those required by this law to its recipients. This prohibition shall not apply in the case of:

Information regarding which the Holder has granted his express and unequivocal authorization for the transfer.
Exchange of medical data, when required by the Holders treatment for reasons of health or public hygiene.
Bank or stock transfers, in accordance with the applicable legislation.
Transfers agreed in the framework of international treaties in which the Republic of Colombia is a party, based on the principle of reciprocity.
Transfers necessary for the execution of a contract between the Holder and the person responsible for the treatment, or for the execution of pre-contractual measures as long as the authorization of the Holder is available.
Transfers legally required for the safeguarding of the public interest, or for the recognition, exercise or defense of a right in a judicial process.

“In cases not contemplated as an exception, it will be the responsibility of the Superintendence of Industry and Commerce to issue the declaration of conformity regarding the international transfer of personal data. The Superintendent is empowered to request information and to advance the proceedings aimed at establishing compliance with the budgets required by the viability of the operation. "

The international transmissions of personal data that are made between a person in charge and a person in charge to allow the person in charge to carry out the processing on behalf of the person in charge, will not need to be informed to the Holder or have their consent, provided there is a contract for the transmission of personal data .

Validity

The databases under the responsibility of Hotel Pance 122® will be processed for as long as is reasonable and necessary for the purpose for which the data is collected. Once the purpose or purposes of the treatment have been fulfilled, and without prejudice to legal regulations that provide otherwise. Hotel Pance 122®, will proceed to the deletion of personal data in its possession unless there is a legal or contractual obligation that requires its conservation. Therefore, this database has been created without a defined period of validity.

This Personal Data Policy was created on May 20, 2016 and is effective as of June 20, 2016. Any changes that are made with respect to this policy will be informed through the email address: < to href = "mailto: pqr@hotelpance122.com"> pqr@hotelpance122.com .