In accordance with the provision of The Federal Law on the Protection of Personal Data in Possession of Private Parties, its Regulations and other current legislation, we make available to users the following Privacy Notice.

Party Responsible for data processing

The controller of the personal data that you provide is CHECK IN S.A. DE C.V., hereinafter “THE COMPANY”, a commercial company duly incorporated under the laws of the United Mexican States, located at Norte 25ª #40, colonia Nueva Vallejo, Alcaldía Gustavo A. Madero, C.P. 07750, Mexico City.

THE COMPANY provides its services through an electronic platform called Check In Now, whose web address is: https://checkin.agency/, which allows its users to visualize and search for lodging rental services. In this document the term ‘User’ or “you” shall refer to the natural person, over eighteen (18) years of age, with full legal capacity that accesses, navigates or uses the aforementioned electronic platform with the purpose of obtaining temporary lodging, for own use or for third parties, in which case, the user must inform the latter that personal information has been provided, as well as the treatment and acceptance that will be given to such personal data in accordance with this Privacy Notice.

THE COMPANY has all the rights over the content that composes the electronic platform and its trademark ‘Check In Now”. THE COMPANY will be exclusively in charge of obtaining, disclosing, using, processing, storing, transferring and transmitting the Personal Data and other information of the User in accordance with this Privacy Notice, the Terms and Conditions and the applicable laws in the Mexican territory.

Personal Data processed by THE COMPANY

THE COMPANY as part of the registration process on the platform will treat the following categories of personal data:

  1. Identity
  2. Contact
  3. Authentication 
  4. Financial information

Within the categories listed above, the data listed below is processed:

  1. Personal information.
  1. Name
  2. Date of birth
  3. Addresses 
  4. Location
  5. Photograph 
  1. Contact Information. 
  1. Mobile phone number. 
  2. E-mail addresses. 
  3. Calls
  4. Review comments.
  1. Authentication:
  1. Mobile phone number
  2. E-mail addresses. 
  3. Data as a user of social networks. 
  4. Passwords determined by the user. 
  1. Financial information.
  1. Bank account details. 
  2. Financial identification data such as credit or debit cards numbers. 

In this regard, THE COMPANY undertakes that the aforementioned data will be treated under strict security measures, guaranteeing its confidentiality. 

The Information and Personal Data necessary for the provision of services by THE COMPANY will be required to the user on a mandatory basis. Optional information not required may be provided by the user at its sole discretion.

THE COMPANY will collect such information in accordance with applicable laws and regulations regarding the protection of Personal Data to ensure the personal safety and property of the user. 

If the information considered necessary is not provided, the User will not be able to have full access to the services offered in the electronic platforms of THE COMPANY. 

THE COMPANY will process personal identification, contact and authentication data disclosed by the User, with respect to third parties, with the sole purpose of complying with this Privacy Notice. Thus, by providing the necessary personal data related to any third party, the User acknowledges granting the third party(ies) consent for THE COMPANY to treat their personal data in terms of this Notice.

Primary purposes 

THE COMPANY will treat your Personal Data for the following primary purposes, which are necessary to comply with the obligations arising from our legal relationship with the following purposes:

  1. To help the user to find the ideal accommodation. 
  2. To provide the user with personalized and relevant lodging searches.
  3. To assist the user with the reservation of any lodging. 
  4. For the provision, evaluation, improvement, administration, procurement and granting of all services offered by THE COMPANY (including the approach, design and development of new services), as well as to perform all activities that are necessary for the development of the activities that the User requires from THE COMPANY.
  5. To send information on matters related to the services provided to the User.
  6. To create a User profile and assign an account within our platform.
  7. To carry out billing and, in extraordinary cases, collection and payment processes.
  8. For the application of surveys and evaluations related to the quality of the services and places where the User has stayed, as well as all those related to their level of satisfaction.
  9. To attend, register and follow up on the reports and/or support requests made in connection with the use of the platform and other technological infrastructure that THE COMPANY makes available.
  10. To design, develop and promote new products and services based on the statistics created on the User’s personal information.
  11. To comply with all the obligations set forth in the applicable regulations.

The User cannot oppose to THE COMPANY to cease the processing of Personal Data for the primary and necessary purposes mentioned above, since this is inexcusable to comply with the obligations arising from the relationship that exists with THE COMPANY.

Secondary purposes

In addition, THE COMPANY will use the user’s Personal Data for the following secondary purposes that, although not necessary to provide the service requested, will allow and facilitate THE COMPANY to provide a better service:

  1. Sending promotional information about discounts, products and services. 
  2. Requesting your consent to use your personal image (photo or video) to create advertising material.
  3. Sending advertising, communications and news for marketing, telemarketing or financial campaigns.

