whatsapp chat whatsapp-icon
Skip to main contentClick on Skip to main content

Privacy Policy

Considering the health emergency generated by the COVID-19 virus, Grand Velas Los Cabos, located at Carretera Transpeninsular Km. 17, San José del Cabo, Corredor Turístico, Municipio de Los Cabos, Cabos San Lucas, Baja California Sur, C.P. 23405, and in accordance with the provisions of article 10 (sections V and VI) of the Mexican Protection of Personal Data Held by Private Parties Federal Law, will collect personal and sensitive information related to your health status, with the sole purpose of providing health protection to you, your family and/or companions, and other people who are present in the facilities of this hotel. This information will be treated confidentially in strict compliance with the provisions of articles 1, 2, 6, 7, 8, 9, 11, and 14 of the Mexican Protection of Personal Data Held by Private Parties Federal Law. You have the right to access, rectification, cancellation, or opposition writing by email to reservations@velasresorts.com.

Any change to this notice can be consulted at velasresorts.com/privacy-policy.

Identity And Address Of Responsible Party

Promotora Turística Punta BETE S.A. de C.V. (Velas Resorts), at address Av. Costera SN, LH2 Marina Vallarta, Puerto Vallarta, Jalisco, C.P. 48335, is an organization that protects your privacy and trust. The department responsible is the Contact Center; located at Av. Cocoteros#98 Sur, Nuevo Vallarta, Riviera Nayarit, México C.P. 63735.

This privacy notice is in strict compliance with the third transient Articles 16 and 17 of the Federal Law of the Protection of Personal Data in Possession of Individuals, published in the Official Diary of the Federation on July 5th, 2010, a legal system concerning the protection of personal data held by individuals, in order to regulate their lawful, controlled and reported processing, to ensure the privacy and right to informed autonomy of the people. In accordance with the above, you will have full control and choice over your Personal Data. Therefore, we recommend you carefully read the following information.


  • Velas Resorts will use the personal data you provide to offer the best possible service with regard to reservations, vacation packages, weddings, memberships, events, competitions or agreements related to tourism and commercial services.
  • Velas Resorts will use your personal data to optimize your service related to criticism, suggestions, complaints or requests you may have before, during and after your stay.
  • Your information will help us to offer you future promotions, products, special services, informative bulletins, surveys and other materials of interest.
  • This data will be managed according to the parameters set forth by Art. 10 of the Federal Law of the Protection of Personal Data in Possession of Individuals.

Promotora Turística Punta BETE S.A. de C.V. (Velas Resorts) will request the following personal data from you
  • Name
  • Address
  • Any other data required for the company to provide services.
  • Email address
  • Telephone number
  • Credit card details(online transactions)

We inform you that Promotora Turística Punta BETE S.A. de C.V. (Velas Resorts) does not obtain personal data that is not mentioned by the LFPDPPP, such as sensitive personal data

Limitation Of Use And Disclosure Of Personal Data

To limit the use of your personal data, please send an email to reservas@velasresorts.com, or a letter to address Av. Costera SN, LH2 Marina Vallarta, Puerto Vallarta, Jalisco, C.P. 48335 (from Monday to Friday from 9:00am - 7:00pm), requesting the limitation of the use of your data.

Means For Exercising Your Rights Of Access, Modification, Cancellation And Opposition.

To access the personal data you provided to Velas Resorts, in order to correct them if they are inaccurate or incomplete, or to cancel or oppose their processing for certain purposes, please submit a written request to our Contact Center Department. The document must contain the following information at minimum
  • Name
  • Mailing address or email address to send a response to your request.
  • Documents that prove your identity or authorization to process the request.
  • Description of the personal data you wish to exercise your rights over (ACCESS, CORRECTION, MODIFICATION, CANCELLATION AND OPPOSITION)
  • Any other information that facilitates the location of your data and attention to your request.

Velas Resorts has a maximum of 20 working days from the date we receive the request to inform you of whether it is appropriate; the response to your request will be sent to the email address you provide. If action is to be taken, Velas Resorts has 15 business days to comply with your request, which will be retained for any required clarification or explanation.

Means For Revoking Your Consent

At any time you may request the revocation of the consent provided to Velas Resorts regarding your personal data, by sending a written request to our Contact Center Department at reservas@velasresorts.com. The request should describe in detail the data for which you are revoking consent.

