CERTIFIED TRANSLATIONS MEXICO
This Privacy Notice (hereinafter referred to as the "Notice") is directed to the User (hereinafter the "Client") of the service provided through the Website, Email, In-Person, Telephonic, or any other contact medium operated by Certified Translations, S.A. de C.V. (hereinafter, the "Company"), jointly referred to as the "Parties".
The gathered information (hereinafter, "Personal Data") may be collected at the time the Client consents to this Notice or, alternatively, at the moment the Client uses the service through any means.
The Client is informed that the Federal Law on the Protection of Personal Data Held by Private Institutions (hereinafter, the "Law") stipulates that the Client's consent regarding the processing of the Personal Data is considered tacit when, having been provided with the Privacy Notice, they do not express any opposition.
Based on Article 8 of the Law, in the event that financial or asset data are collected, the explicit acceptance of the Client will be required, pursuant to the second paragraph of Article 8 of the Law, either through a signed letter or by filling in an acceptance box or through electronic means.
It is worth noting that consent will not be necessary for the processing of personal data when it is intended to fulfill obligations arising from a legal relationship between the Client and the Company or, alternatively, a resolution is issued by the competent authority, pursuant to Article 10 of the Law.
Furthermore, the User will be responsible at all times for the Personal Data provided to third-party platforms that may benefit from the service.
All Data will be managed in accordance with the principles of legality, consent, information, quality, purpose, loyalty, proportionality, and responsibility contained in the Federal Law on the Protection of Personal Data Held by Private Institutions.
The primary and prevailing purpose of processing Personal Data is to allow the Client to use the Company's Website, with the intention of acquiring any products and/or services marketed therein (the "Service").
1. Definitions
Unless the terms defined in various sections of this Notice or in the Law, the terms that appear with the first letter capitalized, within this Notice, will have the meanings assigned to them as follows:
Notice
This privacy notice, whether issued in physical document, electronic, or any other format generated by the Company and made available to the Client prior to the Processing of their Personal Data.
Database
It is the ordered set of personal data pertaining to an identified or identifiable individual. Certified Translations and/or the Company - Refers to the legal entity named Certified Translations S.A de C.V.
Cloud Computing
An external service provisioning model of computing on demand, which involves the provision of infrastructure, platform or software, distributed flexibly through virtualization procedures, in dynamically shared resources. Personal Data Any information relating to an identified or identifiable individual.
Sensitive Personal Data
Those personal data affecting the most intimate sphere of its Client, or whose improper use may lead to discrimination or entail a serious risk to them. In particular, those that may reveal aspects such as racial or ethnic origin, present and future health status, genetic information, religious, philosophical and moral beliefs, union affiliation, political opinions, sexual preference are considered sensitive.
“ARCO” Rights (by its acronym in Spanish)
The rights that the Client has against the Responsible party, regarding their Personal Data, which include the following: the right to access their Personal Data and the details of their treatment, as well as to rectify them in case they are inaccurate or to cancel them when considered to be excessive or unnecessary for the purposes that justified their procurement, or to oppose the processing of them for specific purposes.
Disassociation
It is the procedure through which personal data cannot be associated with the Client or allow, due to its structure, content, or degree of disaggregation, the identification of the same.
Processor
The natural or legal person who, alone or jointly with others, processes Personal Data on behalf of the Company.
Law
Federal Law on the Protection of Personal Data Held by Private Parties.
Privacy Office
The area or department designated by the Company within its corporate structure, for the attention and resolution of any request related to the rights that the Client has concerning their Personal Data.
Provider
The natural or legal private entity that provides the Responsible party with Cloud Computing services.
Regulation
Regulation of the Federal Law on the Protection of Personal Data Held by Private Parties.
Client
The natural person to whom the Personal Data corresponds.
Responsible
The natural or legal private entity that carries out the processing of Personal Data.
Processing
The obtaining, use, disclosure, or storage of Personal Data, by any means. The use includes any action of access, handling, utilization, transfer, or disposal of Personal Data.
Transfer
All communication of Personal Data made to a person different from the Responsible or Processor of the treatment.
