NOTICE OF PRIVACY

ADHESITACK S. DE RL DE CV

Your personal data is very important to our company. Therefore, we want to make sure that you know how we safeguard the integrity, privacy and protection of them.

Being a socially responsible company, ADHESITACK S. DE RL DE CV, has the legal and social obligation to comply with sufficient legal and security measures to protect the Personal Data that has been collected for the purposes described in this notice. Of privacy.

You are informed that this privacy notice has been carried out in strict compliance with the provisions of the Federal Law for the Protection of Personal Data Held by Private Parties, published in the Official Gazette of the Federation on July 5, year 2010, legal order whose purpose is the protection of personal data held by individuals, in order to regulate their legitimate, controlled and informed treatment, in order to guarantee privacy and the right to informational self-determination of people , as well as its Regulations, published in the Official Gazette of the Federation on December 21, 2011 and the Privacy Notice Guidelines, published in the same information medium on January 17, 2013.

Derived from the above, you will have full control and decision over your Personal Data. Therefore, we recommend that you read the following information carefully.

Definitions:

tacit consent: it will be understood that the owner tacitly consents to the processing of their data, when the privacy notice has been made available to them, they do not express their opposition;

Express consent: the consent will be express when the owner's will is expressed verbally, in writing, by electronic, optical or any other technology, or by unequivocal signs;

Sensitive personal data: Those personal data that affect the most intimate sphere of its owner, or whose improper use may give rise to discrimination or entail a serious risk for it. In particular, those that may reveal aspects such as racial or ethnic origin, present and future state of health, genetic information, religious, philosophical and moral beliefs, union affiliation, political opinions, sexual preference are considered sensitive;

ARCO rights: They are the rights of access, rectification, cancellation and opposition;

In charge: The physical or legal person who alone or jointly with others processes personal data on behalf of the person in charge;

Institute: Federal Institute for Access to Information and Data Protection;

Law: Federal Law on Protection of Personal Data Held by Individuals;

Responsible: private natural or moral person who decides on the processing of personal data;

Headline: the natural person to whom the personal data corresponds;

Transfer: any communication of data made to a person other than the person in charge or in charge of the treatment;

Treatment: obtaining, using, disclosing or storing personal data by any means. The use covers any action of access, management, use, transfer or disposition of personal data;

General characteristics of the Privacy Notice 

What is the privacy notice?

Physical, electronic document or in any other format (how it can be visual or audible) generated by the person in charge that is made available to the owner, prior to the processing of their personal data, in accordance with the provisions of the Law.

The privacy notice is a statement that informs the owner of the personal data

Who collects (responsible),

What it collects (information that is collected)

What it collects for (the purposes of the treatment)

How to limit the scope (use or disclosure)

How to revoke consent

How to exercise ARCO rights (media)

How to communicate changes to the notice (procedure and means)2

If it is accepted or not that the data be communicated to third parties (transfers) in its case, if sensitive data is collected.

What is the privacy notice for?

The main purpose of the privacy notice is to make the owner of the personal data aware, first, that their personal information will be collected and used for certain purposes, and second, the characteristics of the treatment to which their personal data will be submitted.

The foregoing with the legitimate purpose of the owner making informed decisions regarding their personal data and controlling the use of their personal information.

Additionally, the privacy notice allows the data controller:

Strengthen the level of trust between the person responsible and the owner in relation to the Processing of your personal information

Make transparent to the owner the purposes and transfers to which their personal data are subjected

Inform the owner how to exercise the rights granted by law

What are the general characteristics that are proposed for the design and presentation of the privacy notice?

For the privacy notice to be an effective and practical information mechanism, it is required that it be brief, simple, with necessary information, clear and understandable language, taking care that its structure and design facilitate its access and understanding.

Some of the general recommendations for its design and presentation are the following:

Have short, clear titles that simply inform the owner about the content of the notice;

Use clear and understandable language accordingly, so that the message is addressed appropriately to the target audience;

Provide a context to facilitate understanding of the content;

Have a clear structure and short texts;

In the event that express consent is required using verbal means, include a mechanism that allows the owner to choose between the options of granting or denying consent, and

Avoid including texts or formats that lead the owner to choose a specific option.

The privacy notice according to the Law

It is important to highlight the obligation of the Controllers to have a privacy notice as of July 6, 2011.

