Policies

TYPES OF ACCOMMODATION PLANS:

CONTINENTAL PLAN: This rate includes: Welcome cocktail at the Bar Playita or Bar Crucero, breakfast service at Poblado Restaurant from 6:00 a.m. to 9:00 a.m. every day in low, medium and high season.

POBLADO PLAN: This rate includes full meals: Welcome cocktail at the Bar Playita or Bar Crucero, Mid-afternoon snack offered at Poblado Cafeteria or Poblado Restaurant, breakfast service at Poblado Restaurant from 6:00 a.m. to 9:00 a.m. every day, lunch service from 12:00 p.m. to 2:00 p.m. every day at Poblado Restaurant (This may vary in high season and be served at the Poblado Rooftop), dinner service from 7:00 p.m. until 9:00pm every day at Poblado Restaurant (This may vary in high season and be served at the Poblado Rooftop)

MINIMUM STAY FOR NEW YEAR'S EVE: As an internal policy of the HOTEL, the minimum stay to book for high seasons is 4 nights and as a guarantee of accommodation reservation, full payment of the stay must be made.

LEASE POLICY: This lease contract is established from the date of entry with a schedule from 3:00pm to 4:00pm with departure on the stipulated date until 12:00m; failure to comply with these schedules will allow the HOTEL to charge an additional fee for the concept of extending the stay, consisting of the charge of an additional night according to the current rates, without prejudice to the entry to the room, and also authorizes the collection of charges to your room made during your stay by all occupants of this. Being the GUEST, who at the time of making the reservation freely authorizes the charging of the credit card in his/her property the values ​​that remain pending for concepts of lodging or provision of services, additional charge for losses or damages caused by the same within the Facilities.

SERVICE HOURS: The established schedule for the pool service is from 9:00 am to 9:00 pm without exception, the à la carte restaurant service is from 6:00 am to 9:00 pm; the BAR and background music service is from 9:00 am to 10:00 pm. The use of sound devices at times outside those stipulated in this contract that disturb the tranquility of other guests is prohibited. The reception service is 24 hours.

LODGING CONTRACT: OBJECT.

A) The hotel will provide the guest with the rental service of a room and its accessories, through payment of the prices in effect at the time of the service; The rate and plan are those that appear on the hotel registration card. The provision of these services and the complementary ones offered by the HOTEL will be subject to availability and the schedules, shifts or physical stock of the supplies, goods, facilities or spaces necessary for it.

B) The accommodation will be provided regardless of the time that the GUEST actually stays in the room. Partial use causes payment of the full rate.

C) THE HOTEL may at any time arrange for a room change and THE GUEST must accept it.

D) The check-in time is from 3:00 p.m. (3:00 p.m.) or 4:00 p.m. (4:00 p.m.) on the day of arrival and the check-out time is until 12:00 p.m. (12:00 m.) on the day of departure. The period between one and the other corresponds to the hotel day. Early check-in or late check-out after the indicated time will be subject to availability and the GUEST must pay the corresponding amount.

E) THE HOTEL has the rates, prices, service and start and check-out times, to which the GUEST is subject, available for public viewing.

F) The GUEST must also pay all food, beverage, laundry and general charges for all those generated during the stay and which he decides to charge to his account.

G) The GUEST declares that he has been informed of the rates, fees and general prices of the rooms per night.

H) Failure to make the agreed payment will generate late payment interest at the maximum rate allowed for the GUEST.

I) THE HOTEL has the right to retain and pledge the luggage and property in the possession of THE GUEST, rights that will be made effective due to failure to comply with the obligations by the GUEST. In this case, the HOTEL may retain the aforementioned luggage and goods as collateral for a period of thirty (30) days, counted from the date of non-compliance, after which, the HOTEL may freely dispose of the pledged objects and use the proceeds to cover outstanding obligations, including interest plus (20%) for costs and expenses. The surplus, if any, will be made available to the GUEST and in the event of a deficit, the creditor's actions are protected.

J) If the HOTEL is unable to fulfill the reservation agreed in writing, provided that there is prepayment or is forced to terminate the stay early for a certain period of time, it must obtain accommodation for the GUEST in another establishment with a similar rate. If the rate of the substitute hotel is lower, the HOTEL will reimburse the difference to the GUEST and if it is higher, it will be assumed by the HOTEL. The decision will always be up to the hotel, but it tries to ensure that there is no difference in rates as far as possible.

RIGHTS AND OBLIGATIONS OF THE GUEST:

A) The GUEST declares that he/she is aware of the rate, fees and prices of the HOTEL and admits that these may be modified without prior notice.

B) The GUEST must identify himself/herself to register at the HOTEL with a suitable identification document, presenting his/her identity card in the case of being Colombian or his/her passport or applicable document in the case of foreigners. For minors, a valid identification document must be presented.

C) The GUEST is obliged to pay the value of the hotel room in cash, at the time of the provision of the respective service and in any case at the time of the guest's cessation of stay at the HOTEL. The hotel day includes the 21-hour period of the GUEST's stay from the start date set by the HOTEL. Partial use of the hotel day will result in the payment of the full rate.

