Important notice

PRIVACY POLICY

PRIVACY NOTICE (MEXICO)

I. RESPONSIBLE PARTY

The entity responsible for the management of your Personal Information is Corporación Inmobiliaria KTRC, S.A. de C.V. with the following address: Boulevard Kukulcán, Kilómetro 14.5, Zona Hotelera, Código Postal 77500, in Cancún, Benito Juárez, Quintana Roo, Estados Unidos Mexicanos.

II. COLLECTED INFORMATION

We obtain your Personal Information when it is given personally, by phone, by electronic means, and through other sources allowed by the Law.

The Information that we obtain is: first and last name, personal address, personal phone number, personal E-mail, copy of your official identification, the Public Identification Number (CURP), Taxpayer Identification Number, bank account number, nationality, credit or debit card number, and any other information collected through the Paradise Pass website.

We do not gather information that could result in discrimination, such as race or ethnicity, health status, genetic information, religious, philosophical and moral beliefs, union membership, political affiliation, or sexual orientation (“Sensitive Personal Information”).

III. PURPOSES

The obtained Personal Information shall be used for the following purposes (the “Purposes”):

A. Provide your Personal Information to Corporación Inmobiliaria KTRC, S.A. de C.V. in order to be eligible for exclusive offers and promotions.

B. Send you exclusive promotions through previously authorized communication channels (email, phone calls, text or SMS messages);

C. Identify you as a client and provide you with the necessary services;

D. Evaluate and improve the way we provide our services;

E. Promote the services offered by the Paradise Pass website;

G. Use your data for statistical purposes.

F. Analogous, related purposes, and compatible with the foregoing, in accordance with the Law.

You will have a period of five (5) days to express your opposition to the Management of your Personal Information for purposes considered not necessary or that did not result in the legal relationship with the Responsible Party.

IV. TRANSFER OF INFORMATION

Your Personal Information may be subject to be transferred, without your prior consent when the transfer is made to national and international controlling, subsidiary or affiliated companies under the common control of the Responsible Party, or a parent company, or to any company in the business group that operates under the same processes and internal policies, in accordance with the provisions of the Law, its Regulations, and its Guidelines.

V. INFORMATION PROTECTION

We guarantee the protection of your Personal Information. It should also be noted that it is protected through administrative, technical and physical security means in order to prevent the loss, alteration, destruction, use, access or improper disclosure.

VI. ARCO RIGHTS

You have the right to request the access to, rectify, cancel and oppose the management of your Personal Information (the “ARCO Rights”). Furthermore, you have the right to request the revocation of your given consent, as well as limit the use of your Personal Information.

In order to exercise your rights, we ask that you send an e-mail to privacy@rcdhotels.com, so we can send you the appropriate request form, which you should complete and submit.

Through the same electronic means from which you received it. You may also go through this procedure personally in our offices.

For security purposes and in compliance with the Law, it is mandatory that all request forms be accompanied by the information necessary for us to identify the applicant, and if applicable his or her legal representative. As a result, your request form should be accompanied with the following documents:

A. Request form fully completed and signed;

B. Copy of the holder’s identification;

C. In the case of legal representation, simple copy of the Public Grant that establishes his or her Power- of-Attorney, as well as a simple copy of his or her identification;

D. Address, phone number, and e-mail;

E. Whether or not the holder accepts to be notified via e-mail;

F. Clear and precise description of the Information related to the exercise of your ARCO rights;

G. If applicable, indicate which specific piece of information should be corrected and how it should be correctly read.

H. If applicable, expressly state to revoke the consent to the management of your Personal Information;

I. Any other piece of information that will allow us to properly identify your Personal Information.

Allow us to inform you that we keep a record of all the submitted requests. Furthermore, in case the request form should be found incomplete, we have the right to request the missing information from you.

The applicant guarantees that the given Personal Information is exact, complete and authentic. As a result, the applicant is responsible for any damage and/or harm caused by falsified information or identity impersonation.

