Who we are
We are HIPPIE’S PLACE POSADA. The address of our website is: https://hippiesplace.com
What personal data we collect and why we collect it
If you interact with our site we will store some of your non-sensitive data in Cookies. This is for your convenience, so you don’t have to refill your details on a new visit. These cookies will last for one year. If you have an account and connect to this site, we will install a temporary cookie to determine if your browser accepts cookies. This cookie does not contain personal data and is deleted when you close your browser.
When you sign in, we will also install several cookies to save your login information and screen display options. Login cookies last two days, and screen option cookies last one year. If you select “Remember Me”, your login will last for two weeks. If you leave your account, your login cookies will be deleted.
Embedded content from other websites
How long we keep your data
We will retain your data and metadata until the relationship between Lemus Watler Archbold Enterprises SAS and the user ends.
Of the users who register on our website, we also store the personal information they provide in their user profile. All users can view, edit or delete their personal information at any time (except that they cannot change their username). Web administrators can also view and edit that information.
What rights you have over your data
If you have an account on this website, you can request to receive an export file of the personal data we hold about you, including any data you have provided to us. You can also request that we delete any personal data we hold about you. This does not include any data that we are required to retain for administrative, legal or security purposes.
- OBJECT OF POLITICS
The purpose of this document is to adopt the policies of the processing of personal data, in order to protect the constitutional right of all persons to know, update and rectify the information that has been collected about them on the basis of data or files owned by Lemus Watler Archbold Enterprises SAS, or whose treatment has been commissioned from Lemus Watler Archbold Enterprises sas, and other constitutional rights, freedoms and guarantees, in accordance with Law 1581 of 2012 and its Decree regulation 1377 of 2013.
Lemus Watler Archbold Enterprises SAS, in all its performances, through its business units and by all means in which information is requested, physical, electronic, virtual, telephone access, via web, etc., is committed to respecting the rights of its customers, employees and third parties in general. Therefore, it adopts this mandatory policy manual in all activities involving the processing of personal data.
These policies are mandatory and strict compliance by all employees of hippie’s Place Inn, in the performance of their duties, contractors and third parties acting on behalf of Lemus Watler Archbold Enterprises SAS.
In accordance with current legislation on the subject, the following definitions are established, which will be applied and implemented taking into host the criteria of interpretation that ensure a systematic and comprehensive application, and in accordance with technological advances, technological neutrality; and the other principles and postulates governing the fundamental rights that surround, orbit and surround the right to habeas data and protection of personal data.
Authorization: Prior, express and informed consent of the holder to carry out the processing of personal data.
Database: Organized set of personal data to be processed.
Personal Data: Any information that is linked to or that may be associated with one or more specific or determinable natural persons.
Processor: Natural or legal person, public or private, who by himself or in partner with others, performs the processing of personal data on behalf of the controller.
Responsible for the processing: Natural or legal person, public or private, who by itself or in partnership with others, decides on the basis of data and / or the processing of the data.
Owner: Natural person whose personal data are processed. Processing: Any operation or set of operations on personal data, such as collection, storage, use, circulation or deletion.
- SCOPE OF APPLICATION
These terms and conditions apply for any registration of personal data, made in person, non-in person and / or virtual for the link to any product or service of Lemus Watler Archbold Enterprises SAS, Posada Hippie’s Place is directly responsible for the processing of Personal Data; however, it reserves the right to delegate such processing to a third party. Watler Archbold Lemus Clemencio requires the manager to attend and implement the guidelines and procedures suitable for the protection of personal data and the strict confidentiality of them.
- SPECIFIC PRINCIPLES
Lemus Watler Archbold Enterprises SAS, will apply the following specific principles set out below, which constitute the rules to be followed in the collection, handling, use, processing, storage and exchange of personal data:
- Principle of legality: In the use, capture, collection and processing of personal data, the current and applicable provisions governing the processing of personal data and other related fundamental rights shall apply.
- Principle of freedom: The use, capture, collection and processing of personal data can only be carried out with the consent, prior, express and informed of the Owner. Personal data may not be obtained or disclosed without prior authorization, or in the absence of a legal, statutory, or judicial mandate that relieves consent.
- Principle of purpose: The use, capture, collection and processing of personal data to which you have access and are collected and collected by Lemus Watler Archbold Enterprises sas, will be subordinate and serve a legitimate purpose, which must be informed to the respective holder of personal data.
- Principle of truthfulness or quality: Information subject to use, capture, collection and processing of personal data must be truthful, complete, accurate, up-to-date, verifiable and understandable. The processing of partial, incomplete, fractional or misleading data is prohibited.
- Principle of transparency: In the use, capture, collection and processing of personal data, the Right of the Owner to obtain from the company, at any time and without restriction, information about the existence of any type of information or personal data that is of interest or ownership.
- Principle of access and restricted circulation: Personal data, except public information, may not be available on the Internet or other means of mass disclosure or communication, unless access is technically controllable to provide a restricted knowledge only to Holders or authorized third parties. For these purposes the obligation of the company, will be in the middle.
