Privacy Policy

Dune Hotel Tulum is comprised of a family of companies (collectively referred to as “Dune”, “we”, “our” or “us”), including Dune Hitel tulum, which owns the dunehoteltulum.com site (the “Site”).


1. IDENTIFICATION

Dune Hotel Tulum is registered at Carretera Tulum-Boca Paila, Tulum, México.

2. INFORMATION AND CONSENT

By accepting this Privacy Policy, the user is informed and provides their free, informed, specific and unambiguous consent for the personal data they provide on the Site to be processed by Dune, with their browsing data and any other data they provide to Dune in the future.
The user must read this Privacy Policy carefully, which has been written clearly and simply, to improve understanding, to freely and voluntarily decide whether they wish to provide their personal data to Dune.

3. REQUIREMENTS TO PROVIDE DATA

Data requested in Site forms are generally mandatory (unless otherwise specified in the requested field) to comply with the stated purposes. Therefore, if these are not provided or not provided correctly, they may not be addressed, without affecting the free display of the Site content.

4. PURPOSE OF PROCESSING USERS’S PERSONAL DATA

The personal data provided through the Site will be processed by Dune for the following purposes:

  1. Data provided for making reservations, both through the Site and the contact center (call center, email, or chat) for individual, group and room bookings:
    • Managing booking requests made by users.
    • Sending the confirmation or documentation for the booking made.
    • If consent has been given, sending commercial communications on behalf of Dune.
    • Analyzing the use of the Site and checking user preferences and behavior.
  2. Data provided to register as a user with Dune:
    • Managing your request to register or deregister within the category chosen by the user.
    • Checking that the user meets the requirements for registering within the selected category, whenever Dune deems it appropriate.
    • Handling and responding to potential requests for information by the user.
    • Searching for promotions that fit the needs selected by the user.
    • Sending customized commercial communications on behalf of Dune.
    • Analyzing the use of the Site and checking user preferences and behavior.
  3. Data provided for changing or cancelling reservations:
    • Managing the requests to change or cancel your reservation made to Dune.
    • Responding to requests made to Dune.
    • Analyzing the use of the Site and checking user preferences and behavior.
  4. Data provided for sending out newsletters:
    • Managing subscription and/or unsubscription to the Newsletter, made through the channel provided on the Dune Site.
  5. Data provided on corporate contact forms and website:
    • Managing contact and information requests by the user through the channels provided for this on the Dune Sites.
    • Managing the request made.
    • Analyzing the use of the Site and checking user preferences and behavior.
5. USER DATA TO BE PROCESSED
  1. Data provided for making reservations, both through the Site and the contact center (call center, email, or chat) for individual, group and room bookings:
    • Identifying data: first name, last name, nationality.
    • Contact details: email address, telephone number, country of residence.
    • Transactional data for goods and services with Dune you purchased or in which you show interest.
    • Stay preferences.
    • Economic, financial and insurance data.
    • Other data provided by the data subjects in open fields or during calls.
    • Browsing data.
  2. Data provided to register as a user with Dune:
    • Identifying data: first name, last name, address, nationality.
    • Contact details: email address, telephone number, country of residence.
    • Identification codes and keys for the user and/or member.
  3. Data provided for changing or cancelling reservations:
    • Identifying data: first name, last name, nationality.
    • Contact details: email address, telephone number, country of residence.
    • Transactional data for goods and services.
    • Economic, financial and insurance data.
    • Other data provided by the data subjects in open fields on forms available on the Site or in the attached documents.
    • Browsing data.
  4. Data provided for sending out newsletters:
    • Identifying data: first name, last name.
    • Contact details: country of residence, email address.
    • Data on personal characteristics: language.
  5. Data provided on corporate contact forms and website:
    • Identifying data: first name, last name.
    • Contact details: email address, telephone number, country of residence.
    • Transactional data for goods and services.
    • Other data provided by the data subjects in open fields on forms available on the Site or in the attached documents.
    • Browsing data.

If the user provides data on third parties, they declare that they have their consent and commit to providing them with the information in the Privacy Policy, thereby exempting Dune of any liability in this regard. However, Dune may make periodic checks to confirm this, using appropriate due diligence, in accordance with data protection regulations.

6. JUSTIFICATION FOR PROCESSING USERS’ DATA

The justification for processing your personal data will be as follows:

  1. Data provided for making reservations, both through the Site and the contact center (call center, email, or chat) for individual, group and room bookings:
    • The performance of the contract between the parties, and for analyzing the use of the Site, the legitimate interest of Dune.
  2. Data provided to register as a user with Dune:
    • The consent requested and, in verification, user’s compliance with terms and conditions, and for analyzing the use of the Site, the legitimate interest of Dune. However, if you withdraw your consent, this will not affect the legality of prior processing.
  3. Data provided for changing or cancelling reservations:
    • The performance of the contract between the parties, and for analyzing the use of the Site, the legitimate interest of Dune.
  4. Data provided for sending out newsletters:
    • The consent provided by the user.
  5. Data provided on corporate contact forms and website:
    • The performance of the contract between the parties, and for analyzing the use of the Site, the legitimate interest of Dune.

