In accordance with the Federal Law of Personal Data Protection in Possession of Individuals and its regulations (hereafter “the Law”), we inform you that COMPANY ADVISORS, S.C. protects your personal data to avoid damage, loss, destruction, theft, misplacement, alteration, as well as any unauthorized treatment of your personal data, and provides you with this Privacy Notice, so that you may know how their practices when obtaining, using, saving and, in general, treating your personal data.
I. Person(s) Responsible of Personal Data Treatment.
COMPANY ADVISORS, S.C. (hereafter “Person Responsible”), located at Av. Acueducto 6075-A Local 4, Col. Puerta de Hierro. Zapopan, Jalisco. C.P. 45116
II. Personal Data that may be gathered.
The Personal Data that You freely and voluntarily provide us with may be, including, but not limited to, the following:
- Identification Data, such as: name, private address, place and date of birth, marital status, occupation, education, CURP (Exclusive Key for Population Registry), telephone number, landline or mobile, fax, e-mail.
- Work Data, such as: position, work address, e-mail, telephone number, landline or mobile, and fax.
- Billing Data, such as: entity to be charged, tax address, RFC (Federal Taxpayers’ Registry)
- Financial Data, such as: bank account information, payment policies, contact information for outstanding and collectable accounts.
- Business Data, such as: establishment, manufacturing plants, sales offices addresses, product requirements and needs, price of products and services, sales area contact information.
The Person Responsible may gather your personal data in the following ways: when it is directly provided to us by you, when we obtain information through other sources thar are permitted by law such as phone directories, references from other companies or individuals, public databases of any state or public or private unit, among others.
Social networks (such as Facebook® and Twitter®, among others) are communication platforms and interconnect digital platforms between different users, are unrelated to THE COMPANY and therefore, do not fall under their responsibility.
The information You provide on social networks where the Person Responsible takes part as a user, does not form part of the Personal Data protected by this Privacy Notice, as the responsibility falls to the company providing the platform and to whom publishes said information.
During the collecting and treating of personal data you provide, we fulfill all principles highlighted by the Law: legality, quality, consent, information, purpose, loyalty, proportionality, and responsibility.
The veracity of the information you provide is your responsibility, and therefore the “Person Responsible” will at no time answer for the authenticity of the aforementioned.
III. Purpose of the Treatment of Personal Data.
The Person Responsible will gather your Personal Data without disclosing or commercial use purposes and will only use it for the following purposes.
- Collect, bill, pay and transact with the purpose of fulfilling economic expenses.
- Evaluate the quality of our products and services.
- Formalize in contracts or other documents, the relationship that emerge with you.
- Inform you of THE COMPANY’s commercial information, among them those related to promotions, information on new products, changes in our products, internal studies on consumer habits, and any other promotion or matter related to the products or services that are part of the commercial concept of the “Person Responsible”.
- Delivery of products and fulfillment of the obligations resulting from our commercial relationship with You.
- Register you in our systems as a provider and/or client, whether it is eventual or permanent.
Your personal data will be saved under the strictest confidentiality and will not be used for purposes different to those previously mentioned, unless the present Privacy Notice is changed and your express consent to said change is obtained.
Once the purpose of the treatment of your personal data is fulfilled, these will be blocked with the sole purpose to determine possible responsibilities related their treatment, up until the statutory or contractual limitation period. During said period, the personal data will not subject to treatment and when the term has passed, will be cancelled in their corresponding database.
IV. Transfer of Personal Data.
The Person Responsible will not yield or transfer personal data without previous consent from the owner of the data. Any transfer of personal data that the Person Responsible conducts, shall solely be for the purposes permitted by the laws.
V. Security Measures/Access Limitations.
The Person Responsible has taken the necessary and sufficient technical, administrative, and physical security measures in order to protect your personal data against damages, losses, alterations, destruction, or the use, access, or unauthorized treatment.
The data is safeguarded in databases and computer equipment that possesses the security necessary to prevent information leaks. Some of the tools used to maintain the security of the data in the Person Responsible’s information system are physical and logical access controls, environmental control, anti-invasion protection systems (IPS, Firewall), and antivirus and web leak protection tools.
The IT security tools mentioned in the previous paragraph are supported by an internal information security policy that explains security concerns that the Person Responsible’s employees must take into account when using a computer system, and this is reinforced constantly.
Nonetheless, it is clear that no transmission of data through the Internet is completely secure and therefore, the Person Responsible cannot guarantee that the treatment of personal data will be free of all damages, loss, alterations, destruction, or use, access, or unauthorized treatment.
Only the authorized personnel that meet and observe the corresponding confidentiality requirements may participate in the treatment of your personal data.
For this reason, you are notified of the options you possess to request the limiting of use or disclosure of your personal data, matter of which is relevant to this Privacy Notice.
- a) By written notice sent to the Supervisor of Personal Data Treatment (at the address indicated in point VI); or by e-mail directed to the following address: firstname.lastname@example.org
- b) Via telephone call with the Supervisor of Personal Data Treatment at 33.4161.2414
VII. The rights corresponding to the owner of Personal Data.
As the owner of personal data, You may exercise, before the Supervisor of Personal Data Treatment, the Access, Rectification, Cancellation, and Opposition Rights (“ARCO” rights). Likewise, You may revoke, at any moment, the consent granted for the treatment of your Personal Data, as well as limit its use or disclosure.
The request to exercise ARCO rights must contain and be accompanied by the information and documents that the Law indicates which includes, but is not limited to, the following:
- The owner’s name and address or any other mode of communication to reply to request.
- Documents that prove their identity or, when applicable, the legal representation of the owner.
- Clear and precise description of the personal data to which they desire to exercise any of the ARCO rights.
- Any other element or document that facilitates the location of the personal data, as well as any document that the existing legislation requires at the moment of presentation of the request.
If you do not wish to receive e-mails with product and/or service updates that the Person Responsible commercializes, as well as reminders regarding the fulfillment of certain obligations that apply to You due to your business’s activities, you may send your request to the e-mail of the Supervisor of Personal Data Treatment designated by the Person Responsible.
The Person Responsible will not be obligated to cancel your Personal Data when it is in regard of any scenario established in the Law, among others, the following:
- when regarding the parties in a private, social, or administrative contract and it is necessary for its development and fulfillment;
- when needed by legal disposition;
- when it may hinder legal or administrative proceedings linked to tax obligations, felony investigation or persecution, or the updating of administrative sanctions;
- when it is necessary to protect the interests under legal protection of the owner;
- when it is necessary to fulfill an action for public interest.
The owner of Personal Data may revoke their consent for the treatment of Personal Data at any moment, solely needing to, for the revocation, send a written request to the Supervisor of Personal Data, whether by courier to the address or by e-mail to the mentioned address in the current Privacy Notice.
We will have a maximum period of 20 business days to inform you of the provenance of the request, and if applicable, will be fulfilled within fifteen business days following the date at which the e-mail provided is replied to.
IX. Modifications to the Privacy Notice
The Person Responsible reserved the right to effect any modification or update at any moment to the current Privacy notice, due to new legislation, internal policies, or new requirements for the providing and offering of our services. These modifications will be available to the public and we will send it to the last e-mail provided to us.
We are not responsible if You do not receive the notification of change to the Privacy Notice if there is any problem with your e-mail account or with Internet data transmission.
K I N D R E G A R D S
Company Advisors, S.C.
Date of Privacy Notice’s last update: September 2nd, 2020