PRIVACY POLICY

In compliance with the provisions of the Federal Law on the Protection of Personal Data in the Possession of Individuals (the Law), which aims to protect the personal information provided by each person (the Information), Redsa Travel Operadora Turística, S.A. de C.V. (hereinafter, “Redsa Travel”) makes available the following Privacy Policy.
RESPONSIBLE FOR THE PROTECTION OF YOUR PERSONAL DATA
Redsa Travel Operadora Turística, S.A. de C.V. with address at SM.20 Avenida Labná # 55 Mza.14 Lot 73C Int. A First and Second Floors (B and C), Cancun, Benito Juarez, Quintana Roo P.O. Box 77500.
The Data Protection Officer is the Web Development Department, located at the same address, and can be contacted via the following email: info@redsatravel.com
PERSONAL INFORMATION REQUIRED
Redsa Travel will request personally identifiable and non-sensitive information from users of the services through our Website and Call Center, for the purpose of processing, tracking, updating, modification, cancellation and confirmation of the services booked with Redsa Travel. The type of information requested from users of the services includes, but is not limited to, name, e-mail address (e-mail), address, postal code, date of birth, credit card information and other information important for the booking and payment process, which is necessary to carry out the normal activity of the service.Your credit card information is used exclusively at the time when you purchase the services offered by Redsa Travel.
The Data Holder, upon registration, gives his consent in a free, specific, informed and unequivocal way to provide the personal data that are required of him, on the understanding that, if the User decides not to provide the mandatory Information, he will not be able to access the services that actually require such information, however, he may have access to all other services that do not require such Information. Redsa Travel does not, under any circumstances, store sensitive personal information such as race or ethnic origin, current health status, genetic information, religious, philosophical and moral beliefs, trade union membership, political opinions, sexual preference, etc.
We also collect the email addresses of those who communicate with us through this channel, aggregate information about which pages you visit, as well as any other information you voluntarily provide to us, such as information about surveys or logs on the site.
The information you provide as a user of our Website may be used to: contact you in the event of changes to bookings, detect or prevent the commission of possible cybercrime, conduct customer surveys, manage customer relationship and improve the content of the Website, as well as for statistical purposes of our service improvement. If you provide us with your telephone number, we will only contact you by this means in the event of a change of reservation or questions related to the payment process.The personal information that you provide to us as a user of our Website and Call Centre must be truthful and correspond to your current situation. Such information will be treated in accordance with the principles set out in the laws embodied in this privacy notice.

TRANSFERENCE OF DATA
Personal data may be transferred and/or shared with business partners, affiliates, suppliers, financial, banking and credit institutions, subsidiaries, affiliates and third parties, such as hotels, landlords, airlines, tour providers, etc., for marketing purposes to confirm reservations and generally to fulfill the obligations entered into with the user or client.

PRIVACY AND PROTECTION OF PERSONAL DATA
Redsa Travel uses state-of-the-art technology and processes to protect the information provided by the holders of personal data. This technology encrypts, encrypts and prevents the interception of information provided via the Internet and the Call Center, including credit cards and email addresses. Redsa Travel establishes and maintains administrative, technical and physical security measures to protect personal data against: damage, loss or alteration, destruction, or unauthorized use, access or processing.The Redsa Travel Website contains hyperlinks or hypertexts, advertisements, buttons and search tools on the global network that, when clicked or used by users, connect to other portals or websites owned by third parties. Although in some cases these third-party sites or portals are framed with the navigation bar or the style and appearance of Redsa Travel, the Information that the User may provide through these sites or portals is not covered or contemplated by this privacy notice and its handling or use is not the responsibility of Redsa Travel, so we recommend that our users check the privacy notices and policies displayed or applicable to these third-party sites or portals.
We undertake not to transfer your personal information to third parties without your consent, subject to the exceptions provided for in Article 37 of the Federal Law on the Protection of Personal Data Holding by Individuals, and to carry out this transfer in accordance with the law.

Article 37 of the Federal Law on the Protection of Personal Data in the Possession of Individuals.
Article 37.- National or international transfers of data may be carried out without the consent of the data controller in any of the following cases:
1. When the transfer is provided for in a law or treaty to which Mexico is a party;
2. When the transfer is necessary for prevention or medical diagnosis, the provision of health care, medical treatment or the management of health services;
3. where the transfer is made to controlling, subsidiary or affiliated companies under the common control of the controller, or to a parent company or any company in the same group as the controller operating under the same internal processes and policies;
4. Where the transfer is required by virtue of a contract concluded or to be concluded in the interest of the holder, by the controller and a third party;
5. Where the transfer is necessary or lawfully required for the safeguarding of a public interest, or for the prosecution or administration of justice;
6. where the transfer is necessary for the recognition, exercise or defence of a right in judicial proceedings; and
7. When the transfer is necessary for the maintenance or fulfilment of a legal relationship between the controller and the holder.