D) The GUEST will be responsible for his/her obligations and those of his/her companions, even for slight negligence. Any unregistered person who makes use of the accommodation reserved exclusively for the GUEST must register and pay a surcharge of 100% of the current rate.

E) The GUEST must maintain a decent conduct and dress appropriately. THE HOTEL will refrain from providing its services when the GUEST's behavior or clothing is not appropriate.

F) The GUEST must respect the number of people per room.

G) THE GUEST admits that the practice of sports, physical exercises, driving ships or vehicles, use of instruments or tools and in general any activity that involves a risk or that may be considered a dangerous activity, will be his/her decision, under his/her exclusive responsibility and implies that THE GUEST has the skills and knowledge that allows him/her to assume said risks, EXEMPTING THE HOTEL and its officials or employees from any responsibility in the event that he/she suffers any damage or injury.

H) The HOTEL provides some complementary free services, such as bicycle services for 45 minutes (between 7:00 am and 7:00 pm) among other services, however, their use will be solely and exclusively the responsibility of the GUEST, declaring that he/she has the skills and knowledge for their use, therefore EXEMPTING THE HOTEL from all civil, criminal and administrative liability that may arise from said activity, with the GUEST assuming all responsibility for the use of elements and for the activities that he/she carries out, not only on a personal level but also in front of third parties.

I) THE GUEST agrees to use the furniture, equipment and general facilities of both the room and the HOTEL in an appropriate manner, keeping them in the condition in which they are found and therefore will be liable for any damage or loss of the elements and property of the HOTEL, even for slight negligence. In the event of total or partial loss or damage to the property of the HOTEL due to causes attributable to the GUEST or dependents, the latter will pay the price set by the HOTEL, plus 50% as a penalty or fine.

J) THE GUEST recognizes the authority of the HOTEL Manager in the event of a controversy or conflict, as well as the right of inspection and surveillance that the HOTEL officials have to guarantee the proper use of the housing and common use utilities. This right will be exercised in a reasonable manner and includes the power to enter or search the room when the HOTEL Manager deems it necessary. THE GUEST is also obliged to observe the schedules and rules established by the HOTEL for the provision of its services and to facilitate access to its employees for routine tasks and cleaning of the room.

Cancellation and Modification Policy:

GUARANTEE POLICY: Non-refundable rate requires a deposit of 100% of the total amount of the stay, at the time of booking.

CANCELLATION AND MODIFICATION POLICY:

Non-refundable, please note that if cancelled or in case of no-show, the total value of the reservation will not be refundable. The client can reschedule their reservation up to one year, subject to availability and current rates. Reservation modifications are subject to availability. Promotional rates or plans are not modifiable or refundable.

EARLY CHECK IN: In the event that a guest arrives at the hotel before the established Check In time (3:00 p.m. to 4:00 p.m.), they will be able to enter and use the hotel facilities. Access to the room will be subject to availability.

EARLY DEPARTURE: In the event that a guest leaves early, no refund will be made. The remaining amount can be reconciled to settle the consumption made during the stay, or otherwise, a balance will be generated in favor of the guest that can be used during the current year. Except in the case of an early departure due to force majeure or demonstrable unforeseeable event, in which case a refund will be made.

LATE CHECK OUT: Check out time is (12:00 p.m. to 1:00 p.m.) If a guest leaves the hotel after this time and without prior notice to the reception, it will allow the HOTEL to charge an additional fee for the concept of extending the stay, consisting of the charge of an additional night according to the current rates, without prejudice to the entry to the room. In case of prior notice, late check-out is subject to room availability. If the room is available, 50% of the rate will be charged until 5:00 p.m. After this time, 100% of the rate will be charged.

EXCEPTIONS: Penalties do not apply in case of force majeure, fortuitous event or incapacity of the reservation holder or a first-degree relative. The request for exemption must be accompanied by the corresponding support and submitted as soon as possible through our emails: reservas@hotelpoblado.com and (add the one from avia). The money will be refunded after deducting bank commissions.

PENALTIES.

TERMINATION OF THE CONTRACT:

- The lodging contract ends: A) upon expiration of the agreed fixed term; B) for failure to comply with any of the parties' obligations and specifically for failure to pay the price or fee charged to the GUEST or for failure to pay for food and beverages or other complementary services that the GUEST has charged to the room or to his/her personal account. Failure by the GUEST shall not exempt him/her from paying the full fee for the agreed term: C) When the contract is entered into on a day-to-day basis or when the guest's length of stay at the HOTEL is not expressly stated on the hotel registration card, the contract shall be terminated upon expiration of the hotel day specified in the contract; D) When the contract is for a fixed term, it shall terminate upon expiration of this term, in which case THE HOTEL may dispose of the room. In the event of early termination, THE GUEST must pay the rate corresponding to the full term, unless there is a reasonable cause that, in the opinion of the HOTEL, merits early termination of the contract, such as domestic calamity, illness of the GUEST or the group under his/her charge, problems with the air quota, etc.

OTHER CAUSES FOR TERMINATION BY THE HOTEL: The following will also be causes for termination by the HOTEL: A) In the event that, in the sole opinion of the HOTEL, the behavior or attire of the GUEST threatens the tranquility and/or health of other guests or visitors to the HOTEL. B) For smoking in the room or in any other smoke-free space in the HOTEL, when other guests, visitors or users are affected and without prejudice to the payment that must be made under the terms established below. Termination of the contract does not exonerate or release the GUEST from payment of outstanding balances.