What are the obligations of the person responsible for the privacy notice?

Article 15 of the Law establishes that the person in charge must inform the owners of the personal data of the information that is collected from them and for what purposes, through the privacy notice.

Based on this principle of information, the Law establishes other obligations regarding the privacy notice:

1.- Make the privacy notice available to the owner in order to obtain its

Tacit consent for the processing of your personal data, except in the cases

Cases in which express consent is required.

2.- Establish mechanisms and procedures in the privacy notice so that, at any time, the owner can revoke the consent for the processing of their personal data.

3.- Limit the processing of personal data to the purposes set out in the privacy notice.

4.- Guarantee that the privacy notice made known to the owner is respected, at all times, by him or by third parties with whom he has a legal relationship.

6.- Inform the owner of the privacy notice to which the processing of their personal data is subject.

7.- Communicate the privacy notice to third parties to whom you transfer the data

Personal.

8.- Include a clause in the privacy notice that indicates whether or not the owner accepts the transfer of their personal data.

Issue privacy notices no later than July 6, 2011 (one year after the entry into force of the Law).

What infractions does the Law contemplate for the breach of the obligations related to the privacy notice?

Violation Fine

Omit any or all of the elements referred to in article 16 of the Law in the privacy notice

From 100 to 160,000 SMVDF days

Transfer data to third parties without communicating to them the privacy notice that contains the limitations to which the owner subjected their disclosure From 200 to 320,000 days of SMVDF

What informative elements must be declared in the privacy notice?

In accordance with articles 8, 15, 16, 17 and 36 of the Law, the privacy notice must contain, at least, the following elements:

Identifier Item Element or consideration

Article 8.- Mechanisms and procedures so that, where appropriate, the owner can revoke his consent to the processing of his personal data. Article 15.- Personal data collected.

Articles 15 and 16 Purposes of personal data processing.

Article 16 Identity and address of the person in charge who collects the personal data.

Article 16 Options and means that the person in charge offers to the owners to

limit the use or disclosure of your personal data

Article 16 Means to exercise ARCO rights.

Article 36 Transfers of data that, if applicable, are made

Clause that indicates whether or not the owner accepts the transfer of their personal data.

Article 16 Procedure and means by which the person in charge will notify

the holders of changes to the privacy notice.

Article 16 Express indication of sensitive personal data that in its

case are treated.

Article 16 In the event that the processing of personal data requires the

express consent of the owner.

Identity and Address of the Responsible

ADHESITACK S. DE RL DE CV, with address located at; MARGARITA REYES STREET, NUMBER 155, COLONIA SÁNCHEZ GRACIANO, PROF. SAN LUIS POTOSI, SLPCP: 78360.

Personal data and sensitive personal data processed by ADHESITACK S. DE RL DE CV

ADHESITACK S. DE RL DE CV, As part of its registration of its clients, suppliers and other third parties that are related, it will collect and process personal identification data, personal patrimonial data, personal financial data, personal labor data and personal data of third parties, all with the purpose of complying with the primary and secondary purposes indicated in this Notice.

Additionally ADHESITACK S. DE RL DE CV,   You can collect data that includes (I) names, surnames, addresses, telephone numbers, emails, Federal Taxpayer Registry codes, information on payment methods; (II) all the information that the client has provided and/or provides throughout the contractual or commercial relationship they establish; (III) those own data and those related to the services providedADHESITACK S. DE RL DE CV,  in the fulfillment of its obligations.

We inform you that the processing of the aforementioned sensitive personal data is intended to ADHESITACK S. DE RL DE CV, comply with the obligations derived from the legal relationship we have with you. We promise that they will be treated under strict security measures, always guaranteeing their confidentiality.

Primary Purposes

 

FOR WHAT PURPOSE DOES ADHESITACK S. DE RL DE CV COLLECT PERSONAL DATA?

Personal data may be processed and used by ADHESITACK S. DE RL DE CV,  and/or our subsidiaries and/or affiliates and/or third parties, national and/or foreign to carry out some or all of the activities related to the fulfillment of the obligations that derive from the contractual and/or commercial relationship that originate and/or or derived from the provision of the Services; with the purpose of informing users of the launch or changes of new products, services, promotions and/or offers from us and/or third parties, conducting studies on consumer and market habits, as well as for any other activity tending to promote , maintain, improve and evaluate the Services.