RESPONSIBILITY ON THE USE OF BANK CARD INFORMATION
Redsa Travel is committed to respecting the privacy of all its customers, and in the case of this page, all those who make their reservations online or through the Telephone Service Centre. To ensure the security of your online operations, we use an SSL (Secure Socket Layer) certificate on our Website, which protects the data you send from your browser to our site and database. All information relating to your credit card transactions is encrypted, thus safeguarding your privacy and security.
All information that customers provide to Redsa Travel, such as name, address, email address, telephone number and other details about the booking during the online payment process, will be treated as strictly confidential, unless otherwise specified to customers.

USE OF “COOKIES” AND “IP MANAGEMENTS”
The Redsa Travel data server will send data to the User’s browser to be stored on the hard drive of your computer. This allows us to identify the computers used by Users when accessing our Portal. This process is known as the use of “cookies” or “IP addresses”, through the use of “cookies” or “IP addresses.” Through this process Redsa Travel is able to offer a more personalized service to its Users as it allows us, among other things, to publish advertising and promotional campaigns, measure the size of our audience and the flow of traffic on the different sites that the User visits. The use of “cookies” or “IP addresses” does not identify users personally, but rather the public IP from which the user connects.

ACCESS TO PERSONAL DATA
As a user of the services provided by Redsa Travel you have the right to access the personal data you provide and the details of the processing thereof, as well as to rectification and deletion if they are inaccurate, incomplete or the user withdraws their consent; cancel them when they consider that they are not required for any of the purposes indicated in this Privacy Notice, are being used for non-consensed purposes or the contractual or service relationship has ended, you may also object to the processing of the same for specific purposes, limit them and even the portability of your data.
The Act grants you four rights to exercise (ARCO Rights):
• Access to your personal data to find out which are protected, if they are correct or up-to-date and for what purpose they are used.
• Rectification if they are inaccurate, incorrect or outdated.
• Cancellation consisting of the deletion of your personal data when you consider that they are not being used for the fulfillment of the purposes set out in this Privacy Notice.
• Objection to the processing of your personal data for any of the purposes set out in this Privacy Notice.
You have the right to revoke the consent given for the processing of your personal data, with the purpose of stopping the use of them, and you can revoke your consent to receive promotions and offers by telephone or email.

To exercise your ARCO Rights or your right to revoke consent to the processing of your personal data, you must submit your respective request in writing and in Spanish, and you must send it to Redsa Travel via the following email: info@redsatravel.com , or send your written request by mail, courier or hand-dispatch to the Web Development Department, located at SM.20 Avenida Labná # 55 Mza 14 Lot 73C Int. A First and Second Floors (B and C), Cancun, Benito Juarez, Quintana Roo P.O. Box 77500.
Your application must include your full name and surname, attach a simple copy of your official identification, indicate your e-mail address or physical address for notification and a telephone number. Redsa Travel will follow up on your request within 15 working days from the receipt of the request with the complete documentation, to inform you whether or not the request was made, informing you of its rectification, to take the necessary steps for the cancellation of your personal data, or to end the use of the same.

LAWS WHICH INCORPORPATORY THIS POLICY
• The LFPDPPP (Federal Law for the Protection of Personal Data in the Possession of Individuals), which is the law in charge of protecting personal data in Mexico.
• The GDPR (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data) which is the new European Union legislation for the regulation of the processing of personal data.

CHANGES TO THE PRIVACY POLICY
Redsa Travel reserves the right to modify or update totally or partially the terms and conditions of this Privacy Policy, in order to comply with new legislation, internal policies or new requirements for the provision or offering of our services or products. These modifications will be publicly available on our Website.

AUTHORITY
If the user believes that the protection of their personal data has been violated, he or she is free to go to INAI.

ACCEPTATION OF TERMS
This Declaration of Confidentiality / Privacy is subject to the terms and conditions of the Redsa Travel Operadora Turística, S.A. de C.V. / https://www.redsatravel.com/ website described above, which constitutes a legal agreement between you as a user and Redsa Travel Operadora Turística, S.A. de C.V.
If you use the services of Redsa Travel Operadora Turística, S.A. de C.V. and/or https://www.redsatravel.com or provide us with your information, it means that you have read, understood and agreed to the above terms in a free, specific, informed and unambiguous way.