Privacy Policy, Suites Capri

This privacy notice is provided as set forth in articles 8, 15, 16, 36 and other related, applicable articles in the Federal Law on the Protection of Personal Data Held by Private Parties (Ley Federal de Protección de Datos Personales en Posesión de los Particulares, LFPDPPP).

1. Identity and main address of the responsible party.

Suites Capri, S.A. de C.V., its affiliates and subsidiaries, (“Suites Capri”), with main address at Av. Durango 245-301, Col. Roma, Delegación Cuahutemoc, C.P. 06700, México, Distrito Federal, is responsible for acquiring and processing your personal data obtained due to the hosting relationship you have with us.

2. Personal Information.

For the purposes set forth in this Privacy Notice, Suites Capri will obtain the following personal data from you: first and last name, date of birth, sex, address, telephone, email and social media address, age range, federal taxpayer number (registro federal de contribuyentes, RFC), marital status, occupation, nationality or citizenship, automobile license plate number; Facebook and Twitter address; main reason for your trip and number of trips per year; name and information of third parties; your company name, your title and contact information; credit card or form of payment information, invoice dates; interests, opinions and hobbies; as well as your IP address and type of browser when obtained electronically.

Please note that Suites Capri does not obtain personal information that is considered to be sensitive personal data by the LFPDPPP. We may obtain information from your credit card for reservations and payment purposes in the event that you do not fulfill your reservation.

Suites Capri obtains or may obtain personal information from you by the following means:

• Personally, when you provide it to any of our employees, by filling out forms upon check-in with us or at our reception desk. Also when you answer satisfaction and opinion questionnaires about the service or subscribe to offers and contests or loyalty programs.

• Directly, when you provide it to us by telephone or electronically, by filling out the reservation form on our website, interacting on our social networks or through cookies or web beacons, or by email. Also when you answer satisfaction and opinion questionnaires about the service electronically or subscribe to offers and contests or loyalty programs through our electronic media.

• Indirectly, when you provide your personal information to any of our suppliers, such as travel agencies or third parties that provide us with databases, or that support us during the reservations and marketing processes.

A cookie is a data file that is stored on the hard drive of your computer equipment or electronic communications device that you use when navigating our website, which allows for the exchange of status information between our site and your browser. The status information can reveal session identification media, authentication and user preferences, and any information stored by the browser about the website. By contrast, a web beacon is a visible or hidden image inserted on our website or in our email that can be used to monitor its behavior on these media. Through these, information can be obtained such as source IP address, browser used, operating system, time the page was accessed, and in the case of email, the association of data. The information obtained by these means allows us to give you better service on our page. Most web browsers allow you to manage your cookie preferences. You can set your browser to refuse cookies or delete specific cookies. Usually you should also be able to manage similar technologies in the same way that you manage cookies, by using your browser preferences. The following links show how to adjust the browser settings of commonly used browsers:

Internet Explorer

Firefox

Safari

Chrome

Keep in mind that if you choose to block cookies, it may affect or prevent the operation of our site and service.

One of the third parties services we use to follow activity related to the service, for example, placing cookies, is Google Analytics. If you do not want Google Analytics to obtain and use information, you can install a refusal system (“opt-out”) on your web browser (tools.google.com/dlpage/gaoptout?hl=None).

3. Purpose.

The collection and processing of the aforementioned personal information is carried out for the following necessary purposes:

a) To have a record of our guests and provide them with the best service and care possible.

b) To contact guests when needed, including to complete transactions or provide customized services, or in case of emergency.

c) To obtain billing information if required.

d) To make a reservation according to your specifications and needs.

e) To obtain credit card information, which will only be used to guarantee a reservation, by charging a payment only in the event that the reservation is not fulfilled.

f) To ask you about the quality of our service and about your specific needs, in order to offer you a better service.

g) To comply with all mandatory legal provisions for Suites Capri, in the framework of its business relationship with you.

h) To comply with all contractual obligations entered into with you within the framework of the existing business relationship.

i) To protect the rights and interests of Suites Capri, in accordance to legal provisions.

Additionally, we have the following aims:

a)The creation of a profile on our web page which will allow you to receive notifications in the event of special offers, to register for our loyalty program, to send electronic postcards, and other additional services.

b) To include you in contests, raffles, and sweepstakes, including digital ones, which allows us to filter deals and announcements sent to you, as well as how to contact the winner.

c) To include you in contests, raffles, and sweepstakes, including digital ones, which allows us to filter deals and announcements sent to you, as well as how to contact the winner.

d) To send you personalized advertising materials for marketing, statistical, and market research reasons.

