[:es]Política de Protección de Datos Personales[:] - Ararauna Tours and Expeditions

[cmsms_row data_padding_bottom=”30″ data_padding_top=”40″ data_color=”default” data_width=”boxed”][cmsms_column data_width=”1/1″][cmsms_heading type=”h1″ font_size=”24″ font_weight=”400″ font_style=”normal” text_align=”default” target=”self” margin_top=”0″ margin_bottom=”20″ animation_delay=”0″]Personal Data Protection Policy[/cmsms_heading][cmsms_tabs mode=”tour” position=”left” active=”1″ animation_delay=”0″][cmsms_tab title=” I. Introduction”]

In Ararauna Tours and Expeditions, We have a firm commitment to respect and comply with all legal and regulatory provisions that apply to them. Likewise, you understand that personal data, being an integral part of people’s privacy; and since they are also fundamental to our activity, they must be treated in such a way that not only implies compliance with the legal system, but, in addition, measures must be taken to generate an environment of trust and security in the public regarding said treatment..

[/cmsms_tab][cmsms_tab title=”II. Objective”]

The purpose of this Policy is to inform the public of our commitment to the protection of their personal data, as well as the guidelines under which we process such data in the exercise of our business activities, the purpose for which we do so, as well as the procedures for the holders of such data to exercise their rights under the Personal Data Protection Regulations.

[/cmsms_tab][cmsms_tab title=”III. Scope”]

This Policy applies to all personal data processing activities carried out by Ararauna Tours and Expeditions. It will also apply to those persons or companies to which Ararauna Tours and Expeditions requires the processing of personal data for which it is responsible.

[/cmsms_tab][cmsms_tab title=”IV. Definitions”]

The terms used in this policy with a capital letter are:

Personal Data Protection Law: Law 29733 and its amendments.
Regulation of the Personal Data Protection Law: Supreme Decree N° 003-2013-JUS as amended.
Personal data bank: Organized set of personal data, automated or not, regardless of the support, whether physical, magnetic, digital, optical or other that may be created, whatever the form or modality of its creation, formation, storage, organization and access.
Sensitive data: Personal data consisting of biometric data that by itself can identify the holder, data referring to racial and ethnic origin; economic income, political, religious, philosophical or moral opinions or convictions; union membership; and information related to health or sex life.
Data Processor: Any natural person, legal person under private law or public entity that alone or acting jointly with another performs the processing of personal data on behalf of the owner of the personal data bank.
Personal Data Protection Regulations: Refers to the Personal Data Protection Law, the Regulations of the Personal Data Protection Law and its amendments and complementary regulations.
Personal data owner: Natural person to whom the personal data corresponds.
Holder of the personal data bank: Natural person, legal person under private law or public entity that determines the purpose and content of the personal data bank, the processing of such data and the security measures.
Transfer of personal data: Any transmission, supply or manifestation of personal data, of national or international character, to a legal person of private law, to a public entity or to a natural person other than the holder of personal data.
Processing of personal data: Any operation or technical procedure, automated or not, that allows the collection, recording, organization, storage, conservation, elaboration, modification, extraction, consultation, use, blocking, suppression, communication by transfer or diffusion or any other form of processing that facilitates the access, correlation or interconnection of personal data”.
Arco Rights: Rights held by any natural person as holder of personal data.
Request for exercise of ARCO Right: It is the request for access, rectification, updating, inclusion, cancellation, suppression or opposition, made by the owner of personal data regarding their information.
Consent of the data subject: It is any free, specific, informed and unequivocal expression of will by which the data subject accepts, either by means of a statement or a clear affirmative action, the processing of personal data concerning him/her.
Communication Channels: Physical mail, email, text messages (SMS and/or MMS), digital media such as Facebook, or “WhatsApp” or other similar platforms, cell phone number or any means of communication that the Personal Data Subject provides to Ararauna Tours and Expeditions.

[/cmsms_tab][cmsms_tab title=”V. Guiding Principles”]

Ararauna Tours and Expeditions is committed to respecting the guiding principles established in the Personal Data Protection Regulations.These are:

Principle of legality: The processing of personal data is carried out in accordance with the law, and the collection of personal data by fraudulent, unfair or unlawful means is prohibited.

