Curios is a platform that works as an intermediary between the User and the hosts (hereinafter, the “Hosts”), the latter are natural persons who make available to the User various destinations and experiences.
Curios ensures the maximum reserve and protection of those personal data that the Users, in order to make use of our services, provide us.
3. Objective and purpose
Curios is aware of the high importance of the privacy of our Users and all those who are interested in the services offered.
Nonpublic personal information does not include information that is available through publicly accessible sources. This includes electronic, optical and other technological means of communication designed to provide information to the public and open to general consultation, telephone directories, newspapers and magazines, social media, professional lists, anonymized case law directories, the Public Registries administered by the National Superintendence of Public Registries as well as any other registry or data bank qualified as public according to law, the entities of the Public Administration in relation to the information that must be delivered in application of Law No. 27806, Law of Transparency and Access to Public Information.
4. Legislation (applicable to the Republic of Peru)
According to Law No. 29733 – Ley de Protección de Datos Personales (hereinafter, the “Law”) and its Regulations, approved by Supreme Decree No. 003-2013-JUS, personal data is understood as any information about a natural person that identifies or makes him/her identifiable through means that can be reasonably used.
On the other hand, personal data processing is understood as any operation or technical procedure, automated or not, that allows the collection, recording, organization, storage, preservation, storage, processing, modification, extraction, consultation, use, blocking, deletion, communication by transfer or dissemination or any other form of processing that facilitates access, correlation or interconnection of personal data.
Curios develops its personal data processing policy in accordance with the guiding principles set forth in the Law mentioned below:
- Legality principle: the collection of our Users’ personal data by fraudulent, unfair or unlawful means is rejected.
- Principle of consent: in the processing of our Users’ personal data, their consent is required.
- Principle of purpose: The personal data of our Users will be collected for a specific, explicit and lawful purpose, and will not be extended to another purpose that has not been unequivocally established as such at the time of collection.
- Principle of proportionality: all processing of personal data of our Users will be adequate, relevant and not excessive to the purpose for which they were collected.
- Quality principle: Personal data shall be truthful, accurate and, as far as possible, updated, necessary, relevant and adequate with respect to the purpose for which they were collected.
- Security principle: they will be kept in a way that ensures their security and only for the time necessary to fulfill the purpose of the processing.
Curios and, where appropriate, the data processors have the appropriate security measures in accordance with the processing to be carried out, in addition to the adoption of technical, organizational and legal measures necessary to ensure confidentiality of personal data.
5. Information about personal data
The Client is informed and freely and voluntarily authorizes Curios to collect, store, retain, access, use, delete or update their personal data to perform the activities described in paragraph 2 of this document. In that sense, the personal data to which Curios has access as a result of the services it provides or by filling out different forms, will be incorporated into the corresponding “Personal Data Bank”, forming the organized set of personal data of Users, created by Curios and registered in the National Registry of Personal Data Protection. Likewise, the Client accepts that its personal data may be transferred to third parties, which are detailed below:
|Identification number (RUC/Other)
|EIN N° 26-2368289
|United States of America
|4600 East Washington Street
Phoenix, AZ 85034
Société par actions simplifiée
|Commercial Registry of Paris N° 498 019 298
|7 rue de Madrid, 75008 Paris.
The personal data provided by Users will be treated with complete confidentiality and may only be known and handled by Curios staff as well as by the companies listed in the table above that need to know such information in order to provide the services offered in an appropriate manner. Curios undertakes to maintain professional secrecy with respect to this information and guarantees the duty to safeguard it by adopting all necessary security measures. Authorization will not be required when the personal data is necessary for the execution of a contractual relationship to which the owner of the personal data is a party.
If the registered data should prove to be inaccurate, in whole or in part, or incomplete, Curios may update and/or replace them with the corresponding rectified or completed data.
The personal data requested from Users are basic contact data and are adequate, relevant and not excessive in relation to the purpose for which they are collected: (i) first and last names, (ii) identification document (DNI/CE/Passport), (iii) address/location, (iv) cell phone number, and (v) e-mail address.