Consents obtained for the aforementioned purposes are separate and the user may revoke only one without affecting the others. To revoke this consent, the user may contact Dune by email

7. SHARING OF USER DATA

User data may be disclosed to:

  1. Data provided for making reservations, both through the Site and the contact center (call center, email, or chat) for individual, group and room bookings:
    • Companies belonging to or affiliated with Dune, which require access to your data for correct provisioning of the chosen services. Likewise, your data will be communicated to any entities that owns the hotels, so these entities will know the conditions of your stay (price, dates, services included, etc.). Some of these entities may be located outside México, including in countries that do not offer a level of protection comparable to the level in México. The sole purpose of this communication will be to be able to provide the services to you correctly.
  2. Data provided to register as a user with Dune:
    • Companies within the group to which Dune belongs, solely for internal administrative purposes and/or for the purposes indicated above.
  3. Data provided for changing or cancelling reservations:
    • Companies belonging to or affiliated with Dune, which require access to your data for correct provisioning of the chosen services. Likewise, your data will be communicated to any entities that owns the hotels, so these entities will know the conditions of your stay (price, dates, services included, etc.). Some of these entities may be located outside México, including in countries that do not offer a level of protection comparable to the level in México. The sole purpose of this communication will be to be able to provide the services to you correctly.
  4. Data provided for sending out newsletters will not be disclosed to third party companies.
  5. Data provided on corporate contact forms and website:
    • Companies within the group to which Dune belongs, solely for internal administrative purposes and/or for the purposes indicated above.

In addition, data may be accessed by Dune suppliers, when this is required for proper compliance with legal obligations and/or for the purposes indicated above. These providers will not process your data for purposes not previously advised by Dune.

8. DATA STORAGE

Your data will be stored for the following periods:

  1. Data provided for making reservations, both through the Site and the contact center (call center, email, or chat) for individual, group and room bookings:
    • Will be stored throughout the contractual relationship, and after termination of the same, for the limitation period for legal actions that could result from it.
  2. Data provided to register as a user with Dune:
    • For as long as the user does not withdraw the consent provided. However, if you withdraw your consent, this will not affect the legality of prior processing.
  3. Data provided for changing or cancelling reservations:
    • Will be stored throughout the contractual relationship, and after termination of the same, for the limitation period for legal actions that could result from it.
  4. Data provided for sending out newsletters:
    • Will be stored for as long as the user does not withdraw the consent provided for this.
  5. Data provided on corporate contact forms and website:
    • Will be stored for the period required to process and answer your request and, when this is complete, for the limitation period for legal actions that could result from it.
9. USER LIABILITY

The user guarantees that they are above eighteen (18) years of age and that the data provided to Dune are true, precise, complete, and current. For these purposes, the user is liable for the veracity of all the data disclosed and must keep the information provided properly up to date, to reflect their actual situation.

They guarantee that they have informed the third parties whose data they have provided, if they have done so, of the points covered in this document. In addition, they guarantee that their authorization has been obtained to provide their data to Dune for the indicated purposes.

They will be liable for any false or inaccurate information they provide on the Site and for direct or indirect damage caused to Dune or to third parties.

10. EXERCISE OF RIGHTS

Users may write to Dune, at the address noted at the top of this Policy, or by email to dataprotection@ourDune.com, including a copy of their identity document, at any time and free of charge to:

  • Revoke consent already granted.
  • Receive confirmation on whether or not Dune is processing personal data belonging to the user.
  • Access your personal data.
  • Correct inaccurate or incomplete data.
  • Request the deletion of your personal data when, for any reason, the data is no longer necessary for the purposes for which it was obtained.
  • Request that Dune restrict data processing when any of the conditions in the data protection regulations are met.
  • Request the portability of the data provided by the user in cases envisaged in the regulations.
  • Contact the DPO of Dune at the following address: dataprotection@ourDune.com Lodge a complaint relating to protection of your personal data when the data subject believes that Dune has infringed the rights recognized by applicable data protection regulations.
11. SECURITY MEASURES

Dune will process user data confidentially at all times, under the duty of secrecy of the same, in accordance with applicable regulations, taking necessary technical and organizational measures to guarantee the security of your data and will prevent unauthorized changes, loss, processing or access, in view of the state of technology,the nature of the data stored and risks to which they are exposed.

Scroll to Top