Data Protection Policy
HOTELTURIS S.A. – HOTEL REINA ISABEL
Quito, April 28, 2023
CHAPTER 1 – NATURE AND SCOPE
1.1 Background
Committed to transparency in the processing of your personal data, we announce the privacy policy notice that is intended to inform the owners of the data of Hotelturis S.A. – Hotel Reina Isabel, that we manage databases that contain their personal data, for which we provide you with information regarding the treatment or use to which your personal data will be submitted, as well as the protection measures and respect for your rights
1.2 Responsible for the treatment
Hotelturis S.A. – Hotel Reina Isabel with RUC 1791313054001 and main address Av. Amazonas N23-44 and Veintimilla, Quito, Ecuador, will be responsible for the processing of personal data. Hotelturis S.A. – Hotel Reina Isabel will be the one who will collect, store and process personal data in accordance with the provisions of the Organic Law for the Protection of Personal Data of Ecuador (hereinafter LOPDP).
1.3 Contact regarding the Protection of Personal Data
If you need to contact Hotelturis S.A. – Hotel Reina Isabel to request any right of the owner or interested party or for assistance in the revocation or modification of consent, you can do so by email: informes@hotelreinaisabel.com, at the main address of Hotelturis S.A. – Hotel Reina Isabel or by calling customer service at +593 2 2544 454.
1.4 Scope of personal data processing
Hotelturis S.A. – Hotel Reina Isabel, will treat personal data according to the following scopes:
For customers:
-
- Manage the contractual relationship of the products and services that the owner or interested party requests or contracts with Hotelturis S.A. – Hotel Reina Isabel.
- Comply with legal obligations and regulations applicable to Hotelturis S.A. – Hotel Reina Isabel.
- Consult credit information entities.
- Prevent fraud.
- Carry out analysis of risks and commercial purposes:
- Preparation of commercial and risk profiles
- Offers of products and services of Hotelturis S.A. – Hotel Reina Isabel
- If you are a representative, guarantor, beneficiary, spouse of the owner or interested party who issued the consent, we will process your personal data at Hotelturis S.A. – Hotel Reina Isabel for the management of the contract in which you are involved.
For providers:
-
- Management of pre-selection, verification of references, selection and qualification of suppliers.
- Contract instrumentation
- Support incidents for business continuity.
- Monitoring of service provision and/or delivery of the contracted product
- Comply with legal, contractual and regulatory obligations applicable to Hotelturis S.A. – Hotel Reina Isabel.
For collaborators:
-
- Administrative process of recruitment and/or selection and/or employment relationship.
- Employee payroll and benefits management.
- Management of induction and training.
- Performance evaluation and work environment.
- Development of career plans and promotion of employees.
- Occupational Safety and Health.
- Comply with legal, contractual and regulatory obligations applicable to Hotelturis S.A. – Hotel Reina Isabel.
- Management of information for public entities such as the Internal Revenue Service, Ministry of Labor, Ecuadorian Institute of Social Security, among others.
1.5 Applicable legal regulations
The processing of personal data carried out by Hotelturis S.A. – Hotel Reina Isabel is lawful and legitimate in accordance with the provisions of:
Article 66 numeral 19 of the Constitution of the Republic of Ecuador that recognizes and guarantees people: “The right to the protection of personal data, which includes access and decision on information and data of this nature, as well as its corresponding protection. The collection, filing, processing, distribution or dissemination of this personal data will require the authorization of the owner or the mandate of the law”.
The Organic Law on Protection of Personal Data in its article 7 numerals 1, 2, 3, 5, 7 and 8 states that the processing of personal data will be legitimate and lawful when one of the following conditions is met:
1. By consent of the owner for one or more purposes.
2. That it is carried out in compliance with a legal obligation.
3. In compliance with court order, the principles of this law must be observed.
4. For the execution of pre-contractual measures at the request of the owner or for the fulfillment of contractual obligations pursued by the person in charge, in charge or a legally authorized third party.
5. For the processing of personal data contained in publicly accessible databases.
6. To satisfy a legitimate interest of the controller or a third party, provided that the interest or fundamental rights of the owners do not prevail under the provisions of this standard.