2. Responsible for the Information
For the purposes of the Notice, as well as for all legal effects that may arise, the Company will be Certified Translations S.A. de C.V., located at Calle Ameyalco 10, 9th Floor PH Office 1, Zip Code 03100, Benito Juarez, Mexico City, Mexico, which will be responsible for obtaining, using, accessing, handling, utilizing, transferring, disseminating, disposing, disclosing and/or storing the Personal Data.
The Company may seek the assistance of one or more Processors, who will act on behalf of and on behalf of the Company, to provide a more efficient Treatment to the Personal Data. The Processors will be informed of the proper treatment that they should provide to the Personal Data.
The Company may also carry out the Processing of Personal Data using the Cloud Computing system, whereby the Provider of such services will be obligated to comply with the protection mechanisms and security measures aimed at protecting the information contained in the Personal Data, in accordance with the Law, the Regulation, and other applicable legal provisions.
3. Information Collected upon Subscription to the Notice
The Client will provide the following information when creating their account and subscribing to this Notice, as well as when modifying the information contained in their account. The Personal Data collected in the two aforementioned situations are:
• Full name.
• Email address.
• Mobile phone number.
• Bank card details.
In the event that this information is unavailable, the Company may or may not be able (as the case may be) to provide the service and/or open an account for the Client, and consequently, will not be able to offer the Service nor allow the provision of the Service where applicable.
We inform you that on our website and mobile application, we utilize cookies, web beacons, and other technologies through which it is possible to monitor your behavior as an internet user, provide you with a better service and user experience when browsing our page/platform, as well as offering new products and services based on your preferences. The personal data that we obtain from these tracking technologies are the following: browsing schedule, time spent on our website, sections consulted, and web pages accessed prior to ours. Without this information, the Company will not be in a position to provide the Service.
4. Sensitive Data
Sensitive Personal Data refers to those personal details that affect the most intimate sphere of the Client or whose improper use can lead to discrimination or entail serious risk for them. In particular, sensitive data may reveal aspects such as racial or ethnic origin, current and future health status, genetic information, religious, philosophical and moral beliefs, union affiliation, political opinions, sexual preference. Consequently, the Company will not collect or store any Sensitive Personal Data of the Client at any time.
5. Purpose of Processing
The Personal Data collected by the Company, whether personally, directly, or indirectly, will be used for the following purposes:
A) Allowing the Client to use the Company's Website for the purpose of purchasing any products and/or services marketed therein ("the Service").
B) Facilitating the provision of the Service and/or delivery of any products sold to the Client.
C) Occasional and/or eventual contact with the User, with the objective of providing information related to the products and/or services offered by the Company, as well as other products for marketing, advertising, or commercial prospecting purposes.
D) Contacting the User in case there has been a security breach at any stage of the Processing.
It should be noted that the above clauses a), b), c), and d) are essential for the provision of the Service.
6. Transfers
The Company may transfer the Personal Data subject to this Notice, with prior consent from the Client, to a third party predominantly engaged in providing the Service ("Service Provider"), for the purpose of satisfactory service delivery. Personal Data will only be shared with the Service Provider while the Service is being rendered, comprising:
(i) the Client's name;
(ii) the Client's location; and
(iii) the registered mobile phone number of the Client.
Similarly, Personal Data may be shared with third parties in order to provide products for marketing, advertising, or commercial prospecting purposes. Likewise, Personal Data may be transferred to subsidiary or controlling companies of the Company for statistical purposes. It is hereby notified to the User that the Law stipulates that the Client's consent to the processing of Personal Data is considered tacit when, having been presented with the Privacy Notice, no opposition is expressed.
7. Scope of Processing
The Company may extend the Processing of Personal Data for any of the purposes outlined in this Notice, for any purpose compatible with the Service and/or its corporate objective, for the necessary purposes for operations under the Cloud Computing scheme, and for any other Processing allowed by the Law, the Regulation, and other applicable legal provisions.