Personal Data Of Minors And The Disabled As Established By Law

Within the personal data used by Velas Resorts, are some data related to minors and those in a state of interdiction or disability established by law. Authorization by parents or guardians is required for the use of this data. Likewise, the rights of Access, Correction, Cancellation and Opposition are exercised by the representative or person in custody of the minor or disabled person.

Control And Security

Velas Resorts protects the information collected using security technology and controlled access, use and disclosure of information such as specialized computer programs; this is achieved by storing the information in servers (Data Centers) that have limited access controls. For online transactions, security technology is also used to protect all of the information transmitted through various electronic means, such as the use of a secure server under the Secure Socket Layer (SSL) protocol. We also have fully trained staff and internal data protection policies.

Note No security or data transmission system which the company does not have absolute control over and/or dependence on internet, can guarantee complete security.

Transfer Of Personal Data

Velas Resorts may transfer personal data to companies within the same corporation. This data transfer to third parties will be done exclusively for marketing purposes.

Electronic Media And Cookies.

"Cookies" are small pieces of information sent by a website to your browser. They are stored on the hard drive of your computer and used to determine your preferences when connecting to certain sites and to track certain behaviors on them. In some sections of our web sites clients are required to enable them. This allows us to
  • Recognize you the moment you enter our sites.
  • Offer you personalized service.
  • Understand your personal configuration of the site, allowing us to know what kind of information you are able to download.
  • Calculate the size of the audience, measure traffic and frequency of use of sections of the web sites.This reflects your preferences, allowing us to improve content, titles and promotions for all users and visitors.
  • Track certain activities, allowing us to detect the download of files and other activities of interest to the user.

The "Help" button located in the tool bars of browsers will tell you how to avoid accepting new cookies and how to enable/disable them. We recommend that you leave them enabled so that you can enjoy all the benefits our sites offer.

Changes To The Privacy Notice

Velas Resorts may update this privacy declaration at any time. These changes will be announced on the site http://velasresorts.com/ in the Policies and Privacy Notice section.

Grand Velas Los Cabos Privacy Statement

Our Core Beliefs Regarding User Privacy And Data Protection

  • User privacy and data protection are a necessity and our duty
  • We have the duty of protecting personal data
  • Data is a liability, it should only be collected and processed when absolutely necessary
  • We loathe spam as much as you do!
  • We will never sell, rent or distribute your personal data
  • We will not make your personal information public without your consent. Your personal information (name) will be made public only if you wish to make a comment or review on the website.

Relevant Legislation

Along with our business and internal computer systems, this website is designed to comply with the following national and international legislation with regards to data protection and user privacy:

What Personal Information We Collect and Why

Here we describe what information is collected and reasons for collecting it. The categories of information collected are as follows:
  • Site Visit Trackers

    Like most websites, this site uses Google Analytics (GA) to track user interaction. We use this data to determine the number of people using our site, to better understand how they find and use our web pages and to track their journey through the website.
    Although GA records data such as your geographical location, device, internet browser and operating system, none of this information personally identifies you to us. GA also records your computer's IP address, which could be used to personally identify you, but Google does not grant us access to this. We consider Google to be a third-party data processor (see section below).
    GA makes use of cookies, details of which can be found on Google's developer guides. Our website uses the analytics.js implementation of GA. Disabling cookies on your internet browser will stop GA from tracking any part of your visit to pages within this website.
    In addition to Google Analytics, this website may collect information (held in the public domain) attributed to the IP address of the computer or device that is being used to access it.
  • Reviews and Comments

    Should you choose to add a comment or review on our site, the name and email address you enter with your comment will be saved to this website's database, along with your computer's IP address and the time and date that you submitted the comment. This information is only used to identify you as a contributor to the comment section of the respective blog post and is not passed on to any of the third-party data processors detailed below. Only your name and email address that you supplied will be shown on the public-facing website.
    Your comments and the associated personal data will remain on this site until we see fit to either
    • Remove the comment or
    • Remove the blog post.
    NOTE: You should avoid entering personally identifiable information to the actual comment field of any blog post comments that you submit on this website.
  • Forms and Email Newsletter Submissions on The Website

