POLICIES

 Respect is part of our design. At Zapadilly, every detail matters. Our policies are bridges to harmonious coexistence. Read them carefully, because the true hospitality of San Andrés Island begins before you arrive.

  • Privacy and data processing policy

    GENERAL CONSIDERATIONS


    Aware of the importance of protecting and properly handling the personal information provided by the data subjects, AVIA SOLUCIONES HOTELERAS, - hereinafter AVIANET, who acts as the data controller, has designed this policy and procedures which together allow for the proper use of your personal data.


    In accordance with Article 15 of the Political Constitution of Colombia, which establishes the fundamental right to habeas data, referring to the right of all citizens to know, update, and rectify their personal data held in databases and files, both public and private, this right is inextricably linked to the handling and processing of information that recipients of personal data must consider. This right has been developed through the enactment of Statutory Law 1581 of 2012 and Regulatory Decree 1377 of 2013, based on which AVIANET, as the CONTROLLER of the personal data it receives, manages, and processes, hereby issues this personal data processing policy, which is made public so that everyone is aware of how AVIA handles their information. The provisions of this personal data processing policy are mandatory for AVIANET, its administrators, employees, contractors and third parties with whom AVIANET establishes relationships of any kind.


    AIM


    This policy aims to guarantee the confidentiality and security of information regarding its processing for all clients, suppliers, employees, and third parties from whom AVIANET has legally obtained personal information and data, in accordance with the guidelines established by the law regulating the right to Habeas Data. Furthermore, the issuance of this policy fulfills the requirements of Article 17, section K, of the aforementioned law.


    DEFINITIONS


  • Authorization: Prior, express, and informed consent of the data subject to carry out the processing. This may be written, verbal, or through unambiguous conduct that reasonably allows the conclusion that the data subject granted authorization.


  • Database: It is the organized set of Personal Data that is subject to processing, electronic or not, whatever the modality of its formation, storage, organization and access.


  • Consultation: Request from the data subject or persons authorized by the data subject or by law to know the information held about him or her in databases or files.


  • Personal data: Any information linked to or that can be associated with one or more specific or identifiable natural persons. This data is classified as sensitive, public, private, and semi-private.


  • Sensitive personal data: Information that affects the privacy of the person or whose misuse may generate discrimination, such as those that reveal racial or ethnic origin, political orientation, religious or philosophical convictions, membership in trade unions, social or human rights organizations or that promote the interests of any political party or that guarantee the rights and guarantees of opposition political parties, as well as data relating to health, sexual life and biometric data (fingerprints, among others).


    • For the purposes of this policy, AVIANET advises that the owner of the personal data has the optional nature to provide this type of information in cases in which it may eventually be requested.


  • Public personal data: This is data classified as such according to the mandates of the law or the Political Constitution, and all data that is not semi-private or private. Public data includes, among others, data contained in public documents, public registries, official gazettes and bulletins, and duly executed judicial rulings that are not subject to confidentiality; data relating to a person's marital status, profession or occupation, and their status as a merchant or public servant. Personal data existing in the commercial registry of the Chambers of Commerce is also public (Article 26 of the Commercial Code).


    • Likewise, data that, by virtue of a decision of the data subject or a legal mandate, is found in freely accessible and consultable files is considered public data. This data may be obtained and offered without any reservation and regardless of whether it refers to general, private, or personal information.


  • Private personal data. This is data that, due to its intimate or confidential nature, is only relevant to the data subject. Examples: merchants' books, private documents, information obtained from a home inspection.


  • Semi-private personal data. Semi-private data is data that is neither intimate, confidential, nor public in nature and whose knowledge or disclosure may be of interest not only to its owner but to a certain sector or group of people or to society in general, such as, among others, data relating to compliance and non-compliance with financial obligations or data relating to relations with social security entities.


  • Data Controller: Person who, alone or jointly with others, decides on the database and/or the processing of the data.


  • Data processor: Person who processes data on behalf of the data controller.


  • Being “Authorized” refers to AVIANET and all persons under its responsibility who, by virtue of the authorization and the Policy, are legitimately entitled to process the personal data of the data subject. The Authorized includes all Enabled Users.


  • “Authorization” or being “Authorized” is the legitimation that AVIANET expressly and in writing, through a contract or equivalent document, grants to third parties, in compliance with applicable law, for the processing of personal data, making such third parties responsible for the processing of the personal data delivered or made available.