Your request shall be processed in accordance with the manner and time established in the Law and its Regulation. We commit ourselves to give a response no later than 20 (twenty) business days after we have received your request form. The waiting period could be extended by another 20 (twenty) business days if and when it is justified and the holder is notified.

Upon request of access to your Personal Information, it shall be given digitally. Upon request of expressly requesting it, your Information will be sent in the form of copies to your indicated address.

VII. CONSENT

You have the right to revoke your consent to the management of your Personal Information. The procedure, requirements, and contact information needed for you to revoke your consent shall be the same as the procedure needed to exercise your ARCO Rights established above.

If you have not expressed disapproval of the terms mentioned in the present Notice, it shall be understood as given consent to the management of your Information.

VIII. NOTICE UPDATE

From time to time and in compliance with the Law, Corporación Inmobiliaria KTRC, S.A. de C.V. may modify or update this Notice. In which case, you may check any updates through our website, www.leading-destinations.com.

IX. DIGITAL MEANS

We inform you that we do not collect Personal Information through our website.

Users may receive one or more emails with offers, products or services per day related with Paradise Pass. Users may cancel their email news subscription at any time, partially o definitely, clicking on the “Cancel subscription” link located at the bottom of every email sent by Paradise Pass.

X. CONTACT US

Should it be any questions or concerns about this Notice, the management of your Personal Information or your rights, please feel free to contact our Personal Information Manager by email privacy@rcdhotels.com, by telephone +52 (998) 254 6500, or directly at Boulevard Kukulcán km 14.5, Zona Hotelera, Cancún, Quintana Roo, C.P. 77500, México.

This Privacy Notice was prepared based on the provisions of the Federal Law on Protection of Personal Data Held by Individuals and its Regulations.

CALIFORNIA PRIVACY RIGHTS / CALIFORNIA RESIDENT NOTICE

California residents who have provided personal information to Corporación Inmobiliaria KTRC, S.A. de C.V. may obtain information about the disclosure through Paradise Pass, if any, to third parties for the direct marketing purposes of said third parties. Requests should be sent to the following email privacy@rcdhotels.com or to the address: Blvd. Kukulcán km 14.5, Hotel Zone, Cancun, Quintana Roo, C.P. 77500, Mexico. Within 30 days of receiving such request, we will provide a California Privacy Disclosure, which will include a list of certain categories of Personal Information disclosed during the preceding calendar year to third parties for their direct marketing purposes, along with names and addresses of third parties. This request cannot be made more than twice per calendar year. We reserve the right not to respond to requests if they are not sent to the address specified in this paragraph.

PRIVACY NOTICE (EUROPEAN UNION)

It is very important to us to maintain your personal information private and confidential.

The following Notice (the “Notice”) clearly describes how and for what purposes we intend to manage the personal information (the “Personal Information”) that you provide us (the “Management”). The management of your information is in accordance with the General Data Protection Regulation for the European Union (“RGPD”), and the Guidelines of the Privacy Notice (the “Guidelines”).

The capitalized terms in the following Notice should be understood as references to the definitions included in the RGPD, the Guidelines or the ones established in the following Notice.

I. RESPONSIBLE PARTY

The entity responsible for the management of your Personal Information is Corporación Inmobiliaria KTRC, S.A. de C.V with the following address: Boulevard Kukulcán, Kilómetro 14.5, Zona Hotelera, Código Postal 77500, in Cancún, Benito Juárez, Quintana Roo, Estados Unidos Mexicanos.

II. COLLECTED INFORMATION

We obtain your Personal Information when it is given personally, by phone, by electronic means, and through other sources allowed by the RGPD. The Information that we obtain is: first and last name, personal address, personal phone number, personal E-mail, copy of your official identification, the Public Identification Number (CURP), Taxpayer Identification Number, bank account number, nationality, credit or debit card number, and any other information collected through the Paradise Pass website.