Principle of consent: For the processing of personal data, the consent of the owner must be obtained, unless there are any of the exceptions provided by law. Such consent must comply with the requirements of being free, prior to its collection or processing, express and unequivocal, and informed.

Principle of finality: Personal data must be collected for a specific, explicit and lawful purpose. Their processing must not be extended to any purpose other than that for which they were collected, excluding cases of scientific, historical or statistical activities.

Principle of proportionality: The processing of personal data must be adequate, relevant and not excessive to the purpose for which they were collected.

Quality principle: The personal data to be processed must be truthful, accurate and, as far as possible, up to date, necessary, relevant and adequate with respect to the purpose for which it was collected.

Safety principle: The owner of the personal data bank and the person in charge of the personal data bank must adopt the necessary technical, organizational and legal measures to guarantee the security of the personal data.

Principle of disposition of resources: The holder of personal data must have the necessary administrative or jurisdictional means to claim and enforce their rights, when these are violated by the processing of their personal data.

Principle of adequate level of protection: For the cross-border flow of personal data, a sufficient level of protection must be guaranteed for the personal data to be processed or, at least, comparable to that provided by the Personal Data Protection Law or by international standards on the subject.

[/cmsms_tab][cmsms_tab title=”VI. Purpose of Personal Data Processing:”]

Ararauna Tours and Expeditions processes personal data of collaborators, customers and potential customers, suppliers, employees and other persons who make up its stakeholders, in accordance with the purposes authorized by each one of them in the consents they have granted to Ararauna Tours and Expeditions with the exceptions to the requirement to obtain consent provided for in the Personal Data Protection Regulations.

Ararauna Tours and Expeditions informs that it will process personal data, among others, for the following general purposes:

To comply with the obligations generated by the contractual and non-contractual links generated with the holder of personal data.

Communicate to its public of interest commercial information about its business activity, goods and services, according to the consent obtained from the Data Subject.
Update or suspend the registration of personal data when its inaccuracy, omission, error, falsity or when the term of its agreed purpose has concluded.
Ensure the correct storage and purpose of personal data, through organizational, technical and legal measures.
Comply with its legal obligations as an employer, assuming the principles and obligations stated in the Personal Data Protection Law.
Follow-up and monitoring for security risk management purposes through its video-surveillance devices, biometric registration devices, and others that may be available.
Carry out due diligence and enterprise risk management activities, in case an audit procedure is required if acts against the Personal Data Protection Law are incurred.
Providing Personal Data to third parties, in Peru or abroad, with whom it Ararauna Tours and Expeditions has a contractual relationship and that it is necessary to deliver it to them for the fulfillment of the contracted object. The cross-border flow of data may only take place if the recipient country has the required levels of data protection in accordance with the Personal Data Protection Act.
To develop commercial actions or after-sales services, of a general nature or personally addressed to the Data Subject, aimed at improving his or her experience as a customer through the various communication channels.
To keep the Personal Data Subject informed, through the Communication Channels, about the delivery process and status of the orders placed.

The processing of personal data for the above purposes, and for any other lawful purpose other than those mentioned above, is duly informed to the Holders of personal data, requiring specific authorization according to the corresponding public of interest, in compliance with the principle of consent, with the exceptions provided for in the Personal Data Protection Regulations.

[/cmsms_tab][cmsms_tab title=”VII. Consent”]

Ararauna Tours and Expeditions shall require the free, prior, express, unequivocal and informed consent of the owner of the personal data for the processing thereof, except in the cases of exception expressly established by Article 18 of the Personal Data Protection Law.

Ararauna Tours and Expeditions shall not require consent to process your personal data obtained from publicly available sources, whether free of charge or not, for the use for which they were made available to the public; it may also process your personal data from non-public sources, provided that such sources have your consent to process and transfer such personal data.