EFFECTS OF TERMINATION: A) Upon termination of the contract, the HOTEL may freely dispose of the room. B) Upon termination of the contract and regardless of the cause of termination, the HOTEL is authorized to enter the room, prepare and sign an inventory of the guest's belongings and luggage and remove them from the room to leave them in a safe and appropriate storage, without liability of the HOTEL and at the expense and risk of the GUEST. If the GUEST does not pay the bill or part of it, the HOTEL may dispose of and sell the GUEST's luggage and belongings in accordance with article 1199 of the Commercial Code, to cover outstanding obligations with the proceeds. The surplus, if any, will be made available to the GUEST. In the event of a deficit, the HOTEL may initiate the corresponding actions to obtain full payment of the amount owed.

DISAGREEMENT OF TERMINATION: - If there is a disagreement between THE GUEST and THE HOTEL regarding the termination of the contract, THE HOTEL, in addition to suspending the service, will take all necessary measures so that THE GUEST can dispose of his/her luggage and personal belongings or will transfer them to a safe and appropriate storage facility without liability on the part of the HOTEL.

LEGAL NATURE AND PROOF OF THE CONTRACT: The lodging contract, in accordance with article 79 of law 300 of 1996, is a lease contract, of a commercial and adhesion nature. The lodging contract is proven by the hotel registration card issued by THE HOTEL, after accepting the signature of the GUEST, which confirms that he/she adheres to the stipulations contained herein.

EXECUTIVE MERIT: The GUEST expressly accepts that the liquid sum of money that appears on the invoice will provide executive merit. INSURANCES. -In order to cover the risks affecting both the person and the property of the GUEST, THE HOTEL has a hotel insurance policy at its disposal. In any case, in the event of an accident, the HOTEL's liability is limited to the insurance coverage. This insurance policy is included in the accommodation rate.

LIABILITY FOR LOSS: – In accordance with article 1195 of the Commercial Code, the GUEST may deliver money and valuables to the HOTEL for safekeeping under receipt. For this purpose, the delivery must be made before the official designated by the HOTEL and a record must necessarily be drawn up listing the money and objects delivered. The HOTEL's liability will be that of the depositary, in accordance with article 1196 of the Commercial Code. Valuables such as jewelry, cameras, money, computers, equipment or utensils that remain in the room or service areas other than those available for storage by THE HOTEL will be under the sole record of the GUEST, since in this case the HOTEL assumes no responsibility in the event of loss or damage. The hotel has a SAFETY BOX for the use of valuable items or objects, the establishment is not responsible for the loss or damage of any object.

PROHIBITIONS AND RESTRICTIONS: - The entry of refrigerators, drinks or liquor into the HOTEL is prohibited. The entry and use of sound devices at times other than those stipulated and that may disturb the tranquility of other guests is prohibited, except on the beach, where in any case the volume of the music must be moderate and authorized by the management of the HOTEL. According to resolution 1956 of March 30, 2008 issued by the Ministry of Social Protection, the use of cigarettes in the rooms, public areas, restaurants and lounges of the HOTEL is prohibited. Failure to comply with these prohibitions constitutes a serious breach of the lodging contract that gives rise to its termination and may be removed from the HOTEL if it has affected other guests, visitors or users. In addition, if the GUEST smokes in the room or in any public space or area, he/she must assume the cost incurred by THE HOTEL to deodorize and clean the space.

REGISTRATION POLICY: All persons wishing to stay must present their original Identification Document at the time of Check-IN or Entry to the Hotel. For the Registration of Minors, it must be done by one of their parents with Presentation of the Civil Registry of Birth and/or Identity Card. In the event of not being accompanied by their parents, it may be done by the adult responsible for the minor, duly authorized by at least one of the parents with an authenticated authorization, signed and supported by a photocopy of their identity document. Colombian laws protect minors from all forms of sexual exploitation and violence originating from National or Foreign Tourists. Violations of this principle will result in the penal and administrative sanctions provided for in Law 679 of August 3, 2001.

“WARNING”; The HOTEL rejects any form of

CHILDREN'S REGULATIONS

Children from 1 to 4 years of age pay an extra charge for registration service and hotel insurance per night (breakfast included), and stay in the same accommodation (bed and room) as their companions; children from 5 years of age and older are charged as adults. At the time of Check-In at the hotel, identification documents are requested.

MINOR PROTECTION POLICY:

In accordance with the provisions of Article 17 of Law 679 of 2001, THE HOTEL warns the GUEST that the exploitation and sexual abuse of minors in the country are punishable criminally and civilly in accordance with current provisions. The HOTEL rejects and does not permit sexual exploitation or any form of sexual abuse. The HOTEL rejects and does not permit sexual tourism nor does it permit the exploitation or sexual abuse of girls, boys or adolescents. THE GUEST will not be able to enter his/her room with minors under eighteen (18) years of age for sexual tourism and whoever does so will incur imprisonment and fines in accordance with the penal code.