We do not gather information that could result in discrimination, such as race or ethnicity, health status, genetic information, religion, philosophical and moral beliefs, union membership, political affiliation, or sexual orientation (“Sensitive Personal Information”).

Furthermore, the Responsible Party will collect the following Personal Information through the Services:

  • Information collected automatically. When you download or use an application or browse a website, we collect information about your device and the network you use to access the Services, as well as information about the use of the Services. This includes software and hardware attributes of the device used, unique device information (such as unique international mobile equipment identity (IME) number for smartphones), region and language settings, network provider and IP address, as well as data from service performance, dates and times you used the Services, the time spent on specific pages or on specific channels and other similar usage information.
  • Location information. We may also collect location information, depending on the Services you use and/or the permissions provided. Accurate location information can be obtained from your device’s GPS and location systems, as well as nearby wi-fi networks and cell phone towers. Inaccurate location information may include your IP address or any other data regarding any specific region, city, or zip code you may be. You can manage your location tracking services by allowing or not the access for a particular service on your computer or mobile device settings.
  • Other information that you provide to us. We collect Personal Information when you provide it to us for specific purposes, such as providing you with information or services that you request, including reservations to carry out a transaction or booking, to respond to an inquiry; when you post content to social media or interact with a social media channel; when you respond to a customer survey or when applying for a position with us. Depending on the services used, or the products, or the information requested, the information collected may include your name, phone number, email address, account information, address, billing information, region, travel plans, travel status, order or service history, hotel guest stay preferences, use of hotel services, information you provide about children accompanying you, social media account information (such as account or handling, followers, social media profile), loyalty or rewards program numbers, or (if you are applying for a position with us) employment-related information, as well as any additional information you want to enter in text fields, “Contact Us”, email subscriptions, RFP forms, or any other that you provide to our customer service representatives.
  • Information from third parties. We also collect or receive personal data from third parties. For example, if you reserve a room through a Channel Manager, Travel Agency, Reservation Service, or Event or Conference Promoter, we collect certain information from that third party as necessary to make and authenticate the reservation. If you interact with a social media channel or submit social media content to us, we receive certain data from the applicable social media platform. Depending on the type of information and the context in which it is used, the above information may be associated with data that we collect directly, that we have obtained from other sources, or that we have previously retained within a given user account.

Finally, we may collect data that is not Personal Information. We may use and distribute such data at our discretion, unless it is combined with Personal Information, in which case we will treat it as Personal Information under the privacy policy of this Notice.

III. PURPOSES

The obtained Personal Information shall be used for the following purposes (the “Purposes”):

  • Providing services. We use Personal Information to provide products, services, and information to our guests and customers, including for the purposes of booking rooms, providing food and beverages, and providing other amenities and services.

The Responsible Party will have the full consent of the User to process the Personal Information and provide an answer to the User in the aforementioned cases, from the moment the User sent any request to the Responsible Party.

  • Customer service and support. We use the Personal Information we collect for customer service and support, as well as to provide and personalize communications with our guests and customers. This includes communication about products, services, and discounts; answer questions and inquiries; respond to complaints and requests; and provide care to our guests and clients.

This processing is based on the legitimate interest of the Responsible Party.

  • Commercial operations. We use the Personal Information we collect to operate our business. This includes marketing; monitor the use of products, services and systems; analysis and storage of the preferences of our guests and clients; traffic patterns; operation of our hotels and service to our guests and clients; statistics analysis; upgrade of the services, offers and products.

As long as this processing is carried out by electronic means and refers to products and services offered by the Responsible Party, it will be legitimized in the satisfaction of the legitimate interests of the Responsible Party.

At any time, the User may object to their Personal Information being processed for this purpose by following the instructions set out in section VI of this Notice.