[/cmsms_tab][cmsms_tab title=”VIII. Rights of the Holders”]

In accordance with the Personal Data Protection Regulations, holders of personal data have the following rights:

Right of access and information: As a consequence of the right of access, the holder of personal data has the right to obtain the information about himself/herself that is subject to processing in data banks owned by Ararauna Tours and Expeditions, The right of information, on the other hand, grants the holder the right to know, prior to the collection of his data, the manner in which his data was collected, the reasons for its collection, the transfers made, or to whom they are expected to be made, among others. The right to information, on the other hand, grants the holder the right to know prior to the collection of their data, the purpose for which their data will be processed, the existence of the database in which they will be stored, the identity and address of the owner of the database and the data processors, if the transfer of personal data will occur and to whom, the time of conservation, among others.
Right of rectification, updating and inclusion: The holder of personal data has the right to update, include and rectify the personal data processed by the company.
Ararauna Tours and Expeditions when they are partially or totally inaccurate, incomplete or when an omission, error or falsehood has been detected.
Right of Cancellation or Deletion: The holder of personal data may request the cancellation or deletion of his personal data not related or necessary for the execution of the obligations of the company. Ararauna Tours and Expeditions The Company’s financial statements are prepared in accordance with the terms of the contracts signed or those provided for in the regulations in force.
Right to prevent supply: The holder of personal data has the right to prevent his personal data from being supplied, especially when the supply affects his fundamental rights, unless the supply is executed between the holder of the personal data bank and a processor of the personal data bank, for the purposes of its processing.
Right of Opposition: The holder of personal data may object to the processing of his personal data at any time. The opposition will proceed to the extent that the processing has no contractual or legal justification.
Right of revocation: The holder of personal data may withdraw at any time the consent previously granted. The revocation will not reach the uses and/or treatments that may be executed in the scenarios authorized by the regulation.
Right to objective treatment: The holder of personal data has the right not to be affected by a decision that is based solely on a processing of personal data intended to evaluate certain aspects of his personality or conduct, unless this occurs within the framework of a contract or in cases of evaluation for the purpose of incorporation into a public entity, according to law, without prejudice to the possibility of defending his point of view, in order to safeguard his legitimate interest.
Right to guardianship: In the event that the holder or the person in charge of the personal data bank denies the holder of personal data, totally or partially, the exercise of the rights established in this Law, the holder may appeal to the National Authority for the Protection of Personal Data by means of a complaint or to the Judicial Power for the purposes of the corresponding action of habeas data.
Right to be indemnified: The holder of personal data who is affected as a result of a breach of this Law by the holder or by the person in charge of the personal data bank or by third parties, has the right to obtain the corresponding compensation, in accordance with the law.
Procedure for the exercise of the Personal Data Subject’s rights The Data Subjects may revoke their consent or exercise their legal rights by sending an e-mail to the following address reservas@araraunatambopata.com indicating your complete data, attaching a copy of your ID card. In case the owner of the personal data requires to exercise his/her rights through a representative, he/she must send a power of attorney legalized by a notary public empowering him/her as such and his/her identity document.

[/cmsms_tab][cmsms_tab title=”IX. Term of Personal Data Processing”]

The personal data processed by Ararauna Tours and Expeditions will be stored for the time necessary to fulfill the specific purposes of treatment authorized by the holder, without prejudice to the holder’s right to exercise at any time the rights mentioned in paragraph XI of this policy. Likewise, Ararauna Tours and Expeditions guarantees the security and confidentiality of personal data in a time frame useful to realize the mutually agreed purpose.

[/cmsms_tab][cmsms_tab title=”X. Security of Personal Data”]

In compliance with current regulations, Ararauna Tours and Expeditions adopts the appropriate legal, organizational and technical measures to ensure the security of personal data, avoiding its alteration, loss, improper processing or unauthorized access.

For this purpose, it makes available all the necessary human and technological resources, applying them in proportion to the nature of the data stored and the risks to which they are exposed, Ararauna Tours and Expeditions will only process personal data that is stored in repositories that meet the security conditions required by current legislation on personal data protection.

[/cmsms_tab][cmsms_tab title=”XI. Cookies”]

In Ararauna Tours and Expeditions we use cookies and similar technologies to personalize and enhance your customer experience and to show you relevant online advertising. Cookies are small text files containing a unique identifier that are stored on the computer or mobile device through which you access the Site, so that they can be recognized each time you use the Site.

You can disable the use of cookies according to your browser settings. In this regard, you can contact us at reservas@araraunatambopata.com. Please note that there are some technical cookies that when disabled may even prevent the website from functioning properly.

[/cmsms_tab][cmsms_tab title=”XII. Modifications”]

In the event of any change or modification to this Policy, the current text of this Policy will be published on our website: www.araraunatambopata.com in the Privacy Policy section.

[/cmsms_tab][/cmsms_tabs][/cmsms_column][/cmsms_row]