GENERAL CONSIDERATIONS

Aware of the importance of protecting and properly managing the personal information provided by data subjects, AVIA SOLUCIONES HOTELERAS, hereinafter referred to as AVIANET, which acts as the responsible party for the received information, has designed this policy and procedures that collectively allow for the appropriate use of your personal data.

In accordance with the provisions of Article 15 of the Political Constitution of Colombia, which develops the fundamental right to habeas data, referring to the right of all citizens to know, update, and rectify personal data that exists about them in databases and files, both public and private, this is inexorably related to the management and treatment of information that recipients of personal information must consider. This right has been developed through the issuance of Statutory Law 1581 of 2012 and Regulatory Decree 1377 of 2013, based on which AVIANET, as the RESPONSIBLE party for the personal data it receives, manages and processes the information and thus issues this personal data treatment policy, which is made available to the public so they can understand how AVIA handles their information. The provisions in this personal data treatment policy are mandatory for AVIANET, its administrators, employees, contractors, and third parties with whom AVIANET establishes relationships of any kind.

OBJECTIVE

The implementation of this policy aims to ensure the confidentiality of the information and the security of its treatment for all customers, suppliers, employees, and third parties from whom AVIANET has legally obtained information and personal data in accordance with the guidelines established by the law regulating the right to Habeas Data. Additionally, through the issuance of this policy, compliance is ensured with the provisions of Article 17, literal K, of the aforementioned law.

DEFINITIONS

Authorization: The prior, express, and informed consent of the data subject to carry out the treatment. This can be written, verbal, or through unequivocal conduct that reasonably allows the conclusion that the data subject granted authorization.

Database: The organized set of personal data subject to treatment, whether electronic or not, regardless of the mode of its formation, storage, organization, and access.

Consultation: The request of the data subject or authorized persons by the data subject or by law to know the information that rests about them in databases or files.

Personal Data: Any information linked or that can be associated with one or more specific or determinable natural persons. These data are classified as sensitive, public, private, and semi-private.

Sensitive Personal Data: Information that affects the privacy of the person or whose improper use can generate discrimination, such as those revealing racial or ethnic origin, political orientation, religious or philosophical convictions, union membership, social organizations, human rights organizations, or promoting any political party interests or ensuring the rights and guarantees of opposition political parties, as well as data related to health, sexual life, and biometric data (fingerprints, among others). For the purposes of this policy, AVIANET advises that the provision of such information by the data subject is optional in cases where it may be requested.

Public Personal Data: Data classified as such according to legal or constitutional mandates and all those that are not semi-private or private. Public data includes, among others, the data contained in public documents, public records, official gazettes and bulletins, and duly executed judicial sentences that are not subject to confidentiality, data related to the civil status of persons, their profession or trade, and their status as a merchant or public servant. Public data also includes those that, by virtue of a decision by the data subject or a legal mandate, are found in files of free access and consultation. This data can be obtained and offered without any reservation, regardless of whether it refers to general, private, or personal information.

Private Personal Data: Data that, due to its intimate or reserved nature, is only relevant to the data subject. Examples include merchant books, private documents, information extracted from home inspection.

Semi-private Personal Data: Semi-private data is not intimate, reserved, or public, and its knowledge or disclosure may interest not only its owner but also a certain sector or group of people or society in general, such as data related to the fulfillment or non-fulfillment of financial obligations or data related to relations with social security entities.

Data Controller: The person who, by themselves or in association with others, decides on the database and/or the treatment of the data.

Data Processor: The person who performs the data treatment on behalf of the data controller.

Being "Authorized": AVIANET and all persons under its responsibility, who by virtue of the authorization and the Policy are legitimately entitled to subject the personal data of the data subject to treatment. The Authorized includes the gender of the Authorized.

"Authorization" or being "Authorized": The legitimacy that AVIANET expressly and in writing, through a contract or document that acts as such, grants to third parties in compliance with the applicable law for the treatment of personal data, thereby converting such third parties into data processors of the personal data provided or made available.

Claim: The request of the data subject or authorized persons by the data subject or by law to correct, update, or delete their personal data or when they notice a presumed non-compliance with the data protection regime, according to Article 15 of Law 1581 of 2012.

Data Subject: The natural person to whom the information refers.

Treatment: Any operation or set of operations on personal data such as, among others, collection, storage, use, circulation, or deletion of such information.

Transmission: The treatment of personal data that involves the communication of the same within (national transmission) or outside of Colombia (international transmission) with the purpose of carrying out treatment by the processor on behalf of the data controller.

Transfer: The transfer of data occurs when the data controller and/or data processor, located in Colombia, sends the information or personal data to a recipient, who in turn is responsible for the treatment and is located inside or outside the country.

Prerequisite for Proceedings: The data subject or successor may only file a complaint with the Superintendence of Industry and Commerce once they have exhausted the consultation or claim process with the data controller or data processor, as provided in Article 16 of Law 1581 of 2012.

PRINCIPLES FOR THE TREATMENT OF PERSONAL DATA

The treatment of personal data must be carried out respecting the general and special rules on the subject and for activities permitted by law. Consequently, for the purposes of this policy, the following principles apply:

Principle of Legality: The treatment of data is a regulated activity that must be subject to what is established by law and other provisions that develop it.