1.6 Principles for the processing of personal data
Hotelturis S.A. – Hotel Reina Isabel uses the thirteen (13) principles defined in the LOPDP, to carry out any processing of personal data of the owner or interested party. They are detailed below: legality, loyalty, transparency, proportionality, purpose, minimization, favorable application to the owner, confidentiality, proactive responsibility, quality and accuracy, conservation, security and independence of control.
CHAPTER 2 – AUTHORIZATION
2.1 Consent and legitimate interest to process personal data
Hotelturis S.A. – Hotel Reina Isabel will provide the owner or interested party with the appropriate technical resources to unequivocally grant their consent.
Said consent will be obtained through physical, digital or other means used by Hotelturis S.A. – Hotel Reina Isabel.
Based on its legitimate interest, Hotelturis S.A. – Hotel Reina Isabel analyzes the preferences of the owners or interested parties to offer products and services that are considered to be of interest to them. Additionally, the owner or interested party authorizes Hotelturis S.A. – Hotel Reina Isabel to:
-
- Consult and process personal data and preferences in detail so that Hotelturis S.A. – Hotel Reina Isabel offers its products and services.
- Transfer or communicate personal data to related companies or business partners for the customization of products and services to be offered to the owner or interested party, suppliers, customers and franchises with which collaboration agreements, information security and protection of personal data are maintained.
- Treat automatically and incorporate the personal data subject to treatment to the corresponding automated files of personal data for which Hotelturis S.A. – Hotel Reina Isabel will be Responsible.
As a guarantee of informed consent and transparency of the legitimate interest, the declaration of protection of personal data, will address for greater detail the notice of policies and procedures for the protection of personal data published on this website: www.hotelreinaisabel.com
2.2 Proof of Authorization
Hotelturis S.A. – Hotel Reina Isabel will keep records or mechanisms necessary to demonstrate when and how authorization was obtained from the holders of personal data for the treatment thereof.
CHAPTER 3 – RIGHTS OF THE HOLDER OR INTERESTED PARTY
3.1 Rights of the owner or interested party
The personal data and control over them correspond to the owner or interested party , for which the owner or interested party may exercise the rights indicated below:
1. Access: the owner or interested party can know what personal data is processed by Hotelturis S.A. – Hotel Reina Isabel.
2. Rectification and update: the owner or interested party can modify or update their personal data.
3. Elimination: the owner or interested party may request the deletion of their personal data when:
a. It is not necessary or relevant for the purpose for which it was initially collected; or in turn, if the owner or interested party does not have any product, active service or obligations with Hotelturis S.A. – Hotel Reina Isabel.
b. The conservation period has expired.
c. The consent is revoked or the owner indicates that they have not granted it.
d. Do not conflict with a regulatory requirement.
4. Opposition: the owner or interested party may oppose or deny the use of their personal data when:
a. Your fundamental rights and freedoms are affected.
b. The law allows its exercise.
c. The processing is for purposes other than those for which it was collected and/or if it is not necessary to maintain the contractual relationship.
d. In the other cases established in the Organic Law of Protection of Personal Data.
This right may be exercised as long as it is not about public information, public interest or that the treatment is ordered by law.
-
- Suspension: the owner or interested party may request the temporary cessation of the processing of their data when:
- You contest the accuracy of your personal data.
- The treatment does not correspond to the authorized one.
- It is required to limit its use.
- If Hotelturis S.A. – Hotel Reina Isabel is not required to process your personal data but the owner or interested party needs them to formulate, exercise or defend claims.
- If you oppose the processing of your data for the fulfillment of a mission in the public interest or for the satisfaction of a legitimate interest, while Hotelturis S.A. – Hotel Reina Isabel corroborates whether the legitimate reasons for the treatment prevail over those of the owner or interested party.
- Portability: the owner or interested party can request Hotelturis S.A. – Hotel Reina Isabel to provide their personal data in a compatible and interoperable format.
- Object to automated decisions: the owner or interested party can request that an operator of Hotelturis S.A. – Hotel Reina Isabel intervene to explain to the owner or interested party the decision of automated processing, collect their comments on it and challenge the decision of Hotelturis S.A. – Hotel Reina Isabel in if required.