6. Purpose of personal data processing
Curios collects the Customer data listed in the immediately preceding paragraph for the following purposes:
- To carry out commercial transactions and to ensure the performance of an adequate intermediary service by Curios on behalf of Users.
- Curios also collects personal data from its Users in order to send them advertising. In this regard, Customer agrees that Curios may provide you with advertisements and messages in the following ways: (i) within the Platform, or (ii) sent to the contact information you provided to Curios (e.g., email, cell phone number, physical address). You also agree to keep your contact information up to date.
- To distribute access to the Website across multiple devices and provide faster loading times.
- To ensure the proper functioning of the platform and to protect the security of the system.
7. Complaints book
The Customer expressly authorizes Curios that when using the Complaints book, their data will be processed in order to meet the needs of such procedure, as well as to, once the procedure of care of the claim is completed, to meet the needs arising from any process or judicial, administrative or arbitration proceedings that may arise in the future or arise in connection with the claim that the Customer has filed, to meet any audit of the competent authority in the field of processing of personal data.
The data collected through the complaints book will be stored in the database “Libro de Reclamaciones” owned by Curios.
8. Security of personal data
In compliance with current regulations, the Information Security Directive was approved by Directorial Resolution No. 019-2013-JUS/DGPDP of the Autoridad Nacional de Protección de Datos Personales, Curios has adopted the technical and organizational security and confidentiality measures appropriate to the category of personal data, necessary to maintain the required level of security, in order to avoid as far as possible the alteration, loss or unauthorized access or processing that may affect the integrity, confidentiality and availability of information.
However, the transmission of information via communication networks and the Internet is not completely secure; therefore, although Curios will make its best efforts to protect personal data, it cannot guarantee the security of such data during transit to the Platform. All information provided by Internet Users via the Internet is sent at their own risk.
9. Exercise of Access, Rectification, Cancellation and Opposition Rights (ARCO)
Users who have provided Curios with personal data may contact Curios in order to exercise their rights of information, access, updating, inclusion, rectification and deletion, to prevent the provision of their personal data, to oppose the processing or objective processing of the data, in the terms set forth in the legislation in force. These rights may only be exercised by the owner of the personal data or his proxy, in accordance with the law.
In order to exercise these rights, Users should contact the following e-mail address firstname.lastname@example.org with the reference “Personal Data Protection”, specifying their data, proving their identity and the reasons for their request. The person signing the request must attach a simple copy of the documents proving the identity of the holder (National Identity Card or equivalent document) or, if applicable, that of the attorney-in-fact, as well as a simple copy of the power of attorney granted by notary when applicable.
Likewise, Curios informs its Users of the existence of administrative channels to enforce their rights to be exercised before the Autoridad Nacional de Protección de Datos Personales or jurisdictional before the Judiciary for the purposes of the corresponding habeas data action.
10. Transfer of personal data at national or international level
Curios uses servers of foreign third parties for the storage of data banks by technological means, so cross-border flow will take place. In this regard, the purpose of the cross-border flow is the hosting of personal data on the servers of Namecheap, Inc. identified with Paris Trade Register No. 498 019 298, located at 7 rue de Madrid, 75008 Paris, France.
In addition, cross-border flow will be made in favor of Sendinblue Société par actions simplifiée, who is our e-mail marketing service provider.
Users guarantee and are responsible, in any case, for the truthfulness, accuracy, validity and authenticity of the personal information provided, and undertake to keep it duly updated.
As this is a virtual tool, which does not allow direct physical contact between Curios and the owner of the personal data, Curios will collect and process personal data on the basis of a good faith presumption that the person providing the data is of legal age, is proficient in Spanish or English, is of sound mind, has full civil capacity and is the owner of the personal data or is acting as a representative of the owner of the data provided, in the event that it is owned by third parties.
Curios Personal Data Protection Policy is constantly updated, so Curios reserves the right to modify its policy in the event that there is a change in current legislation, doctrine, jurisprudence or business criteria. If any changes are made to this policy, the new text will be published on this website and will be communicated to the Client.