You can change the information used for the purposes of the last point at any time to modify the promotions and ads sent to you as per your own preferences, by accessing the security options on our website or updating your personal information on your profile. Furthermore, you may choose to opt out of receiving advertising via the link that appears in each ad you will receive in order to be removed from the advertising and marketing mailing list. Additionally, you may contact our Personal Information Department and request that your personal information not be used for unnecessary means, as stipulated in section 5.

We would like to inform you that you may register in the Public Registry of Consumers outlined in the Federal Consumer Protection Law, and in the Public Registry of Users as set forth in the Financial Services User Protection and Defense Law so as not to receive advertising. In the event that you decide to register in said registries, we will honor your decision.

4.Transfer of personal information.

Suites Capri may transfer your personal information to third parties for the purposes established in this Privacy Policy. This includes:

a. Your aforementioned personal information may be shared with competent authorities where applicable by law. These transfers may be national or international in nature.

b. Suites Capri may transfer all or part of your personal information to web page support service providers, such as GoogleAnalytics, with the purpose of obtaining information such as your IP address, statistics, and data analysis concerning the use of our page. These transfers may be national or international in nature.

c. It may also send your personal information to marketing and advertising providers for e-mail hosting information for ad creation.

5. ARCO Rights

Pursuant to the Federal Law on the Protection of Personal Data held by Private Individuals (Ley Federal de Protección de Datos Personales en Posesión de Particulares, LFPDPPP), you have the rights of Access, Rectification, Cancellation and Opposition to Use, also known as “ARCO Rights”, which will be explained briefly below:

– Access: The right to access your personal information that we obtain from you, as well as to obtain information relating to the manner in which your information is handled

– Rectification: The right to correct your personal information in the event that they are inaccurate or incomplete

– Cancellation: The right to ask us to cancel the personal information we have collected from you, when you feel that they are not being handled in a manner consistent with the principles and obligations established by the LFPDPPP and its Rules.

– Opposition to use: The right to oppose the use of your personal information, when a legitimate reason exists or so that your information is not used for specific ends.

The LFPDPPP may also grant the right to revoke previously obtained consent for the use of your personal information at any time.

For the purposes of exercising your ARCO rights, to request or revoke previously given consent for use and in general, to submit any questions or complaints related to the use of your personal information, or to learn if there are other options available (other than those established here) so that you may limit the use or distribution of your personal information, please contact our Personal Information Department (Departamento de Datos Personales, DDP).

Your cancellation, revocation, and opposition to use requests will be evaluated as per the terms established in the LFPDPPP. Approval or rejection will be resolved by taking into account the precepts of the LFPDPPP and the other obligations applicable to Suites Capri (fiscal, commercial, consumer protection, public safety, health safety, etc). In general, please take into account that your requests may be rejected in cases where use is necessary to comply with a legal obligation imposed or acquired by Suites Capri.

In any case, simple requests must be sent as previously mentioned. Our DDP will inform you of (i) the information required to identify yourself as well as the documents you will need to send along with your request; (ii) the time period in which you will receive a reply concerning your request; (iii) the manner in which you must present your request, including the forms you may use to make a request, if applicable, and; (iv) the manner or medium through which we will deliver the information to you.

6. Personal Information Department (Departamento de Datos Personales, DDP).

Our DDP puede may be contacted at the following:

Suites Capri, S.A. de C.V. Av. Durango 245-301, Col. Roma, Delegación Cuahutemoc, C.P. 06700, México, Distrito Federal, email: [email protected] In every case, please include your name and contact information.

7. Personal Information Security.

Suites Capri will take security measures to protect your information, whether physical, organizational, and technical, to prevent the loss, misuse, alteration, or illegal distribution of the personal information you may provide us with. Third parties that receive your personal information will be subject to privacy policies similar to those established herein.

8. Changes to the Privacy Notice.

Suites Capri reserves the right to carry out changes or updates to the current Privacy Notice at any time, for the purposes of reflecting current regulations or internal policies. These changes will be available through the following: visible announcements at our establishments, on our web pages, or via e-mail. In the event that you do not agree with said changes, you must send a message to the e-mail address previously mentioned, requesting the cancellation of your personal information pursuant to the LFPDPPP.

“We would like to inform you that this page may use cookies and web beacons to obtain personal information. You may disable them as established in our Privacy Notice.”

9. Our Third Party Website partners

Suites Capri has established agreement with Third Party websites which help us in processing our Client’s Reservations and collecting payments for these reservations. They carry their own Privacy Policies and Cookie Policies which are in full compliance to International Data Safekeeping standards such as the European GDPR or the Mexican LFPDPPP. You can visit their policy notifications here:

Siteminder (LittleHotelier) Privacy and Cookie Policy.

Expedia.com Privacy and Cookie Policy.

Booking.com Privacy and Cookie Policy.

Date this privacy notice was updated: May 2018