  • Marketing and communications. We use Personal Information to deliver and personalize communications with our guests and clients, including recommendations, special offers, information about benefits, information about our hotels, restaurants, bars and other facilities, information about on-site and off-site events and activations at our properties, and other marketing communications, as well as for information on how to manage email subscriptions and marketing or promotional communications, email, opt-out, and marketing communications of this Notice. Likewise, your Personal Information is collected in order to be eligible for exclusive offers and promotions; send you exclusive promotions through the communication channels you previously authorize (email, phone calls, text messages or SMS); and promote the Paradise Pass services.

The Responsible Party will have the full consent of the User to process the Personal Information and provide an answer to the User in the aforementioned cases from the moment the User sent any request to the Responsible Party.

  • Protection, security and conflict resolution. We use Personal Information to protect ourselves, our employees, guests, and customers, as well as vendors and service providers (“Providers”), and others. This includes checking user activity; enforce the terms of use and monitoring of our providers and those of our provider and prevent fraudulent, abusive or illegal activities. In addition, we use and disclose personal information to the extent that we consider necessary to protect the rights, property, security, operations and privacy of the Responsible Party, its guests and clients, staff, suppliers, affiliates, or others and as we consider it. necessary to comply with applicable laws, regulations, rules and requests from law enforcement and/or other government agencies.

This processing is based on the legitimate interest of the Responsible Party.

IV. HOW LONG DO WE KEEP THE PERSONAL INFORMATION?

The Personal Information collected by the Responsible Party will be managed for the time required to fulfill the purposes for which it was collected and established in the Notice, and where appropriate, until the limitation period of the actions related to the legal relationship that gave rise to the collection and management of your Personal Data.

V. TRANSFER OF PERSONAL INFORMATION

The Responsible Party will not share any personal information with unaffiliated third parties, except in the following circumstances:

  • As necessary to provide the service that the user has requested or authorized, or to maintain and serve the customer and/or guest account.
  • As required by regulatory authorities that have jurisdiction over the Responsible Party and its affiliates or as required by any applicable law.
  • To the extent reasonably necessary to prevent fraud and unauthorized transactions.

Likewise, some of the aforementioned Purposes involve sharing Personal Information collected with third parties. We share Personal Information with your consent, as necessary to complete any transaction or required to provide any service that the User has requested or authorized, or as permitted or required by the RGPD. We share Personal Information for a variety of purposes, including to provide our services such as reservations, guest communications and concierge services, marketing of our products and services, payment processing and other financial services, fraud prevention, and risk mitigation/reduction. We also share Personal Information with vendors who need the information to provide services to the User or to us, but only to the extent that the information is necessary to provide such services. This includes: software and web developers, payment processors, online travel agencies and channel managers, reservations managers, maintenance companies, guest and customer benefit providers, email and other marketing vendors, vendors of technology and vendors that we have maintained to help secure our systems. We also use analytics and software providers to help us understand how our customers and guests use the services and our systems.

Furthermore, if it is necessary to transfer Personal Information to third countries or international organizations, the Responsible Party guarantees that such transfers will be made in accordance with the principles and conditions established in the RGPD.

VI. USERS RIGHTS

Users may exercise, if they wish, the rights of access, rectification and removal of data. They may also request that the processing of their Personal Information be limited, or even oppose it, request the portability of their data, as well as reject being subjects of automated decisions, through the following:

  • By sending a request to the email: privacy@rcdhotels.com
  • By sending a written request to the address: Boulevard Kukulcán km 14.5, Hotel Zone, Cancún, Quintana Roo, 77500, Mexico, with attention to our IT Department.

The request must contain and comply with the following:

  • User’s name and address, or other means to communicate the response to their request.
  • The documents that prove identity or, where appropriate, the legal representation.
  • The clear and precise description of the personal information which it is sought to exercise any of the rights related to the processing of the data; and
  • Any other element or document that facilitates the location of personal information.