Principle of Purpose: The treatment must serve a legitimate purpose according to the Constitution and the Law.

Principle of Freedom: Treatment can only be exercised with the prior, express, and informed consent of the data subject. Personal data cannot be obtained or disclosed without prior authorization, or in the absence of a legal or judicial mandate that exempts consent.

Principle of Truthfulness or Quality: The information subject to treatment must be truthful, complete, accurate, updated, verifiable, and comprehensible. The treatment of partial, incomplete, fragmented data, or data that may lead to error is prohibited.

Principle of Transparency: The treatment must guarantee the data subject's right to obtain from the data controller, at any time and without restrictions, information about the existence of data concerning them.

Principle of Restricted Access and Circulation: Treatment is subject to the limits derived from the nature of personal data, from the provisions of the law, and the Constitution. In this sense, treatment can only be performed by persons authorized by the data subject and/or by persons provided for by law.

Principle of Security: The information subject to Treatment by the Data Controller or Data Processor referred to in this law must be handled with the necessary technical, human, and administrative measures to provide security to the records, avoiding their adulteration, loss, consultation, use, or unauthorized or fraudulent access.

Principle of Confidentiality: All persons involved in the treatment of personal data that are not public in nature are obliged to guarantee the confidentiality of the information, even after their relationship with any of the tasks involving the treatment has ended, and may only provide or communicate personal data when it corresponds to the development of the activities authorized in this law and under the terms of the same.

Any new project within the Organization that involves the Treatment of Personal Data must be consulted with the Information Security Management, which is the person and department responsible for the data protection function to ensure compliance with the policy and the necessary measures to maintain the confidentiality of personal data.

RIGHTS OF DATA SUBJECTS

In accordance with current legal provisions, the rights of personal information holders are as follows:

Right to know, update, rectify, and consult their personal data at any time with AVIANET regarding data that they consider partial, inaccurate, incomplete, fragmented, or that may lead to error.

Right to request at any time proof of the authorization granted to AVIANET, except in cases where the data controller is legally exempt from having authorization to process the data of the data subject.

Right to be informed by AVIANET, upon request of the data subject, about the use given to their data.

Right to file complaints with the Superintendence of Industry and Commerce for any violations of their right to Habeas Data.

Right to revoke the authorization and/or request the deletion of any data when they consider that AVIANET has not respected their constitutional rights and guarantees.

Right to access the personal data that they voluntarily decide to share with AVIANET free of charge.

The information and/or personal data we collect from you are as follows:

Type of Person:

Natural Person: Full name, type of identification, identification number, gender, marital status, date of birth, email, financial data (bank accounts).

Legal Person: Business name, NIT, address, telephone, mobile number, email, country, city, financial data (bank accounts).

Information necessary to facilitate travel or other services, including preferences such as travel class, full name of passengers (type of document, document number, date of birth, first name, last name, gender, email, nationality, passport expiration date), emergency contacts (full name, telephone).

Cardholder Data: Type of document, document number, telephone, address, email, full name, card number, expiration date, and bank.

Quotation Request: Full name, telephone numbers, city, and email.

Travel Information: Type of request, destination, departure date, duration, number of adults, number of children, hotel category, meals, additional services, transportation service, per-person budget.

Write to Jean Claude Bessudo: Full name, ID card number, address, telephone (landline or mobile), city, and email.

"Online Help" Chat: Name, email, what is your question?

Evaluate Our Site: Your opinion is very important for us to continuously improve our customer service channels: full name, email, telephone numbers, and city.

Claim Request: Full name, identification number, address, telephone numbers, city, email, and comments.

Technical Issues Report: Full name, address, telephone numbers, city, email, and comments.

Biometric Data: Images, video, audio, fingerprints that identify or make identifiable our customers, users, or any person entering or present at any place where AVIANET has implemented devices to capture such information.

These data may be stored and/or processed on servers located in data processing centers, whether owned or contracted with providers located in different countries, which is authorized by our customers/users by accepting this personal data treatment and protection policy.

AVIANET reserves the right to improve, update, modify, or delete any type of information, content, domain, or subdomain that may appear on the website, without prior notice, understood to be sufficient by posting on Aviatur's websites. This is for the resolution of legal or internal requests and for the provision or offering of new services or products.

TREATMENT, SCOPE, AND PURPOSES

AVIANET informs data subjects that the data collected from our customers, contractors, and suppliers may be used for the following purposes. The treatment may be carried out by AVIANET directly or through its contractors, consultants, advisors, and/or third-party data processors, to carry out any operation or set of operations such as the collection, storage, use, circulation, deletion, classification, transfer, and transmission (the "Treatment") of all or part of their personal data:

Support of the contractual relationship established with AVIANET.

Provision of services related to the products and services offered.

Conducting all activities related to the service or product, including adding to an email list for newsletter delivery.

Sending information about changes in the conditions of the services and products purchased, and notifying you of new services or products.

Managing your requests, clarifications, and investigations.

Conducting studies and programs necessary to determine consumption habits.

Refining security filters and business rules in commercial transactions; confirming, processing such transactions with your financial entity, our service providers, and yourself.

Conducting periodic evaluations of our products and services to improve their quality.