  • Complaint: Request from the data subject or persons authorized by the data subject or by law to correct, update or delete their personal data or when they notice that there is an alleged breach of the data protection regime, according to Article 15 of Law 1581 of 2012.


  • Data subject: This is the natural person to whom the information refers.


  • Processing: Any operation or set of operations performed on personal data, including, but not limited to, collection, storage, use, circulation or deletion of such information.


  • Transmission: Processing of personal data that involves the communication of the same within (national transmission) or outside of Colombia (international transmission) and whose purpose is the processing by the processor on behalf of the controller.


  • Transfer: Data transfer takes place when the controller and/or processor of personal data, located in Colombia, sends the information or personal data to a recipient, who in turn is responsible for the processing and is located inside or outside the country.


  • Procedural requirement: The holder or successor may only file a complaint with the Superintendency of Industry and Commerce once the consultation or claim process before the data controller or processor has been exhausted, according to Article 16 of Law 1581 of 2012.


    • PRINCIPLES FOR THE PROCESSING OF PERSONAL DATA


    The processing of personal data must be carried out in accordance with the general and specific regulations on the matter and for activities permitted by law. Therefore, the following principles apply for the purposes of this policy:


  • Principle of legality: Data processing is a regulated activity that must comply with the provisions of the law and other regulations that develop it.


  • Principle of purpose: The processing must be for a legitimate purpose in accordance with the Constitution and the Law.


  • Principle of freedom: Processing may only be carried out with the prior, express, and informed consent of the data subject. Personal data may not be obtained or disclosed without prior authorization, or in the absence of a legal or judicial mandate that waives the requirement for consent.


  • Principle of truthfulness or quality: The information subject to processing must be truthful, complete, accurate, up-to-date, verifiable, and understandable. The processing of partial, incomplete, fragmented, or misleading data is prohibited.


  • Principle of transparency: In the processing, the right of the data subject to obtain from the controller, at any time and without restrictions, information about the existence of data concerning him or her must be guaranteed.


  • Principle of restricted access and circulation: The processing of personal data is subject to the limits derived from the nature of the data, the provisions of the law, and the Constitution. In this regard, processing may only be carried out by persons authorized by the data subject and/or by persons provided for by law.


  • Security principle: The information subject to Processing by the Data Controller or Data Processor referred to in this law, must be handled with the technical, human and administrative measures that are necessary to provide security to the records, preventing their alteration, loss, consultation, use or unauthorized or fraudulent access.


  • Principle of confidentiality: All persons involved in the processing of personal data that is not of a public nature are obliged to guarantee the confidentiality of the information, even after their relationship with any of the tasks that comprise the processing has ended, and may only supply or communicate personal data when it corresponds to the development of the activities authorized in this law and in the terms thereof.


    • Any new project within the Organization that involves the Processing of Personal Data must be consulted with the Information Security Management, which is the person and department in charge of the data protection function to ensure compliance with the policy and the measures necessary to maintain the confidentiality of personal data.


    RIGHTS OF DATA SUBJECTS


    In accordance with current legal provisions, the following are the rights of the owners of personal information:


  • Right to know, update, rectify, consult your personal data at any time with AVIANET regarding data that you consider partial, inaccurate, incomplete, fragmented and those that induce error.


  • Right to request at any time proof of the authorization granted to AVIANET except in those cases where the controller is legally exempt from having authorization to process the data of the holder.


  • Right to be informed by AVIANET upon request of the data subject, regarding the use that has been made of them.


  • Right to file complaints with the Superintendency of Industry and Commerce that he or she considers pertinent to enforce his or her right to Habeas Data.


  • Right to revoke authorization and/or request the deletion of any data when you consider that AVIANET has not respected your constitutional rights and guarantees.


  • Right to access free of charge the personal data that you voluntarily decide to share with AVIANET.


    • The personal information and/or data that we collect from you is as follows:


    Type of person:


    Natural: names and surnames, type of identification, identification number, gender, marital status and date of birth, email address, financial data (bank accounts).


    Legal information: company name, tax ID number, address, telephone, mobile phone, email address, country, city, financial information (bank accounts).


    Information necessary to facilitate travel or other services, including preferences such as travel class, passenger names and surnames (type of document, document number, date of birth, first name, last name, gender, email, nationality, passport expiration date), contacts for cases of accident or any other anomaly (first and last names, telephone).


    Cardholder details: document type, document number, telephone, address, email, names, card number, expiration date and bank.


    Request for quote: names, surnames, telephone numbers, city and email.


