InContext DMC, the commercial brand of Paideia, Destinos y Cultura S.A.S., recognizes the importance of protecting the privacy of its users, clients, suppliers, partners, and visitors. This Privacy and Personal Data Processing Policy establishes the conditions under which the company collects, uses, stores, manages, protects, and processes personal information provided through its website and other communication channels, in accordance with applicable legislation.

1. Technical Information and Website Usage

For security, administration, operational, and statistical analysis purposes, InContext DMC may collect technical information related to users’ browsing activities, including IP addresses, browser type, operating system, device used, pages visited, browsing duration, and other data associated with the use of the website.

This information will be used to optimize platform performance, improve the browsing experience, strengthen security measures, and conduct internal analyses regarding the use of digital services.

2. Use of Cookies

The InContext DMC website may use cookies and similar technologies to facilitate navigation, remember user preferences, improve platform performance, and analyze usage patterns.

Users may configure their browsers to reject or delete cookies. However, certain website functionalities may be limited or affected as a result of such settings.

3. Transfer and Disclosure of Information to Third Parties

When a user requests, books, or purchases travel services through InContext DMC, the company may provide the information strictly necessary to suppliers involved in delivering such services, including but not limited to:

• Hotels and accommodations
• Airlines
• Tour operators
• Transportation companies
• Specialized guides
• Restaurants
• Providers of tourism activities and experiences

InContext DMC may also transmit information to technology providers, developers, consultants, payment platforms, and other third parties that support the operation, maintenance, administration, or marketing of its services.

Any third party with access to personal information will be subject to confidentiality and data protection obligations in accordance with applicable legislation.

InContext DMC does not commercialize, sell, or transfer personal databases to third parties for commercial purposes.

Personal information may also be disclosed when required by law, by a competent authority, or when necessary to protect the rights, interests, property, or safety of the company, its users, or third parties.

4. Commercial Communications and Opt-Out Rights

InContext DMC may send communications related to its services, experiences, content, news, events, promotions, or institutional activities.

Users may request the suspension of commercial communications at any time through the mechanisms provided for that purpose or via the company’s official contact channels.

5. Data Storage and International Transfers

For security reasons and depending on the payment platforms used, InContext DMC may refrain from storing complete information related to credit cards or other payment methods.

Personal information may be stored on servers owned by InContext DMC or by third parties located in Colombia or other countries, always under reasonable standards of security, confidentiality, and data protection.

Likewise, InContext DMC may create backup copies and implement information recovery processes to ensure business continuity.

6. Links to Third-Party Websites

The website may contain links to websites managed by third parties.

InContext DMC does not control the content, privacy practices, or data processing policies implemented by such websites and therefore recommends that users review the applicable policies before providing any personal information.

7. Information Published in Public Areas

When a user publishes information in publicly accessible areas available through InContext DMC’s digital platforms, such as comments, testimonials, galleries, or forums, such information may be visible to other users.

Accordingly, users should exercise caution when disclosing personal information in public spaces.

8. Security Measures

InContext DMC implements reasonable technical, administrative, and organizational measures designed to protect personal information against loss, misuse, unauthorized access, alteration, disclosure, or destruction.

However, due to the nature of the Internet and technological systems, absolute levels of security cannot be guaranteed. Although the company adopts appropriate practices to protect information, it cannot guarantee the complete absence of risks associated with the digital environment.

9. Rights of Personal Data Subjects

In accordance with applicable legislation, personal data subjects have the right to:

• Know, update, and correct their personal data.
• Request proof of authorization granted for the processing of their data, when applicable.
• Be informed about how their personal information is being used.
• Submit inquiries or complaints regarding the processing of their data.
• Request the deletion of their data when appropriate.
• Revoke authorization granted for the processing of personal information in cases provided by law.

10. User Registration and Access Credentials

To access certain functionalities or services, users may create an account by providing registration information and creating access credentials.

The safekeeping and confidentiality of the username and password shall be the sole responsibility of the account holder. Any activity conducted through a registered account shall be deemed to have been carried out by the account holder.

In the event of loss, unauthorized use, or suspected compromise of access credentials, the user must immediately change their password and notify InContext DMC through the designated contact channels.

11. Information Collected During Registration

When registering on the website, requesting information, or purchasing services, users may provide personal data such as full name, identification document, address, telephone number, email address, and any other information necessary for the proper provision of the company’s services.

The information collected may be used for the following purposes:

• Managing requests, reservations, and travel services.
• Providing customer service and operational support.
• Facilitating communications related to booked travel and experiences.
• Improving the products, services, and content offered by the company.
• Conducting statistical analyses and market research.
• Informing users about news, promotions, events, publications, and services that may be of interest.
• Complying with legal, contractual, and regulatory obligations.

12. Additional User Profile Information

Users may voluntarily provide additional information regarding travel preferences, loyalty programs, special requirements, billing information, or other relevant details for organizing travel experiences.

This information enables InContext DMC to provide a more personalized, efficient service tailored to each user’s needs and interests.

13. Surveys and Satisfaction Studies

InContext DMC may periodically conduct satisfaction surveys, opinion studies, or market research to evaluate and improve the quality of its services, experiences, content, and customer service processes.

Participation in such surveys is voluntary.

14. Contact

Questions, requests, complaints, claims, or concerns related to this Privacy Policy or the processing of personal data may be directed to InContext DMC through the contact channels published on its official website.

15. Policy Updates

InContext DMC reserves the right to modify, update, or supplement this Privacy Policy at any time.

Any modification will be published on the official website and shall become effective as of the date of publication. Users are encouraged to review this policy periodically to remain informed about the processing of their personal information.

16. Acceptance

Accessing, browsing, or using the InContext DMC website implies knowledge and acceptance of the terms established in this Privacy and Personal Data Processing Policy.

By providing personal information to the company, users authorize its processing in accordance with the purposes described in this document and with applicable legislation in force.