- Security principle: The personal data and information used, captured, collected and subject to processing by the company, will be protected to the extent that the technical resources and minimum standards allow, through the adoption of measures technology protection, protocols, and all kinds of administrative measures that are necessary to provide security to electronic records and repositories avoiding their adulteration, modification, loss, consultation, and in general against any use or unauthorized access.
(h) Principle of Confidentiality: Each and every person who administers, manages, updates or has access to information of any kind found in Databases or Data Banks, undertakes to strictly retain and maintain and not disclose it to third parties, all personal, commercial, accounting, technical, commercial or other information provided in the performance and performance of their duties. All persons currently working or being linked in the future for this purpose, in the administration and management of databases, must subscribe an additional document or other document to their employment contract or service provision for the purpose of ensuring such Commitment. This obligation persists and remains even after the end of its relationship with any of the tasks covered by the Treatment.
- SENSITIVE DATA
Sensitive data means data that affects the privacy of the holder or whose misuse may lead to discrimination, such as those that reveal racial or ethnic origin, political orientation, religious or philosophical beliefs, membership of trade unions, social, human rights organizations or that promotes the interests of any political party or that guaranteethe rights and guarantees of opposition political parties as well as data relating to health, sex life and data including still or moving image capture, fingerprints, photographs, iris, voice recognition, facial or palm recognition, etc.
5.1 TREATMENT OF SENSITIVE DATA
Use and processing of data classified as sensitive may be made when:
- The Holder has given its explicit authorization to such processing, except in cases that by law the granting of such authorization is not required.
- The Treatment is necessary to safeguard the vital interest of the holder and the latter is physically or legally incapacitated. In these events, legal representatives must grant their authorization.
- The Processing is carried out in the course of legitimate activities and with due guarantees by a foundation, NGO, association or any other non-profit body, whose purpose is political, philosophical, religious or trade union, provided that it is refer exclusively to their members or persons who maintain regular contacts because of their purpose. In these events, the data may not be provided to third parties without the authorization of the owner.
- The Processing refers to data that are necessary for the recognition, exercise or defense of a right in a judicial process.
- The Treatment has a historical, statistical or scientific purpose. At this event, the measures leading to the suppression of the identity of the Holders must be taken.
5.2 AUTHORIZATION OF THE OWNER
Without prejudice to the exceptions provided for in the law, the processing requires the prior, express and informed authorization of the holder, which must be obtained by any means that may be the subject of subsequent consultation and verification.
5.3 CASES WHERE AUTHORIZATION IS NOT REQUIRED
The authorization of the Holder shall not be necessary in the case of:
- a) Information required by a public or administrative entity in the exercise of its legal functions or by court order.
- b) Public data.c) Cases of medical or health emergency.
- d) Processing of information authorized by law for historical, statistical or scientific purposes.
(e) Data related to the Civil Registry of Persons.
- RIGHTS OF THE HOLDER OF PERSONAL DATA
The Data Subject is informed of the rights offered to him by the personal data protection laws, which are listed below and which Lemus Watler Archbold Enterprises SAS guarantees through compliance with the defined procedures:
- a) Know, update and rectify your personal data.
- b) Request proof of the authorization granted to the Entity.
- c) To be informed by the Entity, upon request, regarding the use you have given to your personal data.
- d) File complaints with the Superintendency of Industry and Commerce for violations of Law 1581 of 2012 and other rules amending, adding or supplementing it.
(e) Revoke the authorization and/or request the deletion of the data when the principles, rights and guarantees are not respected in the processing. Revocation and/or deletion shall take place when the Superintendency of Industry and Commerce has determined that in the Treatment, the Entity has engaged in conduct contrary to the law and the Constitution.
(f) Free access to your personal data that has been processed, at least once each calendar month, and whenever there are substantial changes to the Policies set out in this Handbook that will prompt further consultation. For inquiries with a periodicity greater than one for each calendar month, Lemus Watler Archbold Enterprises SAS may charge the Holder for the costs of sending, reproducing and, where applicable, certifying documents.
6.1 THE RIGHTS OF THE OWNERS MAY BE EXERCISED BY THE FOLLOWING PERSONS
(a) By the Holder, who must prove his identity sufficiently by the various means available to the company.
- b) For their rightholders, who shall prove such quality.
- c) By the representative and/or proxy of the Holder, after accreditation of the representation or power of attorney.
- d) By public or administrative entities in the exercise of their legal functions or by court order.
(e) By the stipulation in favor of another or for another.
- DUTIES OF THE RESPONSIBLE FOR THE TREATMENT OF INFORMATION
Lemus Watler Archbold Enterprises SAS, will fulfill the following duties as Data Controller:
- Guarantee to the Holder, at all times, the full and effective exercise of the right of habeas data.
- Request and keep, under the conditions provided for in this law, copy of the respective authorization granted by the Holder.
- Properly inform the Holder of the purpose of the collection and the rights that assist it by virtue of the authorization granted.