In case the user does not want his personal data to be processed for any, some or all of the secondary purposes that have been duly specified, the user must communicate the above to contact@checkin.agency, indicating as subject “NO CONSENT TO USE PERSONAL DATA FOR SECONDARY PURPOSES”, indicating in the body of the email the following information:

  1. Full name
  2. Date on which personal information was provided to THE COMPANY.
  3. Revocation of the User’s consent to use your personal information and data for not necessary purposes related to the services provided by THE COMPANY.
  4. Any other element or document that facilitates the location of your Personal Data.

The refusal to use Personal Data for additional purposes, in no case will be considered as a sufficient reason to deny the provision of the requested services or to terminate the relationship established with THE COMPANY.

Further Provisions

Location

THE COMPANY will collect information about the user’s location whenever any of its platforms is running in the foreground (application open and visible on screen) or in the background (application open, but not visible on screen), as well as, in the case of computer equipment, when the user enters the electronic platform on which THE COMPANY provides its services. THE COMPANY will obtain the location of the user through the IP address, the GPS of the device or any other sensor that provides relevant information (such as nearby devices, access points to Wi-Fi networks, base station information, among others). This information will be used so that THE COMPANY can provide its services in a better way, as well as to inform in real time the status of the service that is provided to the user.

Call monitoring

THE COMPANY may record and store the content of the calls and messages that the user makes or sends through THE COMPANY’s electronic platform, or through the telephones that THE COMPANY makes available to the user, including, but not limited to, the duration of the call and the mobile phone number of the parties in communication and the identification of the user, in order to verify the existence of booking and to address complaints, in case of disputes or differences with the User, as well as to evaluate and resolve issues of quality of service and level of satisfaction.

In certain cases, COMPANY personnel may request authentication of the user making the call. 

THE COMPANY will keep the recording of the call for a certain period of time.

If the user refuses to allow THE COMPANY to collect such information, such refusal may result in the customer service team not being able to resolve disputes or differences in the provision of services, however, this situation will not affect the use of the commercial functions offered by THE COMPANY in favour of the user.

Customer reviews

Users can submit a review about their experience using our platform. Information provided will be kept by THE COMPANY in order to improve our services and assess the user’s satisfaction. 

Payments

Payments are made into our website https://checkin.agency/, through a payment gateway system provided by a third-party provider called “Stripe” (https://stripe.com). (https://stripe.com) to process payments, handle chargebacks or provide billing collection services. Payments might be made either by users providing information such as name, bank account, credit/debit card number, CVV/CVC code or by our sales agents, in which case users will provide necessary information to made the payment, including name, bank account, credit/debit card number and CVV/CVC code. In this case, neither the agent, nor the COMPANY, will store, manage, keep, or share, the financial information provided by the User.

In both cases, the payment system provider (Stripe) will be the one to store and manage such data under its terms and conditions, as well as in accordance with its privacy policies.

THE COMPANY will be able to access the account provided by “Stripe” in which it will only be able to consult the following financial information of the client:

  1. Name of the account holder. 
  2. Account holder’s address. 
  3. E-mail provided to make the payment. 
  4. The amount of the payment. 
  5. Last four digits of the credit/debit card.
  6. Expiration date of the bank card used to make the payment.  
  7. Type of card used (credit/debit).
  8. Bank’s name. 
  9. Account holder’s zip code. 
  10. The place of origin of the transaction. 

THE COMPANY will not have access to sensitive financial data such as the complete number of the card through which the payment was made, nor its security code (CVC), since it is “Stripe” who stores such data, so these are restricted for consultation by THE COMPANY.

Data Analysis

In order to improve THE COMPANY’s services, data may be collected about the user’s access to the platform, including the content of their searches, their IP address, their device information (including their model, device identification code, operating system and telecommunications operator), purchases made, tourism preferences, financial capacity and location, thus providing a more personalized and convenient service for the user. 

This information will allow THE COMPANY to create marketing, advertising, promotions, commercial prospecting and referral processes for the development and offering of new products and services according to the user’s profile.

THE COMPANY will use the browser storage mechanism and data cache to collect and compile information from the User’s device. 

Use of Cookies

THE COMPANY uses various technologies to improve the efficiency of the platform through which it provides its services to the User, including their experience when browsing the website. Cookies are small text files that are stored in the browser used, and through which the server accrues certain information that can be used later. This information allows THE COMPANY to identify the User and save personal preferences to provide a better browsing experience.