    Trip information: type of request, destination, departure date, duration, number of adults, number of children, age, hotel category, meals, additional services, transportation service, budget per person.


    Write to Yadira Rodríguez Guerrero: names, surnames, ID number, address, telephone (landline or cell phone), city and email address.


    Online help chat: Name, email address, what is your question?


    Rate our site: your opinion is very important for us to continuously improve our customer service channels: names, surnames, email, phone numbers and city.


    Claim form: names, surnames, identification number, address, telephone numbers, city, email and comments.


    Technical problem report: names, surnames, address, telephone numbers, city, email and comments.


    Biometric data: images, video, audio, fingerprints that identify or make identifiable our clients, users or any person who enters or is present or passes through any place where AVIANET has implemented devices for capturing such information.


    This data may be stored and/or processed on servers located in data processing centers, whether owned by us or contracted with providers, located in different countries, which is authorized by our clients/users, by accepting this policy for the processing and protection of personal data.


    AVIANET reserves the right to improve, update, modify, or delete any information, content, domain, or subdomain that may appear on the website, without prior notice. Publication on the Aviatur websites shall be considered sufficient notice. This includes the resolution of legal or internal requests and the provision or offering of new services or products.


    TREATMENT, SCOPE AND PURPOSES


  • AVIANET informs data subjects that the data collected from our clients, contractors, and suppliers may be used for the following purposes. AVIANET may process this data directly or through its contractors, consultants, advisors, and/or third parties responsible for processing personal data, so that they may carry out any operation or set of operations such as collection, storage, use, circulation, deletion, classification, transfer, and transmission (the “Processing”) on all or part of your personal data:


  • The support of the contractual relationship established with AVIANET.


  • The provision of services related to the products and services offered.


  • The completion of all activities related to the service or product will be included in an email list for sending the newsletter.


  • To send you information about changes in the conditions of the services and products you have purchased, and to notify you about new services or products.


  • Manage your requests, clarifications, and investigations.


  • Develop studies and programs that are necessary to determine consumption habits


  • Refining security filters and business rules in commercial transactions; confirming and processing these transactions with your financial institution, our service providers, and yourself.


  • Conduct periodic evaluations of our products and services in order to improve their quality.


  • The sending, by traditional and electronic means, of technical, operational and commercial information on products and services offered by AVIANET, its associates or suppliers, currently and in the future.


  • The request for satisfaction surveys, which you are not obliged to answer.


  • To transmit and/or transfer data to other companies, business partners, or third parties in order to fulfill our obligations. This transmission and transfer may even be made to third countries that may have a different level of data protection than Colombia, when necessary for the fulfillment of our obligations.


  • To fulfill obligations contracted by AVIANET with its clients at the time of acquiring our services and products.


  • To respond to inquiries, requests, complaints and claims made by control bodies and other authorities that, under applicable law, must receive personal data.


  • Any other activity of a similar nature to those described above that are necessary to develop the corporate purpose of AVIANET.


  • Conduct consultations in different databases and authorized sources (such as OFAC lists, UN, among others) necessary for the control and prevention of fraud or crimes related to money laundering, in accordance with our prevention and risk management policies - SARLAFT.


  • Data collected from our employees:


  • To comply with the obligations contracted by AVIANET with the workers who own the information, in relation to the payment of salaries, social benefits, and others established in the employment contract and current labor regulations.


  • Inform the worker of any new developments that arise during the course of the employment contract and even after its termination.


  • Evaluate the quality of the services we provide.


  • Conduct internal studies on the habits of the employee who owns the information or request personal information for the development of management programs or systems.


  • Make the payroll deductions authorized by the employee.


  • Manage your requests, activity administration, clarifications, and investigations.


  • Marketing and sales of our products and services.


  • The sending, by traditional and electronic means, of technical, operational and commercial information on products and services offered by associates or suppliers, currently and in the future.


  • Develop studies and programs that are necessary to determine consumption habits.


  • To transmit and/or transfer data to other companies, business partners, or third parties in order to fulfill our obligations. This transmission and transfer may even be made to third countries that may have a different level of data protection than Colombia, when necessary for the fulfillment of our obligations.


  • The request for surveys, which the client is not obliged to answer.


  • Transfer, either by transmission or transfer, the information received to all judicial and/or administrative entities when necessary for the fulfillment of duties as an employer to comply with obligations related to labor, social security, pensions, occupational risks, family compensation funds (Comprehensive Social Security System) and taxes.