Sending technical, operational, and commercial information about products and services offered by AVIANET, its partners, or suppliers, currently and in the future.

Requesting satisfaction surveys, which you are not obligated to respond to.

Carrying out the transmission and/or transfer of data to other companies, business alliances, or third parties to fulfill the obligations acquired. The transmission and transfer may even be carried out to third countries that may have a different level of protection from Colombia when necessary to fulfill our obligations.

Fulfilling the obligations acquired by AVIANET with its customers when purchasing our services and products.

Responding to inquiries, petitions, complaints, and claims made by control bodies and other authorities that, by law, should receive personal data.

Any other activity of a similar nature to those described above that is necessary to develop the corporate purpose of AVIATUR.

Conducting queries in different databases and authorized sources (such as OFAC lists, UN, among others) necessary for the control and prevention of fraud or crimes related to money laundering, in accordance with our policies on risk prevention and management - SARLAFT.

Data Collected from Our Employees:

Fulfilling the obligations acquired by AVIANET with the employees who are data subjects, concerning the payment of salaries, social benefits, and others established in the employment contract and current labor regulations.

Informing the employee of developments that occur during the employment contract and even after its termination.

Evaluating the quality of the services we provide.

Conducting internal studies on the habits of the employee who is the data subject or requesting personal information for the development of programs or management systems.

Conducting payroll deductions authorized by the employee.

Managing your requests, administration of activities, clarifications, and investigations.

Marketing and selling our products and services.

Sending technical, operational, and commercial information about products and services offered by partners or suppliers, currently and in the future.

Conducting studies and programs necessary to determine consumption habits.

Carrying out the transmission and/or transfer of data to other companies, business alliances, or third parties to fulfill the obligations acquired. The transmission and transfer may even be carried out to third countries that may have a different level of protection from Colombia when necessary to fulfill our obligations.

Requesting surveys, which the employee is not obligated to respond to.

Transferring, either through transmission or transfer, the information received to all judicial and/or administrative entities when necessary to fulfill the duties as an employer to comply with the obligations of labor order, social security, pensions, professional risks, family compensation funds (Comprehensive Social Security System), and taxes.

Transferring personal information to third parties who legitimately have the authority to access such information, which includes, but is not limited to, companies of the Aviatur Business Group Ltda.

Transferring personal information to all entities related to the compliance of the data controller in their capacity as an employer.

Any other activity of a similar nature to those described above that is necessary to develop the corporate purpose of AVIATUR and its labor obligations acquired by virtue of the execution of the employment contract or by law.

Conducting queries in different databases and authorized sources (such as OFAC lists, UN, among others) necessary for the control and prevention of fraud or crimes related to money laundering, in accordance with our policies on risk prevention and management - SARLAFT.

The treatment of personal data will be carried out with prior authorization from the data subject, except in events where the data is of a public nature. To this end, an authorization form for data treatment has been implemented, which must be completed by the data subject at the time they provide their personal information. This authorization explains the scope and purposes of personal data treatment, references authorization by others, data of minors, and sensitive data, as well as the channel for data subjects who wish to exercise the rights contemplated within habeas data, and indicates where this policy is hosted. For the purposes of advancing the treatment of data, AVIANET employs all activities aimed at maintaining the confidentiality of the information.

Authorization will be obtained through any means that can be subject to subsequent consultation, such as the website, forms, formats, face-to-face activities, or through social media, etc. Authorization may also be obtained from unequivocal conduct of the data subject that reasonably allows the conclusion that they granted authorization for the treatment of their information.

If you provide us with personal information about someone other than yourself, such as your spouse or a coworker, we understand that you have the authorization of that person to provide us with their data; and we do not verify or assume the obligation to verify the user's/customer's identity or the truthfulness, validity, sufficiency, and authenticity of the data provided by each of them. Therefore, we do not assume responsibility for any damages of any kind that may originate from the lack of truthfulness, homonymy, or impersonation of identity information.

Since AVIANET is part of the Aviatur Business Group, your personal information may be shared through transfer or transmission with the companies of the group, business partners, and/or third-party providers involved (flight reservation systems, hotels, car rentals, transaction security validators, banks, financial networks, tourism services), and these processes may be carried out in different locations than where the service or tourist product was contracted, with the same purposes that were indicated for the collection of personal data. These entities are obligated to comply with the corresponding confidentiality, transmission, or transfer agreements.

The collected Personal Data will be subject to manual or automated treatment and incorporated into the corresponding files or databases (hereinafter, the "File"), whether as a data processor and responsible for data protection. To determine the term of treatment, the applicable regulations to each purpose and the administrative, accounting, tax, legal, and historical aspects of the information will be considered.

When the service is provided to the data subject who is accompanied by minors or persons considered disabled, and when the collection of their personal data occurs, AVIANET will always request authorization from the legal representative of the minor. However, if personal information of the mentioned population is provided without being the legal representative, you declare that you have the authorization of the respective legal representative, directly assuming the responsibility that entails. AVIANET will always strive to respect their rights and their superior and prevailing interest. The representative must guarantee them the right to be heard and consider their opinion on the treatment, taking into account their maturity, autonomy, and capacity. Representatives are informed of the optional nature of answering questions about minors. The data of minors, included in a special protection category, will be treated according to the applicable legislation and as provided in our personal data policy.