    If you choose to subscribe to our email newsletter or submit a form on our website, the email address that you submit to us will be forwarded to a third-party marketing platform service company. Your email address will remain within their database for as long as we continue to use the third-party marketing company’s services for the sole purpose of email marketing or until you specifically request removal from the list.
    You can do this by unsubscribing using the unsubscribe links contained in any email newsletters that we send you or by requesting removal via email. When requesting removal via email, please send your email to us using the email account that is subscribed to the mailing list.
    Listed below are the pieces of information that we may collect as part of servicing requests on our website:
    • Name
    • Gender
    • Email ID
    • Phone
    • Mobile
    • Address
    • City
    • State
    • Postal Code
    • Country
    • IP Address
    We do not sell your personal information to third parties. We may share limited amount of data with listed Third-Party data processors only towards servicing your requests or improving our offering.
  • Email Links

    We only receive an email when a user mails us using an email link. There are no third-party data processors or intermediaries involved.
    The data is collated into an email and sent to us over the Simple Mail Transfer Protocol (SMTP). Our SMTP servers are protected by TLS (sometimes known as SSL) meaning that the email content is encrypted before being sent across the internet. The email content is then decrypted by our local computers and devices.
  • Revenue Recovery Emails

    As part of Revenue Recovery model, we work with re-marketing service companies to send notification messages if you have abandoned your cart without making a purchase. This is for the sole purpose of reminding customers to complete the purchase if they’d wish to. The re-marketing service companies do a real-time capture of your email ID and cookies to send an email invite to complete the transaction if the customer abandons the cart. However, the email ID of the customer is deleted from their database as soon as the purchase is complete.
  • “Do Not Sell My Data” - Why we don’t have it

    We do not sell personal information of our customers or of minors below the age of 16 years to third-party data collectors and hence the “Do not sell my data” opt-out button is optional on our website. Reiterating, we may collect your data for the sole purpose of completing a service request or for marketing communications. If you wish to access or erase your personal information, you can do so by submitting your details here.
  • Important Notice for Minors Sharing Personal Information

    If you are under 16 years of age you MUST obtain parental consent before:
    • Submitting a form
    • Posting a comment on our blog
    • Subscribing to our offer
    • Subscribing to our email newsletter
    • Making a Transaction
  • Accessing/Deleting Personal Information

    Should you wish to view or delete your personal information, please email us here with the email address used, your name and deletion request. Alternatively, you can fill out the form at the bottom of this page to view and/or delete your data stored with us

Third Party Data Processors

We use a number of third parties to process personal data on our behalf. These third parties have been carefully chosen and all of them comply with the legislation set out in section above. If you request for your Personal information to be deleted with us, the request will also be forwarded to the parties below:

Cookie Policy

This policy covers the use of cookies and other technologies. The types of cookies we use fall into 3 categories:
  • Essential Cookies and Similar Technologies

    These are vital for the running of our services on our websites and apps. Without the use of these cookies parts of our websites would not function. For example, session cookies allows a navigation experience that is consistent and optimal to user's network speed and choice of device.
  • Analytics Cookies and Similar Technologies

    These collect information about your use of our websites and apps and enable us to improve the way it works. For example, analytics cookies show us which are the most frequently visited pages. They also help identify any difficulties you have accessing our services, so we can fix any problems. Additionally, these cookies allow us to see overall patterns of usage at an aggregated level.
  • Tracking, Advertising Cookies and Similar Technologies

    We use these types of technologies to provide advertisements that are more relevant to your interests. This can be done by delivering online adverts based on your previous web browsing activity. Cookies are placed on your browser which will store details of websites you have visited. Advertising based on what you have been looking at is then displayed to you when you visit websites that use the same advertising networks.
    We may also use cookies and similar technologies to provide you with adverts based on your location, offers you click on, and other similar interactions with our websites and apps.

Data Breaches

We will report any unlawful data breach of this website's database or the database(s) of any of our third party data processors to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.

Changes to Our Privacy Policy

This privacy policy may change from time to time to conform with legislation and/or industry developments. We will not explicitly inform our clients or website users of these changes. Instead, we recommend that you check this page occasionally for any policy changes.
By entering a valid email address that you have access to, we will inform you any personal information we collect that is associated with that email address and how to manage it.