  • Transferring the employer's personal information to third parties who legitimately have the power to access such information, which includes, but is not limited to, companies of the Aviatur Ltda. Business Group.


  • To properly deliver, by way of transmission or transfer, the personal information of the worker to all entities that have a relationship with the compliance of the responsible party in their capacity as employer.


  • Any other activity of a similar nature to those described above that are necessary to develop the corporate purpose of AVIATUR and its labor obligations acquired by virtue of the execution of the employment contract or by operation of law.


  • Conduct consultations in different databases and authorized sources (such as OFAC lists, UN, among others) necessary for the control and prevention of fraud or crimes related to money laundering, in accordance with our prevention and risk management policies - SARLAFT.


  • The processing of personal data will be carried out with the prior authorization of the data subject, except in cases where the data is publicly available. For this purpose, an authorization form for data processing has been implemented, which must be completed by the data subject at the time they provide their personal information. This authorization explains the scope and purposes of the personal data processing, addresses authorization by a third party, the processing of data concerning minors and sensitive data, defines the channel for data subjects who wish to exercise their rights under habeas data law, and indicates where this policy is located. To carry out data processing, AVIANET employs all measures aimed at maintaining the confidentiality of the information.


    • Authorization will be obtained through any means that can be subsequently verified, such as the website, forms, formats, in-person activities, or social media, etc. Authorization may also be obtained from the unambiguous conduct of the data subject that reasonably allows the conclusion that they granted authorization for the processing of their information.


  • If you provide us with personal information about someone other than yourself, such as your spouse or a coworker, we understand that you have that person's authorization to provide us with their data; and we do not verify, nor do we assume the obligation to verify, the identity of the user/client, nor the truthfulness, validity, sufficiency, or authenticity of the data they provide. Therefore, we do not assume responsibility for damages or losses of any kind that may arise from the lack of truthfulness, name discrepancies, or identity theft.


  • Since AVIANET belongs to the Aviatur Business Group, your personal information may be shared by transfer or transmission with group companies, business partners, and/or third-party providers (including flight, hotel, and car reservation systems, transaction security validators, banks, financial networks, and tourism services). These processes may take place in different locations than where the purchased tourism service or product is contracted, for the same purposes indicated for the collection of personal data. These entities are obligated to comply with the corresponding confidentiality, transmission, or transfer agreements.


  • The Personal Data collected will be processed manually or automatically and incorporated into the corresponding files or databases (hereinafter, the "File"), either as the data processor or the data controller. To determine the duration of the processing, the regulations applicable to each purpose and the administrative, accounting, tax, legal, and historical aspects of the information will be considered.


  • When the service is provided to a minor or a person with a disability, and their personal data is collected, AVIANET will always request authorization from the minor's legal representative. However, if you provide personal information of the aforementioned individuals without being their legal representative, you represent that you have the authorization of the respective legal representative, directly assuming the corresponding responsibility. AVIANET will strive to ensure that their rights and best interests are respected at all times. The representative must guarantee their right to be heard and consider their opinion regarding the processing of their data, taking into account the maturity, autonomy, and capacity of the minors. Representatives are informed that answering questions about the data of minors is optional. The data of minors, which falls under a special protection category, will be processed in accordance with applicable legislation and our personal data policy.


  • The companies of the Aviatur Business Group have adopted the legally required levels of security for the protection of personal data, and have installed all the technical means and measures at their disposal to prevent the loss, misuse, alteration, unauthorized access and illegitimate removal of the personal data provided to AVIANET; however, the data subject should be aware that security measures on the Internet are not unbreakable.


  • If you choose to delete your information, to the extent permitted by law, we will retain certain personal information in our files in order to identify accounting and tax data of transactions carried out, prevent fraud, resolve disputes, investigate conflicts or incidents, enforce our terms and conditions of use and comply with legal requirements.



    • However, when you decide to revoke your authorization, the hosted information will not be used for the purposes provided herein, only in the terms strictly necessary and defined in the previous paragraph.


  • Security risks to consider when making online transactions:


  • A user may be tricked through emails or DNS server spoofing into visiting a fake website that looks identical to the real one, but where their card details are entered into the fraudulent system, resulting in the theft of cardholder information. Therefore, it is important to promote the understanding that users should access websites directly through known domains to minimize these risks when conducting transactions.