Personal Data that can be collected through cookies include identifiers, username and session password, User’s location, type of browser, operative system, date and time of the start and end of a session; web pages visited; searches performed, and advertisements reviewed.

The User can disable, deactivate or adjust the use of cookies and other technologies by following the procedures of the browser used.

Permissions on electronic devices 

THE COMPANY may request certain permissions on the user’s device. Users will be deemed to grant internet access permissions on the device when accessing or using THE COMPANY’s platforms.

The user may decide on the cancellation of all or some of the permissions on the device to prevent THE COMPANY from collecting the corresponding Personal Data. 

Storage of Personal Data 

THE COMPANY will retain the User’s Personal Data uninterruptedly for as long as the User uses its services.

If the User wishes to delete Personal Data, the User may follow the procedure indicated in the section on “ARCO Rights and/or revocation of consent”.

Transfer of information

In order to fulfil the necessary purposes described above or others legally required by the competent authorities, THE COMPANY will transfer the necessary Personal Data to the following organizations and for the following purposes:

Third party recipients.

Purpose

Consent

Natural or legal person that has signed a contract or any other legal instrument to provide services to THE COMPANY. 

To manage and support THE COMPANY to provide the services offered. To provide data processing services for us, such as: hosting and storage providers, customer service providers, communications providers These providers are under contractual obligations to not share your personal data with anyone else and to not use your data for any other purpose.

NOT NECESSARY.

Authorities 

When legally required. 

NOT NECESSARY. 

Subsidiaries of THE COMPANY corporate group, and other affiliates of THE COMPANY. 

To provide the services we offer. 

NOT NECESSARY. 

Natural or legal person that has signed a contract or any other legal instrument to provide services to THE COMPANY. 

To provide analytics, advertising, and marketing services.

NECESSARY

Financial institutions and banks. 

To provide security, fraud prevention, credit card and payment, services. 

NOT NECESSARY. 

In those cases, in which consent is necessary, if the User does not want THE COMPANY to transfer Personal Data, the User should send an e-mail to the address contact@checkin.agency, indicating as subject “NO AUTHORIZATION FOR DATA TRANSFER”, indicating in the body of the e-mail:

  1. Full name
  2. Date on which personal information was provided to THE COMPANY.
  3. Revocation of your consent to transfer personal information 

THE COMPANY will not provide the User’s Personal Data to any third party not covered by this Privacy Notice. THE COMPANY will enter into confidentiality agreements with the third parties with which it shares the User’s Personal Data, seeking to obtain sufficient guarantees for its protection.

 

ARCO rights and/or revocation of consent.

The User has the right to know what personal information we collect, what we use it for and the conditions of the use we make of it (Access). Likewise, it is the User’s right to request the correction of personal information in case it is outdated, inaccurate or incomplete (Rectification); that we remove it from our records or databases when the User considers that it is not being used properly (Cancellation); as well as to oppose the use of the User’s personal data for specific purposes (Opposition). These rights are known as ARCO rights.

To exercise any of the ARCO rights, the User must submit the respective request via email to contact@checkin.agency, indicating as subject “EXERCISE OF ARCO RIGHTS”, and including in the body of the email:

  1. Full name.
  2. Relationship with THE COMPANY. 
  3. Date on which personal data was provided. 
  4. The reasons to access to your personal data, or the reasons why the User’s data should be updated, rectified or cancelled
  5. Any other element or document that facilitates the location of your personal data. 
  6. A copy of the User’s valid official identification must be attached.
  7. In case the user acts through its legal representative, the official identification of the representative and the represented party must be attached, as well as the document with which the representation is accredited.

Upon receipt, THE COMPANY’s response will follow the guidelines below:

  1. We will process the requests of the users for the exercise of their rights in a term no longer than 30 (thirty) business days from the date of receipt. 
  2. THE COMPANY will be able to extend this term up to 30 (thirty) more working days, as applicable, and upon previous notification. 
  3. In the event that the User’s request is granted, it will be effective within 20 (twenty) business days following our response.
  4. The User may obtain the information or personal data requested through electronic documents, in conventional formats, or through any other legitimate means that guarantees and accredits the effective exercise of the right requested.

Amendments to this Privacy Notice

THE COMPANY reserves the right, under its sole discretion, to change, modify, add or delete portions of this Privacy Notice at any time. 

As a result of legislative developments, internal policies or new requirements for the provision or offering of our services, this Privacy Notice will be subject to modifications or updates. In such a case, THE COMPANY will publish such modifications in its platforms and will indicate the date of the last version of the notice, therefore we recommend the User to periodically review this page in order to be informed if there are any changes to the present.

Last update: August 2021.