The companies of the Aviatur Business Group have adopted the legally required levels of security for personal data protection and have installed all technical measures within their reach to avoid the loss, misuse, alteration, unauthorized access, and illegitimate theft of the personal data provided to AVIANET. However, the data subject must be aware that security measures on the Internet are not infallible.

If you choose to delete your information, as permitted by law, we will retain certain personal information in our files for accounting and tax purposes, to prevent fraud, resolve disputes, investigate conflicts or incidents, enforce our terms and conditions of use, and comply with legal requirements.

However, at the moment you decide to revoke your authorization, the stored information will not be used for the purposes provided herein, only under the strictly necessary and defined terms mentioned above.

Security Risks You Should Be Aware of When Conducting Transactions on the Internet:

It may occur that a user is deceived through emails or some DNS server trickery to visit a fake site that presents the same design, but where card data is loaded into the fake system, stealing cardholder information. Therefore, it is important to create awareness that users, to conduct transactions, should enter directly through known domains to reduce risks.

It may occur that the computer where the user is conducting the transaction has installed, without prior knowledge, some spyware or malicious software that captures everything typed on the keyboard or captures information from input devices and sends it to some network or host on the Internet. Therefore, it is recommended that the transaction be carried out, whenever possible, on the home or office computer.

It may occur that there is an impersonation of the data subject who denies having sent and/or received the transaction and it is used by a third party.

It is recommended that the device from which electronic transactions are conducted has updated and active antivirus software to mitigate the risks of fraud.

If the personal information was collected or provided before July 30, 2013, and you did not object to the transfer of your personal data, it will be understood that you have granted your consent. If you wish to ratify your consent or express your refusal, you can indicate this through the following email address: privacidad@aviasolucioneshoteleras.com.

Like other websites, AVIANET uses certain technologies, such as cookies and device fingerprinting, which allow us to make your visit to our site easier and more efficient by providing personalized service and recognizing you when you return to our site. For the purposes of this Privacy Notice, "cookies" will be identified as text information files that a website transfers to the users' computer hard drives to store certain records and preferences.

Websites may allow third-party advertisements or functions that send "cookies" to users' computers.

Cookies are only associated with an anonymous user and their computer and do not provide the user's name and surname by themselves. In many cases, you can browse any of AVIANET's websites anonymously. When you access any AVIANET website, your IP address (the Internet address of your computer) is recorded, which gives us an idea of which parts of the website you visit and how much time you spend in each section. We do not link your IP address to any of your personal information unless you have registered with us and logged into the system using your profile.

Therefore, it is possible that in certain applications AVIANET recognizes users after they have registered for the first time, without having to register each time they visit to access the areas and services or products reserved exclusively for them.

Other services may require the use of specific access keys and even the use of a digital certificate, in the characteristics to be determined.

The cookies used cannot read cookie files created by other providers. AVIANET encrypts user identification data for greater security.

To use the AVIANET website, it is not necessary for the user to allow the installation of cookies sent by AVIANET, although in such a case the user will need to register for each of the services whose provision requires prior registration.

NATIONAL OR INTERNATIONAL TRANSFER OF PERSONAL DATA

AVIANET may transfer data to other data controllers when authorized by the data subject or by law or by an administrative or judicial mandate.

INTERNATIONAL AND NATIONAL TRANSMISSION OF DATA TO PROCESSORS

AVIANET may send or transmit data to one or more processors located inside or outside the Republic of Colombia in the following cases: a) When it has the authorization of the data subject and b) when there is a data transmission contract between the data controller and the processor, even without the authorization.

DUTIES OF THE DATA CONTROLLER

Guarantee the data subject, at all times, the full and effective exercise of the right to habeas data.

Request and retain, under the conditions provided in this law, a copy of the respective authorization granted by the data subject.

Properly inform the data subject about the purpose of the collection and the rights they have by virtue of the granted authorization.

Retain the information under the necessary security conditions to prevent its adulteration, loss, consultation, use, or unauthorized or fraudulent access.

Handle consultations and claims submitted within the time limits established in this law.

Adopt an internal manual of policies and procedures to ensure proper compliance with this law, especially for handling consultations and claims.

Inform, at the request of the data subject, about the use given to their data.

Inform the data protection authority when security breaches occur and there are risks in the administration of the data subjects' information.

Comply with the instructions and requirements issued by the Superintendence of Industry and Commerce.

DUTIES OF THE DATA PROCESSORS

Guarantee the data subject, at all times, the full and effective exercise of the right to habeas data.

Retain the information under the necessary security conditions to prevent its adulteration, loss, consultation, use, or unauthorized or fraudulent access.

Timely update, rectify, or delete data within the terms of this law.

Update the information reported by the data controllers within five (5) business days from its receipt.

Handle consultations and claims submitted by the data subjects within the time limits established in this law.

Adopt an internal manual of policies and procedures to ensure proper compliance with this law, especially for handling consultations and claims from data subjects.

Refrain from circulating information that is being disputed by the data subject and whose blocking has been ordered by the Superintendence of Industry and Commerce.