  • It is possible that the computer the user is using for the transaction may have spyware or malicious software installed without their knowledge. This software could capture everything typed on the keyboard or information from input devices and send it to a network or host on the internet. Therefore, it is recommended that the transaction be carried out on a home or office computer whenever possible.


  • It is possible that the account holder may impersonate the account holder, denying having sent and/or received the transaction, and that it is used by a third party.


  • It is recommended that the computer used for electronic transactions has an updated and active antivirus program to mitigate the risk of fraud.


  • If your personal information was collected or provided before July 30, 2013, and you did not object to the transfer of your personal data, it will be understood that you have given your consent. If you wish to confirm your consent or express your objection, you may do so by sending an email to privacidad@aviasolucioneshoteleras.com


  • Like other websites, AVIANET uses certain technologies, such as cookies and device fingerprinting, that allow us to make your visit to our site easier and more efficient, providing you with personalized service and recognizing you when you return to our site. For the purposes of this Privacy Notice, "cookies" will be defined as text files that a website transfers to the hard drive of users' computers in order to store certain records and preferences.


  • Websites may allow third-party advertising or features that send "cookies" to the owners' computers.


    • Cookies are associated only with an anonymous user and their computer, and do not, by themselves, provide the user's name and surname. In many cases, you can browse any of AVIANET's websites anonymously. When you access any AVIANET website, your IP address (your computer's internet address) is recorded to give us an idea of which parts of the website you visit and how long you spend in each section. We do not link your IP address to any of your personal information unless you have registered with us and logged in using your profile.


  • Therefore, in certain applications AVIANET may recognize users after they have registered for the first time, without them having to register on each visit to access areas and services or products reserved exclusively for them.


  • In other services, it will be necessary to use certain access keys, and even the use of a digital certificate, under the characteristics that are determined.


  • The cookies used cannot read cookie files created by other providers. AVIANET encrypts user identification data for greater security.


  • To use the AVIANET website, it is not necessary for the user to allow the installation of cookies sent by AVIANET, although in that case it will be necessary for the user to register in each of the services whose provision requires prior registration.


    • NATIONAL OR INTERNATIONAL TRANSFER OF PERSONAL DATA


    AVIANET may transfer data to other data controllers when authorized by the data subject, by law, or by an administrative or judicial order.


    INTERNATIONAL AND NATIONAL DATA TRANSMISSION TO PROCESSORS


    AVIANET may send or transmit data to one or more processors located within or outside the Republic of Colombia in the following cases: a) When it has authorization from the data subject and b) when, without authorization, there is a data transmission contract between the controller and the processor.


    DUTIES OF THE DATA CONTROLLER


  • Guarantee the holder, at all times, the full and effective exercise of the right of habeas data.


  • Request and keep, under the conditions provided for in this law, a copy of the respective authorization granted by the holder.


  • Properly inform the data subject about the purpose of the collection and the rights they have by virtue of the authorization granted.


  • Keep the information under the necessary security conditions to prevent its alteration, loss, consultation, use or unauthorized or fraudulent access.


  • Process inquiries and complaints made in accordance with the terms set out in this law.


  • Adopt an internal manual of policies and procedures to ensure proper compliance with this law and, in particular, to address inquiries and complaints.


  • Inform the data subject, upon request, about the use given to their data.


  • Inform the data protection authority when security code violations occur and there are risks in the management of data subjects' information.


  • Comply with the instructions and requirements issued by the Superintendency of Industry and Commerce.


    • DUTIES OF DATA PROCESSORS


  • Guarantee the holder, at all times, the full and effective exercise of the right of habeas data.


  • Keep the information under the necessary security conditions to prevent its alteration, loss, consultation, use or unauthorized or fraudulent access.


  • To promptly update, rectify or delete data in accordance with the terms of this law.


  • Update the information reported by the data controllers within five (5) business days from receipt.


  • Process inquiries and complaints made by the holders in accordance with the terms set out in this law.


  • Adopt an internal manual of policies and procedures to ensure proper compliance with this law and, in particular, to address inquiries and complaints from data subjects.


  • Refrain from circulating information that is being disputed by the owner and whose blocking has been ordered by the Superintendency of Industry and Commerce.


  • Allow access to information only to people who are authorized to access it.


  • Report to the Superintendency of Industry and Commerce when violations of security codes occur and there are risks in the management of the information of the holders.


  • Comply with the instructions and requirements issued by the Superintendency of Industry and Commerce.