The Responsible Party will notify the user the determination adopted in relation to their request, within a period of one month from the date we receive the request. Exceptionally, the Responsible Party may extend this period for up to two months, considering the complexity and number of requests submitted. In case of considering that a request is inadmissible, the Responsible Party will inform the user the reasons for its determination, within the month following the receipt of said request.

If the information provided in the request turns out to be erroneous or insufficient, or the necessary documents to prove identity or the corresponding legal representation are not attached, the Responsible Party will require the correction of the deficiencies to process the request.

The User may withdraw their consent for the processing of their personal data, without retroactive effects, in all those cases in which said revocation does not imply the impossibility of complying with obligations derived from a current legal relationship between the User and the Responsible Party; the User may also limit the processing of personal information in the cases expressly provided for by the RGPD.

The User will be responsible for keeping their personal information up to date. Therefore, the User guarantees and responds, in any case, to the veracity, accuracy, validity and authenticity of the Personal Information provided, and undertakes to keep them duly updated, communicating any changes to the Responsible Party.

VII. CONSENT

The User has the right to revoke their consent to the processing of their Personal Information. The procedure, requirements, and contact information to revoke your consent will be the same as the procedure established in the section VI of this Notice.

If you have not expressly disapproved the terms stated herein, it shall be understood as given consent to the management of your Information.

VIII. COOKIES AND TRACKING TECHNOLOGIES

The website’s cookie notice will provide you with the option to reject the Responsible Party’s use of cookies while visiting the website. However, if you decide to decline cookies, some features and functions of the website may be affected, including the personalization features associated with creating a user profile. If you have established a user profile, you can adjust your preferences so that we can provide you with more appropriate recommendations. We may use the information that you provide to your user profile to populate other databases maintained by us and our service providers, as appropriate. By creating a user profile, you agree that we may use the personal information that you provide for these purposes. You can view, update or delete any personal information that you have provided to us for inclusion in your user profile by modifying your user profile online or by sending an email to privacy@rcdhotels.com. If you subsequently choose to delete your user profile, we will have the right to use any personal information previously provided by you for inclusion in your user profile for record keeping and quality assurance purposes. Even if you decide not to create a user profile, you can still use our websites to find and purchase services.

Services do not respond to Do Not Track (DNT) signals. We use a number of vendor technologies that can track guests and customers across sites, including, but not limited to, Google products and services, Google DoubleClick, Saber (synxis), Facebook, Adara, the hotel network, TripTease, Sojern, TripCraft, Cendyn and TRAVELCLICK.

IX. LINKS TO THIRD PARTY WEBSITES AND SERVICES

The Services may contain links to third-party services, content, or products that are not affiliated with us. We are not responsible for examining or evaluating the content or accuracy of such third-party websites, and we do not warrant and will not have any liability or responsibility for any third-party materials or websites, or for any other third-party materials, products, or services. Please, refer to the privacy statements of those third-party services for information about what they collect and how they use your data.

We are not responsible for any damages or losses related to the purchase or use of goods, services, resources, content or any other transaction made regarding any third-party website. Please carefully review the policies and practices of third parties and make sure you understand them before engaging in any transaction. Complaints, claims, concerns or questions regarding third party products should be directed to the third party.

X. NOTICE UPDATE

From time to time and in compliance with the RGPD, the Responsible Party may modify or update this Notice. In which case, you may check any updates through our website, www.leading-destinations.com.

XI. CONTACT US

Should be any questions or concerns about this Notice, the management of your Personal Information or your rights, please, feel free to contact our Personal Information Manager by email privacy@rcdhotels.com, by telephone +52 (998) 254 6500, or directly at

Should be any questions or concerns about this Notice, the management of your Personal Information or your rights, please, feel free to contact our Personal Information Manager by email privacy@rcdhotels.com, by telephone +52 (998) 254 6500, or directly at Boulevard Kukulcán km 14.5, Zona Hotelera, Cancún, Quintana Roo, C.P. 77500, México.