Allow access to the information only to persons who may have access to it.

Inform the Superintendence of Industry and Commerce when security breaches occur and there are risks in the administration of the data subjects' information.

Comply with the instructions and requirements issued by the Superintendence of Industry and Commerce.

REQUESTS, COMPLAINTS, AND CLAIMS

For the purpose of receiving requests, claims, and inquiries related to the handling and treatment of personal data, AVIANET has designated the email address privacidad@aviasolucioneshoteleras.com, to channel, study, and respond to them. Therefore, you may send your requests to this address, which will be handled as provided in Law 1581:

Inquiries: Data subjects or their successors may consult the personal information of the data subject that rests in our database. AVIANET will provide them with all the information contained in the individual record or that is linked to the identification of the data subject. The consultation will be attended to within a maximum term of ten (10) business days from the date of receipt. When it is not possible to attend to the consultation within this term, the interested party will be informed, and the date on which their consultation will be attended to will be indicated, which in no case may exceed five (5) business days following the expiration of the first term.

Claims: The data subject or their successors who consider that the information contained in a database should be subject to correction, updating, or deletion, or when they notice a presumed breach of any of the duties contained in the law, may file a claim with AVIANET, which will be processed under the following rules:

The claim will be submitted through a request addressed to AVIANET with the identification of the data subject, a description of the facts giving rise to the claim, the address, and the accompanying documents to be asserted. If the claim is incomplete, AVIANET will require the interested party within five (5) days of receiving the claim to correct the deficiencies. If two (2) months have passed since the date of the requirement without the applicant providing the required information, it will be understood that they have withdrawn the claim.

Once the complete claim is received, a legend stating "claim in process" and the reason for it will be included in the database within no more than two (2) business days. This legend must be maintained until the claim is decided.

The maximum term for attending to the claim will be fifteen (15) business days from the day following the date of receipt. When it is not possible to attend to the claim within this term, the interested party will be informed, and the date on which their claim will be attended to will be indicated, which in no case may exceed eight (8) business days following the expiration of the first term.

In any case, the data subject or successor may only file a complaint with the Superintendence of Industry and Commerce once they have exhausted the consultation or claim process with AVIANET.

The department responsible for receiving and handling claims is the Information Security Management.

The request for deletion of information and the revocation of authorization will not proceed when the data subject has a legal or contractual obligation to remain in the database.

DATA CONTROLLER DETAILS

Company Name: Operadora de Hoteles Avia SAS

Address: Centro de Negocios Andino, Carrera 11 # 82-01 Piso 4, Bogotá DC - Colombia

Email: privacidad@aviasolucioneshoteleras.com

Telephone: (+57 1) 3817111

Website: www.aviasolucioneshoteleras.com

QUESTIONS OR SUGGESTIONS

If you have any questions or inquiries about the process of collecting, processing, or transferring your personal information, or if you believe that the information contained in a database should be corrected, updated, or deleted, please send us a message to the following email address: privacidad@aviasolucioneshoteleras.com.

For more information about AVIATUR, the identity, address, and contact forms, you can consult it at the following address www.aviasolucioneshoteleras.com. This website contains the terms and conditions applicable to the services and products published, which can be consulted at any time for more information.

VALIDITY

AVIANET reserves the right to modify this policy to adapt it to legislative or jurisprudential changes, as well as to good practices in the tourism sector and other sectors of the economy that are part of the business group. In such cases, AVIANET will announce the changes introduced on this page with reasonable notice before their implementation.

Pets are allowed and the price in high season: $150,000 and the price in medium and low season: $120,000.

1. The service must be requested at the time of booking.

2. Only one small pet per room is allowed (small breeds).

3. The pet may not remain in the following common areas of the Hotel (Restaurant, Lobby, Ice Cream Parlor). If the guest wishes, they may leave their pet alone in the room. The Hotel will provide a set (bed, food bowl and water bowl).

4. The pet must comply with the health regulations required by law and carry a current vaccination card (present at check-in).

5. To leave, enter or remain in the Hotel facilities assigned for pets, the Owner must always keep their pet on a short leash or, if possible, on a leash, since the Owner is the only person responsible for any damage caused to third parties.

6. The guest assumes full responsibility for any damage to the hotel furniture caused by the pet and must be paid for upon departure from the hotel.

7. The owner of the pet will be obliged to keep it in the proper hygienic and sanitary conditions.

8. Within the hotel grounds there are several designated and fully identified places with bins and bags, which allow your pet to solve its small and large physiological needs.

9. Guests are responsible for any noises that pets may make and will ensure that pets do not interrupt or affect the tranquility of other guests. If the hotel determines that the pet affects other guests, it may request, at its absolute discretion, that the pet be housed outside the hotel.

RESTRICTIONS Breeds stipulated in Articles 108-E and 108-F (Law 746 19-07-2002) considered to be aggressive are not accepted.

1. The use of towels, sheets, blankets is prohibited and pets are not allowed on the beds in the room.

2. The use of plates, glasses and other utensils from the Hotel for pets is prohibited.

3. Bathing your pets in the bathrooms of the room and showers of the Hotel is prohibited.

The administration is free to suspend service to the pet owner(s) for not complying with the above regulations."