    • REQUESTS, COMPLAINTS AND CLAIMS


    For the purpose of receiving requests, complaints, and inquiries related to the handling and processing of personal data, AVIANET has designated the email address privacidad@aviasolucioneshoteleras.com to receive, review, and respond to them. Therefore, you may send your requests to this address, and they will be processed in accordance with Law 1581.


    Inquiries: Data subjects or their successors may inquire about the data subject's personal information held in our database. AVIANET will provide them with all the information contained in the individual record or linked to the data subject's identification. Inquiries will be addressed within a maximum of ten (10) business days from the date of receipt. If it is not possible to address the inquiry within this timeframe, the interested party will be informed, and the date on which their inquiry will be addressed will be indicated, which in no case may exceed five (5) business days following the expiration of the initial timeframe.


    Claims: The owner or their successors who consider that the information contained in a database should be corrected, updated or deleted, or when they notice the alleged breach of any of the duties contained in the law, may file a claim with AVIANET, which will be processed under the following rules:


  • Claims must be submitted in writing to AVIANET, including the claimant's identification, a description of the events giving rise to the claim, the claimant's address, and any supporting documents. If the claim is incomplete, AVIANET will request the missing information from the claimant within five (5) days of receiving the claim. If the claimant fails to provide the required information within two (2) months of the request, the claim will be considered withdrawn.


  • Once the complete claim is received, a note stating “claim in process” and the reason for the claim will be added to the database within no more than two (2) business days. This note must remain until the claim is resolved.


  • The maximum time to address the claim will be fifteen (15) business days, starting from the day after the date of receipt. If it is not possible to address the claim within this period, the interested party will be informed and the date on which their claim will be addressed will be indicated, which in no case may exceed eight (8) business days following the expiration of the first period.


  • In any case, the holder or successor may only file a complaint with the Superintendency of Industry and Commerce once the consultation or claim process with AVIANET has been exhausted.


  • The area responsible for receiving and processing complaints is the Information Security Management.


  • The request for deletion of information and revocation of authorization will not be granted when the holder has a legal or contractual duty to remain in the database.


    • DATA OF THE DATA CONTROLLER


    Company name: Operadora de Hoteles Avia SAS


    Address: Andino Business Center, Carrera 11 # 82-01 Floor 4, Bogotá DC - Colombia


    Email: privacidad@aviasolucioneshoteleras.com


    Telephone: ( 57 1) 3817111


    Website: www.aviasolucioneshoteleras.com


    QUESTIONS OR SUGGESTIONS


    If you have any questions or concerns about the collection, processing, or transfer of your personal information, or if you believe that the information contained in a database should be corrected, updated, or deleted, please send us a message to the following email address: privacidad@aviasolucioneshoteleras.com.


    For more information about AVIANET, including its identity, address, and contact methods, please visit www.aviasolucioneshoteleras.com. This website contains the terms and conditions applicable to the published services and products, which can be consulted at any time for further information.


    VALIDITY


    AVIANET reserves the right to modify this policy to adapt it to new legislation or case law, as well as to best practices in the tourism sector and other sectors of the economy that are part of the business group. In such cases, AVIANET will announce the changes on this page a reasonable time before they take effect.

  • Check-in policy

    What is the minimum age to check in at the Hotel?


    The minimum age to register is 18 years old.


    Minors must be accompanied by their parents, and if they come with an adult other than themselves, they must present an authorization signed by their parents and authenticated by a competent authority.


    All our guests must present their identification document; it is mandatory.


    Children: Birth certificate or identity card or passport in the case of a foreigner.


    Adults: Colombian citizenship card, foreign identity card or passport as applicable.


    Zapadilly Tree Hotel guarantees compliance with Law 1336 (Commercial Sexual Exploitation of Children), which expressly prohibits sexual exploitation and violence. It also complies with Law 17 of 1981, Article 1, which prohibits the trade of endangered species of wild fauna and flora.

  • Child protection policy

    The exploitation and sexual abuse of minors are punishable by imprisonment, Law 679 of 2001 and Law 1336 of 2009.

  • WARRANTY REGULATIONS

    A deposit of 100% of the total stay amount, including VAT, is required at the time of booking. Please refer to the rate rules, as exceptions may apply.

  • CANCELLATION POLICY

    All reservations can be cancelled up to 7 days before arrival; after 7 days a charge equal to 100% of the total stay will be applied.

  • ADDITIONAL REGULATIONS

    Pricing policy: Rates are dynamic and subject to availability. Prices may change based on date, occupancy, and demand and are only guaranteed upon booking completion.