PERSONAL DATA MAY BE TRANSFERRED TO THIRD PARTIES

ADHESITACK S. DE RL DE CV,  may transfer the personal data that it has received and/or collected and/or receives and/or collects from its clients to its subsidiaries and/or affiliates and/or third parties, whether national and/or foreign, and/or any authority authority that so requests to carry out the purposes described in the preceding paragraph. The transfer of the client's personal data is limited to those acts, facts and/or procedures that ADHESITACK S. DE RL DE CV,  requires implementation in order to be able to comply with its contractual, regulatory and/or commercial obligations in the ordinary course of its operations. If the client does not express his opposition to the transfer of his personal data, it will be understood that he has given his consent for it.

Furthermore, if you do not object, ADHESITACK S. DE RL DE CV,  may process your information for advertising, promotional and market research purposes. You can revoke your consent by contacting us at the email: (indicate email) You may change your option at any time.

We inform you that your personal data is shared inside and outside the country with the people, companies and organizations other than us, mentioned below:

Openpay.- Payment service provider that processes credit and debit card payments.

Paypal.- Payment service provider that processes credit and debit card payments.

Also in the case of personal data collected through cookies:

Cookies and online security protocol:

"Cookie" means a data file that is stored on the hard drive of the user's computer when the user accesses the website. These files may contain information such as the identification provided by the user or information to track the pages that the user has visited. A cookie cannot read data or information from the User's hard drive or read cookies created by other sites or pages.

We inform you that our website uses Cookies and other tracking technologies to collect certain personal data, which we could share with third parties, as shown below...

transfers

ADHESITACK S. DE RL DE CV,  to fulfill the necessary purpose(s) described above or others required by law or by the competent authorities, it will only transfer the necessary data in the cases legally provided for in particular, ADHESITACK S. DE RL DE CV,  will transfer your necessary personal data to those institutions that are part of the group, that is, to our holding company, as well as subsidiaries and affiliates for the correct provision of our services. We inform you that said transfer does not require your consent in accordance with the applicable regulations.

Means and procedures for ARCO Rights and Revocation of Consent

You or your legal representative may exercise any of the rights of access, rectification, cancellation or opposition (hereinafter “ARCO Rights”), as well as revoke your consent for the processing of your personal data by sending an email to the Personal Data Department of ADHESITACK S. DE RL DE CV,  to the email address (_____________________)

In order to attend to your ARCO Rights in a timely manner, it is necessary that you indicate the following in your request:

 

  • The name of the holder and his email account to communicate the response to his request.
  • Attach the document that proves your identity or, where appropriate, the legal representation of the owner.
  • The clear and precise description of the personal data with respect to which one seeks to exercise any of the aforementioned rights, and
  • Any other element or document that facilitates the location of personal data.

In the case of rectification requests, the owner must indicate the modifications to be made and provide the documentation that supports their request.

In the event that the information provided is erroneous or insufficient, or the corresponding accreditation documents are not attached, the Department, within five (5) business days following receipt of the request, may require you to provide the elements or documents necessary to process it. You will have ten (10) business days to respond to the request, counted from the day after you received it. If a response is not provided within said period, the corresponding application will be considered as not submitted.

The Department will notify you of the determination adopted, within a maximum period of twenty (20) business days from the date the request was received, so that, if appropriate, it can be made effective within fifteen (15) business days after the response is communicated. The response will be given electronically to the email address specified in the Request.

Limitation and/or Disclosure of your personal data

You may limit the use or disclosure of your personal data by sending your request to the Personal Data Department of ADHESITACK S. DE RL DE CV,  to the email address (__________________). The requirements to prove your identity, as well as the procedure to meet your request will be governed by the same criteria indicated in the previous section.
In the event that your request is appropriate, the Department will register it on the exclusion list for the purpose for which the exclusion is applicable.

Changes to the Privacy Notice of ADHESITACK S. DE RL DE CV

ADHESITACK S. DE RL DE CV,  You can modify, review or make changes to this notice at any time, responding to requests, viable and accepted or in accordance with regulations. In case of changes within this notice, they will be published through the following means: I) visible announcements in our establishments; II) brochures or brochures available in our establishments; III) on our website; IV) or we will send them to the email that you have provided us.