- Suspension: the owner or interested party may request the temporary cessation of the processing of their data when:
To make your rights effective we put at your disposal the email: informes@hotelreinaisabel.com
CHAPTER 4 – TREATMENT, ACCESS, CONSULTATION AND CLAIM
4.1 What types of personal information do we process?
Where we process personal data, in connection with our products and services, this may include:
-
- Personal and contact data, such as first and last name, contact details and their history
- Date of birth, sex and/or age
- Nationality, if necessary for the sale of the product or the provision of the service.
- Details of the company, if necessary for the sale of the product or the provision of the service.
- Contact records with us, such as telephone number and, if you contact us online using our online services or through our smartphone application, details such as your mobile phone location data, IP address .
- The products and services that you have or have had contracted with us, as well as those that you have been interested in, as well as the payment methods used.
- Use of our products and services, all purchase orders and invoices
- Sent marketing and data analytics, including communication history, whether communications usage or link clicks, and information about products or services we think you may be interested in, and data analytics to help you find offers we think will be of interest to you. are of interest or relevance.
- Information about the use of products or services that you maintain with our business partners, such as financial services and products.
- Information obtained from third parties with your consent
- Financial details such as payment methods
- Information acquired from third parties, including demographic information, outstanding financial details, marketing lists, publicly available information, and information to help improve the relevance of our products and services.
- Information obtained from the analysis of customer profiles, cookies, usage data
- Personal and contact data, such as first and last name, contact details and their history
4.2 What is the source of your personal information?
We may collect personal information from the following sources:
-
- Directly from you or from providers of products and services
- Information generated when you use our products and services
- From an agent or distributor we work with to provide you with products or services or to provide you with a quote
- Related companies or business partners (for example, financial services institutions) or others who provide their products and services or operate our business
- Acquisition of information through third parties, including demographic information, marketing lists, publicly available information, and other information to help improve our products and services or our business.
- Risk rating information from the Credit Data Registry and/or Credit Bureau, as well as Information to analyze the economic viability of the holder’s or interested party’s requests and operations.
- Information from fraud prevention systems.
- Data from sources accessible to the public such as the media, telephone directories, lists of people belonging to professional associations, among others.
- Data obtained from public records, resolutions of Public Administrations, and official lists for the prevention of fraud, money laundering and terrorist financing. Additionally, information on real estate and furniture, among others.
- Digital behavior data obtained from platforms and media centers assigned to cookies or devices, which have been previously obtained with the corresponding consents by a third party.
- Directly from you or from providers of products and services
4.3 What do we use your personal data for?
We use your personal data for the following purposes:
-
- Evaluate a request to purchase products or services, including considering whether or not to offer the product or service to you, the price, the risk of doing so, the availability of the payment method, and the terms and conditions
- Manage products and services or the request for them, update of records, location tracking and debt recovery
- Manage any aspect of the product or service
- Make automatic decisions about product or service offers, the price, the payment method, the risk or the terms and conditions of the same
- Perform and/or test the performance of our products and services
- To improve the operation of our business and that of our business partners
- For the management and auditing of our business operations, including accounting
- Monitor and keep a record of our communications with you and our staff
- Market research and analysis and development of statistics
- Direct marketing communications and related profiling to help us offer you relevant products and services, including whether or not we offer certain products and services to you. The sending of advertising material can include SMS, email, telephone, social networks and digital channels.
- Develop new products and services, and review and improve current products and services
- To comply with legal obligations and requirements
- For use in electronic billing systems
- For use in payroll systems (applies to employees)
- Provide information and analysis of our customers both for us and for the benefit of business partners, to provide products or services, to help us improve existing products or services, or to evaluate or improve the operation of our businesses
- To share information, as necessary, with business partners (for example, financial services institutions), service providers, or as part of the provision and administration of our products and services or the operation of our business.
- To facilitate the sale of one or more parts of our business
- Evaluate a request to purchase products or services, including considering whether or not to offer the product or service to you, the price, the risk of doing so, the availability of the payment method, and the terms and conditions