8. Limitation on the Use or Disclosure of Personal Data
The Client may instruct the Data Controller to limit or cease receiving promotional messages, whether via landline or mobile phone, as well as emails. Additionally, the Client can restrict the purpose of the Processing. To do so, the Client must send a request to disable messages and/or promotional emails to any of the contact means indicated in the Contact section, or register in the Public Registry of Consumers according to the Federal Consumer Protection Law, and in the Public Registry of Users in accordance with the Law for the Protection and Defense of Financial Services Users, pursuant to article 111 of the Regulation of the Law.
9. Revocation of Consent
The Client has the right to revoke the consent granted for the Processing, whether concerning one or all of their Personal Data. To this end, the Client must submit a request meeting, at least, the following requirements:
• The Client's name and address or another means to communicate the response to their request;
• Documents proving the Client's identity or, where appropriate, legal representation;
• A clear and precise description of the Personal Data concerning which the rights mentioned above are sought to be exercised;
• Any other element or document facilitating the location of the Personal Data, and the request for revocation of consent must be sent to any of the contact means indicated in the Contact section. Upon receipt of the request, the Company will have a period of twenty (20) days to respond to the Client regarding the Personal Data, which will be sent via the registered email address.
Revocation of consent relating to Personal Data that is essential for the Company to deliver a product and/or provide a service to the Client implies that the Company will not be obliged to fulfill the respective obligation, as it is prevented from doing so.
10. Exercising ARCO Rights
The "ARCO" rights are an acronym grouping four rights that the Client can exercise concerning their Personal Data:
• Access to Personal Data that is subject to Processing, i.e., request the Data Controller to allow the Client to know what data they hold.
• Rectify any of the Personal Data, subject to Processing and in possession of the Company, that are inaccurate, incomplete, erroneous, and/or imprecise.
• Cancel any of the Personal Data, in the possession of the Company, that are legitimately considered not being used to fulfill one of the purposes of the Processing and/or that are being used in violation of the Law, the Regulation, or any other applicable legal provision.
• Oppose the Processing carried out by the Company, with justified cause, especially when it may cause damage and/or prejudice, or it is contrary to the Law, the Regulation, or any other applicable legal provision.
• For this purpose, the Client must submit a request meeting, at least, the following requirements:
The Client's name and address or another means to communicate the response to their request;
• Documents proving the Client's identity or, where appropriate, legal representation;
• A clear and precise description of the Personal Data concerning which the rights mentioned above are sought to be exercised;
• Any other element or document facilitating the location of the Personal Data.
• The denial may be partial, in which case the Company will grant access, rectification, cancellation, or opposition requested by the Client.
11. Notification of Changes to the Notice
The Company may make modifications to the current Privacy Notice, always respecting applicable legal provisions. When modifications are made to the Privacy Notice, the Company will provide the Customer with information about the modifications, as well as the new Privacy Notice through the following means and procedures:
• Through an email to the account registered by the User.
• At the business unit or at the financial services unit or at the central operations that serve you.
• By publishing it on the Company's website or via electronic means.
The Company reserves the right to change and update this Privacy Notice, the Customer will be responsible for keeping their email account updated and ensuring that notifications are received in a mailbox that is constantly reviewed. In case no response is received from the Customer within a period of seventy-two (72) hours, it will be understood that they agree in accordance with the changes that this Privacy Notice may undergo.
12. Contact
If you wish to obtain more information, resolve a doubt, exercise your "ARCO" Rights (rights of access, rectification, cancellation, and opposition) and/or clarify any matter regarding the exercise of any rights over your Personal Data, you can communicate or go directly to the specified address of the Company. Below, we provide you with the contact details:
• Address: Calle Ameyalco 10, 9th Floor PH Office 1, Colonia del Valle Centro, Zip Code 03100, Benito Juárez, Mexico City, Mexico.
• Email: info@certifiedtranslations.com.mx
13. Jurisdiction
For the interpretation, execution, and fulfillment of this PRIVACY NOTICE, "THE PARTIES" expressly submit to the applicable laws and the jurisdiction and competence of the competent Federal Courts in Mexico City, expressly waiving the jurisdiction that, by reason of their domiciles, present or future, or for any other reason, could correspond to them.