- Keep the information under the security conditions necessary to prevent its adulteration, loss, consultation, use or unauthorized or fraudulent access.
- Ensure that the information provided to the Data Processor is truthful, complete, accurate, up-to-date, verifiable and understandable.
- Update the information, communicating in a timely manner to the Data Processor, all the news regarding the data that has previously been provided to you and take the other necessary measures to keep the information provided to the Data Processor Updated.
- Rectify the information when incorrect and communicate what is relevant to the Data Processor.
- Provide the Data Processor, as the case may be, only data whose Processing is previously authorized in accordance with the provisions of the law.
- To require the Data Processor at all times to respect the security and privacy conditions of the Information of the Owner.
- Process inquiries and complaints made in the terms indicated in this manual.
- Inform the Data Processor when certain information is in discussion by the Holder, once the claim has been filed and the respective procedure has not been completed.
- Inform the data protection authority when breaches of security codes occur and there are risks in the administration of the information of the Holders.
- Comply with the instructions and requirements provided by the Superintendency of Industry and Commerce.
8. RIGHTS OF CHILDREN AND ADOLESCENTS
The Treatment will ensure respect for the prevalent rights of minors.
The Processing of personal data of minors is prohibited, except for data that are of a public nature.
It is the task of the State and educational institutions of all kinds to provide information and to train legal representatives and guardians about the potential risks faced by minors with regard to the improper processing of their personal data, and to provide knowledge about the responsible and safe use by children and adolescents of their personal data, their right to privacy and protection of their personal information and that of others.
9. AUTHORIZATIONS AND CONSENT
The collection, storage, use, movement or deletion of personal data by the company, requires the free, prior, express and informed consent of the owner thereof.
9.1 MEANS AND REPRESENTATIONS TO GIVE AUTHORIZATION
The authorization may be contained in a physical, electronic document, data message, Internet, Websites, in any other format that allows to guarantee your subsequent consultation, or by means of an appropriate technical or technological mechanism, which allows to manifest or obtain the consent via click or double click, by which it can be concluded unequivocally, that if no conduct of the holder had been engaged, the data would never have been captured and stored in the database. The authorization will be generated by the company and will be made available to the owner in advance and prior to the processing of your personal data.
10. INFORMATION SECURITY
Lemus Watler Archbold Enterprises SAS, has security measures, which seek to protect the data of the Holders and prevent their adulteration, loss, use and unauthorized access.
11. ATTENTION OF CONSULTATIONS AND CLAIMS
For the attention of requirements related to the protection of personal data, whether or not to grant consent and/or the exercise of the other rights mentioned above, the holders of the data may communicate via email email@example.com.
The consultation will be attended within a maximum of fifteen (15) working days from the date of receipt of the same. Where it is not possible to attend the consultation within this term, the interested party will be informed, stating the reasons for the delay and indicating the date on which his consultation will be attended, which in no case may exceed five (5) working days following the expiration of the first deadline.
The Owner who considers that the information contained in a database should be corrected, updated or deleted, or when they notice the alleged breach of any of the duties contained in the applicable legislation, may submit a claim to the company, in accordance with the following procedure:
The claim will be made by written or electronic request, with the identification of the Holder, the description of the facts that give rise to the claim, the address, telephone and place of contact and accompanying the documents that you want to assert. If the claim is incomplete, the interested party will be required within five (5) days of receipt of the claim to remedy the claims.
After two (2) months from the date of the request, without the applicant submitting the required information, it will be understood that he has withdrawn from the claim.
In the event that the person receiving the claim is not competent to resolve it, he will transfer to the appropriate person within a maximum of two (2) working days and inform the interested party of the situation.
Once the complete claim is received, a legend that says “claim in process” and the reason for the claim will be included in the database, in a term of no more than two (2) business days. Such legend must be maintained until the claim is decided.
The maximum term to handle the claim will be fifteen (15) business days from the day following the date of receipt. Where it is not possible to address the claim within that term, the interested party will be informed of the reasons for the delay and the date on which his claim will be dealt with, which in no case may exceed eight (8) working days following the expiration of the first term. The Holder may only file a complaint with the Superintendency of Industry and Commerce once the consultation or complaint process has been completed with the Data Controller or Data Processor.
12. MODIFICATIONS TO PERSONAL DATA TREATMENT POLICIES
Lemus Watler Archbold Enterprises SAS, Posada Hippie’s Place reserves the right to modify, at any time, unilaterally, its policies and procedures for the processing of personal data. Any changes will be posted and announced. In addition, previous versions of this personal data processing policies will be retained.
The continued use of the services or non-disengagement thereof by the Data Subject after notification of the new guidelines constitutes acceptance of the same.
If you do not wish to receive advertising information, or do not want your data to be used to parameterize and personalize your profile for marketing products and services of the Hippie’s Place Inn, you can at any time request the cessation of use of your personal data for these purposes, through the means provided by Lemus Watler Archbold Enterprises SAS for the purpose in this Policy.
This manual applies from five (5) of January 2020.