4.4 What are the legal grounds for processing your personal information (including when we share it with others)?
The processing of your personal data is justified based on the following legal bases:
A. When necessary to provide you with goods or services, such as:
-
- Evaluate a request you make to us for a product or service, including whether or not to offer you the product or service, price, payment methods, and terms and conditions
- Manage products and services you already have with us
- Update records and location tracking to contact you about your account for the purpose of recovering debt when applicable
- Sharing your personal information with business partners and service providers when you order a product to help manage your product
- All the activities necessary for the management of the product or service
- Evaluate a request you make to us for a product or service, including whether or not to offer you the product or service, price, payment methods, and terms and conditions
B. When there is a legitimate interest, such as:
-
- Management of your products and services by updating your records, location location to contact you about your account for the purpose of recovering debt when appropriate
- Maintaining network and data security
- Evaluate a request for a product or service, including whether or not we offer you the product, the price, the available payment methods and the conditions of the same
- Perform and/or test the performance of our products and services
- Comply with guidelines, best practices and codes of conduct recommended by public authorities
- Management and auditing of our business operations, including accounting
- Monitoring and record keeping of our communications between you and our staff (see below)
- Market research and analysis and development of statistics
- Direct marketing communications to help us offer you products and services, including deciding whether or not to offer you certain products and services. Advertising material can be sent via SMS, email, telephone, social networks and digital channels.
- Develop new products and services and review and improve existing products and services
- Subject to appropriate controls, provide information and analytics from our customers to business partners, either as part of providing products or services, helping us to improve existing products or services, or to evaluate or improve the operation of our businesses
- To facilitate the sale of our business
- Sharing your personal information with people or organizations to run our business when necessary
- Management of your products and services by updating your records, location location to contact you about your account for the purpose of recovering debt when appropriate
C. To comply with our legal obligations:
-
- To comply with any of our obligations and requirements, for example in relation to tax obligations, money laundering, etc.
- When it is necessary to share your personal information with individuals or organizations to comply with any legal and/or regulatory obligation
- To comply with any of our obligations and requirements, for example in relation to tax obligations, money laundering, etc.
D. With your consent or explicit consent:
-
- For some direct marketing communications
- For the creation of profiles and other automated decisions, to decide if we offer you a product or service, method of payment, price and the terms and conditions of the same.
- For some direct marketing communications
4.5 When do we share your personal information with other organizations?
We may share information with the following third parties for the purposes listed above:
-
- Companies and service providers
- Business partners (for example, financial services institutions, insurers, etc) or others involved in the provision of products and services
- Government agencies and other public entities
- Other organizations and businesses provide services to us such as debt recovery agencies, server and backup providers, computer software and maintenance providers, document archiving providers, electronic invoicing providers, providers of other administrative functions, and information research organizations. market that help us develop and improve our products and services
- Companies and service providers
4.6 How and when can you withdraw your consent?
The processing of your personal data is based on your consent. You can withdraw it yourself at any time by contacting us. Please note that the withdrawal of consent does not affect the legality of the treatment carried out before said withdrawal.
4.7 What should you do if your personal information changes?
You must tell us so we can update our database and update your records.
4.8 Do you have to provide us with your personal information?
We cannot provide you with our products or services if you do not provide us with certain information. In cases where providing personal information is optional, we will make this clear.
4.9 How long do we keep your personal information?
Unless otherwise communicated, personal data will be kept for the time necessary for the management of the purposes specified in this policy or for 15 years, whichever comes first; unless the law requires a different time.
Security and Data Protection
Hotelturis S.A. – Hotel Reina Isabel guards the data with the highest security standards for which Hotelturis S.A. – Hotel Reina Isabel guarantees the integrity, confidentiality and availability of its procedures and technology and information. Additionally, Hotelturis S.A. – Hotel Reina Isabel uses security measures to safeguard personal data, and we demand that Hotelturis S.A. – Hotel Reina Isabel employees who process this personal data do so confidentially and fully, and with the greatest respect for the privacy of people.
Hotelturis S.A. – Hotel Reina Isabel will constantly work on continuous improvement and implementation of the highest security standards and adequate protections to protect personal data. Using all the means and technical measures at its disposal to prevent the loss, misuse, alteration, unauthorized access and theft of personal data provided to Hotelturis S.A. – Hotel Reina Isabel in the sale of products and the provision of services. However, the Owner or interested party must be aware that the security measures in electronic services are not impregnable, and the owner or interested party must maintain the precautions of the case so as not to deliver their personal data to false sites, in addition to maintaining the measures adequate security on their computers or mobile devices.
Changes to the data privacy policy notice
Updates to this content will be notified through the Hotelturis S.A. – Hotel Reina Isabel website or through other channels defined by Hotelturis S.A. – Hotel Reina Isabel.